Help, Computer running slow

Here's what exactly happens.

1. When I turn my computer on the screen turns black and says this.
1720 - SMART Hard Drive detects imminent failure. (Failing Attr: 02)

Then it says take a Self HDD Test or ignore. I ignore b/c for some reason the Self HDD Test does not work.

Next thing happens is this.

2. A pop comes before loading the desktop up and it says:
Some settings are personalized at C:\\WINDOWS\system 32\msmss.exe

Along with that comes up with a pop saying:

Themida - Advanced Windows Software Protection System
URL that appears on the pop up - http://www.oreans.com

I never installed that program and my computer started slowing down when that pop up started appearing.

Then once the desktop loads up an DDL error comes up and the file is:

C:\\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL

All of this started happening about a week ago. So if anyone can help me out I would greatly appreciate it. Thanks.

bump

Ow. Let's do this first.
==Delete your copy of hijackthis. Go here and get a fresh copy: http://216.180.233.162/~merijn/files/HijackThis.exe
-install it to a new folder alongside your program files and then rename the Hijackthis.exe to imabunny.exe.
==Download Look2Me-Destroyer: http://www.atribune.org/content/view/28/ ...copy the instructions on that page into a notepad.

In control panel go to add/remove programs and uninstall surfsidekick, newnet (newdotnet) and Viewpoint manager if they are listed.
Now rescan with imabunny and check these entries [if they exist] for fixing:
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.7.0\ViewBarBHO.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\IEViewBar.dll
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
---and press Fix Checked.

Now, following the instructions on that webpage run Look2me Destroyer and post the log, plus a new hijackthis log.

Ok I did what you told me to do. I couldn't understand the imabunny.exe so something might be wrong.

I did notice that the black screen telling me to do a HDD Self Test didn't come up so something fixed that.

Here's the log for hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 4:41:03 PM, on 2/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator\Desktop\hijackthis\imabunny.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

When I ran the Look2Me, no infected files came up so this is what the log says.

Look2Me-Destroyer V1.0.12

Scanning for infected files.....
Scan started at 2/7/2007 4:26:04 PM

Attempting to delete infected files...

Making registry repairs.

Restoring Windows certificates.

Replaced hosts file with default windows hosts file

Restoring SeDebugPrivilege for Administrators - Succeeded

Really appreciate the post and trying to help me. What else should I do now?

imabunny.exe.... :) i just get bored... :). Some malwares detect hijackthis and block it from detecting them.... so you change its name to thwart that. What to do now? You're looking clean now, so now for that drive test... I guess that it is running chkdsk, and i learnt something else about that this morning.... you can benefit from it.
To check your system drive you have to be not running the OS, so start chkdsk any way you prefer - easiest is Start > run, and type
chkdsk c: /f and OK, and answer Y to the question about running it on restart. Restart.
[another is to rclick on the drive you wish to test, eg Local Disk (C), properties, tools tab, press Check Now, and then Start. You will be given a report. If it finds stuff, tick both boxes and Start again. You will face the same question about checking on restart, answer Yes.]

I ran the run thing and restarted. It did the check, but that themida thing still comes up.

I cannot see any linkage between your hard drive failure warning and a popup for Themida.
For a start, I would heed the warning [which comes from software built into the drive] and backup the good stuff.
The themida popup...[does it still include a newdotnet reference?]
First off, find msmss.exe in task manager under processes tab [click the name header to alphabetise the entries], then stop it [if it is there]. Next search for it in your system32 folder and rename it to msmss.exe.old
Ok.

===Download this temp file cleaner from http://www.atribune.org/ccount/click.php?id=1
--click in the download window to run it, and when ATF Cleaner opens go Select all, and then Empty Selected.
Next click Firefox at the top, Select All again, and Empty Selected again.
Close ATF.
===Get Adaware SE Personal from http://www.lavasoft.de/software/adaware/
- install it. Update it. Explore what settings you can change in it [via the cogwheel icon up top, if you are comfortable with that... you won't hurt anything, but for the present please keep the default settings]. Put an icon on your desktop for regular use.
Run Adaware, doing a full system scan and finally remove all that it finds [rclick in the scan results window and select all, go next..]. If Adaware finds anything apart from cookies or your MRU list then, after removing those items you should repeat the scan [and removal] and so on until it comes up clean.

===Next try an online scan at panda:- http://www.pandasoftware.com/products/activescan?
-the link to the scan is just above the padlock pic.... free online virus scan.. enter a valid? email and follow through, choosing My Computer for a full system scan.
Post the log it produces here.

I do not know what put that msmss.exe file in your pc. Related to the popup, so it has to be a trojan. It is strange that the popup mentioned it....
If Adaware does not find anything, try this antispyware pgm:
===GET AVG antispyware 7.5 here.. http://free.grisoft.com/doc/5390/lng/us/tpl/v5 -the link is almost at the bottom of the page , avgas 7.5.0.50. Install it and update it.
Start AVG a-s 7.5; under Scanner/ Settings set Recommended actions to Quarantine, and run the scan. Save the log file and only then click Apply all actions. Post the log file.

Incident Status Location Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.com.com/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.atdmt.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.zedo.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.fastclick.net/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.trafficmp.com/] Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.2o7.net/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.realmedia.com/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.advertising.com/] Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.casalemedia.com/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.ads.pointroll.com/] Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.burstnet.com/] Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.adrevolver.com/] Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.go.com/] Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[ www.burstbeacon.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.overture.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.questionmarket.com/] Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.clickbank.net/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.atwola.com/] Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.bravenet.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[statse.webtrendslive.com/] Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.apmebf.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.adultfriendfinder.com/] Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.dist.belnk.com/] Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.belnk.com/] Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l9a7tg1z.default\cookies.txt[.target.com/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@adtech[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[2].txt Spyware:Cookie/Go Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.go.com/] Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[ad.yieldmanager.com/] Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.doubleclick.net/] Spyware:Cookie/Atlas DMT Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.atdmt.com/] Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.casalemedia.com/] Spyware:Cookie/BurstNet Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.burstnet.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.tribalfusion.com/] Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.fastclick.net/] Spyware:Cookie/BurstBeacon Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[ www.burstbeacon.com/] Spyware:Cookie/Com.com Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.com.com/] Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.trafficmp.com/] Spyware:Cookie/Overture Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.overture.com/] Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.mediaplex.com/] Spyware:Cookie/Advertising Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.advertising.com/] Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.adrevolver.com/] Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.2o7.net/] Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.realmedia.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.questionmarket.com/] Spyware:Cookie/PointRoll Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.ads.pointroll.com/] Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.clickbank.net/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.ehg-dig.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.ehg-dig.hitbox.com/] Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.bluestreak.com/] Spyware:Cookie/Atwola Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.atwola.com/] Spyware:Cookie/bravenetA Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.bravenet.com/] Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.zedo.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[statse.webtrendslive.com/] Spyware:Cookie/Apmebf Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.apmebf.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.adultfriendfinder.com/] Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.dist.belnk.com/] Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.belnk.com/] Spyware:Cookie/Target Not disinfected C:\RECYCLER\NPROTECT\00386340.MOZ[.target.com/] Spyware:Cookie/Go Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.go.com/] Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[ad.yieldmanager.com/] Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.doubleclick.net/] Spyware:Cookie/Atlas DMT Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.atdmt.com/] Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.casalemedia.com/] Spyware:Cookie/BurstNet Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.burstnet.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.tribalfusion.com/] Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.fastclick.net/] Spyware:Cookie/BurstBeacon Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[ www.burstbeacon.com/] Spyware:Cookie/Com.com Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.com.com/] Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.trafficmp.com/] Spyware:Cookie/Overture Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.overture.com/] Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.mediaplex.com/] Spyware:Cookie/Advertising Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.advertising.com/] Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.adrevolver.com/] Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.2o7.net/] Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.realmedia.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.questionmarket.com/] Spyware:Cookie/PointRoll Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.ads.pointroll.com/] Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.clickbank.net/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.ehg-dig.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.ehg-dig.hitbox.com/] Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.bluestreak.com/] Spyware:Cookie/Atwola Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.atwola.com/] Spyware:Cookie/bravenetA Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.bravenet.com/] Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.zedo.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[statse.webtrendslive.com/] Spyware:Cookie/Apmebf Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.apmebf.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.adultfriendfinder.com/] Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.dist.belnk.com/] Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.belnk.com/] Spyware:Cookie/Target Not disinfected C:\RECYCLER\NPROTECT\00386344.MOZ[.target.com/] Spyware:Cookie/Go Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.go.com/] Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[ad.yieldmanager.com/] Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.doubleclick.net/] Spyware:Cookie/Atlas DMT Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.atdmt.com/] Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.casalemedia.com/] Spyware:Cookie/BurstNet Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.burstnet.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.tribalfusion.com/] Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.fastclick.net/] Spyware:Cookie/BurstBeacon Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[ www.burstbeacon.com/] Spyware:Cookie/Com.com Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.com.com/] Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.trafficmp.com/] Spyware:Cookie/Overture Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.overture.com/] Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.mediaplex.com/] Spyware:Cookie/Advertising Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.advertising.com/] Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.adrevolver.com/] Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.2o7.net/] Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.realmedia.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.questionmarket.com/] Spyware:Cookie/PointRoll Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.ads.pointroll.com/] Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.clickbank.net/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.ehg-dig.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.ehg-dig.hitbox.com/] Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.bluestreak.com/] Spyware:Cookie/Atwola Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.atwola.com/] Spyware:Cookie/bravenetA Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.bravenet.com/] Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.zedo.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[statse.webtrendslive.com/] Spyware:Cookie/Apmebf Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.apmebf.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.adultfriendfinder.com/] Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.dist.belnk.com/] Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.belnk.com/] Spyware:Cookie/Target Not disinfected C:\RECYCLER\NPROTECT\00386350.MOZ[.target.com/] Spyware:Cookie/Go Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.go.com/] Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[ad.yieldmanager.com/] Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.doubleclick.net/] Spyware:Cookie/Atlas DMT Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.atdmt.com/] Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.casalemedia.com/] Spyware:Cookie/BurstNet Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.burstnet.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.tribalfusion.com/] Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.fastclick.net/] Spyware:Cookie/BurstBeacon Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[ www.burstbeacon.com/] Spyware:Cookie/Com.com Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.com.com/] Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.trafficmp.com/] Spyware:Cookie/Overture Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.overture.com/] Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.mediaplex.com/] Spyware:Cookie/Advertising Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.advertising.com/] Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.adrevolver.com/] Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.2o7.net/] Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.realmedia.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.questionmarket.com/] Spyware:Cookie/PointRoll Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.ads.pointroll.com/] Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.clickbank.net/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.ehg-dig.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.ehg-dig.hitbox.com/] Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.bluestreak.com/] Spyware:Cookie/Atwola Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.atwola.com/] Spyware:Cookie/bravenetA Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.bravenet.com/] Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.zedo.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[statse.webtrendslive.com/] Spyware:Cookie/Apmebf Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.apmebf.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.adultfriendfinder.com/] Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.dist.belnk.com/] Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.belnk.com/] Spyware:Cookie/Target Not disinfected C:\RECYCLER\NPROTECT\00386354.MOZ[.target.com/] Spyware:Cookie/Go Not disinfected C:\RECYCLER\NPROTECT\00386369.MOZ[.go.com/] Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\00386369.MOZ[ad.yieldmanager.com/] Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\NPROTECT\00386369.MOZ[.doubleclick.net/] Spyware:Cookie/Atlas DMT Not disinfected C:\RECYCLER\NPROTECT\00386369.MOZ[.atdmt.com/] Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00386369.MOZ[.casalemedia.com/] Spyware:Cookie/BurstNet Not disinfected C:\RECYCLER\NPROTECT\00386369.MOZ[.burstnet.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\NPROTECT\00386369.MOZ[.tribalfusion.com/] Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00386369.MOZ[.fastclick.net/]

You did not run ATF cleaner first, did you...? That would have removed those cookies and emptied the recycle bin. Running a cleaner before a scan can cut the report dramatically.
Anyway let's go after msmss.exe.
===Download pocket killbox from here:- http://www.downloads.subratam.org/KillBox.zip -unzip it onto your desktop.
Dclick killbox to start it.
Select "Delete on reboot", click the "all files" button.
>Copy the pathname in the following line into the textbox:-

C:\WINDOWS\system32\msmss.exe

Click the red and white X button, click Yes on the reboot prompt, click OK if a pendingfilerenameoperation box opens. [do not be concerned if it says it cannot find a file...]
When the pc starts see if that file has been removed from the system32 folder.
Any popup?

Wow. It's fixed. No more pop up and that msmss.exe file is gone.

Thank alot guys! Really appreciate it!!

Now, what's the best spyware protection I can download so no more spyware gets onto my computer?

spywareblaster, avg free or avast, avg antispyware , zonealarm and adaware. Google for the homesites.