Hi,
Help needed.
keep getting 'computer infected with unkown virus download antispywasre programme.
Cannot use my machine to log into your site the error message appears about a dozen times then freezes. Couldnt run add/remove programme has it doesnt work. Downloaded and ran all the applications requested as per the 5 steps using a memory stick and am logged onto second computer
Deckard's System Scanner v20071014.68
Run by Ronnie Hall on 2008-03-20 19:03:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-20 19:05:08
Platform: Windows 2000 Service Pack 4 (5.00.2195)
MSIE: Internet Explorer (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINNT\system32\SMSS.EXE
C:\WINNT\system32\WINLOGON.EXE
C:\WINNT\system32\SERVICES.EXE
C:\WINNT\system32\LSASS.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgemc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINNT\system32\cisvc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\mstask.exe
C:\WINNT\system32\wbem\WinMgmt.exe
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\explorer.exe
C:\WINNT\vsnpstd.exe
C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-gb\msnappau.exe
C:\Program Files\McAfee\QuickClean\Plguni.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\WINNT\system32\spool\drivers\w32x86\3\E_FATIBGE.EXE
C:\Program Files\TrojanHunter 5.0\THGuard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office\1033\MSOFFICE.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINNT\system32\cidaemon.exe
G:\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://home.microsoft.com/search/lobby/search.asp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/en-gb/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O2 - BHO: Media Player Classic - {CE0487CA-8B02-431E-BA63-D38844E020B5} - C:\WINNT\ausctv32a.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\Program Files\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: ToolbarContainer211.dll - {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - C:\Program Files\Orange Toolbar UK\ToolbarContainer211.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [snpstd] C:\WINNT\vsnpstd.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-gb\msnappau.exe"
O4 - HKLM\..\Run: [Imonitor] "C:\Program Files\McAfee\QuickClean\PlgUni.exe" /START
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [EPSON Stylus D78 Series] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE /FU "C:\WINNT\TEMP\E_S51.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.0\THGuard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /startmonitor
O4 - HKCU\..\Run: [Tesco] "C:\Program Files\Tesco internet phone\TescoIP.exe" /autostart
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] C:\WINNT\inf\unregmp2.exe /Fixups (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM
O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM
O10 - Unknown file in Winsock LSP: C:\WINNT\system32\NWPROVAU.DLL
O16 - DPF: Yahoo! Cribbage () -
http://download2.games.yahoo.com/games/clients/y/it1_x.cab
O16 - DPF: Yahoo! Freecell Solitaire () -
http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! Klondike Solitaire () -
http://presence.games.yahoo.com/yog/y/ks12_x.cab
O16 - DPF: {0E0D50BC-E086-4E3A-B07D-C5C5869C0FFF} () -
http://www.gamehouse.com/realarcade-webgames/adventureball/abx.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} () -
http://www.shockwave.com/content/chocolatier/sis/ChocolatierWeb.1.0.0.13.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} () -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {32505657-9980-0010-8000-00AA00389B71} () -
http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} () -
http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} () -
http://www.shockwave.com/content/ricochetlostworlds/sis/ReflexiveWebGameLoader.cab
O16 - DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} () -
http://oberon.orange.co.uk/online2/pirate_poppers/PiratePoppers.1.0.0.32.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} () -
http://sell-vehicle.ebay.co.uk/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1166888056894
O16 - DPF: {64D01C7F-810D-446E-A07E-365764235644} () -
http://kraisoft.com/files/realone/atomaders.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) -
http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166889332752
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} () -
http://www.gamehouse.com/realarcade-webgames/gamehouse/gamehouseplayer.cab
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} () -
http://oberon.orange.co.uk/online2/mystery_solitaire/SpinTopGamesLauncher.cab
O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} () -
http://www.shockwave.com/content/ballistik/sis/slgwebinstall.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} () -
http://www.shockwave.com/content/luxor2/sis/mjolauncher.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -
http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B0FB831D-17F6-4CBD-9B5D-3305881D362E} () -
http://origin.www.shockwave.com/content/reaxxion/sis/HLGLauncher.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} () -
http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} () -
http://www.shockwave.com/content/zenerchi/sis/ZenerchiWeb.1.0.0.10.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) -
http://game06.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) -
http://office.microsoft.com/officeupdate/content/opuc4.cab
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} () -
http://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} () -
http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} () -
http://zone.msn.com/bingame/gold/UnSkin/gf.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} () -
http://zone.msn.com/bingame/hsol/default/SCEWebLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} () -
http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,4929/mcfscan.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\system32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Creative NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
--
End of file - 12309 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 BTHidMgr (Bluetooth HID Manager Service) - c:\winnt\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
R3 BlueletAudio (Bluetooth Audio Service) - c:\winnt\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
R3 BT (Bluetooth PAN Network Adapter) - c:\winnt\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 BTHidEnum (Bluetooth HID Enumerator) - c:\winnt\system32\drivers\vbtenum.sys
R3 snpstd (Trust 120 SpaceCam) - c:\winnt\system32\drivers\snpstd.sys <Not Verified; ; PC Camera driver>
R3 VComm (Virtual Serial port driver) - c:\winnt\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 VcommMgr (Bluetooth VComm Manager Service) - c:\winnt\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\winnt\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>
S3 BTNetFilter (Bluetooth Network Filter) - c:\winnt\system32\drivers\btnetfilter.sys
S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\winnt\system32\drivers\ndisuio.sys (file missing)
S3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\winnt\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 PRISM_A02 (802.11g USB 2.0 adapter) - c:\winnt\system32\drivers\prisma02.sys <Not Verified; Conexant Systems, Inc.; PRISM 802.11 Wireless LAN>
S3 SymEvent - c:\program files\symantec\symevent.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 BlueSoleil Hid Service - c:\program files\ivt corporation\bluesoleil\btntservice.exe
R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
S2 aswUpdSv (avast! iAVS4 Control Service) - "c:\program files\alwil software\avast4\aswupdsv.exe" (file missing)
S2 avast! Antivirus - "c:\program files\alwil software\avast4\ashserv.exe" (file missing)
S2 SNDSrvc (Symantec Network Drivers Service) - "c:\program files\common files\symantec shared\sndsrvc.exe" (file missing)
S3 avast! Mail Scanner - "c:\program files\alwil software\avast4\ashmaisv.exe" /service (file missing)
S3 avast! Web Scanner - "c:\program files\alwil software\avast4\ashwebsv.exe" /service (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {D45B1C18-C8FA-11D1-9F77-0000F805F530}
Description: NT Apm/Legacy Interface Node
Device ID: ROOT\NTAPM\0000
Manufacturer: Microsoft
Name: NT Apm/Legacy Interface Node
PNP Device ID: ROOT\NTAPM\0000
Service: NtApm
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Audio Controller
Device ID: PCI\VEN_1039&DEV_7018&SUBSYS_70181039&REV_02\2&EBB567F&0&0C
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_1039&DEV_7018&SUBSYS_70181039&REV_02\2&EBB567F&0&0C
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Device
Device ID: PCI\VEN_1039&DEV_7013&SUBSYS_70131039&REV_A0\2&EBB567F&0&0E
Manufacturer:
Name: PCI Device
PNP Device ID: PCI\VEN_1039&DEV_7013&SUBSYS_70131039&REV_A0\2&EBB567F&0&0E
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-01-11 18:25:42 420 --a------ C:\WINNT\Tasks\Norton Security Scan.job
-- Files created between 2008-02-20 and 2008-03-20 -----------------------------
2008-03-20 18:10:39 0 d-------- C:\ie-soyad_zo
2008-03-20 18:09:43 0 d-------- C:\ie-spyad_zo
2008-03-20 17:35:25 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_598.dat
2008-03-20 14:18:23 0 d-------- C:\Program Files\adult
2008-03-20 13:43:51 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-20 13:43:43 0 d-------- C:\Program Files\SpywareBlaster
2008-03-20 11:53:04 0 d-------- C:\WINNT\system32\ActiveScan
2008-03-20 11:07:23 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_3b8.dat
2008-03-20 10:11:26 0 d-------- C:\FOUND.001
2008-03-20 08:40:20 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_350.dat
2008-03-20 07:50:00 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_5b4.dat
2008-03-19 21:54:38 0 d-------- C:\Documents and Settings\Ronnie Hall\Application Data\TrojanHunter
2008-03-19 18:25:59 0 d-------- C:\Program Files\TrojanHunter 5.0
2008-03-19 18:05:25 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_34c.dat
2008-03-19 16:44:23 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_470.dat
2008-03-19 12:33:55 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_3dc.dat
2008-03-19 11:13:46 222208 --a------ C:\WINNT\ausctv32a.dll
2008-03-19 11:13:23 51 --a------ C:\xmp.bat
2008-03-18 19:06:56 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_5c4.dat
2008-03-18 18:01:46 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_590.dat
2008-03-18 11:35:14 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_520.dat
2008-03-13 08:13:09 22 --a------ C:\WINNT\?
-- Find3M Report ---------------------------------------------------------------
2008-03-20 10:12:50 1284696 ---h----- C:\WINNT\ShellIconCache
2008-03-13 08:13:10 22 --a------ C:\WINNT\?
2008-02-17 14:26:56 0 d-------- C:\Program Files\EPSON
2008-02-14 11:34:00 22 --a------ C:\WINNT\?
2008-02-10 09:43:06 0 d-------- C:\Documents and Settings\Ronnie Hall\Application Data\AVG7
2008-02-04 09:00:00 19430 --a------ C:\Program Files\ie-nfe.txt
2008-02-04 09:00:00 644651 --a------ C:\Program Files\ie-ads.txt
2008-02-01 18:10:32 16384 --a------ C:\WINNT\system32\Perflib_Perfdata_568.dat
2008-01-23 12:00:02 30618 --a------ C:\Program Files\ReadMe.txt
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CE0487CA-8B02-431E-BA63-D38844E020B5}]
19/03/08 11:13 222208 --a------ C:\WINNT\ausctv32a.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [19/06/03 19:05 C:\WINNT\system32\mobsync.exe]
"snpstd"="C:\WINNT\vsnpstd.exe" [31/12/03 16:39 ]
"nwiz"="nwiz.exe" [09/03/02 09:53 C:\WINNT\system32\nwiz.exe]
"msnappau"="C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-gb\msnappau.exe" [13/08/04 17:41 ]
"Imonitor"="C:\Program Files\McAfee\QuickClean\PlgUni.exe" [27/09/01 02:01 ]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [04/02/02 22:32 ]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [18/03/08 11:52 ]
"EPSON Stylus D78 Series"="C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.exe" [23/02/06 04:00 ]
"THGuard"="C:\Program Files\TrojanHunter 5.0\THGuard.exe" [08/02/08 11:22 ]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [04/09/07 16:40 ]
"McAfee.InstantUpdate.Monitor"="C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" [27/09/01 01:01 ]
"Tesco"="C:\Program Files\Tesco internet phone\TescoIP.exe" [15/01/08 18:15 ]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [10/12/07 10:12 ]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop
"MPlayer2_FixUp"=C:\WINNT\inf\unregmp2.exe /Fixups
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"internat.exe"=internat.exe
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [17/02/1999 20:05:56]
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe [30/05/2007 12:14:48]
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [02/10/2007 18:44:40]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
-- End of Deckard's System Scanner: finished at 2008-03-20 19:06:43 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows 2000 Professional (build 2195) SP 4.0
Architecture: X86; Language: English
CPU 0: AMD Duron(tm) Processor
Percentage of Memory in Use: 38%
Physical Memory (total/avail): 639.55 MiB / 394.9 MiB
Pagefile Memory (total/avail): 1579.03 MiB / 1320.95 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1944.15 MiB
A: is Removable (No Media)
C: is Fixed (FAT32) - 38.33 GiB total, 31.69 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Fixed (FAT32) - 18.64 GiB total, 16.26 GiB free.
G: is Removable (FAT)
\\.\PHYSICALDRIVE0 - ExcelStor Technology J840 - 38.34 GiB - 1 partition
\PARTITION0 (bootable) - Unknown - 38.34 GiB - C:
\\.\PHYSICALDRIVE1 - ST320413A - 18.65 GiB - 1 partition
\PARTITION0 (bootable) - Unknown - 18.65 GiB - F:
\\.\PHYSICALDRIVE2 - USB DISK 2.0 USB Device - 1874.77 MiB - 1 partition
\PARTITION0 - Win95 w/Extended Int 13 - 1881.98 MiB - G:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Ronnie Hall\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DUNKIRK1
ComSpec=C:\WINNT\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Ronnie Hall
LOGONSERVER=\\DUNKIRK1
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Os2LibPath=C:\WINNT\system32\os2\dll;
Path=C:\Program Files\PC Connectivity Solution\;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 3 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0301
ProgramFiles=C:\Program Files
PROMPT=$P$G
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\RONNIE~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\RONNIE~1\LOCALS~1\Temp
USERDOMAIN=DUNKIRK1
USERNAME=Ronnie Hall
USERPROFILE=C:\Documents and Settings\Ronnie Hall
windir=C:\WINNT
-- User Profiles ---------------------------------------------------------------
Ronnie Hall
(admin, profile directory not found)
-- Add/Remove Programs ---------------------------------------------------------
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35D8D1B9-DAD1-4505-8A33-78095885CF6B}\Setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4C1D7C0-F082-11D3-BAAF-006008A3388E}\setup.exe" Uninstall
--> RunDll32 C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll,VoilaBarUnInstall
Adobe Acrobat 5.0 --> C:\WINNT\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINNT\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Shockwave Player --> C:\WINNT\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\MACROMED\SHOCKW~1\INSTALL.LOG
ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E142615E-5ED8-4511-9BF0-0284BFA25766}\setup.exe" -l0x9 -uninst
ArcSoft VideoImpression 1.6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED10343F-D30A-4200-9B00-665FC45F52B4}\setup.exe" -l0x9 -uninst
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Ballistik Online --> "C:\WINNT\temp\Ballistik Online\unins000.exe"
BlueSoleil --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}\setup.exe" -l0x9
EPSON Printer Software --> C:\WINNT\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
FinePixViewer Ver.4.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F373956-6960-11D5-BAE5-00E0188E010B}\SETUP.EXE"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Hardwood Solitaire III Lite --> C:\DOCUME~1\RONNIE~1\LOCALS~1\Temp\sce__0\ -Uninstall
HP Product Detection --> MsiExec.exe /I{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
ImageMixer VCD2 for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934E9442-D305-4ACF-AD87-A6C11D677CB9}\setup.exe"
McAfee QuickClean --> MsiExec.exe /I{C380CA3A-4DE3-11D4-B351-00B0D04BB45E}
Microsoft Office 2000 Disc 2 --> MsiExec.exe /I{00040409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional --> MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft XML Parser and SDK --> MsiExec.exe /I{3E908702-AF35-4611-9518-955DA24B7E07}
MSN Messenger 7.0 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}
MSN Toolbar --> C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\mtbs.exe c
MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Nokia Connectivity Cable Driver --> MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}
Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_eng_web.exe
Nokia PC Suite --> MsiExec.exe /I{29466F9C-7C6A-419C-B301-F440FAF78760}
Nokia Software Updater --> MsiExec.exe /X{3186AEAE-E104-424D-9152-1BF6A4404758}
Nokia Software Updater --> MsiExec.exe /X{3741689E-584D-40C9-B011-373A0371846D}
Norton Security Scan --> MsiExec.exe /I{DA15D535-5E1D-4076-B520-8571346D6238}
NVIDIA Logo Screensaver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF3C161C-017E-454E-8ECD-26CE74A08FDF}\Setup.exe" -l0x9
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINNT\System32\nvinstnt.dll,NvUninstallNT4 nvcu.inf
Orange Toolbar --> C:\Program Files\Orange Toolbar UK\uninst.exe
Panda ActiveScan --> C:\WINNT\system32\ASUninst.exe Panda ActiveScan
PC Connectivity Solution --> MsiExec.exe /I{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}
RAW FILE CONVERTER LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for DirectX 9 (KB941568) --> "C:\WINNT\$NtUninstallKB941568_DX9$\spuninst\spuninst.exe"
Security Update for Windows 2000 (KB923689) --> "C:\WINNT\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows 2000 (KB941569) --> "C:\WINNT\$NtUninstallKB941569$\spuninst\spuninst.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Tesco internet phone --> "C:\Program Files\Tesco internet phone\unins000.exe"
Tesco Internet Phone --> "C:\Program Files\Tesco internet phone\unins001.exe"
TrojanHunter 5.0 --> "C:\Program Files\TrojanHunter 5.0\unins000.exe"
Trust 120 SpaceCam --> C:\WINNT\CleanDev.exe C:\WINNT\DC2110.txt
Wanadoo Search Toolbar --> C:\Program Files\Wanadoo\WSBar\Uninstall.exe
Watson --> MsiExec.exe /I{9B88DD94-1AAE-41C4-BD95-2D8737D5E9E2}
Windows 2000 Service Pack 4 --> C:\WINNT\$NtServicePackUninstall$\spuninst\spuninst.exe
Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINNT\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINNT\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINNT\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
Windows Driver Package - Nokia Modem (10/12/2007 3.6) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINNT\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Player system update (9 Series) --> C:\PROGRA~1\WINDOW~2\setup_wm.exe /Uninstall
Xerox DocuPrint M750 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4C1D7C0-F082-11D3-BAAF-006008A3388E}\setup.exe" Uninstall
Yahoo! Toolbar for Internet Explorer --> C:\PROGRA~1\YAHOO!\COMMON\unyt.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type10848 / Warning
Event Submitted/Written: 03/20/2008 05:34:04 PM
Event ID/Source: 4100 / EventSystem
Event Description:
The COM+ Event System failed to create an instance of the subscriber {6295DF2D-35EE-11D1-8707-00C04FD93327}. CoCreateInstanceEx returned HRESULT 8000401A.
Event Record #/Type10837 / Error
Event Submitted/Written: 03/20/2008 11:12:31 AM
Event ID/Source: 4126 / Ci
Event Description:
Cleaning up corrupt content index metadata on c:\system volume information\catalog.wci. Index will
be automatically restored by refiltering all documents.
Event Record #/Type10836 / Error
Event Submitted/Written: 03/20/2008 11:12:31 AM
Event ID/Source: 4124 / Ci
Event Description:
Content index on c:\system volume information\catalog.wci is corrupt. Please shutdown and restart
the Indexing Service (cisvc).
Event Record #/Type10835 / Warning
Event Submitted/Written: 03/20/2008 11:12:31 AM
Event ID/Source: 4132 / Ci
Event Description:
3 inconsistencies were detected in PropertyStore during recovery of catalog c:\system volume information\catalog.wci.
Event Record #/Type10830 / Warning
Event Submitted/Written: 03/20/2008 11:06:00 AM
Event ID/Source: 4100 / EventSystem
Event Description:
The COM+ Event System failed to create an instance of the subscriber {6295DF2D-35EE-11D1-8707-00C04FD93327}. CoCreateInstanceEx returned HRESULT 8000401A.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type3744 / Error
Event Submitted/Written: 03/20/2008 05:33:50 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The avast! Antivirus service failed to start due to the following error:
%%3
Event Record #/Type3741 / Error
Event Submitted/Written: 03/20/2008 05:33:50 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The avast! iAVS4 Control Service service failed to start due to the following error:
%%3
Event Record #/Type3740 / Error
Event Submitted/Written: 03/20/2008 11:05:48 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The avast! Antivirus service failed to start due to the following error:
%%3
Event Record #/Type3737 / Error
Event Submitted/Written: 03/20/2008 11:05:48 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The avast! iAVS4 Control Service service failed to start due to the following error:
%%3
Event Record #/Type3735 / Error
Event Submitted/Written: 03/20/2008 10:19:15 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1053" attempting to start the service ServiceLayer with arguments ""
in order to run the server:
{ACF50018-41F8-476D-85FD-CD953DAE4A49}
-- End of Deckard's System Scanner: finished at 2008-03-20 19:06:43 ------------
Incident Status Location
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Ronnie Hall\Local Settings\Temp\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ronnie Hall\Local Settings\Temp\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ronnie Hall\Local Settings\Temp\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ronnie Hall\Local Settings\Temp\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][4].txt
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][3].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/7search Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][3].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][3].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][3].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][4].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Ronnie Hall\Cookies\ronnie
[email protected][3].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\McAfee\QuickClean\Backup\Uni15133.q1b[F:/Program Files/Yahoo!/YPSR/Quarantine/ppq4330.TMP]
Spyware:Cookie/Adtech Not disinfected C:\Program Files\McAfee\QuickClean\Backup\Uni15133.q1b[F:/Program Files/Yahoo!/YPSR/Quarantine/ppq4372.TMP]
Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\McAfee\QuickClean\Backup\Uni15133.q1b[F:/Program Files/Yahoo!/YPSR/Quarantine/ppqA093.TMP]
Spyware:Cookie/Casalemedia Not disinfected C:\Program Files\McAfee\QuickClean\Backup\Uni15133.q1b[F:/Program Files/Yahoo!/YPSR/Quarantine/ppqA094.TMP]
Spyware:Cookie/Com.com Not disinfected C:\Program Files\McAfee\QuickClean\Backup\Uni15133.q1b[F:/Program Files/Yahoo!/YPSR/Quarantine/ppqA095.TMP]
Spyware:Cookie/Falkag Not disinfected C:\Program Files\McAfee\QuickClean\Backup\Uni15133.q1b[F:/Program Files/Yahoo!/YPSR/Quarantine/ppqA096.TMP]
Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\McAfee\QuickClean\Backup\Uni15133.q1b[F:/Program Files/Yahoo!/YPSR/Quarantine/ppqA0A1.TMP]
Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\McAfee\QuickClean\Backup\Uni15133.q1b[F:/Program Files/Yahoo!/YPSR/Quarantine/ppqA0A2.TMP]
Potentially unwanted tool:Application/FilesSecure Not disinfected C:\Program Files\McAfee\QuickClean\Backup\Uni8575.q1b[C:/Program Files/Files-Secure/Uninstall.exe]
Spyware:Cookie/Tribalfusion Not disinfected C:\FOUND.001\FILE0126.CHK
Spyware:Cookie/Tribalfusion Not disinfected C:\FOUND.001\FILE0128.CHK
many tnks if u can help or do i re-formatt
