Thread: Wierd virus! ...sytem32/1417376314.dll
View Single Post
Old 02-10-2007, 01:48 AM   #3 (permalink)
Taki100
Registered User
 
Join Date: Feb 2007
Posts: 8
OS: XP


Cheers Mate.

I did all thing things you told me too and here are the resulting logs.


"Alan Stevens" - 07-02-09 20:20:44 Service Pack 2
ComboFix 07-02-08.2 - Running from: "C:\Documents and Settings\Alan Stevens\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\1417376314.dll
C:\WINDOWS\system32\472459550.dll
C:\WINDOWS\system32\drivers\npf.sys
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\qoobox\purity\Program Files\CURITY~1
C:\qoobox\purity\Program Files\CURITY~1\??curity
C:\qoobox\purity\Program Files\CURITY~1\??curity\ctxad-452.0000
C:\qoobox\purity\Program Files\CURITY~1\??curity\ctxad-452.0001
C:\qoobox\purity\Program Files\CURITY~1\??curity\ctxad-452.0002
C:\qoobox\purity\Program Files\CURITY~1\??curity\ctxad-452.0003
C:\qoobox\purity\Program Files\CURITY~1\??curity\ctxad-452.0004
C:\qoobox\purity\Program Files\CURITY~1\??curity\ctxad-452.0005
C:\qoobox\purity\Program Files\CURITY~1\??curity\ctxad-452.0006
C:\qoobox\purity\Program Files\CURITY~1\??curity\ctxad-452.0007


((((((((((((((((((((((((((((((( Files Created from 2007-01-09 to 2007-02-09 ))))))))))))))))))))))))))))))))))


2007-02-09 20:17 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-02-09 20:17 <DIR> d-------- C:\Program Files\Grisoft
2007-02-09 20:12 <DIR> d-------- C:\HJT
2007-02-08 18:18 <DIR> d-------- C:\WINDOWS\McAfee.com
2007-02-07 18:43 <DIR> d-------- C:\DOCUME~1\Anyone\Application Data\Sun
2007-02-05 18:42 <DIR> d-------- C:\Program Files\Schtrom
2007-02-03 20:14 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Application Data\Help
2007-02-03 19:17 <DIR> d-------- C:\DOCUME~1\Anyone\Application Data\Adobe
2007-02-01 04:56 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-02-01 04:56 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-02-01 04:56 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-02-01 04:56 639,066 --a------ C:\WINDOWS\system32\DivX.dll
2007-01-31 21:46 <DIR> d-------- C:\Program Files\Xbox Backup Creator
2007-01-31 21:46 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-01-31 21:27 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-01-30 23:15 118,784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-01-30 22:54 <DIR> d-------- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2007-01-30 04:56 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-01-29 17:08 0 --a------ C:\WINDOWS\system32\E6106F1D.exe
2007-01-28 19:11 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-01-28 19:11 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-01-28 19:11 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-01-28 18:20 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Phone Browser
2007-01-26 01:18 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-01-26 01:18 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-01-26 01:13 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-01-26 01:13 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-01-26 01:13 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-01-26 01:13 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-01-26 01:13 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-01-26 01:13 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-01-26 01:13 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-01-16 19:57 <DIR> d-------- C:\Program Files\Elecard
2007-01-16 19:57 <DIR> d-------- C:\Program Files\Common Files\Elecard
2007-01-15 21:26 <DIR> d-------- C:\DOCUME~1\Anyone\Application Data\Corel
2007-01-15 20:22 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Teleca(2)
2007-01-15 17:47 <DIR> d-------- C:\Program Files\DVBPortal
2007-01-13 22:10 <DIR> d-------- C:\Program Files\AC3Filter
2007-01-13 22:09 <DIR> d-------- C:\Program Files\GSpot
2007-01-11 11:47 <DIR> d-------- C:\DOCUME~1\Anyone\Application Data\Real
2007-01-11 11:44 <DIR> d-------- C:\DOCUME~1\Anyone\Application Data\Apple Computer
2007-01-10 21:42 <DIR> d-------- C:\DOCUME~1\ALANST~1\Application Data\NewsLeecher
2007-01-10 18:26 <DIR> d-------- C:\DOCUME~1\Anyone\Application Data\Google
2007-01-10 18:23 <DIR> d-------- C:\DOCUME~1\Anyone\Contacts
2007-01-09 21:08 <DIR> d-------- C:\WINDOWS\ie7updates


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-02-09 20:07 -------- d-------- C:\Program Files\mozilla firefox
2007-02-09 07:26 12 --a------ C:\WINDOWS\bthservsdp.dat
2007-02-08 17:44 20 --a------ C:\sccfg.sys
2007-02-07 20:46 146 --a------ C:\WINDOWS\system32\imon1.dat
2007-02-07 20:44 -------- d-------- C:\Program Files\divx
2007-02-03 19:41 1056 --ahs---- C:\WINDOWS\system32\kgygaavl.sys
2007-02-01 22:02 -------- d-------- C:\Program Files\google
2007-01-30 18:47 -------- d-------- C:\Program Files\newsleecher
2007-01-30 05:03 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-01-26 01:19 36624 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-01-26 01:19 118520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-01-26 01:19 116472 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-01-15 20:51 -------- d-------- C:\Program Files\Common Files\teleca shared
2007-01-10 20:12 -------- d-------- C:\Program Files\accurate shutdown
2007-01-09 19:14 -------- d--h----- C:\Program Files\installshield installation information
2007-01-08 17:05 -------- d-------- C:\DOCUME~1\ALANST~1\Application Data\newsbin
2007-01-08 17:04 -------- d-------- C:\Program Files\newsbin
2007-01-08 17:04 -------- d-------- C:\DOCUME~1\ALANST~1\Application Data\utorrent
2007-01-07 19:41 -------- d-------- C:\Program Files\utorrent
2007-01-06 17:42 -------- d-------- C:\Program Files\emule
2007-01-05 20:03 -------- d-------- C:\Program Files\counter-strike 1.6
2007-01-05 19:07 -------- d-------- C:\Program Files\trackmania united
2007-01-05 14:12 -------- d-------- C:\Program Files\imgburn
2007-01-05 14:12 -------- d-------- C:\DOCUME~1\ALANST~1\Application Data\imgburn
2006-12-30 21:14 -------- d-------- C:\DOCUME~1\ALANST~1\Application Data\divx
2006-12-22 19:24 -------- d-------- C:\Program Files\william hill poker
2006-12-19 21:14 -------- d-------- C:\Program Files\msn messenger
2006-12-19 20:55 10944 --a------ C:\WINDOWS\byefish.exe
2006-12-12 16:24 12288 --a------ C:\WINDOWS\system32\divxwmpexttype.dll
2006-12-10 14:02 -------- d-------- C:\Program Files\itunes
2006-12-10 14:02 -------- d-------- C:\Program Files\ipod
2006-12-10 14:01 -------- d-------- C:\Program Files\quicktime
2006-12-03 19:04 48424 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-11-27 20:44 737280 --a------ C:\WINDOWS\iun6002.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"PeerGuardian"="C:\\Program Files\\PeerGuardian2\\pg2.exe"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"STYLEXP"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"SoundMan"="SOUNDMAN.EXE"
"nwiz"="nwiz.exe /install"
"CoolSwitch"="C:\\WINDOWS\\system32\\taskswitch.exe"
"DataLayer"="C:\\Program Files\\Common Files\\PCSuite\\DataLayer\\DataLayer.exe"
"nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
"mspwr"="C:\\WINDOWS\\system32\\PuXpMan2.exe"
"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\not active]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
"backup"="C:\\WINDOWS\\pss\\BlueSoleil.lnkCommon Startup"
"location"="Common Startup"
"item"="BlueSoleil"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BJPSMAIN"
"hkey"="HKLM"
"command"="C:\\Program Files\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="isuspm"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="issch"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -k"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -k"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LaunchApplication"
"hkey"="HKLM"
"command"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StyleXP"
"hkey"="HKCU"
"command"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WFWIZ"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=dword:00000002
"StuffIt Task Manager"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"appinit_dlls"="wbsys.dll"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{9EF34FF2-3396-4527-9D27-04C8C1C67806}"="Microsoft AntiSpyware Service Hook"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"0aMCPClient"="{F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Spyware Doctor"=""

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"Spyware Doctor"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
@="0"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowRun"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
bthsvcs REG_MULTI_SZ BthServ\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_DRIVER
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_GUARD


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\BitComet.job


********************************************************************

catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\windowfx3.ini 0 bytes
C:\WINDOWS\Windows Update Setup Files
C:\WINDOWS\Windows Update Setup Files\filelist.dat 24 bytes
C:\WINDOWS\Windows Update Setup Files\iesetup.dir 0 bytes
C:\WINDOWS\Windows Update.log 49152 bytes
C:\WINDOWS\WindowsShell.Manifest 4096 bytes
C:\WINDOWS\WindowsUpdate.log 1404928 bytes
C:\WINDOWS\winhelp.exe 258048 bytes
C:\WINDOWS\winhlp32.exe 286720 bytes
C:\WINDOWS\winnt.bmp 49152 bytes
C:\WINDOWS\winnt256.bmp 49152 bytes
C:\WINDOWS\WINNT32.LOG 32768 bytes
C:\WINDOWS\WinSxS
C:\WINDOWS\WinSxS\InstallTemp
C:\WINDOWS\WinSxS\Manifests
C:\WINDOWS\WinSxS\Policies
C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a
C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da
C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d
C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213
C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.10.0_x-ww_712befd8
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0
C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
C:\WINDOWS\WMFDist11.log 57344 bytes
C:\WINDOWS\wmp11.log 40960 bytes
C:\WINDOWS\wmsetup.log 151552 bytes
C:\WINDOWS\wmsetup10.log 20480 bytes
C:\WINDOWS\WMSysPr9.prx 319488 bytes
C:\WINDOWS\WMSysPrx.prx 303104 bytes
C:\WINDOWS\wsdu.log 152 bytes
C:\WINDOWS\Wudf01000Inst.log 28672 bytes
C:\WINDOWS\XP2.bmp 978944 bytes
C:\WINDOWS\xpsp1hfm.log 8192 bytes
C:\WINDOWS\yacs.log 4096 bytes
C:\WINDOWS\YAHELITE.INI 8192 bytes
C:\WINDOWS\YAHELITE_IGNORE.INI 4096 bytes
C:\WINDOWS\YahSho.ini 24 bytes
C:\WINDOWS\YAHVOX_ignore.ini 16 bytes
C:\WINDOWS\_default.pif 712 bytes

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 53

********************************************************************

Completion time: 07-02-09 20:25:11

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 22:44:21 09/02/2007

+ Scan result:



C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/Casino.exe -> Adware.Casino : Ignored.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/casino.exe -> Adware.Casino : Ignored.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/UCMIE.dll -> Adware.Ucmore : Ignored.
C:\WINDOWS\system32\iifdeca.dll -> Adware.Virtumonde : Ignored.
C:\WINDOWS\Downloaded Program Files\AXWebMonProj1.ocx -> Backdoor.Ghost.34 : Cleaned with backup (quarantined).
C:\Program Files\Camfrog\Camfrog Video Chat 3.4\patch.exe -> Dropper.Delf.qo : Cleaned with backup (quarantined).
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.125:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.126:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.127:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.142:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.145:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.17:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.253:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.254:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.41:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\MCX3\Cookies\mcx3@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\t2pdcnmg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.23:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\t2pdcnmg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.24:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\t2pdcnmg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.26:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.27:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.28:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.304:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.306:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.64:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.66:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.266:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.267:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.268:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.269:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.270:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.45:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.49:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.28:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.29:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.30:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.32:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.359:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.36:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\t2pdcnmg.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.40:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.57:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@bfast[1].txt -> TrackingCookie.Bfast : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.74:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.76:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.279:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.280:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.281:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.131:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@com[2].txt -> TrackingCookie.Com : Cleaned.
:mozilla.21:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.9:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
D:\Documents and Settings\MCX3\Cookies\mcx3@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.255:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.259:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.260:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.261:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.262:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.263:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.264:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.265:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.358:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.319:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.322:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.55:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.312:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.115:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.217:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.218:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.225:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.227:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.230:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.233:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.311:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.116:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.117:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.118:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.31:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\t2pdcnmg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.35:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\t2pdcnmg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.96:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.97:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@ehg-autotrader.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@ehg-hotgroup.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@ehg-idg.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@counter.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.275:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Information : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.313:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.109:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.110:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.30:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.175:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.176:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.116:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.144:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@popunder.paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.320:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.276:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.33:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.34:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.35:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.36:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.37:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.38:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
D:\Documents and Settings\Taki\Cookies\taki@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@counter10.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.10:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.11:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.22:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.23:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.345:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.355:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.146:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.147:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.148:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@spylog[2].txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.20:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\t2pdcnmg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.283:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.286:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.32:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.73:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.75:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.105:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.314:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.315:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.316:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.317:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.318:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.321:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.72:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.133:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.19:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.20:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.20:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.120:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.121:D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.14:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.8:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.272:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.273:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.274:C:\Documents and Settings\Anyone\Application Data\Mozilla\Firefox\Profiles\2q9p6dgf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\7,25,2005_20,46,26.zip/alan stevens@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Program Files\NoAdware\NoAdwareBackup\8,9,2005_20,8,29.zip/alan stevens@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{13B9AB68-59DA-40B9-BB5C-495E69A9E7CC}\RP605\A0134927.dll -> Trojan.Ceda.b : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{13B9AB68-59DA-40B9-BB5C-495E69A9E7CC}\RP601\A0132169.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).


::Report end

Activescan

Incident Status Location

Virus:Bck/IRCbot.ZX Disinfected Operating system
Potentially unwanted tool:application/altnet Not disinfected hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache\AltnetDM
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Alan Stevens\Application Data\Mozilla\Firefox\Profiles\ykcy1uol.default\cookies.txt[.atdmt.com/]
Virus:Bck/IRCbot.ZX Disinfected C:\WINDOWS\system32\1417376314.dll
Potentially unwanted tool:Application/CloseApp Not disinfected C:\WINDOWS\system32\closeapp.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\iifdeca.dll
Spyware:Cookie/888 Not disinfected D:\Documents and Settings\Taki\Application Data\Mozilla\Firefox\Profiles\e1m2yejc.default\cookies.txt[.888.com/]
Hacktool:HackTool/Flood Not disinfected H:\xbox\XBINS-TIRC.rar[web\nHTMLn_2.92.dll]


Logfile of HijackThis v1.99.1
Scan saved at 08:47:19, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wwSecure.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\system32\PuXpMan2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\4t Tray Minimizer\4t-min.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [mspwr] C:\WINDOWS\system32\PuXpMan2.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: 4t Tray Minimizer.lnk = C:\Program Files\4t Tray Minimizer\4t-min.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...58/mcfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iPod Service iPodseclogon (iPodseclogon) - Unknown owner - C:\WINDOWS\system32\32218.exe (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

I'll let you know how things go mate!!! Cheers for the help
Taki100 is offline