Desktop, explorer, iexpore won't start

[sedatakyurek]

I have an HP Laptop running Windows XP Pro. I have problems where the
desktop, icons, toolbar won't show up when I login. All you see is the
wallpaper. When I tried to start a new task from task manager I was
getting an eror " This file does not have a program associated with it
for performing this action. Create an association in the folder option
control panel".

From safe mode with command prompt I was able to start regedit. Using a

tip from MS Support pages I added missing keys for
exefile/shell/open/command. Now I can start new tasks from task manager
but cannot start explorer.exe and iexplore.exe this way . I ran
ad-aware, spybot, ewido and cleaned what they found. Trojanhunter did
not find anything. But I still have the problem.

All the user on the system are having the same problem and renaming my
profile and logging back in did not help.

As I mentioned I cannot start explorer or internet explorer from task
manager or from comand line. I can run Mozilla browser and the
connection to internet is fine. I can run almost all apps from the
command line.

The Hijack This log is included below, and also the ewido log.

Help is appreciated

Logfile of HijackThis v1.99.1
Scan saved at 3:26:26 PM, on 10/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\GEARSEC.EXE
C:\Program Files\Linksys\Wireless-G Notebook Adapter with
SpeedBooster\NICServ.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\WINDOWS\system32\Restore\rstrui.exe
C:\util\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
= http://srch-us4nb.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us4nb.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://srch-us4nb.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.hp.com/info/e-center-p
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us4nb.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = http://localhost;
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no
file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no
file)
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no
file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no
file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no
file)
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no
file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no
file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no
file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no
file)
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program
Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program
Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
O4 - HKLM\..\Run: [hpScannerFirstBoot]
c:\hp\drivers\scanners\scannerfb.exe
O4 - HKLM\..\Run: [PreloadApp]
c:\hp\drivers\printers\photosmart\hphprld.exe
c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [PowerDirector] C:\HP\DRIVERS\HPNBUTIL\SETUP.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [HP Display Settings] C:\Program
Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MSConfig]
C:\WINDOWS\ServicePackFiles\i386\msconfig.exe /auto
O4 - HKLM\..\Run: [THGuard] C:\Program Files\TrojanHunter
4.2\THGuard.exe
O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware
Stormer\SpywareStormer.Exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
/background
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton
SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A}
/MODE CfgWiz
O4 - HKCU\..\Run: [cmd] "c:\windows\system32\cmd.exe"
O4 - HKCU\..\Run: [cmd2] "start cmd"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O9 - Extra button: Yahoo! Services -
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet
Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} -
O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} -
http://fdl.msn.com/public/investor/v13/invinstl.exe
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} -
http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} -
http://security.symantec.com/sscv6/Shar.../cabsa.cab
O16 - DPF: {E6EB803E-DD89-11D3-80C4-0050DA2E09D0} -
http://prints.picturecenter.kodak.com/a...ontrol.cab
O23 - Service: Ati HotKey Poller - Unknown owner -
C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation
- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec
Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec
Corporation - C:\Program Files\Common Files\Symantec
Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks -
C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program
Files\ewido\security suite\ewidoguard.exe
O23 - Service: GEARSecurity - GEAR Software -
C:\WINDOWS\System32\GEARSEC.EXE
O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard -
C:\WINDOWS\system32\HpRfDev.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) -
Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton
AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program
Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) -
Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton
AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec
Corporation - C:\PROGRA~1\NORTON~2\NORTON~3\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: RadioSvr - Hewlett-Packard -
C:\WINDOWS\system32\RadioSvr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec
Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ScsiAccess - Unknown owner -
C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation -
C:\PROGRA~1\NORTON~2\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\Security
Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.exe




Ewido log:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 7:32:11 AM, 10/21/2005
+ Report-Checksum: 9F2546A0

+ Scan result:

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution
Units\{469C7080-8EC8-43A6-AD97-45848113743C} -> Dialer.Generic :
Cleaned with backup
:mozilla.7:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.8:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.13:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.14:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.15:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.20:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.22:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.23:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.24:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.25:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.26:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjk4cmcjkepa-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjkyapczkbqq-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjlycidjocpg-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1jazogqa6dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1ncjkbowidj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1ndzeaow6dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1sajifogmdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjnyehajadog-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@burstnet[1].txt ->
Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@com[2].txt ->
Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@hypertracker[2].txt ->
Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.Itrack : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@ivwbox[1].txt ->
Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@serving-sys[1].txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkyekd5ihoqqdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkykiajihpgqdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wflosidzwdqa2dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjk4updpshqaqdj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkokkcpolqaudj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkosgazsbowqdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkycgdpkdqa6dj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkyqpajmeoqmdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl4oiazafpaydj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl4wkdjkfpqmdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlismcjeboaqdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjliwmcpmcoaudj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjloaiczafqqwdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlogkc5gkpqmdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlygjdpcepgwdj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmiamdzwcpaudj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmysmcpigogidj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyaocjwaqaudj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyegd5kfogidj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyohdpggqqudj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnywjdjmepgidj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\vic\Local
Settings\Temp\Cookies\[email protected][2].txt ->
Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\vic\Local
Settings\Temp\Cookies\vicdan@burstnet[1].txt -> Spyware.Cookie.Burstnet
: Cleaned with backup
C:\Documents and Settings\vic\Local
Settings\Temp\Cookies\vicdan@com[2].txt -> Spyware.Cookie.Com : Cleaned
with backup
C:\Documents and Settings\vic\Local
Settings\Temp\Cookies\[email protected][1].txt ->
Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\RECYCLER\NPROTECT\00099582.TXT -> Spyware.Cookie.Liveperson :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099583.TXT -> Spyware.Cookie.Liveperson :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099584.TXT -> Spyware.Cookie.Liveperson :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099589.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099590.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099591.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099592.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099593.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099594.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099595.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099596.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099597.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099598.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099599.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099600.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099601.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099602.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099637.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099639.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099640.TXT -> Spyware.Cookie.Addynamix : Cleaned
with backup
C:\RECYCLER\NPROTECT\00099641.TXT -> Spyware.Cookie.Addynamix : Cleaned
with backup
C:\RECYCLER\NPROTECT\00099642.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099643.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099653.TXT -> Spyware.Cookie.Addynamix : Cleaned
with backup
C:\RECYCLER\NPROTECT\00099654.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099658.TXT -> Spyware.Cookie.Addynamix : Cleaned
with backup
C:\RECYCLER\NPROTECT\00099668.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099706.TXT -> Spyware.Cookie.Questionmarket :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099710.TXT -> Spyware.Cookie.Addynamix : Cleaned
with backup
C:\RECYCLER\NPROTECT\00099712.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099713.TXT -> Spyware.Cookie.Questionmarket :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099714.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099716.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099864.TXT -> Spyware.Cookie.Addynamix : Cleaned
with backup
C:\RECYCLER\NPROTECT\00099869.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099870.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099922.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099942.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099944.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099946.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099948.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099950.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099952.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099954.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099956.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099958.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099961.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099963.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099966.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099969.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099970.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099971.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099973.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099975.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099977.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099979.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099982.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099983.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099985.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099987.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099989.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099991.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099994.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099995.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099997.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100000.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100002.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100005.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100006.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100008.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100011.TXT -> Spyware.Cookie.Falkag : Cleaned
with backup
C:\RECYCLER\NPROTECT\00100012.TXT -> Spyware.Cookie.Falkag : Cleaned
with backup
C:\RECYCLER\NPROTECT\00100013.TXT -> Spyware.Cookie.Falkag : Cleaned
with backup
C:\RECYCLER\NPROTECT\00100296.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100321.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100584.TXT -> Spyware.Cookie.Pointroll : Cleaned
with backup
C:\RECYCLER\NPROTECT\00100585.TXT -> Spyware.Cookie.Pointroll : Cleaned
with backup


::Report End

 

[Gerry Cornell]

You need to post a HijackThis log to a specialist forum for analysis.
However, before doing so you need to have done a thorough clean of your
system. What follows will satsify that requirement.

When dealing with a persistent virus / trojan you need to delete system
restore points and not use them as they will contain the virus and put
it back into your system. Turn off System Restore until cleaning is
finished. Also run your anti-virus with updated definitions in safe
mode. Sometimes you need to run an anti-virus from a floppy and Trend
offer one that can be used.

Create a new folder named Sysclean (e.g., C:\Program files\Sysclean, or
just a desktop folder).
Download Sysclean.com (http://www.trendmicro.com/download/dcs.asp) and
place it in this folder.

Download the latest Controlled Pattern Release zip
(http://www.trendmicro.com/download/pattern.asp, e.g., lpt123.zip) and
extract its contents to the same folder. See the Readme text file for
additional instructions.

Delete Temporary Internet Files (IE Tools>Internet Options>General)
accepting the option to delete all offline content. Reboot and delete
contents of all TEMP folders and then your Recycle Bin.

Close all running programs including your anti-virus application, go
offline, and run Sysclean. For best results, do nothing with the machine
until the scan completes.

If the scan shows any infections in System Restore files and you're
running WinXP, create a new Restore Point
(Start>Programs>Accessories>System Tools>System Restore), then delete
all but the most recent Restore Point (Start>Programs>Accessories>System
Tools>Disk Cleanup>More options).

Work through the spyware removal programmes etc in turn in safe mode
until you get no results.

Afterwards, update your own anti-virus application and perform another
full system scan.

Finally run HijackThis and post the HijackThis log to the HijackThis
forum here:
http://aumha.net/

You will need to register with Aumha to be able to post.

--


Hope this helps.

Gerry
~~~~~~~~~~~~~~~~~~~~~~~~
FCA

Using invalid email address

Stourport, Worcs, England
Enquire, plan and execute.
~~~~~~~~~~~~~~~~~~~~~~~~
Please tell the newsgroup how any
suggested solution worked for you.



~~~~~~~~~~~~~~~~~~~~~~~~

I have an HP Laptop running Windows XP Pro. I have problems where the
desktop, icons, toolbar won't show up when I login. All you see is the
wallpaper. When I tried to start a new task from task manager I was
getting an eror " This file does not have a program associated with it
for performing this action. Create an association in the folder option
control panel".

From safe mode with command prompt I was able to start regedit. Using
a

tip from MS Support pages I added missing keys for
exefile/shell/open/command. Now I can start new tasks from task
manager
but cannot start explorer.exe and iexplore.exe this way . I ran
ad-aware, spybot, ewido and cleaned what they found. Trojanhunter did
not find anything. But I still have the problem.

All the user on the system are having the same problem and renaming my
profile and logging back in did not help.

As I mentioned I cannot start explorer or internet explorer from task
manager or from comand line. I can run Mozilla browser and the
connection to internet is fine. I can run almost all apps from the
command line.

The Hijack This log is included below, and also the ewido log.

Help is appreciated

Logfile of HijackThis v1.99.1
Scan saved at 3:26:26 PM, on 10/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\GEARSEC.EXE
C:\Program Files\Linksys\Wireless-G Notebook Adapter with
SpeedBooster\NICServ.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\WINDOWS\system32\Restore\rstrui.exe
C:\util\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
= http://srch-us4nb.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us4nb.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://srch-us4nb.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.hp.com/info/e-center-p
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us4nb.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = http://localhost;
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no
file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no
file)
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no
file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no
file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no
file)
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no
file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no
file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no
file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no
file)
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program
Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program
Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
O4 - HKLM\..\Run: [hpScannerFirstBoot]
c:\hp\drivers\scanners\scannerfb.exe
O4 - HKLM\..\Run: [PreloadApp]
c:\hp\drivers\printers\photosmart\hphprld.exe
c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [PowerDirector] C:\HP\DRIVERS\HPNBUTIL\SETUP.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [HP Display Settings] C:\Program
Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MSConfig]
C:\WINDOWS\ServicePackFiles\i386\msconfig.exe /auto
O4 - HKLM\..\Run: [THGuard] C:\Program Files\TrojanHunter
4.2\THGuard.exe
O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware
Stormer\SpywareStormer.Exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
/background
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton
SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A}
/MODE CfgWiz
O4 - HKCU\..\Run: [cmd] "c:\windows\system32\cmd.exe"
O4 - HKCU\..\Run: [cmd2] "start cmd"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O9 - Extra button: Yahoo! Services -
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet
Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} -
O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} -
http://fdl.msn.com/public/investor/v13/invinstl.exe
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} -
http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} -
http://security.symantec.com/sscv6/Shar.../cabsa.cab
O16 - DPF: {E6EB803E-DD89-11D3-80C4-0050DA2E09D0} -
http://prints.picturecenter.kodak.com/a...ontrol.cab
O23 - Service: Ati HotKey Poller - Unknown owner -
C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec
Corporation
- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec
Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec
Corporation - C:\Program Files\Common Files\Symantec
Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks -
C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks -
C:\Program
Files\ewido\security suite\ewidoguard.exe
O23 - Service: GEARSecurity - GEAR Software -
C:\WINDOWS\System32\GEARSEC.EXE
O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard -
C:\WINDOWS\system32\HpRfDev.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) -
Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton
AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program
Files\Linksys\Wireless-G Notebook Adapter with
SpeedBooster\NICServ.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) -
Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton
AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec
Corporation - C:\PROGRA~1\NORTON~2\NORTON~3\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP -
C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: RadioSvr - Hewlett-Packard -
C:\WINDOWS\system32\RadioSvr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program
Files\Norton
SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec
Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ScsiAccess - Unknown owner -
C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec
Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation -
C:\PROGRA~1\NORTON~2\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\Security
Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.exe




Ewido log:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 7:32:11 AM, 10/21/2005
+ Report-Checksum: 9F2546A0

+ Scan result:

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution
Units\{469C7080-8EC8-43A6-AD97-45848113743C} -> Dialer.Generic :
Cleaned with backup
:mozilla.7:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.8:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.13:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.14:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.15:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.20:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.22:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.23:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.24:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.25:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.26:C:\Documents and Settings\vic\Application
Data\Mozilla\Profiles\default\wjxjwfzl.slt\cookies.txt ->
Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjk4cmcjkepa-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjkyapczkbqq-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjlycidjocpg-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1jazogqa6dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1ncjkbowidj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1ndzeaow6dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1sajifogmdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@a-1shz2prbmdj6wvny-1sez2pra2dj6wjnyehajadog-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@burstnet[1].txt ->
Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@com[2].txt ->
Spyware.Cookie.Com : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@hypertracker[2].txt ->
Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.Itrack : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@ivwbox[1].txt ->
Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt
-> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\vic\Cookies\vicdan@serving-sys[1].txt ->
Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][2].txt ->
Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\vic\Cookies\[email protected][1].txt ->
Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkyekd5ihoqqdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkykiajihpgqdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wflosidzwdqa2dj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjk4updpshqaqdj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkokkcpolqaudj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkosgazsbowqdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkycgdpkdqa6dj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkyqpajmeoqmdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl4oiazafpaydj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl4wkdjkfpqmdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlismcjeboaqdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjliwmcpmcoaudj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjloaiczafqqwdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlogkc5gkpqmdj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlygjdpcepgwdj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmiamdzwcpaudj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmysmcpigogidj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyaocjwaqaudj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyegd5kfogidj6x9ny-1seq-2-2.stats.esomniture[1].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyohdpggqqudj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and
Settings\vic\Cookies\vicdan@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnywjdjmepgidj6x9ny-1seq-2-2.stats.esomniture[2].txt
-> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\vic\Local
Settings\Temp\Cookies\[email protected][2].txt ->
Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\vic\Local
Settings\Temp\Cookies\vicdan@burstnet[1].txt ->
Spyware.Cookie.Burstnet
: Cleaned with backup
C:\Documents and Settings\vic\Local
Settings\Temp\Cookies\vicdan@com[2].txt -> Spyware.Cookie.Com :
Cleaned
with backup
C:\Documents and Settings\vic\Local
Settings\Temp\Cookies\[email protected][1].txt ->
Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\RECYCLER\NPROTECT\00099582.TXT -> Spyware.Cookie.Liveperson :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099583.TXT -> Spyware.Cookie.Liveperson :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099584.TXT -> Spyware.Cookie.Liveperson :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099589.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099590.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099591.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099592.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099593.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099594.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099595.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099596.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099597.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099598.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099599.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099600.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099601.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099602.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099637.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099639.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099640.TXT -> Spyware.Cookie.Addynamix :
Cleaned
with backup
C:\RECYCLER\NPROTECT\00099641.TXT -> Spyware.Cookie.Addynamix :
Cleaned
with backup
C:\RECYCLER\NPROTECT\00099642.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099643.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099653.TXT -> Spyware.Cookie.Addynamix :
Cleaned
with backup
C:\RECYCLER\NPROTECT\00099654.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099658.TXT -> Spyware.Cookie.Addynamix :
Cleaned
with backup
C:\RECYCLER\NPROTECT\00099668.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099706.TXT -> Spyware.Cookie.Questionmarket :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099710.TXT -> Spyware.Cookie.Addynamix :
Cleaned
with backup
C:\RECYCLER\NPROTECT\00099712.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099713.TXT -> Spyware.Cookie.Questionmarket :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099714.TXT -> Spyware.Cookie.Casalemedia :
Cleaned with backup
C:\RECYCLER\NPROTECT\00099716.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099864.TXT -> Spyware.Cookie.Addynamix :
Cleaned
with backup
C:\RECYCLER\NPROTECT\00099869.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099870.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099922.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099942.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099944.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099946.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099948.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099950.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099952.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099954.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099956.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099958.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099961.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099963.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099966.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099969.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099970.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099971.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099973.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099975.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099977.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099979.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099982.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099983.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099985.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099987.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099989.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099991.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099994.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099995.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00099997.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100000.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100002.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100005.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100006.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100008.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100011.TXT -> Spyware.Cookie.Falkag : Cleaned
with backup
C:\RECYCLER\NPROTECT\00100012.TXT -> Spyware.Cookie.Falkag : Cleaned
with backup
C:\RECYCLER\NPROTECT\00100013.TXT -> Spyware.Cookie.Falkag : Cleaned
with backup
C:\RECYCLER\NPROTECT\00100296.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100321.TXT -> Spyware.Cookie.2o7 : Cleaned with
backup
C:\RECYCLER\NPROTECT\00100584.TXT -> Spyware.Cookie.Pointroll :
Cleaned
with backup
C:\RECYCLER\NPROTECT\00100585.TXT -> Spyware.Cookie.Pointroll :
Cleaned
with backup


::Report End

 

[Webbie]

Boot to Safe Mode and check msconfig startup for "Ipmon32". If it's
there, uncheck it, then OK and Restart to normal mode. Another thing to
try is System Restore in Safe Mode, but try msconfig first.

 

[Terry]

Does System Restore work for other problems too?

Like...I have sound problems unrelated to the Volume Control. I also have
trouble with my IE6 browser. Sometimes it only shows part of a page in very
large fonts making it impossible for me to see the entire page at
once...lots of scrolling in all 4 directions. You get the picture.

Here's hoping for a speedy reply and a fix to my trouble.

Terry

 

[sedatakyurek]

lpmon32 was not there. When I run System Restore the window comes up
but it is all blank, you cannot see or do anything with it.