I hope someone can please help me. Okay, here's my problem, I got a message from one of my friends, it said. "Come see this picture I took of you!" And then some link that had the word 'pic', 'myspace', and some weird number. I clicked on it, ignoring the fact that it has a .exe extension, then ran it. THe file instantly dissapeared, but my MSN immediately send messages to all my contacts identical to the one I recieved. Now whenever I open MSN, it messages all my contacts, then freezes and closes. I tried deleting MSN alltogether but have been unable to. Whenever we access MSN or open any files regarding, we get swamped with ad-ware etc. I have run hijack and ewido scans (attached)... Logfile of HijackThis v1.99.1 Scan saved at 9:44:43 PM, on 23/10/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mclogsrv.exe C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\WINDOWS\explorer.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\PROGRA~1\McAfee\MSC\mctskshd.exe C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\PROGRA~1\PRINTV~1\pvmodule.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\twain_32\S6U12BX\WATCH.exe C:\Program Files\LimeWire\LimeWire.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe c:\program files\mcafee\msc\mcupdui.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\msgr.exe C:\Program Files\SiteAdvisor\4144\SiteAdv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Jackson\LOCALS~1\Temp\Rar$EX01.218\HijackThis.exe c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\WINDOWS\System32\rundll32.exe F2 - REG:system.ini: Shell=explorer.exe " F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} - C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file) O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe O4 - HKLM\..\Run: [PVModule] C:\PROGRA~1\PRINTV~1\pvmodule.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Spwr] "C:\PROGRA~1\COMMON~1\SSEMBL~1\arpa.exe" -vt yazb O4 - HKCU\..\Run: [shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe" O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/15d8693366abef20a705/netzip/RdxIE601.cab O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe and... Ewido.. --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 11:18:29 PM 23/10/2006 + Scan result: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Cleaned with backup (quarantined). C:\Program Files\PrintView\printhook030.dll -> Adware.PrintView : Cleaned with backup (quarantined). C:\Program Files\PrintView\pvmodule.exe -> Adware.PrintView : Cleaned with backup (quarantined). C:\Program Files\MSN Messenger\msnmsgr.exe -> Backdoor.MSNMaker.w : Cleaned with backup (quarantined). C:\Documents and Settings\Jackson\Local Settings\Temporary Internet Files\Content.IE5\4464IIQQ\dr[1].mp3 -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\Documents and Settings\Jackson\drsmartload1135a.exe -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\Documents and Settings\Jackson\drv.exe -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP403\A0035910.exe -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP403\A0036886.exe -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP404\A0036925.exe -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP404\A0038886.exe -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP404\A0038887.exe -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP405\A0038889.exe -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\WINDOWS\system32\drv.exe -> Downloader.Adload.hd : Cleaned with backup (quarantined). C:\Documents and Settings\Jackson\loadadv455.exe -> Downloader.Harnig.cu : Cleaned with backup (quarantined). C:\Documents and Settings\Jackson\loadadv642.exe -> Downloader.Harnig.cu : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP404\A0038885.exe -> Dropper.PurityScan.ah : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP405\A0038921.exe -> Dropper.PurityScan.ah : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP405\A0038939.exe -> Dropper.PurityScan.ah : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP405\A0038940.exe -> Dropper.PurityScan.ah : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP405\A0038942.exe -> Dropper.PurityScan.ah : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP405\A0038943.exe -> Dropper.PurityScan.ah : Cleaned with backup (quarantined). C:\Documents and Settings\Jackson\Local Settings\Temp\Temporary Internet Files\Content.IE5\IKPBR2X3\popup[2].php -> Hijacker.Agent.a : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP403\A0036882.dll -> Not-A-Virus.Downloader.Win32.InsTool.a : Cleaned with backup (quarantined). C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP405\A0038957.dll -> Not-A-Virus.Downloader.Win32.InsTool.a : Cleaned with backup (quarantined). C:\WINDOWS\Downloaded Program Files\speedtest2.dll -> Not-A-Virus.Downloader.Win32.InsTool.a : Cleaned with backup (quarantined). C:\Documents and Settings\Jackson\Cookies\jackson@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned. C:\Documents and Settings\Jackson\Local Settings\Temp\Cookies\jackson@com[1].txt -> TrackingCookie.Com : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@overture[1].txt -> TrackingCookie.Overture : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned. C:\Documents and Settings\Jackson\Local Settings\Temp\Cookies\jackson@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@c1.zedo[1].txt -> TrackingCookie.Zedo : Cleaned. C:\Documents and Settings\Jackson\Cookies\jackson@zedo[1].txt -> TrackingCookie.Zedo : Cleaned. C:\System Volume Information\_restore{2992E15B-0A5E-4FE8-9B8A-26DE946F6239}\RP405\A0038937.exe -> Trojan.Sinowal.bf : Cleaned with backup (quarantined). C:\Documents and Settings\Jackson\ggg.exe -> Worm.Licat.d : Cleaned with backup (quarantined). C:\Documents and Settings\Jackson\love.exe -> Worm.Licat.d : Cleaned with backup (quarantined). C:\WINDOWS\system32\ggg.exe -> Worm.Licat.d : Cleaned with backup (quarantined). C:\WINDOWS\system32\love.exe -> Worm.Licat.d : Cleaned with backup (quarantined). ::Report end Hopefully someone can assist me... best regards rumbo7
hey, this is going around a bit. delete the following: O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file) O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll Tell me, do you have a network of computers? If you do then the following must be kept on your computer. If not then somebody is trying to gain access into your computer from the outside and you should delete the following! O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
hey, thanx 4 ur response... i actually posted the log twice acciently originally... already got it all sorted i think rumbo7
