Lets see here. We have a few things going on.
This is a new variant or something because i have tryed everything on many sites and many tools.

First thing i do is im just doing work and a black DOS command prompt box pops up. The cursor jumps all over the place and my printer just starts shooting out blank pages forever tell i kill the power to the printer. I wrote the path down on the title bar of the DOS window. It is C:\Windows\Temp so i looked at these files in a HEX viewer and Windasm there something to do with it but there is a wierd encryption some form of advanced UPX im try to decrypt them still. However in on of the files i found a URL: www.search--control.com so its doing something with this site.

Any how the files i get are these:
Perflib_Perfdata_8f8.dat <-- 8f8 changes here and there if i free the file and delete it in safe mode. 16KB File

win1A2.tmp <-- 1A2 changes alot and spawns alot. Blank File probally what the printer is printing. 0KB

win20C.tmp.exe <-- This one is the one i can find some information form such as the URL im still decompieling it to find more info out. This one also changes it name and spawns but after some work this one does not appear any more 11.5 KB

Now i get one morewinF.tmp.exe i open this its an actuall website HTML but i blocked www.search--control.com in my Netgear block sites list with some other like spyfalcon.com and some others i found connecting VIA netstat so its the HTML you see from the router when you goto a blocked site. Hrm.. So the 11.5KB file does have something to do with this.

So these files are a pain if i do a spysweeper scan it get winlogonhook then removes but it comes back.

Norton Does not find crap. I sent the files to spysweeper for review.

So all this makes me think it may be a service. The only strang one i can see is a PC Tel Speaker pctspk.dll i cannot find anything on it and dont have a clue what it does because i dont have a Speaker phone on my PC. I may try removing this service latter on if i cant find the fix to this prob.

Any help would be great thanks!

Please post a Hijack This log so that the files associated with the virus/spyware/hijacker can be identified. You can download Hijack This at this link http://www.tomcoyote.org/hjt/ then place it into a folder of it's on, such as C:\HJT, so that back up copies can be made and not clutter your desktop or other folders and the backup copies of deleted items can be easily located if needed.

Once saved double click HijackThis.exe, and press "Scan". When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log, Ctrl-A to Select All, and copy its contents into the text editor at this forum.

Do not fix anything yet unless you know what you are doing. This is a powerful tool that can crash the computer if used improperly.

Logfile of HijackThis v1.99.1
Scan saved at 2:43:41 PM, on 3/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Webroot\Accelerate\accelerate.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\System32\GEARSec.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\system32\pctspk.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\System32\Tablet.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_1/home.html"); (C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\prefs.js)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-781cd0e19f00} - c:\program files\steganos internet anonym pro 7\siapro7iep.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Accelerate] C:\Program Files\Webroot\Accelerate\accelerate.exe /S
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Decompiler - C:\Program Files\SourceTec\Sothink SWF Decompiler\InternetExplorer.htm
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: SWFDecompiler - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\SourceTec\Sothink SWF Decompiler\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Decompiler - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\SourceTec\Sothink SWF Decompiler\InternetExplorer.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mts: C:\Program Files\MetaCreations\MetaStream\npmetastream.dll
O12 - Plugin for .tif: C:\Program Files\Internet Explorer\Plugins\npzzatif.dll
O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\Plugins\npzzatif.dll
O15 - Trusted Zone: http://linktrader.cyberspacehq.com
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Alias Wavefront Help Server (AWHelpServer) - Unknown owner - C:\Program Files\AliasWavefront\Maya5.0\docs\Wrapper.exe" -s "C:\Program Files\AliasWavefront\Maya5.0\docs/Wrapper.conf (file missing)
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: DynIP Client (DynIPClient) - DynIP, a division of CanWeb Internet Services Ltd. - C:\Program Files\DynIP\DynIP Client v4.2\Client.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe

Please set up Ewido as per these instructions Ewido Setup Instructions

Please download ATF-Cleaner from this link to your desktop
http://www.atribune.org/content/view/19/2/ by Atribune.

Then download killbox from this link Killbox (We may not need it but please have it ready in case we need it)

reboot into safe mode, directions at the following link if you need them How to Reboot into Safe Mode

Set up the computer to view hidden files by going to start>control panel>folder options>view tab>tick the circle beside "show hidden files and folders" and untick the box beside "hide extensions of known file types" and "hide protected system operating files">apply>ok.

Run HT in safe mode,place a check to the left of these items and press "fix checked":

O3 - Toolbar: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program

Files\PartyPoker\PartyPoker.exe

O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123

While in safe mode do a manual search for these files and if found delete all instances:

AdService.bat

AdService.dll

wintjv32.dll

Next, run ATF-Cleaner.

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Next run spysweeper from safe mode...if it wont start do a manual search for "WRSSSDK.exe" the double click it and it should run.

Next, from safe mode run Ewido.When the scan has completed, Ewido will create a report.txt file. Click the "Save Report" button on the bottom of the screen and save the log to your desktop.

Please reboot into normal mode and post the ewido log.

Hello,

Ok i did all that here is the log file...
I did find the AdService.Dll and that was it.

Spy sweeperfound this:

********
4:25 PM: | Start of Session, Saturday, March 18, 2006 |
4:25 PM: Spy Sweeper started
4:25 PM: Sweep initiated using definitions version 636
4:25 PM: Starting Memory Sweep
4:26 PM: Memory Sweep Complete, Elapsed Time: 00:00:56
4:26 PM: Starting Registry Sweep
4:26 PM: Found Trojan Horse: trojan agent winlogonhook
4:26 PM: HKLM\software\microsoft\mssmgr\ (6 subtraces) (ID = 937101)
4:26 PM: Registry Sweep Complete, Elapsed Time:00:00:14
4:26 PM: Starting Cookie Sweep
4:26 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
4:26 PM: Starting File Sweep
4:28 PM: Warning: Failed to open file "c:\program files\emule\webserver\videofixer.exe". The system cannot find the file specified
4:28 PM: Warning: Failed to open file "c:\program files\common files\installshield\driver\9\objects.data\index.btr". The system cannot find the path specified
4:28 PM: Warning: Failed to open file "c:\my documents\flash componets\2871-4[1]\index.btr". The system cannot find the file specified
4:28 PM: Warning: Failed to open file "c:\program files\common files\installshield\driver\9\objects.data\index.map". The system cannot find the path specified
4:28 PM: Warning: Failed to open file "c:\my documents\flash componets\2871-4[1]\index.map". The system cannot find the file specified
4:29 PM: Warning: Failed to open file "c:\program files\common files\installshield\driver\9\objects.data\mapping1.map". The system cannot find the path specified
4:29 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\symantec\liveupdate\downloads\tri318\spuninst.exe". The system cannot find the file specified
4:29 PM: Warning: Failed to open file "c:\program files\common files\installshield\driver\9\index.map". The system cannot find the file specified
4:31 PM: Warning: Failed to open file "c:\program files\pokerstars.net\spuninst.exe". The system cannot find the file specified
4:33 PM: Warning: Failed to open file "c:\my documents\flash componets\2871-4[1]\mapping1.map". The system cannot find the file specified
4:33 PM: Warning: Failed to open file "c:\my documents\flash componets\2871-4[1]\mapping2.map". The system cannot find the file specified
4:34 PM: Warning: Failed to open file "c:\my documents\flash componets\2871-4[1]\objects.map". The system cannot find the file specified
4:34 PM: Warning: Failed to open file "c:\program files\common files\installshield\driver\9\objects.map". The system cannot find the file specified
4:35 PM: Warning: Failed to open file "c:\program files\common files\installshield\driver\9\mapping2.map". The system cannot find the file specified
4:35 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\symantec\liveupdate\downloads\tri318\updspapi.dll". The system cannot find the file specified
4:40 PM: Warning: Failed to open file "c:\program files\pokerstars.net\updspapi.dll". The system cannot find the file specified
4:41 PM: Warning: Failed to open file "c:\program files\pokerstars.net\spuninst.inf". The system cannot find the file specified
4:43 PM: File Sweep Complete, Elapsed Time: 00:17:22
4:43 PM: Full Sweep has completed. Elapsed time 00:18:47
4:43 PM: Traces Found: 7
********

Here is the other log:

ewido anti-malware - Scan report

+ Created on: 7:28:21 PM, 3/18/2006
+ Report-Checksum: F046B376

+ Scan result:

:mozilla.21:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Xxxcounter : Error during cleaning
:mozilla.25:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Paycounter : Error during cleaning
:mozilla.26:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Sextracker : Error during cleaning
:mozilla.27:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Sextracker : Error during cleaning
:mozilla.30:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.31:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.32:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.33:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.34:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.35:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.36:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.37:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.38:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.39:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.40:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.41:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.42:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.43:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.44:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.45:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.46:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.47:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.48:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.49:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.50:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.51:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.52:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.53:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.54:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.55:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.56:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.57:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.58:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.59:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.60:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.61:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.62:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.63:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.64:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.65:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.66:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.67:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.68:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.69:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.70:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.71:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.72:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.73:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.74:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Advertising : Error during cleaning
:mozilla.79:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Doubleclick : Error during cleaning
:mozilla.80:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Mediaplex : Error during cleaning
:mozilla.81:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Mediaplex : Error during cleaning
:mozilla.82:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning
:mozilla.83:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning
:mozilla.84:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning
:mozilla.85:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Questionmarket : Error during cleaning
:mozilla.86:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Centrport : Error during cleaning
:mozilla.87:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Centrport : Error during cleaning
:mozilla.88:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Atdmt : Error during cleaning
:mozilla.89:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.90:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.91:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.92:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.93:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.94:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.95:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.96:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.97:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.98:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.99:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.100:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.101:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.102:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.103:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.104:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.105:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.106:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.107:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.108:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.2o7 : Error during cleaning
:mozilla.109:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Ru4 : Error during cleaning
:mozilla.110:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Ru4 : Error during cleaning
:mozilla.111:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Ru4 : Error during cleaning
:mozilla.112:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Ru4 : Error during cleaning
:mozilla.131:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning
:mozilla.136:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning
:mozilla.137:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning
:mozilla.138:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning
:mozilla.144:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Overture : Error during cleaning
:mozilla.145:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Overture : Error during cleaning
:mozilla.146:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Overture : Error during cleaning
:mozilla.159:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Qksrv : Error during cleaning
:mozilla.160:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Qksrv : Error during cleaning
:mozilla.161:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning
:mozilla.162:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning
:mozilla.163:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning
:mozilla.164:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning
:mozilla.165:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning
:mozilla.178:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning
:mozilla.179:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning
:mozilla.180:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning
:mozilla.181:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning
:mozilla.186:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning
:mozilla.199:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Adserver : Error during cleaning
:mozilla.200:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Adserver : Error during cleaning
:mozilla.201:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Adserver : Error during cleaning
:mozilla.202:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning
:mozilla.203:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Yadro : Error during cleaning
:mozilla.204:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Yadro : Error during cleaning
:mozilla.205:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Onestat : Error during cleaning
:mozilla.206:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Onestat : Error during cleaning
:mozilla.207:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Onestat : Error during cleaning
:mozilla.211:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning
:mozilla.212:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning
:mozilla.215:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Burstnet : Error during cleaning
:mozilla.217:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning
:mozilla.218:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning
:mozilla.221:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Sexcounter : Error during cleaning
:mozilla.222:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Sexcounter : Error during cleaning
:mozilla.223:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Sexcounter : Error during cleaning
:mozilla.224:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Sexcounter : Error during cleaning
:mozilla.225:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning
:mozilla.226:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning
:mozilla.227:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning
:mozilla.236:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning
:mozilla.237:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning
:mozilla.239:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Googleadservices : Error during cleaning
:mozilla.245:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning
:mozilla.266:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning
:mozilla.269:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning
:mozilla.270:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning
:mozilla.271:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning
:mozilla.272:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning
:mozilla.284:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Googleadservices : Error during cleaning
:mozilla.294:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Falkag : Error during cleaning
:mozilla.295:C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip/cookies.txt -> TrackingCookie.Falkag : Error during cleaning
C:\Documents and Settings\Str8gamE\Desktop\WindowsTempFolderSpywareViruseFiles.Zip/win20C.tmp.exe -> Trojan.Dialer.oy : Error during cleaning
C:\My Documents\filez\wartoolz\Portz\7thportscan.zip/portscan.exe -> Not-A-Virus.NetTool.Win32.Scan.11 : Error during cleaning
C:\Warez\Backup\Chad\ChadBackup.Zip/My Documents/filez/hacking/misc/misc_filez/netbuster1_30.zip/NetBuster.exe -> Trojan.GabanBus : Error during cleaning
C:\Warez\Backup\Chad\ChadBackup.Zip/My Documents/filez/wartoolz/Portz/7thportscan.zip/portscan.exe -> Not-A-Virus.NetTool.Win32.Scan.11 : Error during cleaning
C:\Warez\UnderGround Warez FTP\(Crackz)\Crack Search Program\cracksearcher.zip/CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-= Icq toolZ=-\Icq-kill.zip/portscan.exe -> Not-A-Virus.NetTool.Win32.Scan.12 : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-= Icq toolZ=-\Icqhac.zip/ICQHacker.exe -> Not-A-Virus.PSWTool.Win32.ICQ.e : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-= Icq toolZ=-\Warfor.zip/icqprot.exe -> Not-A-Virus.NetTool.Win32.Wfips : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-= Icq toolZ=-\Wfips2.zip/WFIPS2.exe -> Not-A-Virus.NetTool.Win32.Wfips : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=CrackinG toolZ=-\crackers\Bios-c.zip/AW-CRACK.COM -> Not-A-Virus.PSWTool.DOS.AwdCrack : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=CrackinG toolZ=-\crackers\L0pht.zip/LC_CLI.EXE -> Not-A-Virus.PSWTool.Win32.Lopht.100 : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=CrackinG toolZ=-\crackers\L0pht.zip/lc_gui.exe -> Not-A-Virus.PSWTool.Win32.Lopht.100 : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=CrackinG toolZ=-\crackers\Revela.zip/Revelation.exe -> Not-A-Virus.PSWTool.Win32.SnadBoy.11 : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=CrackinG toolZ=-\crackers\zip-cr~1.zip/CRACK2.EXE -> Not-A-Virus.PSWTool.Win32.ZipANV : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=HackinG=-\hackz\keylogwn.zip/KEYLOGWN.EXE -> Not-A-Virus.Monitor.Win32.KeyLog.95 : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=MisC=-\teardrop.zip/DATA.PA_ -> Trojan.Joky : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=MisC=-\Totalwarez\vcl.zip/INSTALL.EXE -> Not-A-Virus.VirTool.DOS.Instvcl.b : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=NetBus=-\Netbus1.zip/NetBuster.exe -> Trojan.GabanBus : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=Trojans=-\NETBUS\netbuss170.zip/uhanfo.exe -> Trojan.ControlDuSockets.a : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=Trojans=-\REWIND\Rewind1-3.zip/Rewind 1.3/Notification/Cgi Notification.zip/a.cgi -> Backdoor.Ciadoor.logger : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=Trojans=-\SIM-KEYLOGGER\Sim_Keylogger.zip/Sim_Keylogger/Sim_Keylogger.exe -> Logger.Pino.11 : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=Virri=-\Viriic\vcl.zip/INSTALL.EXE -> Not-A-Virus.VirTool.DOS.Instvcl.b : Error during cleaning
C:\Warez\UnderGround Warez FTP\(War Toolz - Warning Virri)\-=Virri=-\Viruse Creatrion\vcl.zip/INSTALL.EXE -> Not-A-Virus.VirTool.DOS.Instvcl.b : Error during cleaning

::Report End

I have not see the problems that where there for sometime we might of got it. Im going to do a spysweeper and viruse scan in normal and see what happens.

Thanks!

Dont mind the stored virri there not the problem!

You need to delete everything in these folders or at least the files showing in the Ewido scan:

C:\Documents and Settings\Str8gamE\Application Data\Mozilla\Profiles\default\sfifpm3a.slt\Temp.Zip

C:\Documents and Settings\Str8gamE\Desktop\WindowsTempFolderSpywareViruseFiles.Zip

And although the files are zipped I would delete this folder:

C:\Warez

If I just had to have the contents of C:\Warz I think I would store it on a disk.

Ok, so guys, I have the exact same problem. Winlogonhook & those darn .tmp files.

Here's my HT log:

Logfile of HijackThis v1.99.1
Scan saved at 14:56:52, on 21.3.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\PhotoWise\quicklnk.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Winamp\Winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Aksu\Työpöytä\Pc Protect\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.soneraplaza.fi
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Sonera Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;*.*.fi;*.*.*.fi;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [eTrust PestPatrol Active Protection] none
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "f:\pelit\steam\steam.exe" -silent
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Reader\AdobeUpdateManager.exe AcRdB7_0_3 -reboot 1
O4 - HKCU\..\Run: [TorCP] C:\Program Files\TorCP\torcp.exe
O4 - Startup: QuickLink.lnk = C:\Program Files\PhotoWise\quicklnk.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Lataa FlashGetillä - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Lataa kaikki FlashGetillä - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1092983925578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142340402078
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winlob32 - C:\WINDOWS\SYSTEM32\winlob32.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--------- end ---------

Help is greatly appreciated!
-Orabidoo

a solution to win***.tmp.exe problem can be found here:
remove win*.tmp.exe

I seem to be having similar issues. I've gotmtons of win???.tmp files in my Win/temp folder. I also have some Dailer.Platform that NAV keeps picking up but never getting rid of. I'm writing to ask if I should just follow the steps above or if I need more specific help besed on my HJT log. Please help. I would be sooooooo grateful!
I have pasted in my logfile in case it helps.

Logfile of HijackThis v1.99.1
Scan saved at 9:56:32 PM, on 4/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Roxio\GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\system32\RegSrvc.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
C:\Program Files\WorldCommunityGrid\UD.EXE
C:\Program Files\WorldCommunityGrid\ud_5235301.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WorldCommunityGrid\ud_5235301_0.dir\WCGrid_AutoDock.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Rhiannon\LOCALS~1\Temp\Rar$EX03.990\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [UC_Start] C:\Program Files\IBM\Updater\\ucstartup.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: World Community Grid Agent.lnk = C:\Program Files\WorldCommunityGrid\UD.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: GoBack.lnk = C:\Program Files\Roxio\GoBack\GBTray.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {4F1E5B1A-2A80-42ca-8532-2D05CB959537} (MSN Photo Upload Tool) -
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162
O16 - DPF: {A88E28CD-3A89-4878-B97D-84E28F395E9B} (DASCeProxy Class) -
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
O16 - DPF: {D27CDB70-AE6D-11cf-96B8-444553540000} (Macromedia Flash Factory Object) -
O16 - DPF: {E598AC61-4C6F-4F4D-877F-FAC49CA91FA3} (acpRunner Class) -
O16 - DPF: {E9880553-B8A7-4960-A668-95C68BED571E} (InstallShield Update Service Agent) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{46D049C5-F605-471E-840E-4758134E6E7A}: NameServer = 206.47.244.61 206.47.244.89
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: QConGina - C:\WINDOWS\SYSTEM32\QConGina.dll
O20 - Winlogon Notify: winfvy32 - C:\WINDOWS\SYSTEM32\winfvy32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GBPoll - Roxio, Inc. - C:\Program Files\Roxio\GoBack\GBPoll.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe