Date: 5/5/2006, Time: 21:15:46, Owner on BGY-11
The file
C:\WINNT\system32\lssas.exe
is infected with the Backdoor.Trojan virus.
Unable to repair this file.

Hi Guys, I got this virus that won't go away and can't be removed by Norton. Then I started in safe mode and then norton removed it. But now I noticed that a lot of files in C:\WINNT\System32\ have 12/31/1979 as the date the files are created! Is this normal? Thank you all!

Logfile of HijackThis v1.99.1
Scan saved at 10:08:20 PM, on 5/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\ctfmon.exe
C:\WINNT\system32\winmgnt.exe
C:\WINNT\System32\CTsvcCDA.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINNT\GWMDMMSG.exe
C:\WINNT\system32\CTHELPER.EXE
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Common Files\Symantec Shared\NMain.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided

by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 211.46.157.130:8080
F2 - REG:system.ini: UserInit=C:\WINNT\System32\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program

Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton

AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft

Money\System\mnyviewer.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton

AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard

/RunValue:"Keyboard Preload Check"
O4 - HKLM\..\Run: [GWMDMpi] C:\WINNT\GWMDMpi.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [hplampc] C:\WINNT\system32\hplampc.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINNT\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINNT\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINNT\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINNT\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINNT\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSConfig] C:\WINNT\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Download the file(s) in D.S.Code - C:\Documents and

Settings\Owner\Desktop\download\application\DSLite2\DSLite2\dl_text.html
O8 - Extra context menu item: &Download the file(s) in D.S.Code-File - C:\Documents and

Settings\Owner\Desktop\download\application\DSLite2\DSLite2\dl_url.html
O8 - Extra context menu item: &Google Search - res://C:\Program

Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program

Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program

Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program

Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10

\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program

Files\Google\googletoolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program

Files\Google\googletoolbar.dll/cmtrans.html
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1

\FlashGet\flashget.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft

Money\System\mnyviewer.dll
O9 - Extra button: D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and

Settings\Owner\Desktop\download\application\DSLite2\DSLite2\DSLite.exe
O9 - Extra 'Tools' menuitem: &D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and

Settings\Owner\Desktop\download\application\DSLite2\DSLite2\DSLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -

http://a1540.g.akamai.net/7/1540/52/20020323/qtinstall.info.apple.com/qt505/us/win/QuickTimeInstaller.ex

e
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) -

http://simcity.ea.com/patch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-

dl.real.com/139de3786ef7a7f8ca00/netzip/RdxIE601.cab
O16 - DPF: {6D5FCFCB-FA6C-4CFB-9918-5F0A9F7365F2} - http://www.gigex.com/tv/igor/gigexagent.dll
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) -

http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) -

hcp://system/RunExeActiveX.CAB
O16 - DPF: {7BA7BCE2-D359-4407-82D9-CDF9A74C487A} (DownLoadStub Class) -

http://www.hpphotos.com/downloads/DownloadPhotos.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -

http://www.installengine.com/engine/isetup.cab
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) -

hcp://system/StartFirstControl.CAB
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) -

http://security2.norton.com/SSC/SharedContent/sc/bin/cabsa.cab
O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} (MaxisSimCity4PatcherX Control) -

http://simcity.ea.com/patch/MaxisSimCity4PatcherX.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) -

file://D:\Bin\html\files\MotivePreQual.cab
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) -

http://a840.g.akamai.net/7/840/5805/v1000/www.contentwatch.com/audit/includes/ContentAuditControl.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) -

http://ccon.futuremark.com/global/msc34.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: COM+ System Service - Unknown owner - C:\WINNT\system32\SSMS.EXE
O23 - Service: COM+ Component Service (COMCSVC) - Unknown owner - C:\WINNT\system32\winmgnt.exe
O23 - Service: COMSS - Unknown owner - C:\WINNT\system32\SSMS.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32

\CTsvcCDA.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common

Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program

Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program

Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program

Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Network DDE Connections (NETDDEC) - Unknown owner - C:\WINNT\system32\service.exe (file

missing)
O23 - Service: PictureTaker - Unknown owner - c:\fixit\pt\PCTKRNT.SYS (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1

\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec

Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINNT\system32

\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. -

C:\WINNT\wanmpsvc.exe

Please launch HijackThis and place a checkmark by the following entries:
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/139de3786ef7a7f8ca00/netzip/RdxIE601.cab
O16 - DPF: {6D5FCFCB-FA6C-4CFB-9918-5F0A9F7365F2} - http://www.gigex.com/tv/igor/gigexagent.dll
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
Close all other windows except HijackThis and press "Fix Checked". Then close HijackThis and restart the computer.


Please run a free online scan with Kaspersky AntiVirus (works only with MS Internet Explorer 5.0 or higher).
Go to http://www.kaspersky.com/virusscanner and click the "Kaspersky Online Scanner" button (NOT "Kaspersky File Scanner").
In the new window that opens, click the "Accept" button to accept the user agreement, install the ActiveX control, and download the program.
When you get the Windows dialog asking if you want to install this software, click the "Install" button.
When the "Update progress" line changes to "Ready" and the "NEXT ->" button lights up with a green arrow, click it.
Click on the "Scan Settings" button, and in the next window select the "extended" database, and click Ok.
Under "Please select a target to scan:", click My Computer to start the scan.
When the scan is finished, click the "Save as Text" button, and save the file as kavscan.txt to your Desktop, close the Kaspersky On-line Scanner window, and post the text in kavscan.txt in your next reply.

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, May 06, 2006 10:34:46 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 6/05/2006
Kaspersky Anti-Virus database records: 192022
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
G:\

Scan Statistics:
Total number of scanned objects: 435451
Number of viruses found: 33
Number of infected objects: 114
Number of suspicious objects: 0
Duration of the scan process: 03:53:47

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Owner\Desktop\download\application\All.To.MP3.Converter.v1.5.WinALL.Cra cked.READ.NFO-DVT.zip/All.To.MP3.Converter.v1.5.WinALL.Cracked.READ.NFO-DVT/all2mp3.exe Infected: Trojan-Dropper.Win32.Small.mt skipped
C:\Documents and Settings\Owner\Desktop\download\application\All.To.MP3.Converter.v1.5.WinALL.Cra cked.READ.NFO-DVT.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Owner\Desktop\download\application\Download Manager\getrt45d.exe/WISE0087.BIN Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped
C:\Documents and Settings\Owner\Desktop\download\application\Download Manager\getrt45d.exe WiseSFX: infected - 1 skipped
C:\Documents and Settings\Owner\Desktop\download\application\River_Past_Video_Perspective_v5.0.3_ Incl_Keygen-UCF.zip/River_Past_Video_Perspective_v5.0.3_Incl_Keygen-UCF/videoperspective_setup.exe Infected: Trojan-Dropper.Win32.Small.mt skipped
C:\Documents and Settings\Owner\Desktop\download\application\River_Past_Video_Perspective_v5.0.3_ Incl_Keygen-UCF.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Owner\Desktop\download\application\sysreset.zip/sysreset/sysreset/mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.614 skipped
C:\Documents and Settings\Owner\Desktop\download\application\sysreset.zip ZIP: infected - 1 skipped
C:\Program Files\BitTorrent\uninstall.exe/stream/data0002 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Program Files\BitTorrent\uninstall.exe/stream Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Program Files\BitTorrent\uninstall.exe NSIS: infected - 2 skipped
C:\Program Files\mIRC\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.614 skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\Program Files\mIRC sysreset\sysreset\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.614 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector13.zip/bdeinsta25.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector13.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector15.zip/BDEengine3.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3563 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector15.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector17.zip/BDErastDX3.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3567 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector17.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector18.zip/BDESac10.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3120 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector18.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector19.zip/bdefdi.dll Infected: not-a-virus:AdWare.Win32.Altnet.k skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector19.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector21.zip/BDESac24.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3120 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector21.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector23.zip/BDEplayer3.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3566 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector23.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector24.zip/bde3dref3p4.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.35684 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector24.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector25.zip/bdeload.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.e skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector25.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector26.zip/b3dsetup.exe Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1100 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector26.zip/bdeclean.exe Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3022 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector26.zip/bdedetect1.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1007 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector26.zip/bdeviewer.exe Infected: Trojan.Win32.Krepper.y skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector26.zip/BDEwrapper3.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.35692 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector26.zip/Cache/bdeclean.exe Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3022 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector26.zip/Cache/bdedetect1.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1007 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector26.zip ZIP: infected - 7 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector27.zip/b3d3200package.cab/bdedetect1.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1007 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector27.zip/b3d3200package.cab/bdeclean.exe Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3022 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector27.zip/b3d3200package.cab Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3022 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector27.zip/b3dsetup.exe Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1100 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector27.zip/bdedownloader.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3039 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector27.zip/bdefdi.dll Infected: not-a-virus:AdWare.Win32.Altnet.k skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector27.zip/bdeinsta25.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector27.zip ZIP: infected - 7 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector6.zip/bdedownloader.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3039 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BDEProjector6.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName29.zip/cd_install_291.exe/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName29.zip/cd_install_291.exe/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName29.zip/cd_install_291.exe Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName29.zip/DelFinMediaViewer29j.exe/PgSDK.DLL Infected: not-a-virus:AdWare.Win32.DelphinMediaViewer.d skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName29.zip/DelFinMediaViewer29j.exe Infected: not-a-virus:AdWare.Win32.DelphinMediaViewer.d skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName29.zip/SaveNowInst.exe/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.ar skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName29.zip/SaveNowInst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.ar skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName29.zip ZIP: infected - 7 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName72.zip/cd_install_291.exe/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName72.zip/cd_install_291.exe/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName72.zip/cd_install_291.exe Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CommonName72.zip ZIP: infected - 3 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Cydoor10.zip/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Cydoor10.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Cydoor2.zip/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Cydoor2.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Cydoor3.zip/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Cydoor3.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Cydoor9.zip/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Cydoor9.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip/Downloads/51.dat/data0189 Infected: not-a-virus:AdWare.Win32.DownloadWare skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip/Downloads/51.dat/data0192 Infected: not-a-virus:AdWare.Win32.DownloadWare skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip/Downloads/51.dat Infected: not-a-virus:AdWare.Win32.DownloadWare skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip/Downloads/90.dat/data0002 Infected: not-a-virus:AdWare.Win32.MediaPops.b skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip/Downloads/90.dat Infected: not-a-virus:AdWare.Win32.MediaPops.b skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip/dw.exe Infected: Trojan-Downloader.Win32.Realtens.h skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip/Temp/ml.exe/data0189 Infected: not-a-virus:AdWare.Win32.DownloadWare skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip/Temp/ml.exe/data0192 Infected: not-a-virus:AdWare.Win32.DownloadWare skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip/Temp/ml.exe Infected: not-a-virus:AdWare.Win32.DownloadWare skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare.zip ZIP: infected - 9 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare10.zip/dw.exe Infected: Trojan-Downloader.Win32.Realtens.h skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare10.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare12.zip/dw.exe Infected: Trojan-Downloader.Win32.Realtens.h skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare12.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare4.zip/dw.exe Infected: Trojan-Downloader.Win32.Realtens.h skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare4.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare6.zip/dw.exe Infected: Trojan-Downloader.Win32.Realtens.h skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DownloadWare6.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\eZulaHotText39.zip/eZinstall.exe/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.EZula.ak skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\eZulaHotText39.zip/eZinstall.exe Infected: not-a-virus:AdWare.Win32.EZula.ak skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\eZulaHotText39.zip ZIP: infected - 2 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FlashTrack12.zip/Flt.dll Infected: not-a-virus:AdWare.Win32.FlashTrack.d skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FlashTrack12.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FlashTrack18.zip/Flt.dll Infected: not-a-virus:AdWare.Win32.FlashTrack.d skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FlashTrack18.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FlashTrack4.zip/Flt.dll Infected: not-a-virus:AdWare.Win32.FlashTrack.d skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FlashTrack4.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FlashTrack7.zip/Flt.dll Infected: not-a-virus:AdWare.Win32.FlashTrack.d skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FlashTrack7.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Gator3.zip/fsg_3202.exe Infected: not-a-virus:AdWare.Win32.Gator.3202 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Gator3.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Gator4.zip/fsg_3202.exe Infected: not-a-virus:AdWare.Win32.Gator.3202 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Gator4.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Newnet11.zip/NDNuninstall4_50.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Newnet11.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Newnet6.zip/FirstLook.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Newnet6.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Newnet7.zip/uninstall4_50.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Newnet7.zip ZIP: infected - 1 skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\UCmore5.zip/IUCmore.dll Infected: not-a-virus:AdWare.Win32.Ucmore skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\UCmore5.zip/UCMIE.dll Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped
C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\UCmore5.zip ZIP: infected - 2 skipped
C:\WINNT\Downloaded Program Files\gsda.dll Infected: not-a-virus:Downloader.Win32.SpyGame skipped
C:\WINNT\system32\runsvc.exe Infected: not-a-virus:RiskTool.Win32.HideWindows skipped

Scan process completed.

Please go to Control Panel and remove:
Download Manager

Then restart the computer.

Now navigate to and delete the following files/folders if they still exist:
C:\Documents and Settings\Owner\Desktop\download\application\All.To.MP3.Converter.v1.5.WinALL.Cra cked.READ.NFO-DVT.zip
C:\Documents and Settings\Owner\Desktop\download\application\Download Manager\
C:\Documents and Settings\Owner\Desktop\download\application\River_Past_Video_Perspective_v5.0.3_ Incl_Keygen-UCF.zip/
C:\Program Files\BitTorrent\uninstall.exe
C:\WINNT\system32\runsvc.exe

Get Spybot Search and Destroy updated, the current version is 1.4 now. After you get it updated, remove all the quarantined and "Recovery" files.

Rescan with Kaspersky ActiveScan and post the fresh log in your next reply.

I can't find "download manager" in the control panel so I just deleted C:\Documents and Settings\Owner\Desktop\download\application\Download Manager\

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, May 07, 2006 7:01:34 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 7/05/2006
Kaspersky Anti-Virus database records: 192222
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
G:\

Scan Statistics:
Total number of scanned objects: 437220
Number of viruses found: 3
Number of infected objects: 4
Number of suspicious objects: 0
Duration of the scan process: 04:57:39

Infected Object Name / Virus Name / Last Action
C:\Program Files\mIRC\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.614 skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\Program Files\mIRC sysreset\sysreset\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.614 skipped
C:\WINNT\Downloaded Program Files\gsda.dll Infected: not-a-virus:Downloader.Win32.SpyGame skipped

Scan process completed.

Ok, Kaspersky scan shows you are pretty much cleaned up.

Please rescan with HijackThis and post the new log. (Also there's no need to put it between [code] [/ code])

Logfile of HijackThis v1.99.1
Scan saved at 7:34:35 AM, on 5/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\ctfmon.exe
C:\WINNT\GWMDMMSG.exe
C:\WINNT\system32\CTHELPER.EXE
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINNT\System32\CTsvcCDA.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 211.46.157.130:8080
F2 - REG:system.ini: UserInit=C:\WINNT\System32\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:"Keyboard Preload Check"
O4 - HKLM\..\Run: [GWMDMpi] C:\WINNT\GWMDMpi.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [hplampc] C:\WINNT\system32\hplampc.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINNT\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINNT\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINNT\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINNT\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINNT\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Download the file(s) in D.S.Code - C:\Documents and Settings\Owner\Desktop\download\application\DSLite2\DSLite2\dl_text.html
O8 - Extra context menu item: &Download the file(s) in D.S.Code-File - C:\Documents and Settings\Owner\Desktop\download\application\DSLite2\DSLite2\dl_url.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and Settings\Owner\Desktop\download\application\DSLite2\DSLite2\DSLite.exe
O9 - Extra 'Tools' menuitem: &D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and Settings\Owner\Desktop\download\application\DSLite2\DSLite2\DSLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020323/qtinstall.info.apple.com/qt505/us/win/QuickTimeInstaller.exe
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://simcity.ea.com/patch/EARTPX.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {7BA7BCE2-D359-4407-82D9-CDF9A74C487A} (DownLoadStub Class) - http://www.hpphotos.com/downloads/DownloadPhotos.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security2.norton.com/SSC/SharedContent/sc/bin/cabsa.cab
O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} (MaxisSimCity4PatcherX Control) - http://simcity.ea.com/patch/MaxisSimCity4PatcherX.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - file://D:\Bin\html\files\MotivePreQual.cab
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) - http://a840.g.akamai.net/7/840/5805/v1000/www.contentwatch.com/audit/includes/ContentAuditControl.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: COM+ System Service - Unknown owner - C:\WINNT\system32\SSMS.EXE
O23 - Service: COM+ Component Service (COMCSVC) - Unknown owner - C:\WINNT\system32\winmgnt.exe (file missing)
O23 - Service: COMSS - Unknown owner - C:\WINNT\system32\SSMS.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTsvcCDA.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Network DDE Connections (NETDDEC) - Unknown owner - C:\WINNT\system32\service.exe (file missing)
O23 - Service: PictureTaker - Unknown owner - c:\fixit\pt\PCTKRNT.SYS (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINNT\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe

May I know what is this:
DSLite 2
Did you download this from somewhere?

Otherwise, your system appears clean.
Please run one last scan with BitDefender Online Scanner so that we can be really sure you are free of malware (works only with MS Internet Explorer 5.0 or higher).


In the new window that opens, click the "I agree" button to accept the user agreement before allowing the installation of the ActiveX control.
By default, BitDefender Online Scanner will scan your entire computer.
CLick "Click here to scan".
Please wait patiently while BitDefender updates its virus signatures.
Scan will commence.
When the scan is finished, click on the tab "Detected Problems".
Then click on "Click here to export the scan report".
Save the scan report to your desktop or somewhere convenient.
Close the BitDefender Online Scanner window, and post the contents of the BitDefender scan report in your next reply.