Download AVG Anti-Spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program

1. 
   
2. Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
3. Select Change state" to inactivate 'Resident Shield' and 'Automatic Updates'
4. Right click on AVG Anti-Spyware in the system tray and uncheck "Start with Windows".
   Go to Start > Run and type: services.msc
5. Press "OK".
6. In Services, click the "Extended tab" and scroll down the list to find AVG Anti-Spyware guard.
7. When you find the guard service, double-click on it.
8. In the Properties Window > General Tab that opens, click the "Stop" button.
9. From the drop-down menu next to "Startup Type", click on "Manual".
10. Now click "Apply", then "OK" and close the Services window.
11. Once the setup is complete you will need run AVG AS and update the definition files.
12. On the main screen select the icon "Update" then select the "Update now" link.
13. Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
14. If you are having problems with the updater, manually update with the AVG AS Full database installer from here.
    
15. Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
16. Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
17. Under "Reports"
18. Select "Automatically generate report after every scan"
19. Un-Select "Only if threats were found"
20. Close AVG Anti-Spyware, Do Not run a scan just yet. We will shortly.
    
    ************************************************************************************************************************************
    
    Please print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.
    
    
    Please reboot your computer in Safe Mode by doing the following :
    
    * Restart your computer
    * After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
    * Instead of Windows loading as normal, a menu with options should appear;
    * Select the first option, to run Windows in Safe Mode, then press "Enter".
    * Choose your usual account.
    
    Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
    Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.
    
    You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
    
    The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".
    
    The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart anyway into normal Windows.
    A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report along with all others into your next reply along with a new HijackThis log.
    The report can also be found at the root of the system drive, usually at C:\rapport.txt
    
    Warning : Running option #2 on a non-infected computer will remove your Desktop background.
    
    
    ____________________________________________________________
    
    Clean out your Temporary Internet files. Proceed like this:
    
    * Quit Internet Explorer and quit any instances of Windows Explorer.
    * Click Start, click Control Panel, and then double-click Internet Options.
    * On the General tab, click Delete Files under Temporary Internet Files.
    * In the Delete Files dialog box, tick the Delete all offline content check box , and then click OK.
    * On the General tab, click Delete Cookies under Temporary Internet Files, and then click OK.
    * Click on the Programs tab then click the Reset Web Settings button. Click Apply then OK.
    * Click OK.
    
    Next Click Start, click Control Panel and then double-click Display.
    Click on the Desktop tab, then click the Customize Desktop button. Click on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there, select that entry and click the Delete button. Click Ok then Apply and Ok.
    Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop, and then clicking Empty Recycle Bin
    ______________________________
    
    Close ALL open Windows / Programs / Folders.
    
    * While in Safe Mode, launch AVG Anti-Spyware by double-clicking the icon on your desktop.
    * Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
    * AVG AS will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
    * If you have any infections you will prompted, then select "Apply all actions"
    * Next select the "Reports" icon at the top.
    * Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
    * Close AVG AS and reboot your system back into Normal Mode.
    
    
    
    In your next reply please include:
    
    1. The report from SmitfraudFix found here: C:\rapport.txt
    2. The report from AVG AS
    3. A fresh HijackThis log
    
    You may need several replies to post the requested logs, otherwise they might get cut off.
    
    zb1

Logfile of HijackThis v1.99.1
Scan saved at 5:39:43 PM, on 10/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Pepsi\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {274c0420-ebe0-4f1d-b473-edd1aa9b85dd} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {CE155DEB-AEEC-413D-B404-A96797DD1F71} - (no file)
O3 - Toolbar: YBIOCtrl Class - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [ParetoLogic Anti-Spyware] "C:\Program Files\ParetoLogic\Anti-Spyware\Pareto_AS.exe" -NM -hidesplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 24Online Client.lnk = C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\X-Micro\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\X-Micro\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{A39FF1F0-B559-469D-A90B-433185AB05B7}: NameServer = 10.0.20.1
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\X-Micro\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

End

Part Two

:mozilla.474:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.475:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.476:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.478:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.480:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.481:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.666:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.667:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.668:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.84:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.85:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.86:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\kalpesh\Cookies\kalpesh@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.151:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.152:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Peeyush\Cookies\peeyush@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.227:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.228:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.236:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.237:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.776:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.522:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.523:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.524:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.525:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.89:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.90:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.91:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.198:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.199:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.177:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.300:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Peeyush\Cookies\peeyush@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.169:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.170:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.531:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.532:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.533:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.534:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.535:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.536:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.306:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.307:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.195:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.197:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.152:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.204:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.155:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.156:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.157:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.158:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.159:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.160:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.161:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.162:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.163:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.164:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.165:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.48:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.49:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.50:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.51:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.52:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.53:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.54:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.55:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Peeyush\Cookies\peeyush@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.255:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.256:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.258:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.118:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.180:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.135:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.136:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.730:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.253:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.109:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.93:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\kalpesh\Cookies\kalpesh@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.248:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.249:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.250:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.261:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.262:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.263:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.229:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.162:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.203:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.206:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.41:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.42:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.43:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.44:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.45:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.46:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.47:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.510:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.511:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.512:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.633:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Pepsi\My Documents\VeBook\JAVA\msagent javascript editor 1.3 crack\msagent javascript editor 1.3 crack.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\kalpesh\My Documents\Bluetooth Exchange Folder\pek55mh.sis -> Worm.Comwar.a : Cleaned with backup (quarantined).


::Report end

Part One

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:24:36 PM 10/11/2006

+ Scan result:



HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKU\S-1-5-21-789336058-57989841-682003330-1003\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
C:\Documents and Settings\Pepsi\My Documents\Bluetooth Exchange Folder\Java\Antechinus Javascript Editor Professional v4 0 patch crack multiLanguage with serial by ParadoX.zip/antechinus_javascript_editor_professional_v4.0_run.exe -> Adware.Stud : Cleaned with backup (quarantined).
C:\Documents and Settings\Pepsi\My Documents\VeBook\PHP Script\Data Becker Professional Homepage Power - Php To Date Patch Crack Multilanguage With Serial By Paradox.zip/data_becker_professional_homepage_power_-_php_to_date_run.exe -> Adware.Stud : Cleaned with backup (quarantined).
C:\Documents and Settings\Pepsi\My Documents\50207.rar/paretologic.anti-spyware.5.0-patch_byNpad69.exe -> Downloader.Delf.aup : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{A2752C9B-E833-4F97-8C77-EEFCC9B1BA80}\RP90\A0024904.dll -> Downloader.Small.cgu : Cleaned with backup (quarantined).
:mozilla.238:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.142:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.145:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.391:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.41:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.42:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.530:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.62:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.63:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.65:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.66:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.67:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.68:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.69:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.70:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.71:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.72:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.73:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.747:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.74:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.75:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.201:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.202:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.167:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.168:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.726:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.728:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.203:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.392:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.393:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.395:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.111:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.20:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\kalpesh\Cookies\kalpesh@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.311:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.312:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.188:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.257:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.259:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.260:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.227:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.298:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.299:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.301:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.302:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.303:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.132:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\kalpesh\Cookies\kalpesh@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.138:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.221:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.222:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.119:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.161:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.157:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.220:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.221:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.222:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Peeyush\Cookies\peeyush@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.696:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.697:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.182:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.219:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.238:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.331:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.411:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.549:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.657:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.659:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.660:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.672:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.683:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.701:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.702:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.775:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.219:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.274:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.275:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.276:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.277:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.316:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.501:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.64:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.652:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.653:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.658:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.65:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.66:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.67:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.165:C:\Documents and Settings\Peeyush\Application Data\Mozilla\Firefox\Profiles\vsziswvj.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.278:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.426:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.427:C:\Documents and Settings\Pepsi\Application Data\Mozilla\Firefox\Profiles\9suewanu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

SmitFraudFix v2.119

Scan done at 16:52:13.26, 10/11/2006
Run from C:\Documents and Settings\Pepsi\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

C:\WINDOWS\system32\okkmtv.dll Deleted
C:\Documents and Settings\Pepsi\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBursters 6.2.lnk Deleted
C:\Program Files\VirusBursters\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!


»»»»»»»»»»»»»»»»»»»»»»»» End

Philein,

Message Edited by zbestwun2001 on 11-10-200606:57 AM

Run HiJackThis and click " Scan", then check(tick) the following, if present:


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {274c0420-ebe0-4f1d-b473-edd1aa9b85dd} - (no file)
O2 - BHO: (no name) - {CE155DEB-AEEC-413D-B404-A96797DD1F71} - (no file)

O3 - Toolbar: YBIOCtrl Class - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll

O11 - Options group: [INTERNATIONAL] International*


Now, with all windows closed except HiJackThis, click " Fix checked".

---

Locate and delete the following item(s), if present. Make sure your able to view system and hidden files/ folders:

folders...

C:\Program Files\DAP

-

Note that some of these file(s) may or may not be present. If present, and cannot be deleted because they're ' in use', try deleting them from " Safe Mode".

---

Reboot and post back a new log from Normal Mode, not Safe Mode and let me know how everything goes.

-
ZB1

Logfile of HijackThis v1.99.1
Scan saved at 8:50:29 PM, on 10/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\X-Micro\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Atheros\ACU.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Pepsi\Desktop\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [ParetoLogic Anti-Spyware] "C:\Program Files\ParetoLogic\Anti-Spyware\Pareto_AS.exe" -NM -hidesplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 24Online Client.lnk = C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\X-Micro\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\X-Micro\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{A39FF1F0-B559-469D-A90B-433185AB05B7}: NameServer = 10.0.20.1
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\X-Micro\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

Logfile of HijackThis v1.99.1
Scan saved at 9:01:35 PM, on 10/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\X-Micro\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Atheros\ACU.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Pepsi\Desktop\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [ParetoLogic Anti-Spyware] "C:\Program Files\ParetoLogic\Anti-Spyware\Pareto_AS.exe" -NM -hidesplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 24Online Client.lnk = C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\X-Micro\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\X-Micro\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{A39FF1F0-B559-469D-A90B-433185AB05B7}: NameServer = 10.0.20.1
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\X-Micro\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

End

I dont know but the two things arent going off

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

what to do or will it work with no probs?

OK, those 2 entries that are being stubborn are no big deal.
They really can stay with no harm, I was just trying to clean the log a bit more.
They will go if you do it in Safe Mode, you can do those 2 anytime you want....but for all intents and purposes you are good to go!

Good job!

If not please let me know before continuing.

Next, please run Disk Cleanup in each user's profile:
Click "Start > Programs > Accessories > System Tools > Disk Cleanup"
Please make sure the following are checked:
-- Downloaded Program Files
-- Temporary Internet Files
-- Recycle Bin
-- Temporary Files
Click "OK" and Disk Cleanup will delete those files for you.

Please note my #10 Prevention Tip below to be sure you are using the latest version of Java.

After making sure your Java has been updated, if everything is running well....
it would be good to flush the XP System Restore Points:
(Using XP, you must be logged in as Administrator to do this.)
Go to Start>Run and type msconfig Press enter.
When msconfig opens, click the Launch System Restore Button.
On the next page, click the System Restore Settings Link on the left.
Check the box labeled Turn Off System Restore.

Reboot. Go back in and turn System Restore ON. A new Restore Point will be created.


Here is my standard list of simple steps that you can take to reduce the chance of infection in the future.

You may have already taken some of these steps:
1. Visit Windows Update:
Make sure that you have all the Critical Updates recommended for your operating system and IE. The first defense against infection is a properly patched OS.
Windows Update: http://v4.windowsupdate.microsoft.com/en/default.asp

2. Adjust your security settings for ActiveX:
Go to Internet Options/Security/Internet, press 'default level', then OK.
Now press "Custom Level."
In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.

3. Download and install the following free programs:
a. SpywareBlaster:
http://www.javacoolsoftware.com/spywareblaster.html
Tutorial here: http://www.bleepingcomputer.com/forums/tutorial49.html
b. SpywareGuard:
http://www.javacoolsoftware.com/spywareguard.html
Tutorial here: http://www.bleepingcomputer.com/tutorials/tutorial50.html
Periodically check for updates in both programs.

4. Please use a firewall and realtime anti-virus. Keep the anti-virus software and firewall software up to date.
Note: Zone Alarm Firewall (Zone Labs) http://www.zonelabs.com/store/content/company/products/trial_zaFamily/trial_zaFamily.jsp?lid=home_freedownloads
Sunbelt Kerio has a free version: http://www.kerio.com/kpf_download.html

5. You might consider installing Mozilla / Firefox.
http://www.mozilla.org/

6. Install spyware detection and removal programs:
You may also want to consider installing either or both of AdAware (free version) and Spybot S&D (freeware). Use these programs to regularly scan your system for and remove many forms of spyware/malware.

a. Ad-aware: http://www.lavasoft.de/software/adaware/

b. SpyBot S&D: http://safer-networking.org/en/news/2005-05-31.html

I would check for updates in SpyBot once a week or so.
Check for updates in Ad-aware frequently.

If you have recently installed AVG Anti-Spyware, it is a free trial product for 30 days. After that you can purchase it for full features OR you can also keep the free version to use as an on-demand scanner (recommended).
You will still be able to manually update it using the *update* button

7. Before using or purchasing any Spyware/Malware protection/removal program, always check the Rogue/Suspect Spyware List.
Here is the link:
http://www.spywarewarrior.com/rogue_anti-spyware.htm


8. If you have not already done so, you might want to install CCleaner and run it in each user's profile: http://www.ccleaner.com/
** UNcheck the option to install the Yahoo toolbr.

9. If you use Adobe Reader it may need to be updated to be sure that you have a more secure version. If you are using a version prior to v. 6.05, you should update to 6.05, preferably version 7.08. It would be best to remove prior versions before updating to a new version.
Info here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
If you need additional assistance, the Adobe forums are here: http://www.adobe.com/support/forums/main.html


10. Make sure you are using the most updated version of Java. The most updated version is jre-1_5_0_09.
Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

• Download the latest version of Java Runtime Environment (JRE) 5.0 Update 9.
• Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
• Click the "Download" button to the right.
• Check the box that says: "Accept License Agreement".
• The page will refresh.
• Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java versions.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-1_5_0_09-windowsi586-p.exe to install the newest version.

Official JAVA Installation Instructions if needed.


11. Here are some helpful articles:
"So how did I get infected in the first place?"
http://computercops.biz/postlite7736-.html

"I'm not pulling your leg, honest"
by Sandi Hardmeier
http://www.microsoft.com/windows/IE/community/columns/pulling.mspx

Let us know if we have not resolved your problem. Otherwise, you are good to go.
Happy and Safe Surfing!

Take care,
zb1

Almost done....

Just a few items left to clean up...

---

Run HiJackThis and click " Scan", then check(tick) the following, if present:


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843


Now, with all windows closed except HiJackThis, click " Fix checked".

---

Post back a new log, and let me know how everything goes.

-
ZB1

Hello,

Thank You for the things you have done for me

we did it & now their is no probs.

once again thank you

Piyush

You are quite welcome.

zb1