Ok her are the logs yuo requested
I did not do the HiJackthis until after all the scans and removals were complete.
SUPERAntiSpyware Scan Log
Generated 02/26/2007 at 01:28 PM
Application Version : 3.5.1016
Core Rules Database Version : 3189
Trace Rules Database Version: 1199
Scan type : Complete Scan
Total Scan Time : 01:34:03
Memory items scanned : 520
Memory threats detected : 0
Registry items scanned : 6330
Registry threats detected : 2
File items scanned : 116175
File threats detected : 142
Adware.Lop-Gen
[Thunk new manager else] C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\PING SEND THUNK NEW\DASHBORE.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\PING SEND THUNK NEW\DASHBORE.EXE
[Ford dumb] C:\DOCUME~1\ED\APPLIC~1\HTMSTART\AXIS DRIVE.EXE
C:\DOCUME~1\ED\APPLIC~1\HTMSTART\AXIS DRIVE.EXE
C:\DOCUMENTS AND SETTINGS\ED\APPLICATION DATA\HTMSTART\AXIS DRIVE.EXE
C:\DOCUMENTS AND SETTINGS\ED\APPLICATION DATA\HTMSTART\BOOBBINDBIN.EXE
C:\DOCUMENTS AND SETTINGS\ED\APPLICATION DATA\HTMSTART\UQNJVOVM.EXE
Adware.Tracking Cookie
C:\Documents and Settings\Ed\Cookies\ed@tribalfusion[2].txt
C:\Documents and Settings\Ed\Cookies\ed@hotlog[2].txt
C:\Documents and Settings\Ed\Cookies\ed@www.crackserialkeygen[2].txt
C:\Documents and Settings\Ed\Cookies\ed@login.tracking101[2].txt
C:\Documents and Settings\Ed\Cookies\ed@www.burstnet[1].txt
C:\Documents and Settings\Ed\Cookies\ed@www.serialadapters[1].txt
C:\Documents and Settings\Ed\Cookies\ed@adlegend[2].txt
C:\Documents and Settings\Ed\Cookies\ed@media303[2].txt
C:\Documents and Settings\Ed\Cookies\ed@usenext[1].txt
C:\Documents and Settings\Ed\Cookies\ed@stopzilla[2].txt
C:\Documents and Settings\Ed\Cookies\ed@server.lon.liveperson[2].txt
C:\Documents and Settings\Ed\Cookies\ed@revsci[2].txt
C:\Documents and Settings\Ed\Cookies\ed@www.googleadservices[2].txt
C:\Documents and Settings\Ed\Cookies\ed@www.burstbeacon[2].txt
C:\Documents and Settings\Ed\Cookies\ed@www.crackedwarez[2].txt
C:\Documents and Settings\Ed\Cookies\ed@blockbuster.112.2o7[1].txt
C:\Documents and Settings\Ed\Cookies\ed@versiontracker[2].txt
C:\Documents and Settings\Ed\Cookies\ed@precisionclick[2].txt
C:\Documents and Settings\Ed\Cookies\ed@edge.ru4[1].txt
C:\Documents and Settings\Ed\Cookies\ed@adserver.adreactor[1].txt
C:\Documents and Settings\Ed\Cookies\ed@linkstattrack[1].txt
C:\Documents and Settings\Ed\Cookies\ed@stat.onestat[2].txt
C:\Documents and Settings\Ed\Cookies\ed@www.googleadservices[1].txt
C:\Documents and Settings\Ed\Cookies\ed@adopt.euroclick[1].txt
C:\Documents and Settings\Ed\Cookies\ed@affiliates.mediaspecials[2].txt
C:\Documents and Settings\Ed\Cookies\ed@publishers.clickbooth[2].txt
C:\Documents and Settings\Ed\Cookies\ed@www.stopzilla[1].txt
C:\Documents and Settings\Ed\Cookies\ed@msnportal.112.2o7[1].txt
C:\Documents and Settings\Ed\Cookies\ed@ad.zanox[1].txt
C:\Documents and Settings\Ed\Cookies\ed@burstnet[1].txt
C:\Documents and Settings\Ed\Cookies\ed@questionmarket[1].txt
C:\Documents and Settings\Ed\Cookies\ed@sonycorporate.122.2o7[1].txt
C:\Documents and Settings\Ed\Cookies\ed@cc.bridgetrack[2].txt
C:\Documents and Settings\Ed\Cookies\ed@pch.122.2o7[1].txt
C:\Documents and Settings\Ed\Cookies\ed@azjmp[1].txt
C:\Documents and Settings\Ed\Cookies\ed@serialdevil[1].txt
C:\Documents and Settings\Ed\Cookies\ed@perf.overture[1].txt
C:\Documents and Settings\Ed\Cookies\ed@ad.cs102175[1].txt
C:\Documents and Settings\Ed\Cookies\ed@www.serialdevil[1].txt
C:\Documents and Settings\Ed\Cookies\ed@firstpremierbankcard.112.2o7[1].txt
C:\Documents and Settings\Ed\Cookies\ed@server.lon.liveperson[1].txt
C:\Documents and Settings\Ed\Cookies\ed@bookspan.122.2o7[1].txt
C:\Documents and Settings\Ed\Cookies\ed@e-2dj6wakislczaeo.stats.esomniture[2].txt
C:\Documents and Settings\Ed\Cookies\ed@nextag[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@a.websponsors[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ad.contentmedianetwork[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ad.cs102175[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ad.zanox[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@adbrite[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@adecn[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@adinterax[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@adlegend[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@adopt.euroclick[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ads.ak.facebook[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ads.as4x.tmcs.ticketmaster[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ads.ft[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ads.glispa[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ads.iconator[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ads.ozonemedia.co[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ads.realtechnetwork[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@adultfriendfinder[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@aff.primaryads[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@angleinteractive.directtrack[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@as-eu.falkag[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@azjmp[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@bannerads.zwire[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@bannerads.zwire[3].txt
C:\Documents and Settings\Amanda\Cookies\amanda@belnk[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@bizrate[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@clickshift[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@clicksor[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@da-tracking[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@dealtime[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@directtrack[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@dist.belnk[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@ecnext.advertserve[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@fastclick[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@fcstats.bcentral[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@i.screensavers[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@indextools[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@keywordmax[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@login.tracking101[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@media.fastclick[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@media.hotels[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@nextag[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@offers.clickbooth[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@offers.intermediainteractive[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@overture[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@partner2profit[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@publishers.clickbooth[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@qnsr[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@revsci[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@roiservice[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@screensavers[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@server11.clickfacts[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@smileycentral[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@stat.dealtime[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@stats.drivecleaner[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@tracking.schwablearning[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@tripod[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@try.screensavers[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@www.0stats[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@www.googleadservices[2].txt
C:\Documents and Settings\Amanda\Cookies\amanda@www.loonycounter[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@www.ticketsnow2[1].txt
C:\Documents and Settings\Amanda\Cookies\amanda@www.xctrk[2].txt
NoLop! Log by Skate_Punk_21
Please Note: any existing old logs will have now been renamed to NoLop!OLD.log
Fix running from: C:\Documents and Settings\Ed\Desktop
[2/26/2007]
[11:40:30 AM]
---Infection Files Found/Removed---
C:\WINDOWS\tasks\AEE818D991878B91.job
Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**
---Listing AppData sub directories---
C:\Documents and Settings\Administrator\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Adobe Systems
C:\Documents and Settings\All Users\Application Data\Aol
C:\Documents and Settings\All Users\Application Data\Aol Downloads
C:\Documents and Settings\All Users\Application Data\Aol Ocp
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Ca
C:\Documents and Settings\All Users\Application Data\Dataviz
C:\Documents and Settings\All Users\Application Data\Hotsync
C:\Documents and Settings\All Users\Application Data\Intuit
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Nvidia Corporation
C:\Documents and Settings\All Users\Application Data\Nview_profiles -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Ping Send Thunk New
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Stopzilla!
C:\Documents and Settings\All Users\Application Data\Temp -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\Yahoo!
C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
C:\Documents and Settings\All Users\Application Data\Zillabar
C:\Documents and Settings\Amanda\Application Data\Acccore
C:\Documents and Settings\Amanda\Application Data\Adobe
C:\Documents and Settings\Amanda\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Amanda\Application Data\Apple Computer
C:\Documents and Settings\Amanda\Application Data\Creative
C:\Documents and Settings\Amanda\Application Data\Hotsync
C:\Documents and Settings\Amanda\Application Data\Identities
C:\Documents and Settings\Amanda\Application Data\Lavasoft
C:\Documents and Settings\Amanda\Application Data\Limewire
C:\Documents and Settings\Amanda\Application Data\Logitech
C:\Documents and Settings\Amanda\Application Data\Macromedia
C:\Documents and Settings\Amanda\Application Data\Microsoft
C:\Documents and Settings\Amanda\Application Data\Roxio
C:\Documents and Settings\Amanda\Application Data\Sun
C:\Documents and Settings\Amanda\Application Data\Viewpoint
C:\Documents and Settings\Amanda\Application Data\Yahoo!
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Ed\Application Data\Acccore
C:\Documents and Settings\Ed\Application Data\Adobe
C:\Documents and Settings\Ed\Application Data\Adobeum
C:\Documents and Settings\Ed\Application Data\Apple Computer
C:\Documents and Settings\Ed\Application Data\Arcsoft
C:\Documents and Settings\Ed\Application Data\Cowon
C:\Documents and Settings\Ed\Application Data\Creative
C:\Documents and Settings\Ed\Application Data\Google
C:\Documents and Settings\Ed\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Ed\Application Data\Hotsync
C:\Documents and Settings\Ed\Application Data\Htmstart
C:\Documents and Settings\Ed\Application Data\Identities
C:\Documents and Settings\Ed\Application Data\Intuit
C:\Documents and Settings\Ed\Application Data\Lavasoft
C:\Documents and Settings\Ed\Application Data\Leadertech
C:\Documents and Settings\Ed\Application Data\Logitech
C:\Documents and Settings\Ed\Application Data\Macromedia
C:\Documents and Settings\Ed\Application Data\Microsoft
C:\Documents and Settings\Ed\Application Data\Roxio
C:\Documents and Settings\Ed\Application Data\Sun
C:\Documents and Settings\Ed\Application Data\Warez
C:\Documents and Settings\Ed\Application Data\Yahoo!
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Microsoft
C:\Documents and Settings\Susan\Application Data\Hotsync
C:\Documents and Settings\Susan\Application Data\Identities
C:\Documents and Settings\Susan\Application Data\Logitech
C:\Documents and Settings\Susan\Application Data\Macromedia
C:\Documents and Settings\Susan\Application Data\Microsoft
C:\Documents and Settings\Susan\Application Data\Roxio
Logfile of HijackThis v1.99.1
Scan saved at 3:11:37 PM, on 2/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Ed\LOCALS~1\Temp\Rar$EX00.994\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.7.0\ViewBarBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\IEViewBar.dll
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: AdsGone.lnk = C:\Program Files\AdsGone\AdsGone.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by105fd.bay10...es/MsnPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebo...otoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1157306228193
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1157307020250
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcaf...841/mcfscan.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
So far no more popups ,but time will tell if the tracking caouses a problem.
I will provide financial support if this works out., in addition Ill need to provide a donation to the software providers.
Thanks for your help and hopefully im clean