Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm

Here's this...and yeah, Microsoft Anti-Spyware wouldn't let it open.


SmitFraudFix v2.49b

Scan done at 16:33:08.21, Sun 05/28/2006
Run from C:\Documents and Settings\Adam\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\hp???.tmp FOUND !
C:\WINDOWS\system32\hp????.tmp FOUND !
C:\WINDOWS\system32\ld????.tmp FOUND !
C:\WINDOWS\system32\mscornet.exe FOUND !
C:\WINDOWS\system32\msvol.tlb FOUND !
C:\WINDOWS\system32\ncompat.tlb FOUND !
C:\WINDOWS\system32\nvctrl.exe FOUND !
C:\WINDOWS\system32\ot.ico FOUND !
C:\WINDOWS\system32\replmap.dll FOUND !
C:\WINDOWS\system32\ts.ico FOUND !
C:\WINDOWS\system32\1024\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Adam\Application Data

C:\Documents and Settings\Adam\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareStrike 2.5.lnk FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

C:\DOCUME~1\Adam\STARTM~1\SpywareStrike 2.5.lnk FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Adam\APPLIC~1\EARTHL~1\6.0\KDAEBA~1.NET\FAVORI~1

C:\DOCUME~1\Adam\APPLIC~1\EARTHL~1\6.0\KDAEBA~1.NET\FAVORI~1\Antivirus Test Online.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

C:\DOCUME~1\Adam\Desktop\SpywareStrike.lnk FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\PestTrap\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://us.f3.yahoofs.com/users/424ede71zf56189cb/5b0a/__sr_/f8d1.jpg?phGjG6CBhh2XILSn"
"SubscribedURL"="http://us.f3.yahoofs.com/users/424ede71zf56189cb/5b0a/__sr_/f8d1.jpg?phGjG6CBhh2XILSn"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}"="Replay for WindowsXP"

[HKEY_CLASSES_ROOT\CLSID\{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}\InProcServer32]
@="C:\WINDOWS\System32\replmap.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}\InProcServer32]
@="C:\WINDOWS\System32\replmap.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

OK. Make sure that Microsoft anti spyware is not running and do the following;

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please download Ewido Anti-Malware it is a free version of the program.

1. Install Ewido Anti-Malware
2. When installing, under "Additional Options" uncheck..
   • Install background guard
   • Install scan via context menu
3. Launch Ewido, there should be an icon on your desktop, double-click it.
4. The program will now open to the main screen.
5. You will need to update ewido to the latest definition files.
   • On the left hand side of the main screen click update.
   • Then click on Start Update.
6. The update will start and a progress bar will show the updates being installed.
   (the status bar at the bottom will display ("Update successful")

Close Ewido for now.
==============

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only
Close the program for now.
==================

Next, please reboot your computer in Safe Mode by doing the following :

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, a menu with options should appear;
• Select the first option, to run Windows in Safe Mode, then press "Enter".
• Choose your usual account.

1) Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser : Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser: Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.


2) Open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it does force a restart, please reboot into Safe Mode again, in order to complete the following step. If it does not reboot, please remain in Safe Mode until further notice.

3) Launch Ewido from your Desktop :

• Click on scanner
• Click on Complete System Scan and the scan will begin.
• You will be prompted to clean the first infection.
• Select "Perform action on all infections", then proceed.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop or a location where you can find it easily.

Close Ewido Anti-Malware.

4) Reboot your computer normally.

If SmitfraudFix did not force a reboot, then you should now see a text file appear onscreen with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt

Note : running option #2 on a non infected computer will remove your Desktop background.

5) Post the content of rapport.txt, the Ewido report and a new HijackThis! log in your next reply.

Contents of rapport.txt...

SmitFraudFix v2.49b

Scan done at 1:15:34.87, Wed 05/31/2006
Run from C:\Documents and Settings\Adam\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}"="Replay for WindowsXP"

[HKEY_CLASSES_ROOT\CLSID\{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}\InProcServer32]
@="C:\WINDOWS\System32\replmap.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}\InProcServer32]
@="C:\WINDOWS\System32\replmap.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\hp???.tmp Deleted
C:\WINDOWS\system32\hp????.tmp Deleted
C:\WINDOWS\system32\ld????.tmp Deleted
C:\WINDOWS\system32\mscornet.exe Deleted
C:\WINDOWS\system32\msvol.tlb Deleted
C:\WINDOWS\system32\ncompat.tlb Deleted
C:\WINDOWS\system32\nvctrl.exe Deleted
C:\WINDOWS\system32\ot.ico Deleted
C:\WINDOWS\system32\replmap.dll Deleted
C:\WINDOWS\system32\ts.ico Deleted
C:\WINDOWS\system32\1024\ Deleted
C:\Documents and Settings\Adam\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareStrike 2.5.lnk Deleted
C:\DOCUME~1\Adam\Desktop\SpywareStrike.lnk Deleted
C:\DOCUME~1\Adam\APPLIC~1\EARTHL~1\6.0\KDAEBA~1.NET\FAVORI~1\Antivirus Test Online.url Deleted
C:\DOCUME~1\Adam\STARTM~1\SpywareStrike 2.5.lnk Deleted
C:\Program Files\PestTrap\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

C:\WINDOWS\System32\replmap.dll -> Missing File


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End

-----------------------------------------------------------------
Contents of Ewido...

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 2:11:40 AM, 5/31/2006
+ Report-Checksum: FFA1C1F7

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{E1412445-4FF8-410e-8D24-F2CF86B171A4} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Adware.Delfin : Cleaned with backup
HKLM\SOFTWARE\motoin -> Adware.Delfin : Cleaned with backup
HKLM\SOFTWARE\Mvu -> Adware.Delfin : Cleaned with backup
HKU\S-1-5-21-1417001333-1844823847-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000062-2E5F-4AF7-986E-5B64E0951A96} -> Adware.BetterInternet : Cleaned with backup
HKU\S-1-5-21-1417001333-1844823847-839522115-1007\Software\Mvu -> Adware.Delfin : Cleaned with backup
C:\Documents and Settings\Adam\Desktop\SudokuChallengeSetup_1.01-dm.exe -> Adware.Trymedia : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Erin.HOME-A683PK58NW\Application Data\Mozilla\Firefox\Profiles\06lg0dq8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Erin.HOME-A683PK58NW\Cookies\erin@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Abetterinternet : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Abetterinternet : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Abetterinternet : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Abetterinternet : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Abetterinternet : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Abetterinternet : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Cliks : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Cliks : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Cliks : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Cliks : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Cliks : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Cliks : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
-> : Error during cleaning
:mozilla.181:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Mx-targeting : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.244:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.296:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oir867k0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ehg-legonewyorkinc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temp\temp.frAADB -> Downloader.Intexp.c : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\612E6D88-D2CB-4C16-8467-7E3F27\5421155C-A977-47A9-8001-9E35B2 -> Adware.DelphinMediaViewer : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\8A1835C5-1C92-46B7-A5EF-9F7F2A\232EAB8E-F98F-44DC-BF03-57A7E3 -> Trojan.Agent.ay : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\ABAFC697-9CB0-4C4F-9831-F8A619\7E95E438-0EF8-4FF3-8B86-038915 -> Adware.PestTrap : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\D47A6BA3-39BB-472A-8FEB-1E41DD\6152E67B-3DBD-4162-98A2-0DFA88 -> Downloader.Apropo.ah : Cleaned with backup
C:\Program Files\PeDevice\PeDev.exe -> Adware.DelphinMediaViewer : Cleaned with backup
C:\RECYCLER\S-1-5-21-1417001333-1844823847-839522115-1003\Dc3.exe -> Adware.Spysheriff : Cleaned with backup
C:\RECYCLER\S-1-5-21-1417001333-1844823847-839522115-1003\Dc4.exe -> Adware.Spysheriff : Cleaned with backup
C:\RECYCLER\S-1-5-21-1417001333-1844823847-839522115-1003\Dc5.exe -> Adware.Spysheriff : Cleaned with backup
C:\thin-85-1-x-x.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\ivwgmumlts.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\jtqdmh.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\thin-143-1-x-x.exe -> Adware.BetterInternet : Cleaned with backup


::Report End
----------------------------------------------------------------------------
HijackThis! contents...

Logfile of HijackThis v1.99.1
Scan saved at 2:23:33 AM, on 5/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe
C:\WINDOWS\CDProxyServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\InetCntrl\InetCntrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Adam\Desktop\HijackThis(2).exe

R3 - URLSearchHook: (no name) - _{EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
O3 - Toolbar: Bsecure Popup Blocker - {E0019445-4C1F-414D-A70E-AD80F231C584} - C:\WINDOWS\System32\InetCntrl\PopupKil\BsafeBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [InetCntrl] C:\WINDOWS\System32\InetCntrl\InetCntrl.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'inetcntrl.dll' missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1125438340468
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.mcafee.com/produc...ed/mvt/mvt.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.15.38/ttinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - First 4 Internet Ltd - C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

-------------------------------------------------------------
At least a few (if not all of the problems) have now been fixed from what I can tell. Thanks very much for your help and sorry it took me so long to respond, I had to wait until I had enough free time to get all this done in one sitting. Thanks!

No worries .

==

Can you please do the following.

===============

Go to Add/Remove programs and remove(uninstall) the following, if present:

MyWebSearch

The above could appear anywhere within the entry. Be careful not to remove any personal or system software.

===============

Scan with HiJackThis, then check(tick) the following, if present:


R3 - URLSearchHook: (no name) - _{EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000


Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".

===============

After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.