Thread: Problems with amaena.com and WinFixer
View Single Post
Old 04-17-2006, 03:16 PM   #5 (permalink)
paul_kimber
Registered User
 
Join Date: Mar 2005
Posts: 23
OS: Windows XP


Hi there the system seems alot thanks

Here is my Panda Scan Report


Incident Status Location

Adware:adware/deskwizz Not disinfected C:\WINDOWS\dh.ini
Adware:adware/dollarrevenue Not disinfected C:\WINDOWS\drsmartload2.dat
Adware:adware/webhancer Not disinfected C:\PROGRAM FILES\webHancer
Adware:adware/searchexe Not disinfected Windows Registry
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Documents and Settings\Paul\Cookies\paul@247realmedia[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Paul\Cookies\paul@adopt.hbmediapro[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Paul\Cookies\paul@adrevolver[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Paul\Cookies\paul@adtech[2].txt
Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Paul\Cookies\paul@anm.co[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Paul\Cookies\paul@apmebf[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Paul\Cookies\paul@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Paul\Cookies\paul@atwola[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Paul\Cookies\paul@belnk[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Paul\Cookies\paul@bravenet[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Paul\Cookies\paul@cassava[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Paul\Cookies\paul@cgi-bin[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Paul\Cookies\paul@cgi-bin[4].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Paul\Cookies\paul@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Paul\Cookies\paul@doubleclick[1].txt
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Paul\Cookies\paul@fortunecity[2].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Paul\Cookies\paul@landing.domainsponsor[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Paul\Cookies\paul@maxserving[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Paul\Cookies\paul@mediaplex[1].txt
Spyware:Cookie/Qsrch Not disinfected C:\Documents and Settings\Paul\Cookies\paul@qsrch[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Paul\Cookies\paul@realmedia[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Paul\Cookies\paul@searchportal.information[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Paul\Cookies\paul@statse.webtrendslive[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Paul\Cookies\paul@tribalfusion[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Paul\Cookies\paul@winfixer[2].txt
Spyware:Cookie/FindtheWebsiteYouNeed Not disinfected C:\Documents and Settings\Paul\Cookies\paul@www.findthewebsiteyouneed[1].txt
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Paul\Cookies\paul@www48.seeq[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Paul\Cookies\paul@xiti[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Paul\Cookies\paul@xmts[2].txt
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Documents and Settings\Paul\Cookies\paul@247realmedia[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Paul\Cookies\paul@adopt.hbmediapro[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Paul\Cookies\paul@adrevolver[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Paul\Cookies\paul@adtech[2].txt
Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Paul\Cookies\paul@anm.co[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Paul\Cookies\paul@apmebf[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Paul\Cookies\paul@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Paul\Cookies\paul@atwola[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Paul\Cookies\paul@belnk[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Paul\Cookies\paul@bravenet[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Paul\Cookies\paul@cassava[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Paul\Cookies\paul@cgi-bin[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Paul\Cookies\paul@cgi-bin[4].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Paul\Cookies\paul@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Paul\Cookies\paul@doubleclick[1].txt
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Paul\Cookies\paul@fortunecity[2].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Paul\Cookies\paul@landing.domainsponsor[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Paul\Cookies\paul@maxserving[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Paul\Cookies\paul@mediaplex[1].txt
Spyware:Cookie/Qsrch Not disinfected C:\Documents and Settings\Paul\Cookies\paul@qsrch[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Paul\Cookies\paul@realmedia[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Paul\Cookies\paul@searchportal.information[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Paul\Cookies\paul@statse.webtrendslive[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Paul\Cookies\paul@tribalfusion[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Paul\Cookies\paul@winfixer[2].txt
Spyware:Cookie/FindtheWebsiteYouNeed Not disinfected C:\Documents and Settings\Paul\Cookies\paul@www.findthewebsiteyouneed[1].txt
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Paul\Cookies\paul@www48.seeq[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Paul\Cookies\paul@xiti[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Paul\Cookies\paul@xmts[2].txt
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[adi3d2ag.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[adledit.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[ccadmin.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[cccdll.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[cgcisco.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[cjrpol.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[CKCL150.DLL]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[dfound3d.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[dwnmodem.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[en4ul1h91.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[enlul1391.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[f4j20e1oeh.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[fp0s03d7e.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[gtkrsrc.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[ibrdbg32.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[iglogmsg.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[iHsads.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[ihwphbk.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[ii41_qc.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[ipuv_32.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[ir4ol5h31.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[ir6ql5j51.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[irpol5731.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[kmdgae.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[l0n4la5q1d.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[lacwmi.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[lbbeay32.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[lorhelp.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[lvr8099ue.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[lvrs0997e.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[m6lslg3716.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[m8rm0i91e8.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[mlsystem.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[mpasn1.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[mvmdd.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[nblanui.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[nflanui2.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[nkshrui.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[nlshrui.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[nudll.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[nutmsg.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[okethk32.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[oneacc.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[pIutoenr.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[pltorsvc.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[pqotowiz.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[q4860elsehq60.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[rqpcfgex.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[sdxcoins.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[sle.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[sspblb.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[udrfaxa.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[uzrdpa.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[vha.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[wmnshfhc.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[wnnfax.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\backup.zip[wtw32.dll]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Paul\Desktop\l2mfix.exe[Process.exe]
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@adopt.hbmediapro[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@adrevolver[1].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@apmebf[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@errorsafe[2].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@gostats[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@realmedia[1].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@rn11[2].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@toplist[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@winfixer[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@www.errorsafe[1].txt
Spyware:Cookie/FindtheWebsiteYouNeed Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Cookies\paul@www.findthewebsiteyouneed[1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Paul\Local Settings\Temp\Temporary Internet Files\Content.IE5\89ABCDEF\l2mfix[1].exe[Process.exe]
Adware:Adware/PurityScan Not disinfected C:\Documents and Settings\Paul\Local Settings\Temporary Internet Files\Content.IE5\4L2V4TQ7\Veracruz[1].exe
Adware:Adware/Deskwizz Not disinfected C:\Documents and Settings\Paul\Local Settings\Temporary Internet Files\Content.IE5\WLQBCPEZ\sk02[1].exe
Adware:Adware/WebHancer Not disinfected C:\Program Files\webHancer\Programs\SETC.tmp
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-1644491937-507921405-854245398-1004\Dc16.exe
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-1644491937-507921405-854245398-1004\Dc16.exe[whAgent.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-1644491937-507921405-854245398-1004\Dc16.exe[whInstaller.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-1644491937-507921405-854245398-1004\Dc16.exe[whSurvey.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-1644491937-507921405-854245398-1004\Dc16.exe[webhdll.dll]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-1644491937-507921405-854245398-1004\Dc16.exe[whiehlpr.dll]
Adware:Adware/Deskwizz Not disinfected C:\RECYCLER\S-1-5-21-1644491937-507921405-854245398-1004\Dc17.exe
Spyware:Cookie/888 Not disinfected C:\WINDOWS\Temp\Cookies\paul@888[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\WINDOWS\Temp\Cookies\paul@adopt.hbmediapro[2].txt
Spyware:Cookie/Cassava Not disinfected C:\WINDOWS\Temp\Cookies\paul@cassava[1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\WINDOWS\Temp\Cookies\paul@errorsafe[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\WINDOWS\Temp\Cookies\paul@i.screensavers[1].txt
Spyware:Cookie/Rn11 Not disinfected C:\WINDOWS\Temp\Cookies\paul@rn11[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\WINDOWS\Temp\Cookies\paul@winfixer[2].txt
Spyware:Cookie/Xmts Not disinfected C:\WINDOWS\Temp\Cookies\paul@xmts[1].txt
Virus:Exploit/ByteVerify Disinfected C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\FS83V5RY\classload[1].jar[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\FS83V5RY\classload[1].jar[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\FS83V5RY\classload[1].jar[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\FS83V5RY\classload[1].jar[Installer.class]

Here is my HJT Log

Logfile of HijackThis v1.99.1
Scan saved at 22:09:42, on 17/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\WallMaster\wallmast.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Documents and Settings\Paul\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: WallMaster.lnk = C:\Program Files\WallMaster\wallmast.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1141144390795
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1145223860087
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe


& here is my unistall list

Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0.7
ArcSoft PhotoStudio 5.5
ATI Display Driver
AVG Free Edition
Canon MP Navigator 2.0
Canon MP150
Canon Utilities Easy-PhotoPrint
Conexant 56K ACLink Modem
DivX
Easy-WebPrint
ewido anti-malware
Google Earth
Google Toolbar for Internet Explorer
HijackThis 1.99.1
HP Help and Support
InterActual Player
InterVideo WinDVD 7
iTunes
J2SE Runtime Environment 5.0 Update 6
LimeWire 4.10.9
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Microsoft Office XP Professional
Microsoft Windows XP Video Decoder Checkup Utility
MSN Messenger 7.5
MSXML 4.0 SP2 Parser and SDK
OmniPage SE 2.0
Panda ActiveScan
PHP 5.1.2
QuickTime
RealPlayer
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Spyware Doctor 3.8
Synaptics Pointing Device Driver
Tvants 1.0
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB910437)
WallMaster
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
XoftSpy
paul_kimber is offline