hey guys i just installed adobe reader 7 a few days ago and now when i click anything on my destop a box pups up really fast i cant read it. and when i tried to click my add and removed programs to uninstall it only microsoft.net framwork 1.1 and windows media connect show up? oh and i get a popup sayin preparing to install when i click on anything on my comp.

im running xp home sp2

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\kevdog\LOCALS~1\Temp\Rar$EX00.203\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CCHelper Class - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper Basic\CCHelper.dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Pa&nicware Pop-Up Stopper Basic - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\Program Files\Panicware\Pop-Up Stopper Basic\psbasic.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [PopUpStopperBasic] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s.work4sure.com/c/ge/w4sgeen9.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/DownloadAccess/ie/bridge-c11.cab
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/056f4317b970e9cb3d05/netzip/RdxIE601.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab28578.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

You are currently running Hijack This from here:

C:\DOCUME~1\kevdog\LOCALS~1\Temp\Rar$EX00.203\Hija ckThis.exe

This is a temp folder. Could you please make a new folder here:

C:\HJT

Move Hijack This to that folder or alternatively drag the file HijackThis.exe to your desktop. We need to get it out of the temp directory before we begin a fix. Post another log after you do this.

Logfile of HijackThis v1.99.1
Scan saved at 12:17:44 PM, on 3/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CCHelper Class - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper Basic\CCHelper.dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Pa&nicware Pop-Up Stopper Basic - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\Program Files\Panicware\Pop-Up Stopper Basic\psbasic.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [PopUpStopperBasic] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s.work4sure.com/c/ge/w4sgeen9.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/DownloadAccess/ie/bridge-c11.cab
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/056f4317b970e9cb3d05/netzip/RdxIE601.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab28578.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

sorry about that i fixed it.

Can you open Windows Explorer without getting the "preparing to install message"? I guess what I'm asking is can you open it at all? We need to uninstall the internet access hijacker new.net before we continue with the fix. Let me know if you can open Windows Explorer. If not there is a tool we can use to get rid of new.net.

i can open exploer

Sorry it took me so long to get back with you. I got booted off right in the middle of my response to you. Anyway, normally we would go to add/remove programs and uninstall the program new.net but since it doesn't show up in your add/remove programs list we'll try it a different way. We need to get rid of this before we do anything else or it will just keep coming back. We could use LSPFix to fix it but that program can be kind of dangerous when not used properly. I believe that Ewido Anti-Malware can remove the program so that's the route we'll take. Please download Ewido Anti-Malware from my signature below. Install the program and then set it up and run it according to the following instructions:

You will need to update ewido to the latest definition files.

On the left hand side of the main screen click update
Click on Start

The update will start and a progress bar will show the updates being installed. After the updates are installed, exit ewido.

Once the updates are installed do the following:

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

Reboot into Safe Mode, you can do this by restarting your computer, then contiunally tapping F8 until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter. Then, run ewido.

Close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

Click on scanner
Click on Settings
Under "How to scan" all boxes should be selected
Under "Possibly unwanted software" all boxes should be selected
Under "What to scan" select scan every file
Click OK
Click on Complete system scan
Let the program scan the machine

If ewido finds anything, it will pop up a notification. There will be an option that says Perform action with all infections. Please check that box.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report.

Click Save report
Save the report to your desktop
Exit ewido

Reboot the PC into normal mode and post the log from Ewido as well as a fresh Hijack This log.

ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 5:54:21 AM, 3/21/2006
+ Report-Checksum: 8247EE05

+ Scan result:

HKLM\SOFTWARE\Gator.com -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\AppInfo -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\AppInfo\GMT -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\AutoUpdate -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\BannerManager -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\EventLog -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\EventLog\Msgs -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\BD -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\EL -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\GBL -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_bc2 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_bg2 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gbs -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gi -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gs -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gt -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_regserver -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_rs -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_search -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_ss -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_updateserver -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GUS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GUS\HOL -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\NS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\Settings -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\10647 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11277 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11278 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11283 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11287 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11299 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11300 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11351 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11364 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11795 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12062 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28243 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28249 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28251 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28257 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28259 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28260 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28262 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28266 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28273 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28277 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28278 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28280 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28287 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28289 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28292 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28293 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28296 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28303 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28325 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28327 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28343 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28348 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28351 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28353 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28362 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28366 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28369 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28380 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28396 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28398 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28461 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28573 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28618 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28682 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28683 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28696 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28697 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28752 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28755 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28756 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28761 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28762 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28764 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28774 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28819 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28820 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28901 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28965 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28979 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28980 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28988 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29024 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29025 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29026 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29027 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29029 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29030 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29034 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29035 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29036 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29037 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29038 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29039 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29040 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29047 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29050 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29055 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29056 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29058 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29066 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29083 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29176 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29183 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29184 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29225 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29234 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29346 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29408 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29409 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29457 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29499 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29501 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29505 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29510 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29517 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29519 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29524 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29531 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29541 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29543 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29545 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29547 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29555 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29578 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29579 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29582 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29630 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29739 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29741 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29762 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29804 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29805 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29878 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29907 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29941 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30023 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30064 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30067 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30068 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30081 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30099 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30123 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30125 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30130 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30160 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30179 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30270 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30367 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30371 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30494 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30507 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30509 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30511 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30513 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30520 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30524 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30528 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30530 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30532 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30540 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30542 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30545 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30566 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30592 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30648 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30650 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30652 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30654 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30655 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30658 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30659 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30660 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30662 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30663 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30666 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30667 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30668 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30669 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30670 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30671 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30672 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30677 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30678 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30679 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30680 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30683 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30684 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30685 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30688 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30691 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30697 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30705 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30706 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30707 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30709 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30715 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30717 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30722 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30728 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30729 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30738 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30740 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30746 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30751 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30765 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30772 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30776 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30778 -> Adware.Gator : Cleaned with backup
Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36076 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36089 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36090 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36091 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36103 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36104 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36105 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36106 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36108 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36110 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36111 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\36117 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1\ADS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1\ADS\511 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1063 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1074 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1079 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1079\ADS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1079\ADS\2576 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1095 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\112 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1124 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1131 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1157 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\116 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1173 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1197 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\120 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1219 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1244 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1254 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1257 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1309 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1344 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1359 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1400 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1435 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1474 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1534 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1536 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1656 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\167 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\167\ADS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\167\ADS\1366 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1754 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1756 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1923 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1933 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1933\ADS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1933\ADS\9511 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1943 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1943\ADS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1943\ADS\9561 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1975 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\20 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2008 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\202 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\202\ADS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\202\ADS\1271 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2021 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2062 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2207 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\221 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2215 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2243 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\226 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2286 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2350 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2444 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\25 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2539 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2541 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2575 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2638 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2643 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2682 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2692 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2732 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2733 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2739 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2740 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2756 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2757 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\276 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2766 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2767 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2773 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2774 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2779 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\288 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\329 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\348 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\374 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\429 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\440 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\446 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\493 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\540 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\549 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\552 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\574 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\574\ADS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\574\ADS\96 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\613 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\613\ADS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\613\ADS\2301 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\619 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\627 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\696 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\698 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\716 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\763 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\773 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\779 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\789 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\799 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\799\ADS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\799\ADS\276 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\813 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\822 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\829 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\83 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\886 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\889 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\906 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\917 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\918 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\919 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\921 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\927 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\970 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\980 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\981 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\984 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\993 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QkqO04EQAAAEanQ0Q1mbs9A7qf4QFjBYUhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QmxeKwEQAAAB-YScCUZR5EARefv-R6tIwhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QNGyvdDQAAAGGdBlr0UEivpGrf7oCqV0k=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QPyfCdDAAAAMFUZ30rVYgAYuLrinoGoVw=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QUcwxiDwAAACWPEwesTElsqGsjmqDCb58=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QYb4opEQAAAK6Gxz+B24NBnf0ocTAqtPIhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QZcZU8DgAAAK6Pydjg8FVDEL7ThZUShzQ=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R2OzRpDAAAAFmpnng1PuHJYuLrinoGoVw=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R80NVmCQAAAHI56GyTrejvIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RaaeNOEQAAAFOlcYX+JbS29SfPupQ0BSMhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RFfkOiEQAAAHLcvAyU4QlFSwqZ5JZ9+1chnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RgAv8CFQAAAOC51Pedcp4jPBzEPOhmDU4L+2zZ7PEvOg== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RmkIppEQAAAI7K88pqqR4v2TL4oYyQeechnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RTcZGXEwAAAHLcvAyU4QlF5BOmAF7KmFqX2r3lbh73AQ== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RUNCWGDgAAABNjj04sXQRy--YlYxqfDBI=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RWKnnUEAAAAGisSAJTP2iR0rO4ikCQT5w=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SFlI8dDwAAADvkLluv5RUQDRm+hlqvzAM=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SG6QBdDQAAAC-hR0-Xuq2Rd5Jnwb+R-AE=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Snvz9YDgAAAPoBjBvDQUorjUS4Pxmvqhk=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SxBFCpDwAAAMZrvZCcydH001iYXwTCqNM=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T+UCmpDAAAAA1m2bC8YNo3QIl64aNLRuY=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T9GCtgEQAAAHLcvAyU4QlFEGMt7R6tUnkhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TASJbQBgAAALeq-toBgnpj -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tgfzn6CAAAAJ7wemcLHmWS -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TNBhMSCQAAAGU2K3ifU7P2IZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tnc4lnCQAAAH1CavK-XUJKIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TnYQQ9DAAAADFn03E9spY8QIl64aNLRuY=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tpj-bJCgAAAOZzIEZzgQPp-I8FsxCtGBE=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TS6ajaCQAAALVYfVF1hWp6PUg2Lov0Nhk=== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TU2MeXFQAAAL1kidDMhs-XiB3GujEuRJvr53hSGGuVjw== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TW+vDYFQAAACXSx9YJ24E3CglLFcykJ6aQuvsm3rRtwA== -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\gtd -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Settings -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\Users -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\stat\Users\User1 -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\GInternet -> Adware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\GInternet\Proxy -> Adware.Gator : Cleaned with backup
[472] C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Cleaned with backup
C:\Documents and Settings\anybody\Cookies\anybody@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\anybody\Cookies\anybody@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\anybody\Cookies\anybody@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Program Files\Common Files\CMEII\GObjs.dll -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\CMEII\GStore.dll -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\CMEII\GStoreServer.dll -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\fjbdedle\dlpppncc\aanltnlb.exe -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\fjbdedle\fphpbfhlll\rcnatnena.exe -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\GMT\EGGCEngine.dll -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\GMT\egIEEngine.dll -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\GMT\EGIEProcess.dll -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\GMT\EGNSEngine.dll -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\GMT\GatorRes.dll -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\GMT\GatorStubSetup.exe -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\GMT\GMT.exe -> Adware.Gator : Cleaned with backup
C:\Program Files\NewDotNet -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\NewDotNet\newdotnet6_38.dll -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\NewDotNet\readme.html -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\NewDotNet\uninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup
C:\WINDOWS\system32\hpD68B.tmp -> Downloader.Zlob.hc : Cleaned with backup
C:\WINDOWS\system32\hpFC29.tmp -> Downloader.Zlob.hc : Cleaned with backup
C:\WINDOWS\system32\ld5216.tmp -> Downloader.Zlob.hf : Cleaned with backup
C:\WINDOWS\system32\P2P Networking -> Adware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache -> Adware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database -> Adware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\index256.dbb -> Adware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe -> Adware.P2PNetworking : Cleaned with backup


::Report end

i couldnt post the whole thing it was to big so i took off some of the HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\ ones so it would fit. hjt log comming up.

Logfile of HijackThis v1.99.1
Scan saved at 2:18:02 PM, on 3/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxtray.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CCHelper Class - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper Basic\CCHelper.dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll (file missing)
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Pa&nicware Pop-Up Stopper Basic - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\Program Files\Panicware\Pop-Up Stopper Basic\psbasic.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [PopUpStopperBasic] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s.work4sure.com/c/ge/w4sgeen9.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/DownloadAccess/ie/bridge-c11.cab
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/056f4317b970e9cb3d05/netzip/RdxIE601.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab28578.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

thanx for the help btw.:thumbsup:

OK. That is MUCH better. Now open Windows Explorer and navigate to the following folder:

C:\Program Files\

Find and delete the following folder if it exists:

New.Net (might be called newdotnet)

Next run Hijack This again and put a check (tick) next to the following entries:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R3 - Default URLSearchHook is missing

O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll (file missing)

O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s.work4sure.com/c/ge/w4sgeen9.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Do...bridge-c11.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/056f4317...p/RdxIE601.cab


Close all other browsers/windows and click Fix Checked. Close Hijack This, reboot the PC and post a new log.

Logfile of HijackThis v1.99.1
Scan saved at 7:39:50 PM, on 3/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CCHelper Class - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper Basic\CCHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Pa&nicware Pop-Up Stopper Basic - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\Program Files\Panicware\Pop-Up Stopper Basic\psbasic.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [PopUpStopperBasic] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab28578.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

OK. Could you give me a report on your original problem? Are things better? There are just a couple of more things in your log that trouble me but we'll get to those after you let me know if you're problem has resolved.

the problems are still there every thing time i click on ie or anything on my comp it says preparing to install and my add or remove programs is only showing the net framwork, media connect and and now hjt and the other program you had my install show up. my download speeds are a little better though.

Could you please run a Panda Active Scan from my signature below. Allow the scan to delete whatever it finds. When it's finished it will generate a log. Please post that log along with a fresh Hijack This log.

how do i get it to delete stuff i couldnt figure it out?

What are you trying to delete? I haven't given you any items to delete yet. Are you having other problems I don't know about? Please post the results of the Panda Scan.

you said Allow the scan to delete whatever it finds.so i thought i had to click a delete button but i guess not anyways heres the report.

Incident Status Location

Adware:adware/gator Not disinfected C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GStartup.lnk
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\anybody\Cookies\anybody@ath.belnk[2].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\anybody\Cookies\anybody@banner[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\anybody\Cookies\anybody@belnk[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\anybody\Cookies\anybody@ccbill[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\anybody\Cookies\anybody@dist.belnk[2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\anybody\Cookies\anybody@go[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\kevdog\Application Data\Mozilla\Firefox\Profiles\default.snv\cookies.txt[]
Potentially unwanted tool:Application/Winfixer2005 Not disinfected C:\Documents and Settings\kevdog\Application Data\VCOM\Fix-It\Quarantine\df_kmd.sys
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@ad.yieldmanager[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@adopt.hbmediapro[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@adrevolver[3].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@ads.pointroll[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@adultfriendfinder[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@advertising[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@as-us.falkag[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@as1.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@belnk[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@casalemedia[2].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@ccbill[1].txt
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@cs.sexcounter[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@fastclick[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@hitbox[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@i.screensavers[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@maxserving[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@realmedia[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@servedby.advertising[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@serving-sys[2].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@sextracker[1].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@stats1.reliablestats[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@targetnet[2].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@tradedoubler[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@valueclick[1].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@www.myaffiliateprogram[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\kevdog\Cookies\kevdog@zedo[2].txt
Adware:adware/securityerror Not disinfected C:\Documents and Settings\kevdog\Favorites\Antivirus Test Online.url
Adware:Adware/Gator Not disinfected C:\Program Files\Common Files\CMEII\Gtools.dll
Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys
Adware:Adware/SpywareStrike Not disinfected C:\WINDOWS\system32\1024\ld1032.tmp
Adware:Adware/SpywareStrike Not disinfected C:\WINDOWS\system32\1024\ldB46D.tmp
Potentially unwanted tool:Application/P2PNetworking Not disinfected C:\WINDOWS\system32\P2P Networking v125.cpl
Spyware:Spyware/LinkReplacer Not disinfected C:\WINDOWS\system32\PreUninstallQL.exe

Sorry about that Kevdog.
:)
The scans will "usually" delete or at least try to delete any malware. I'm doing some research on your log and haven't been able to get on much this weekend. I'll reply soon with the next steps. In the meantime please post a fresh Hijack This log. When you run the scan this time be sure not to have any other programs open except Hijack This.

Logfile of HijackThis v1.99.1
Scan saved at 7:48:42 PM, on 3/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CCHelper Class - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper Basic\CCHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Pa&nicware Pop-Up Stopper Basic - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\Program Files\Panicware\Pop-Up Stopper Basic\psbasic.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [PopUpStopperBasic] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab28578.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

We'll get there eventually kevdog. I'm still trying to figure out what exactly is causing your problem. Do you know what is trying to install when you get the "preparing to install" message?

Let me know. In the meantime, run Hijack This again and put a check (tick) next to the following entry:

O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe

Close all other browsers/windows and click Fix checked.

Reboot into safe mode again and delete the following:

C:\Program Files\Common Files\GMT<----This folder.

Reboot the PC and post another log when finished.

i dont hace a clue what it is it started doing it after i installed adobe reader 7.

C:\Program Files\Common Files\GMT was not there. here is my new log

Logfile of HijackThis v1.99.1
Scan saved at 3:02:04 PM, on 3/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CCHelper Class - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper Basic\CCHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Pa&nicware Pop-Up Stopper Basic - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\Program Files\Panicware\Pop-Up Stopper Basic\psbasic.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [PopUpStopperBasic] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSBasic.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab28578.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

i have another ? do you know what this means

http://img.photobucket.com/albums/v51/kevdog/Capture3-29-2006-10.jpg

I'm beginning to think that this problem is not related to malware but to a problem within the operating system itself. It could have been originally caused by malware but is now just lingering. I recommend you visit our Software Discussion board here. (http://www.short-media.com/forum/forumdisplay.php?f=24) Show them the screenshot you posted and let them know of the problems you've been having since you installed Acrobat Reader 7. Your log looks good. I'll leave this thread open. Post back to let me know what you find out at the software board.

I forgot to add that once the Windows problem is worked out we have one more thing to fix. I just noticed that it is gone but the entry didn't go away. Come back to this thread and we'll fix it.

ok will do.