please help computer is messed up!!

Unknown

can someone please tell me what 2 do plz?
my computer is rlly messed up: i cant change the background its this thing that sais warning and it has a link.and i cant run some of the programs, including ad-aware SE and spy-bot search and destroy.
can someone please help?
i saw some of the other posts so i downloaded the hijackthis program.
i saw that the people that help ask 4 the file ill put it now:

Logfile of HijackThis v1.99.1
Scan saved at 7:51:18 PM, on 7/30/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\explorer.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04. exe
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\System32\intell32.exe
C:\winzip\WZQKPICK.EXE
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oneclicksearches.com/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.oneclicksearches.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.oneclicksearches.com/
R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll (file missing)
O2 - BHO: HP Class - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} - C:\WINNT\System32\hpC759.tmp (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.d ll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04. exe
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [saap] c:\winnt\saap.exe
O4 - HKLM\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKLM\..\Run: [NAV CfgWiz] C:\PROGRA~1\NORTON~1\Cfgwiz.exe /R
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Winamp\winampa.exe
O4 - HKLM\..\Run: [RegSvr32] C:\WINNT\System32\msmsgs.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINNT\System32\intell32.exe
O4 - HKLM\..\Run: [PSGuard spyware remover] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKCU\..\Run: [AIM] C:\aim\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\winzip\WZQKPICK.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\aim\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/movie.ocx
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINNT\system32\ZoneLabs\vsmon.exe

please help!!!!

Crunchie

Please read these instructions carefully and print them out! Be sure to follow ALL instructions!

Download smitRem.zip and save the file to your desktop.
Right click on the file and extract it to it's own folder on the desktop.

Place a shortcut to Panda ActiveScan on your desktop.

Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/

Please read Ewido Setup Instructions
Install it, and update the definitions to the newest files. Do NOT run a scan yet.

If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Ad-Aware SE Setup
Don't run it yet!

Next, please reboot your computer in SafeMode by doing the following:

1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.

Now scan with HJT and place a checkmark next to each of the following items:
===================================================
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oneclicksearches.com/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.oneclicksearches.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.oneclicksearches.com/
R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll (file missing)

O2 - BHO: HP Class - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} - C:\WINNT\System32\hpC759.tmp (file missing)

O4 - HKLM\..\Run: [saap] c:\winnt\saap.exe
O4 - HKLM\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKLM\..\Run: [RegSvr32] C:\WINNT\System32\msmsgs.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINNT\System32\intell32.exe
O4 - HKLM\..\Run: [PSGuard spyware remover] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/movie.ocx
===================================================

Manually remove these;

c:\winnt\saap.exe
C:\Program Files\SurfSideKick 2

=======

Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.


Open Ad-aware and do a full scan. Remove all it finds.


Run Ewido:

• Click on scanner
• Click Complete System Scan and the scan will begin.
• During the scan it will prompt you to clean files, click OK
• When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
• When the scan is finished, click the Save report button at the bottom of the screen.
• Save the report to your desktop

Close Ewido

Next go to Control Panel click Display > Desktop > Customize Desktop > Website > Uncheck "Security Info" if present.

Reboot back into Windows and click the Panda ActiveScan shortcut, then do a full system scan. Make sure the autoclean box is checked!
Save the scan log and post it along with a new HijackThis Log, the contents of the smitfiles.txt log and the Ewido Log by using Add Reply.
Let us know if any problems persist.

alinsipos

thnaks you very much, the background is good now, but i think there are still some small things. When i start the computer, it gives me errors on the DLL or something of some programs(aim and such). Icant open Internet Explorer and Mozilla cant support the Panda ActiveScan, so i couldnt run that.
Here are the logs:

Logfile of HijackThis v1.99.1
Scan saved at 10:53:44 PM, on 7/30/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\explorer.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\System32\drwtsn32.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [NAV CfgWiz] C:\PROGRA~1\NORTON~1\Cfgwiz.exe /R
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Winamp\winampa.exe
O4 - HKCU\..\Run: [AIM] C:\aim\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\winzip\WZQKPICK.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\aim\aim.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINNT\system32\ZoneLabs\vsmon.exe



smitRem log file
version 2.2

by noahdfear

The current date is: Sat 07/30/2005
The current time is: 22:02:28.10

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run Files Present


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~

adult
cars
sexual life
shopping
job search.url
poker.url
Online Gambling.url
online dating.url
Black Jack Online.url
Online Pharmacy\Adipex.url
Black Jack Online.url
Home Loan.url
Network Security.url
Online Dating.url
Online Pharmacy.url
Remove Spyware.url
Spam Filters.url
Take It Here - Free * TGP.url
Web Detective.url
Online Gambling folder
Online Pharmacy folder


~~~ system32 folder ~~~

intell32.exe
oleext.dll
wppp.html
hp***.tmp
intmon.exe
hhk.dll


~~~ Windows directory ~~~

uninstIU.exe


~~~ Drive root ~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Post-run Files Present


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~ Wininet.dll ~~~

CLEAN!

---

ewido security suite - Scan report

---

+ Created on: 10:42:08 PM, 7/30/2005
+ Report-Checksum: 42599D03

+ Scan result:

HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} -> Spyware.SurfSide : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\saap -> Spyware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\saap -> Spyware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick2 -> Spyware.SurfSide : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick2\Internet Explorer -> Spyware.SurfSide : Cleaned with backup
HKU\S-1-5-21-1292428093-789336058-1060284298-500\Software\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-1292428093-789336058-1060284298-500\Software\saap -> Spyware.180Solutions : Cleaned with backup
HKU\S-1-5-21-1292428093-789336058-1060284298-500\Software\SurfSideKick2 -> Spyware.SurfSide : Cleaned with backup
HKU\S-1-5-21-1292428093-789336058-1060284298-500\Software\SurfSideKick2\Internet Explorer -> Spyware.SurfSide : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Gamingpromo : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Gamingpromo : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Gamingpromo : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Linkbuddies : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\jc8tu0n2.slt\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@trafic[1].txt -> Spyware.Cookie.Trafic : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@ysbweb[1].txt -> Spyware.Cookie.Ysbweb : Cleaned with backup
C:\Documents and Settings\Administrator\Desktop\backups\backup-20050730-215251-121.dll -> TrojanDownloader.Agent.ex : Cleaned with backup
C:\eied_s7.cab/eied_s7_c_28.exe -> TrojanDownloader.Mediket.v : Cleaned with backup
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Spyware.Wheaterbug : Cleaned with backup
C:\WINNT\edow.exe -> TrojanDownloader.Wintool.e : Cleaned with backup
C:\WINNT\installer_SIAC.exe -> TrojanDownloader.Adload.a : Cleaned with backup
C:\WINNT\optimize.exe -> TrojanDownloader.Dyfuca.dk : Cleaned with backup
C:\WINNT\SSK_B5.EXE -> TrojanDropper.SurfSide.a : Cleaned with backup
C:\WINNT\ucmoreiex.exe/UCMTSAIE.DLL -> Spyware.UCmore : Cleaned with backup
C:\WINNT\ucmoreiex.exe/IUCMORE.DLL -> Spyware.UCmore : Cleaned with backup
:mozilla.7:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Porngraph : Cleaned with backup
:mozilla.8:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Porngraph : Cleaned with backup
:mozilla.9:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Porngraph : Cleaned with backup
:mozilla.10:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Porngraph : Cleaned with backup
:mozilla.11:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.12:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.13:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.14:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.19:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.21:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.38:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.39:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.40:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.41:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.42:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.43:E:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\default.4zz\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.12:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.13:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.14:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.15:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.24:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.28:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.29:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.30:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.31:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.32:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.33:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.34:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.35:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.36:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.37:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.40:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.41:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.42:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.43:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.44:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.45:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.46:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.51:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.52:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.67:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.68:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.69:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.70:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.71:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.72:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.86:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.87:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.88:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.89:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.90:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.91:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.92:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.93:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.100:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.101:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.107:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.111:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.112:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.122:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.123:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.141:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.156:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.157:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.158:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.168:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.170:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.171:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.175:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.181:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.197:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.198:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.199:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.200:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.207:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
:mozilla.209:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.210:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.211:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.212:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.213:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.214:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.215:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.216:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.217:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.218:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.224:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.225:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.226:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.227:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.234:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.235:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.237:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.248:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.249:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.250:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.278:E:\Documents and Settings\Alin\Application Data\Mozilla\Profiles\default\5ay2ywxx.slt\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
E:\Documents and Settings\Alin\Cookies\alin@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\Alin\Cookies\alin@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
E:\Documents and Settings\Alin\Cookies\alin@counter11.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
E:\Documents and Settings\Alin\Cookies\alin@cs.sexcounter[2].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
E:\Documents and Settings\Alin\Cookies\alin@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
E:\Documents and Settings\Alin\Cookies\alin@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
E:\Documents and Settings\Alin\Cookies\alin@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
E:\Documents and Settings\Alin\Cookies\alin@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\Alin\Cookies\alin@sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
E:\Documents and Settings\Alin\Local Settings\Temp\Cookies\alin@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
E:\Documents and Settings\Alin\Local Settings\Temp\Cookies\alin@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\Alin\Local Settings\Temp\Cookies\alin@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
E:\Documents and Settings\Alin\Local Settings\Temp\Cookies\alin@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
E:\Documents and Settings\Alin\Local Settings\Temp\Cookies\alin@servedby.advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\Alin\Local Settings\Temp\fsg_4203.exe -> Adware.Gator : Cleaned with backup
E:\Documents and Settings\Alin\Local Settings\Temp\p2psetup.exe -> Spyware.P2PNetworking : Cleaned with backup
E:\Documents and Settings\Alin\Local Settings\Temp\__unin__.exe -> Spyware.Altnet : Cleaned with backup
E:\Program Files\Altnet\Download Manager\asm.exe -> Spyware.Altnet : Cleaned with backup
E:\Program Files\Altnet\Download Manager\asmps.dll -> Spyware.Altnet : Cleaned with backup
E:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Spyware.Wheaterbug : Cleaned with backup


::Report End



If you can please take a look and see what else is wrong i really appriciate what you are doing.

Crunchie

Do you have Winamp on your PC? I noticed an entry there for it, but normally the Winamp folder goes into the Program Files folder.

===============

You need to (as a matter of urgency) get service pack 4 for W2K and upgrade to Internet Explorer 6 with service pack 1.
Both will go a long way to solving your present problems.

http://windowsupdate.microsoft.com/

===============

Run HiJackThis, click "Scan", then check(tick) the following, if present:


O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.d ll (file missing)

O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe


Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".

===============

Locate and delete the following item(s), if present. Make sure you are able to view system and hidden files/ folders:

folders...

C:\Program Files\SurfSideKick 2

-

Note that some of these file(s)/folder(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them in "Safe Mode".

-

Reboot.

===============

After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.

alinsipos

Computer is the same. I downloaded the internet explorer and when i go to install gives me DLL error. I cant find the SurfSideKick 2 in C:\ProgramFiles, i dont think there is one.
here is the new hijack list

Logfile of HijackThis v1.99.1
Scan saved at 10:17:41 AM, on 7/31/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINNT\system32\regsvc.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\explorer.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\aim\aim.exe
C:\winzip\WZQKPICK.EXE
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [NAV CfgWiz] C:\PROGRA~1\NORTON~1\Cfgwiz.exe /R
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Winamp\winampa.exe
O4 - HKCU\..\Run: [AIM] C:\aim\aim.exe -cnetwait.odl
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\winzip\WZQKPICK.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\aim\aim.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINNT\system32\ZoneLabs\vsmon.exe

Crunchie

What is the exact error message you are getting?

Go here and download and run Silent Runners.vbs. It generates a log, please post the information back in this thread.
If you have a script blocking program, please allow the file to run. It is not malicious.

alinsipos

the error sais can not find DDL or DLL i forgot.

i downloaded it, but i cant figure out how 2 let it run, it alertes me and shuts if off. how do i stop the thing from blocking it?

I keep on getting service messages.

You think i should just uninstall it and reinstall a new 1?

if so do you know how to uninstall windows 2000 proffesional manually?

Crunchie

Try disabling Norton temporarily and run silent runners again.

alinsipos

i dont even have norton running

Crunchie

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

That is running at the moment. You can disable it from within Nortons control panel.

alinsipos

it gave me 2 notepad files here they are:

"Silent Runners.vbs", revision 39, http://www.silentrunners.org/
Operating System: Windows 2000
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:

---

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"AIM" = "C:\aim\aim.exe -cnetwait.odl" ["America Online, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Synchronization Manager" = "mobsync.exe /logon" [MS]
"HPDJ Taskbar Utility" = "C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe" ["HP"]
"WheelMouse" = "C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe" ["A4Tech Co.,Ltd."]
"Zone Labs Client" = ""C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs Inc."]
"ViewMgr" = "C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe" ["Viewpoint Corporation"]
"WinampAgent" = "C:\Winamp\winampa.exe" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {CLSID}\InProcServer32\(Default) = "C:\WINNT\System32\hticons.dll" ["Hilgraeve, Inc."]
"{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
INFECTION WARNING! "{54D9498B-CF93-414F-8984-8CE7FDE0D391}" = "ewido shell guard"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ewido\security suite\shellhook.dll" ["TODO: <Firmenname>"]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]


Active Desktop and Wallpaper:

---

Active Desktop is enabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINNT\Web\Wallpaper\Chateau.jpg"


Startup items in "Administrator" & "All Users" startup folders:

---

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l" [MS]
"WinZip Quick Pick" -> shortcut to: "C:\winzip\WZQKPICK.EXE" ["WinZip Computing, Inc."]


Enabled Scheduled Tasks:

---

"Symantec NetDetect" -> launches: "C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE" ["Symantec Corporation"]


Winsock2 Service Provider DLLs:

---

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\rnr20.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\msafd.dll [MS], 01 - 03, 06 - 13
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:

---

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = "Yahoo! Companion" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll" [file not found]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{AC9E2541-2814-11D5-BC6D-00B0D0A1DE45}\
"ButtonText" = "AIM"
"Exec" = "C:\aim\aim.exe" ["America Online, Inc."]


Miscellaneous IE Hijack Points

---

C:\WINNT\INF\IERESET.INF (used to "Reset Web Settings")

Missing lines (compared with English-language version):
[DeleteAutosearch.reg]: 1 line


Running Services (Display Name, Service Name, Path {Service DLL}):

---

ewido security suite control, ewido security suite control, "C:\Program Files\ewido\security suite\ewidoctrl.exe" ["ewido networks"]
TrueVector Internet Monitor, vsmon, "C:\WINNT\system32\ZoneLabs\vsmon.exe -service" ["Zone Labs Inc."]

---

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 95 seconds.
+ The search for all Registry CLSIDs containing dormant Explorer Bars
took 23 seconds.

---

(total run time: 174 seconds)








"Silent Runners.vbs", revision 39, http://www.silentrunners.org/
Operating System: Windows 2000
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:

---

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"AIM" = "C:\aim\aim.exe -cnetwait.odl" ["America Online, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Synchronization Manager" = "mobsync.exe /logon" [MS]
"HPDJ Taskbar Utility" = "C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe" ["HP"]
"WheelMouse" = "C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe" ["A4Tech Co.,Ltd."]
"Zone Labs Client" = ""C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs Inc."]
"ViewMgr" = "C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe" ["Viewpoint Corporation"]
"WinampAgent" = "C:\Winamp\winampa.exe" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {CLSID}\InProcServer32\(Default) = "C:\WINNT\System32\hticons.dll" ["Hilgraeve, Inc."]
"{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]
"{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
INFECTION WARNING! "{54D9498B-CF93-414F-8984-8CE7FDE0D391}" = "ewido shell guard"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ewido\security suite\shellhook.dll" ["TODO: <Firmenname>"]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {CLSID}\InProcServer32\(Default) = "C:\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]


Active Desktop and Wallpaper:

---

Active Desktop is enabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINNT\Web\Wallpaper\Chateau.jpg"


Startup items in "Administrator" & "All Users" startup folders:

---

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l" [MS]
"WinZip Quick Pick" -> shortcut to: "C:\winzip\WZQKPICK.EXE" ["WinZip Computing, Inc."]


Enabled Scheduled Tasks:

---

"Symantec NetDetect" -> launches: "C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE" ["Symantec Corporation"]


Winsock2 Service Provider DLLs:

---

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\rnr20.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\msafd.dll [MS], 01 - 03, 06 - 13
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:

---

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = "Yahoo! Companion" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll" [file not found]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{AC9E2541-2814-11D5-BC6D-00B0D0A1DE45}\
"ButtonText" = "AIM"
"Exec" = "C:\aim\aim.exe" ["America Online, Inc."]


Miscellaneous IE Hijack Points

---

C:\WINNT\INF\IERESET.INF (used to "Reset Web Settings")

Missing lines (compared with English-language version):
[DeleteAutosearch.reg]: 1 line


Running Services (Display Name, Service Name, Path {Service DLL}):

---

ewido security suite control, ewido security suite control, "C:\Program Files\ewido\security suite\ewidoctrl.exe" ["ewido networks"]
TrueVector Internet Monitor, vsmon, "C:\WINNT\system32\ZoneLabs\vsmon.exe -service" ["Zone Labs Inc."]

---

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "Yes" at the first message box.

---

(total run time: 69 seconds, including 18 seconds for message boxes)

Crunchie

alinsipos wrote:

the error sais can not find DDL or DLL i forgot.

i downloaded it, but i cant figure out how 2 let it run, it alertes me and shuts if off. how do i stop the thing from blocking it?

I keep on getting service messages.

You think i should just uninstall it and reinstall a new 1?

if so do you know how to uninstall windows 2000 proffesional manually?

Am not seeing much in the silent runners log . Which dll file could not be found?
You can try reinstalling W2K over the top of the current installation. You will not lose any information.
Pop the W2K CD in and select the installation, then choose reinstall. Follow the prompts.

alinsipos

i dont got a W2K cd all i got is a ME cd. U know how i can uninstall W2K without uninstalling XP? I got 2 opperating systems.

Crunchie

Best way is to reformat the partition that W2K is on. As to the hows and whats, that gets a little technical for me .

http://www.google.com.au/search?hl=en&q=Partition+reformat&btnG=Google+Search&meta=