Tom's Guide | Tom's Hardware | Tom's Games
![]() |
![]() |
![]() |
i have been waiting on my other post http://www.computing.net/security/wwwboard/forum/18046.html
and it hasnt been successful, can u help me?
u can read my other post or we start off freshand also can sumone tell me, if i reformat my comp will i have to pay the activation fee they have for 64 edition?

O4 - HKLM\..\Run: [*binkey] C:\WINDOWS\java\Packages\binkey.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab?refid=5071
O20 - Winlogon Notify: winwam32 - C:\WINDOWS\SYSTEM32\winwam32.dllPlugged your log into the link provided to you earlier and 5 questionables came up with these 3 that i haven't been able to verify as legit.The middle one is definitely a nasty.Do you recognize the other 2.If not, follow the hijack instructions from the other thread and remove these.Some hits on the middle one refered to it as Spyfalcon and might require additional program for that.Try this first but wait for someone like jaybuck to give you further instructions.

It will be later the afternoon before I can work on this but please go ahead and prepare.
Download Ewido Security Suite then set it up this way Ewido Setup Instructions We will run this in safe mode later
Please download ATF-Cleaner from this link
http://www.atribune.org/content/view/19/2/ We will run this from safe mode laterSet up the computer to view hidden files by going to start>control panel>folder options>view tab>tick the circle beside "show hidden files and folders" and untick the box beside "hide extensions of known file types" and "hide protected system operating files">apply>ok.
Navigate to C:\Program Files\Common Files\??stem32\?ti2evxx.exe and loacte thei file and try to distinguish it's actual name. The ? marks can be any character but the other characters will remaun the same. In many cases ??stem32 = system32 . Do not delete this file yet just find it.

jabuck
While were waiting for spooklax's log, could you comment on the items i listed especially #1 & #3 as i could find no info on them at all.

i found the file and its called... C:\Program Files\Common Files\ѕуstem32\ati2evxx.exe
and heres my log
Logfile of HijackThis v1.99.1
Scan saved at 2:04:59 PM, on 4/12/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\TEMP\win1483.tmp.exe
C:\WINDOWS\TEMP\dbheljmd.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\daniel\LOCALS~1\Temp\Rar$EX00.437\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [*binkey] C:\WINDOWS\java\Packages\binkey.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab?refid=5071
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab
O20 - Winlogon Notify: winwam32 - C:\WINDOWS\SYSTEM32\winwam32.dll

Download killbox from this link Killbox We will need it in safe mode later
Reboot into safe mode by following the directions at this link How To Reboot Into Safe Mode
Run HT from safe mode, close all windows except HT, place a check to the left of the following items and press "fix checked":
O4 - HKLM\..\Run: [*binkey] C:\WINDOWS\java\Packages\binkey.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab?refid=5071
O20 - Winlogon Notify: winwam32 - C:\WINDOWS\SYSTEM32\winwam32.dll
Start Killbox place a tick next to [x]Delete on reboot Press the ALL Files button.
Copy the following list of files to clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):C:\Program Files\Common Files\ѕуstem32\ati2evxx.exe
C:\WINDOWS\TEMP\win1483.tmp.exe
C:\WINDOWS\TEMP\dbheljmd.exe
C:\WINDOWS\java\Packages\binkey.exe
C:\WINDOWS\SYSTEM32\winwam32.dll
Next click on the button that has the red circle with the white X in the middle.
It will ask for confimation to delete the files on next reboot and ask you if you want to reboot now.
Click Yes and let the computer reboot.Run ATF-Cleaner from safe mode. Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.Run Ewideo from safe mode. When the scan has completed, Ewido will create a report.txt file. Click the "Save Report" button on the bottom of the screen and save the log to your desktop.
Please reboot into normal mode and post the ewido log and a new HT log.
If you have items unchecked in msconfig causing the very small amount of 04's to be visable in HT then they need to be unchecked before you post the new HT log or we may miss a baddie.

here is my ewido log
ewido anti-malware - Scan report
+ Created on: 12:08:13 AM, 4/13/2006
+ Report-Checksum: D9FA1FE6+ Scan result:
HKLM\SOFTWARE\ClickSpring -> Adware.PurityScan : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaTickets -> Adware.PurityScan : Cleaned with backup
:mozilla.7:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.8:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.9:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.10:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.12:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.13:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.27:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.29:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.30:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.31:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.32:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.33:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.34:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.63:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.69:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.70:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.71:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.72:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.73:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.74:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.75:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.80:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.81:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.82:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.83:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.84:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.87:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.89:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.90:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.91:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.92:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.93:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.96:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.97:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.100:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.101:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.102:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.103:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.104:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.105:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.106:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.107:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.108:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.109:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.110:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.112:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.113:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.115:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.116:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.117:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.139:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.145:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.146:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.147:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.153:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.155:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.174:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.175:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.188:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.191:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.192:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
:mozilla.193:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.194:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.195:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.196:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.197:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.199:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.200:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.206:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.217:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.218:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.219:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.220:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.221:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.222:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.224:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.225:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.241:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.242:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.243:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.244:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.246:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.252:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.261:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.262:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.263:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.264:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.268:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.277:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.278:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.279:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.290:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.291:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.293:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.319:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.320:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.322:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.323:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.324:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\0HIOVW00\rdgUS2404[1].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\0HIOVW00\rdgUS2404[2].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\0HIOVW00\rdgUS2404[3].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\0HIOVW00\rdgUS2404[4].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\GXYP0NCH\rdgUS2404[2].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\GXYP0NCH\rdgUS2404[3].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\GXYP0NCH\rdgUS2404[4].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\UD89SH01\rdgUS2404[1].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\UD89SH01\rdgUS2404[2].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\UD89SH01\rdgUS2404[3].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\Local Settings\Temporary Internet Files\Content.IE5\UD89SH01\rdgUS2404[4].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\daniel\My Documents\My Completed Downloads\rdgUS2404.exe -> Downloader.Small.ayl : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rdgUS2404.exe -> Downloader.Small.ayl : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\rdgUS2404.exe -> Downloader.Small.ayl : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\rdgUS2404.exe -> Downloader.Small.ayl : Cleaned with backup
C:\WINDOWS\mtuninst.exe -> Adware.MediaTickets : Cleaned with backup
C:\WINDOWS\SYSTEM32\oins.exe -> Downloader.PurityScan.bt : Cleaned with backup
::Report Endim not sure of what to check and uncheck in msconfig but in services and startup i have everything unchecked except for the microsoft programs.. but here is my HT log
Logfile of HijackThis v1.99.1
Scan saved at 12:14:44 AM, on 4/13/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\daniel\LOCALS~1\Temp\Rar$EX00.969\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab
O20 - Winlogon Notify: winwam32 - winwam32.dll (file missing)

Looks much better.
Run HT again and remove this item:
O20 - Winlogon Notify: winwam32 - winwam32.dll (file missing)
For instructions on how to purge system restore click Here
To create a new restore point go Start>Run>type "msconfig" without the quotes>ok>Launch System Restore>Tick the circle beside "create a restore point">next>name it anything you wish>Create>home>restart the computer.
Rehide your hidden files.
Set up msconfig anyway you like.
Your should be clean, but run this online scan and post the results, because we didn't do it and it is a best pratice.
Run this free online scan from Kaspersky http://kaspersky.com/kos/english/kavwebscan.html
Click Accept
When the updates are finished downloading, click Next, Scan Settings
Under Scan using the following antivirus database:, select extended
Make sure the Scan Archives and Scan Mail Bases options are selected as well. Click OK
Click My Computer and wait for the scan to finish
Click Save Report As. Under Save as type:, select Text file. Save this log to your Desktop and post a copy of it here.

here is the report
---------------------
KASPERSKY ON-LINE SCANNER REPORT
Thursday, April 13, 2006 11:20:24 PM
Operating System: Microsoft Windows XP Professional, (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 14/04/2006
Kaspersky Anti-Virus database records: 188073
---------------------Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: trueScan Target - My Computer:
A:\
C:\
D:\
E:\Scan Statistics:
Total number of scanned objects: 79543
Number of viruses found: 10
Number of infected objects: 14
Number of suspicious objects: 0
Duration of the scan process: 00:52:02Infected Object Name / Virus Name / Last Action
C:\!KillBox\svchost.exe Infected: Trojan-Downloader.Win32.PurityScan.w skipped
C:\Program Files\Mozilla Firefox\plugins\NPNd2fn.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.o skipped
C:\System Volume Information\_restore{43B68903-DD49-4B8E-8541-65A95F72E5D9}\RP6\A0003283.dll Infected: Trojan-Downloader.Win32.Small.cml skipped
C:\System Volume Information\_restore{43B68903-DD49-4B8E-8541-65A95F72E5D9}\RP6\A0003302.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.u skipped
C:\System Volume Information\_restore{43B68903-DD49-4B8E-8541-65A95F72E5D9}\RP6\A0003303.exe Infected: Trojan-Downloader.Win32.PurityScan.bt skipped
C:\WINDOWS\browserxtras\pn\remove.exe/data0002/data0003 Infected: Trojan-Downloader.Win32.Keenval.f skipped
C:\WINDOWS\browserxtras\pn\remove.exe/data0002 Infected: Trojan-Downloader.Win32.Keenval.f skipped
C:\WINDOWS\browserxtras\pn\remove.exe/data0003/data0002 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\WINDOWS\browserxtras\pn\remove.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\WINDOWS\browserxtras\pn\remove.exe NSIS: infected - 4 skipped
C:\WINDOWS\SYSTEM32\dfrgsrv.exe Infected: Trojan-Downloader.Win32.Zlob.jx skipped
C:\WINDOWS\SYSTEM32\InstaFinder_inst245.exe/stream Infected: not-a-virus:AdWare.Win32.InstaFinder.a skipped
C:\WINDOWS\SYSTEM32\InstaFinder_inst245.exe NSIS: infected - 1 skipped
C:\WINDOWS\SYSTEM32\ld80C8.tmp Infected: Trojan-Downloader.Win32.Zlob.ka skippedScan process completed.

Run killbox again and delete these files:
C:\Program Files\Mozilla Firefox\plugins\NPNd2fn.dll
C:\WINDOWS\browserxtras\pn\remove.exe
C:\WINDOWS\SYSTEM32\dfrgsrv.exe
C:\WINDOWS\SYSTEM32\InstaFinder_inst245.exe
C:\WINDOWS\SYSTEM32\ld80C8.tmp
Clean out system restore and create a new restore point. For instructions on how to purge system restore click Here
To create a new restore point go Start>Run>type "msconfig" without the quotes>ok>Launch System Restore>Tick the circle beside "create a restore point">next>name it anything you wish>Create>home>restart the computer.
Run Ewido from safe mode one more and post the report along witha new HT log.

here is my ewido report
ewido anti-malware - Scan report
+ Created on: 3:11:17 PM, 4/14/2006
+ Report-Checksum: 4BC9ABE6+ Scan result:
:mozilla.22:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.23:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.24:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.25:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.26:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.27:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.28:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.29:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.30:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.31:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.34:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.40:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.41:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.42:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.43:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.44:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.45:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.47:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.48:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.50:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.51:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.52:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.56:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.57:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.59:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.60:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.61:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.62:C:\Documents and Settings\daniel\Application Data\Mozilla\Firefox\Profiles\oijnupkm.Default Userxb\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\daniel\Cookies\daniel@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\daniel\Cookies\daniel@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\daniel\Cookies\daniel@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
::Report Endand here is my HT log
Logfile of HijackThis v1.99.1
Scan saved at 3:11:49 PM, on 4/14/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\NOTEPAD.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\daniel\LOCALS~1\Temp\Rar$EX00.437\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab

![]() |
Computer shuts down on st...
|
Firewall Question
|

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |