Thanks for the reply Little Eagle,
I did as instructed, ran ewido, deleted most of the files found but left the ones I was not certain of.
Attached is the ewido report and new hijack log.
best regards
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 09:24:11 PM, 23/01/2006
+ Report-Checksum: BA479913
+ Scan result:
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@com[2].txt -> Spyware.Cookie.Com : Ignored
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Ignored
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@microsofteup.112.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Ignored
C:\Program Files\Microsoft AntiSpyware\Quarantine\698B6BCB-AFEF-4A80-A103-201566\DB1E0B1C-4142-4C45-B5FA-C7E9F7 -> Adware.SaveNow : Ignored
HKLM\SOFTWARE\Classes\Interface\{F8ACA5A0-060A-478A-8368-1407780D2251} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{308A04D3-084D-43AA-A3E6-0D12BCCA3CE6} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{AD9B275B-E42D-4C7F-9FFB-29B5FB81688B} -> Dialer.Generic : Cleaned with backup
HKU\S-1-5-21-796845957-2111687655-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-796845957-2111687655-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{031B6D43-CBC4-46A5-8E46-CF8B407C1A33} -> Spyware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-796845957-2111687655-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0428FFC7-1931-45B7-95CB-3CBB919777E1} -> Spyware.KeenValue : Cleaned with backup
HKU\S-1-5-21-796845957-2111687655-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-796845957-2111687655-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -> Spyware.WinFavorites : Cleaned with backup
HKU\S-1-5-21-796845957-2111687655-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Cleaned with backup
HKU\S-1-5-21-796845957-2111687655-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30192F8D-0958-44E6-B54D-331FD39AC959} -> Spyware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-796845957-2111687655-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C} -> Spyware.PowerStrip : Cleaned with backup
HKU\S-1-5-21-796845957-2111687655-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9AEE0DD-89E1-40EE-8749-A18650CC2175} -> Spyware.CoolWebSearch : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@ads.addynamix[1].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter1.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter10.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter12.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter14.sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter15.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter16.sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter2.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter4.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter5.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter7.sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter8.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@counter9.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cs.sexcounter[2].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cz11.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cz3.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cz4.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cz5.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cz6.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cz7.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cz8.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@cz9.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@paycounter[1].txt -> Spyware.Cookie.Paycounter : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@sexlist[1].txt -> Spyware.Cookie.Sexlist : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@vip.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@vip2.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Cookies\roger gonzalez@xxxcounter[2].txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup
C:\Documents and Settings\Roger Gonzalez\Local Settings\Application Data\Microsoft\Internet Explorer\V0.26.dat -> Dialer.Generic : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\DeactivatedItems\AF222F21-972C-4512-8A4C-9E5FA9.asq -> Spyware.Thumper : Cleaned with backup
C:\Program Files\Screensavers.com\Installer\bin\ScreensaversInst.dll -> Spyware.Comet : Cleaned with backup
C:\WINDOWS\Cookies\roger gonzalez@artemis.porntrack[1].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
C:\WINDOWS\Cookies\roger gonzalez@hekate.porntrack[2].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
C:\WINDOWS\Cookies\roger gonzalez@preferences[1].txt -> Spyware.Cookie.Preferences : Cleaned with backup
C:\WINDOWS\Cookies\roger gonzalez@stats3.porntrack[1].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
C:\WINDOWS\Cookies\roger gonzalez@stats3.porntrack[2].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
C:\WINDOWS\Cookies\roger gonzalez@stats4.porntrack[1].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
C:\WINDOWS\Cookies\roger gonzalez@stats4.porntrack[3].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
C:\WINDOWS.001\Downloaded Program Files\CONFLICT.1\HDPlugin1015.dll -> Spyware.Browsertoolbar : Cleaned with backup
C:\WINDOWS.001\Downloaded Program Files\HDPlugin1015.dll -> Spyware.Browsertoolbar : Cleaned with backup
C:\WINDOWS.001\Downloaded Program Files\HDPlugin1019.dll -> Adware.Gator : Cleaned with backup
C:\WINDOWS.001\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.PornWare.PopCap.b : Cleaned with backup
F:\WINDOWS\Cookies\roger gonzalez@preferences[1].txt -> Spyware.Cookie.Preferences : Cleaned with backup
F:\WINDOWS\Cookies\roger gonzalez@hekate.porntrack[2].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
F:\WINDOWS\Cookies\roger gonzalez@stats4.porntrack[1].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
F:\WINDOWS\Cookies\roger gonzalez@artemis.porntrack[1].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
F:\WINDOWS\Cookies\roger gonzalez@stats4.porntrack[3].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
F:\WINDOWS\Cookies\roger gonzalez@stats3.porntrack[1].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
F:\WINDOWS\Cookies\roger gonzalez@stats3.porntrack[2].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@ad-logics[1].txt -> Spyware.Cookie.Ad-logics : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@cz4.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@cz5.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@euniverseads[1].txt -> Spyware.Cookie.Euniverseads : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@cs.sexcounter[2].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@cz9.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@cz3.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@popups.ad-logics[1].txt -> Spyware.Cookie.Ad-logics : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@2o7[3].txt -> Spyware.Cookie.2o7 : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@questionmarket[3].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@com[3].txt -> Spyware.Cookie.Com : Cleaned with backup
F:\WINDOWS.001\Cookies\roger gonzalez@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
::Report End
Logfile of HijackThis v1.99.1
Scan saved at 09:37:42 PM, on 23/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS.001\System32\smss.exe
C:\WINDOWS.001\system32\winlogon.exe
C:\WINDOWS.001\system32\services.exe
C:\WINDOWS.001\system32\lsass.exe
C:\WINDOWS.001\system32\svchost.exe
C:\WINDOWS.001\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS.001\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS.001\Explorer.EXE
C:\WINDOWS.001\System32\tcpsvcs.exe
C:\WINDOWS.001\System32\snmp.exe
C:\WINDOWS.001\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS.001\system32\fxssvc.exe
C:\WINDOWS.001\system32\hplampc.exe
C:\WINDOWS.001\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS.001\system32\pctspk.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS.001\SYSTEM32\VirtualExpander\VirtualExpander.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS.001\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ewido anti-malware\SecuritySuite.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Documents and Settings\Roger Gonzalez\Local Settings\Temp\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.cnn.com/
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS.001\system32\Userinit.exe
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\dapbho.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS.001\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [hplampc] C:\WINDOWS.001\system32\hplampc.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS.001\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS.001\SiSUSBrg.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS.001\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: VirtualExpander.lnk = C:\WINDOWS.001\SYSTEM32\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: Yahoo! Dominoes -
http://download.game...ts/y/dot8_x.cab
O16 - DPF: Yahoo! Literati -
http://download.game...nts/y/tt3_x.cab
O16 - DPF: Yahoo! Pool 2 -
http://download.game...ts/y/pote_x.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) -
http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) -
http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) -
http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) -
http://us.creative.c...119/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) -
http://go.microsoft....467&clcid=0x409
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1126564477275
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...StatsClient.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) -
http://activex.micro...n7/dlhelper.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) -
http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
https://www-secure.s...rl/SymAData.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://download.game...aploader_v6.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.h.../qdiagh.cab?319
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zon...ireShowdown.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2CAE366B-AC0E-486D-9F61-3D9A449F0BE6}: NameServer = 196.3.132.1,196.3.132.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{824677BE-35D4-4291-BA00-46CA45C12D60}: NameServer = 196.3.132.1,196.3.132.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{2CAE366B-AC0E-486D-9F61-3D9A449F0BE6}: NameServer = 196.3.132.1,196.3.132.4
O17 - HKLM\System\CS3\Services\Tcpip\..\{2CAE366B-AC0E-486D-9F61-3D9A449F0BE6}: NameServer = 196.3.132.1,196.3.132.4
O18 - Filter: text/html - {FA6D3514-3F40-47F3-B846-539C7ED25A24} - (no file)
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS.001\System32\catsrvut.dll
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe