Well, ladies and gents.. WinFixer has gotten to my computer.. so here's my log:

Logfile of HijackThis v1.99.1
Scan saved at 3:21:38 AM, on 1/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\SpyNoMore\SNM.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLHostManager.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
c:\program files\mcafee.com\agent\mcdetect.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLServiceHost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLServiceHost.exe
C:\WINDOWS\system32\dlbtcoms.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\XoftSpy\XoftSpy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Other\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0c190e33-d718-4e44-a87b-492357c29d65} - C:\WINDOWS\system32\xguvwtjf.dll
O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O2 - BHO: (no name) - {51799f3c-1d34-4d58-91d1-22a39d12f1bc} - C:\WINDOWS\system32\xguvwtjf.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\AppPatch\binurl.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {d1cf8813-c8b0-4cfd-985d-ce466d05d3b4} - C:\WINDOWS\system32\xguvwtjf.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Pop-Up Blocker - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1124423101\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [SprintDSLSetup] D:\installs\BrdJmp\SprintDSLSetup.exe
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\samnsp.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O20 - Winlogon Notify: binurl - C:\WINDOWS\AppPatch\binurl.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

First:
Before we start fixing anything you may want to PRINT and keep all instructions handy for use in Safe Mode.

Please disable Microsoft Anti-Spyware and/or Spybot TeaTimer if you have them installed so they do not interfere with the fix. You can re-enable these programs when you're finished with all other instructions.

Please download VundoFix.exe to your desktop.
1. Double-click VundoFix.exe to extract the files
2. This will create a VundoFix folder on your desktop.
3. After the files are extracted, please reboot your computer into "Safe Mode". You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight "Safe Mode" then hit enter.
4. Once in "Safe Mode" open the VundoFix folder and double-click on KillVundo.bat
5. You will first be presented with a warning.
It should look like this:

6. At this point press "Enter" one time.
7. Next you will see:

8. At this point please type the following file path (make sure to enter it exactly as below):
C:\WINDOWS\system32\BADFILE.dll

9. Press "Enter" to continue with the fix.

10. Next you will see:

11. At this point please type the following file path (make sure to enter it exactly as below):
C:\WINDOWS\system32\ELIFDAB.*

[This will be the vundo filename spelled backwards followed by a (.*)]

12. Press "Enter" to continue with the fix.
13. The fix will run and HijackThis will open. If it does not open automatically, please open it manually.

In HijackThis, please place a check next to the following items:
O2 - BHO: (no name) - {0c190e33-d718-4e44-a87b-492357c29d65} - C:\WINDOWS\system32\xguvwtjf.dll
O2 - BHO: (no name) - {51799f3c-1d34-4d58-91d1-22a39d12f1bc} - C:\WINDOWS\system32\xguvwtjf.dll
O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\AppPatch\binurl.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: (no name) - {d1cf8813-c8b0-4cfd-985d-ce466d05d3b4} - C:\WINDOWS\system32\xguvwtjf.dll

O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -


After checking these items CLOSE ALL open windows EXCEPT HijackThis and click "Fix Checked."

14. After you have fixed these items, close Hijackthis.
15. Press "Enter" to exit the program, then manually reboot your computer..
16. Once your machine reboots please continue with the instructions below.

Download and install CCleaner
1. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
2. Then select the items you wish to clean up.

In the Windows Tab:
• Clean all entries in the "Internet Explorer" section except Cookies.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.

In the Applications Tab:
• Clean all except cookies in the Firefox/Mozilla section if you use it.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.

3. Click the "Run Cleaner" button.
4. A pop up box will appear advising this process will permanently delete files from your system.
5. Click "OK" and it will scan and clean your system.
6. Click "exit" when done.

Next run Panda's online ActiveScan.

Save the results of the scan, reboot and copy/paste them back here along with a new HiJackThis log and the vundofix.txt file from the vundofix folder.


If the Vundofix does not work or the user CANNOT BOOT INTO SAFE MODE, try using Adware-Virtumundo Removal Tool v1.2.

Quote:
Please download VirtumundoBeGone.exe:
1. Save it to your Desktop.
2. Locate and double-click VirtumundoBeGone.exe to run it.
3. Follow the instructions.
4. When the tool has finished running, exit and post the log that is produced.
5. Reboot your PC and post a fresh HJT log AND a description of how your PC is running.

If Virtumundo is NOT found, the tool will exit showing the log file.

If Virtumundo is found it will do the following:
Version 1.1
Create a Date/Time Stamped log file (VBG.TXT) on the All Users profile's Desktop.
Kill Internet Explorer and Explorer processes.
Rename the infected files with a .Vir extension (this is disable them from being run)
Remove the Browser Helper Object registry key
Adds a registry value to block file from running in Internet Explorer again.
Remove the Winlogon Notify registry key
Automatically restart the computer (via STOP error)
Note: This is a BLUE SCREEN "Fatal Error" Message. It is normal and expected. The tool ends an important Windows Process that was protecting the file and NT Security STOPS the system as soon as it detects this is happening.

VirusScan will now be able to remove the files normally when you run an on-demand scan.

Then run your antivirus or Ewido to remove any left over files and then post a fresh hjt log & the report from this tool.

Note: This tools does not remove the WinFixer application. WinFixer alone does not cause popups or disrupt the system. If WinFixer was installed on your system because Adware or a Trojan Downloader installed it without your permission, please remove it using the Add/Remove Programs Control Panel Applet.


Second:
Please submit the following file(s) to Jotti.org for analysis: http://virusscan.jotti.org/


C:\WINDOWS\AppPatch\binurl.dll


Be sure to post the results in this thread.

Well, it's not letting me copy/paste the whole thing... so I'll just do seperate posts...

here's the ActiveScan result:
Incident Status Location

Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\AppPatch\binurl.dll
Spyware:spyware/virtumonde Not disinfected Windows Registry
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Other\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\other@stats1.reliablestats[2].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@2o7[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@ad.yieldmanager[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@adrevolver[3].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@ads.pointroll[1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@adultfriendfinder[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@advertising[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@as-us.falkag[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@as1.falkag[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@ask[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@atdmt[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@azjmp[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@belnk[1].txt
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@bfast[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@bluestreak[1].txt
Spyware:Cookie/Bs.serving-sys Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@bs.serving-sys[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@burstnet[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@casalemedia[2].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@centrport[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@com[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@dist.belnk[2].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@domainsponsor[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@fastclick[2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@go[2].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@hc2.humanclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@hitbox[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@i.screensavers[1].txt
Spyware:Cookie/Inet-Traffic Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@inet-traffic[1].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@landing.domainsponsor[1].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@linksynergy[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@maxserving[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@media.fastclick[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@overture[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@serving-sys[2].txt
Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@spylog[1].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@stats1.reliablestats[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@statse.webtrendslive[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@targetnet[1].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@target[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@tradedoubler[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@tribalfusion[2].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@valueclick[1].txt
Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@webpower[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@winfixer[2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@www.burstbeacon[1].txt
Spyware:Cookie/X10 Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@x10[2].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@z1.adserver[2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Erin\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\erin@zedo[2].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Erin\cookies\erin@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Erin\cookies\erin@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Erin\cookies\erin@ads.pointroll[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Erin\cookies\erin@advertising[1].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Erin\cookies\erin@ask[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Erin\cookies\erin@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Erin\cookies\erin@belnk[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Erin\cookies\erin@bluestreak[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Erin\cookies\erin@casalemedia[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Erin\cookies\erin@com[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Erin\cookies\erin@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Erin\cookies\erin@doubleclick[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Erin\cookies\erin@fastclick[1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Erin\cookies\erin@go[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Erin\cookies\erin@hitbox[2].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Erin\cookies\erin@linksynergy[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Erin\cookies\erin@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Erin\cookies\erin@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Erin\cookies\erin@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Erin\cookies\erin@realmedia[2].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Erin\cookies\erin@revenue[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Erin\cookies\erin@serving-sys[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Erin\cookies\erin@stats1.reliablestats[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Erin\cookies\erin@statse.webtrendslive[2].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Erin\cookies\erin@tradedoubler[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Erin\cookies\erin@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Erin\cookies\erin@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Erin\cookies\erin@valueclick[1].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Erin\cookies\erin@z1.adserver[1].txt
Spyware:Spyware/Billing Not disinfected C:\Documents and Settings\Erin\Local Settings\Temporary Internet Files\Content.IE5\UZOJN0DO\WAS5Scan[1].exe
Adware:Adware/MediaTickets Not disinfected C:\Documents and Settings\Erin\Local Settings\Temporary Internet Files\Content.IE5\XZJB1TOE\jaimessite[1].htm
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@247realmedia[2].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@2o7[2].txt
Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@64.62.232[6].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@adopt.hbmediapro[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@adrevolver[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@adrevolver[3].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@ads.pointroll[1].txt
Spyware:Cookie/Uproar Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@ads.uproar[1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@adultfriendfinder[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@advertising[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@advertising[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@apmebf[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@as-eu.falkag[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@as-us.falkag[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@as1.falkag[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@ask[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@ath.belnk[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@azjmp[2].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@banner[3].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@belnk[1].txt
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@bfast[2].txt
Spyware:Cookie/Bilbo.counted Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@bilbo.counted[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@bluestreak[2].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@bravenet[1].txt
Spyware:Cookie/Bs.serving-sys Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@bs.serving-sys[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@burstnet[1].txt
Spyware:Cookie/Enhance Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@c.enhance[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@casalemedia[2].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@centrport[2].txt
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@clickbank[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@com[2].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@data.coremetrics[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@dist.belnk[1].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@domainsponsor[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@doubleclick[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@ehg.hitbox[1].txt
Spyware:Cookie/Euniverseads Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@euniverseads[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@fastclick[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@fastclick[3].txt
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@fortunecity[2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@go[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@hg1.hitbox[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@hitbox[2].txt
Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@hotlog[1].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@landing.domainsponsor[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@maxserving[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@mediaplex[1].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@offeroptimizer[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@overture[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@perf.overture[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@phg.hitbox[2].txt
Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@qksrv[1].txt
Spyware:Cookie/Qsrch Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@qsrch[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@realmedia[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@realmedia[2].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@revenue[1].txt
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@rightmedia[2].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@rn11[2].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@server.iad.liveperson[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@serving-sys[1].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@stat.onestat[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@statcounter[2].txt
Spyware:Cookie/Clicktracks Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@stats1.clicktracks[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@stats1.reliablestats[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@statse.webtrendslive[1].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@targetnet[2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@target[2].txt
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@tickle[2].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@toplist[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Katie\Application Data\Earthlink\6.0\tomjackgus@earthlink.net\Cookies\katie@tradedoubler[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Katie\

And, now, my HiJackThis Logfile:
Logfile of HijackThis v1.99.1
Scan saved at 1:59:27 AM, on 1/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLHostManager.exe
C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLServiceHost.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLServiceHost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\DOCUME~1\Other\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0c190e33-d718-4e44-a87b-492357c29d65} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O2 - BHO: (no name) - {51799f3c-1d34-4d58-91d1-22a39d12f1bc} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\AppPatch\binurl.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {d06b7173-bc02-43b5-ad5a-e0655d89754f} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: (no name) - {d1cf8813-c8b0-4cfd-985d-ce466d05d3b4} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Pop-Up Blocker - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1124423101\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [SprintDSLSetup] D:\installs\BrdJmp\SprintDSLSetup.exe
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\samnsp.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O20 - Winlogon Notify: binurl - C:\WINDOWS\AppPatch\binurl.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

and the vundofix.txt file:
VundoFix V2.15 by Atri
--------------------------------------------------------------------------------------

Listing files contained in the vundofix folder.
--------------------------------------------------------------------------------------

killvundo.bat
process.exe
ReadMe.txt
vundo.reg
vundofix.txt

--------------------------------------------------------------------------------------

Filepaths entered
--------------------------------------------------------------------------------------

The filepath entered was C:\WINDOWS\system32\BADFILE.dll

The second filepath entered was C:\WINDOWS\system32\ELIFDAB.*

--------------------------------------------------------------------------------------

Log from Process
--------------------------------------------------------------------------------------


Killing PID 128 'smss.exe'

Killing PID 1180 'explorer.exe'


Killing PID 204 'winlogon.exe'
Killing PID 204 'winlogon.exe'
--------------------------------------------------------------------------------------

C:\WINDOWS\system32\BADFILE.dll Deleted sucessfully.
C:\WINDOWS\system32\ELIFDAB.* Deleted sucessfully.

Fixing Registry
--------------------------------------------------------------------------------------



However ,I'm still getting popups for WinFixer... do I need to do anything else? Thanks for all your help.

Oh, and here's the results of the Jotti.org analysis:
Service load: 0% 100%

File: binurl.dll
Status: INFECTED/MALWARE
MD5 c2377c81d1afb61aeb929c98cd9fab88
Packers detected: -
Scanner results
AntiVir Found Adware-Spyware/Virtumonde.O adware
ArcaVir Found Adware.Virtumonde.O
Avast Found Win32:Trojano-2502
AVG Antivirus Found Generic.FRN
BitDefender Found nothing
ClamAV Found Adware.Virtumonde-1
Dr.Web Found Adware.Virtumonde
F-Prot Antivirus Found nothing
Fortinet Found W32/Crypt.O-tr
Kaspersky Anti-Virus Found Trojan.Win32.Crypt.o
NOD32 Found Win32/Adware.Virtumonde.O application
Norman Virus Control Found W32/Virtumonde.O
UNA Found Adware.Virtumonde
VBA32 Found AdWare.Virtumonde.o

I goofed and posted the unmodified instructions instead of the specific ones for your exploit. Not sure how it happened, but we need to do some of it over again. There is no need to download any program if it still exists on your computer.

Before we start fixing anything you may want to PRINT and keep all instructions handy for use in Safe Mode.

Please disable Microsoft Anti-Spyware and/or Spybot TeaTimer if you have them installed so they do not interfere with the fix. You can re-enable these programs when you're finished with all other instructions.

Please download VundoFix.exe to your desktop.
1. Double-click VundoFix.exe to extract the files
2. This will create a VundoFix folder on your desktop.
3. After the files are extracted, please reboot your computer into "Safe Mode". You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight "Safe Mode" then hit enter.
4. Once in "Safe Mode" open the VundoFix folder and double-click on KillVundo.bat
5. You will first be presented with a warning.
It should look like this:

6. At this point press "Enter" one time.
7. Next you will see:

8. At this point please type the following file path (make sure to enter it exactly as below):
C:\WINDOWS\AppPatch\binurl.dll

9. Press "Enter" to continue with the fix.

10. Next you will see:

11. At this point please type the following file path (make sure to enter it exactly as below):
C:\WINDOWS\AppPatch\lrunib.*

[This will be the vundo filename spelled backwards followed by a (.*)]

12. Press "Enter" to continue with the fix.
13. The fix will run and HijackThis will open. If it does not open automatically, please open it manually.

In HijackThis, please place a check next to the following items:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com

O2 - BHO: (no name) - {0c190e33-d718-4e44-a87b-492357c29d65} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: (no name) - {51799f3c-1d34-4d58-91d1-22a39d12f1bc} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\AppPatch\binurl.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll (file missing)
O2 - BHO: (no name) - {d06b7173-bc02-43b5-ad5a-e0655d89754f} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: (no name) - {d1cf8813-c8b0-4cfd-985d-ce466d05d3b4} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)

O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O20 - Winlogon Notify: binurl - C:\WINDOWS\AppPatch\binurl.dll

After checking these items [B]CLOSE ALL open windows EXCEPT HijackThis and click "Fix Checked."

14. After you have fixed these items, close Hijackthis.
15. Press "Enter" to exit the program, then manually reboot your computer..
16. Once your machine reboots please continue with the instructions below.

Download and install CCleaner
1. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
2. Then select the items you wish to clean up.

In the Windows Tab:
• Clean all entries in the "Internet Explorer" section except Cookies.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.

In the Applications Tab:
• Clean all except cookies in the Firefox/Mozilla section if you use it.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.

3. Click the "Run Cleaner" button.
4. A pop up box will appear advising this process will permanently delete files from your system.
5. Click "OK" and it will scan and clean your system.
6. Click "exit" when done.


Save the results of the scan, reboot and copy/paste them back here along with a new HiJackThis log and the vundofix.txt file from the vundofix folder.

Well, I re-did what you said... so here's my results:

Run Cleaner results:
CLEANING COMPLETE - (113.465 secs)
------------------------------------------------------------------------------------------
93.2MB removed.


Details of files deleted
------------------------------------------------------------------------------------------
IE Temporary Internet Files (5246 files) 86.9MB
Cookie:other@cpvfeed.com/(&H100001) 355 bytes
Cookie:other@www.winfixer.com/(&H100001) 227 bytes
Cookie:other@doubleclick.net/(&H100001) 83 bytes
Cookie:other@debr.mspaceads.com/(&H100001) 93 bytes
Cookie:other@ath.belnk.com/(&H100001) 440 bytes
Cookie:other@winfixer.com/(&H100001) 150 bytes
Cookie:other@perf.overture.com/(&H100001) 108 bytes
Cookie:other@canoe.ca/(&H100001) 94 bytes
Cookie:other@creativeby1.unicast.com/(&H100001) 142 bytes
Cookie:other@dell.myway.com/(&H100001) 66 bytes
Cookie:other@myspace.com/(&H100001) 1.02KB
Cookie:other@ar.atwola.com/(&H100001) 520 bytes
Cookie:other@msn.com/(&H100001) 337 bytes
Cookie:other@advertising.com/(&H100001) 1.22KB
Cookie:other@gladiator-antivirus.com/(&H100001) 200 bytes
Cookie:other@delb.mspaceads.com/(&H100001) 189 bytes
Cookie:other@stats1.reliablestats.com/(&H100001) 1.21KB
Cookie:other@earthlink.net/(&H100001) 195 bytes
Cookie:other@trafficmp.com/(&H100001) 540 bytes
Cookie:other@letssingit.com/(&H100001) 395 bytes
Cookie:other@media.adrevolver.com/adrevolver/banner/(&H100001) 103 bytes
Cookie:other@insightexpressai.com/(&H100001) 576 bytes
Cookie:other@ads.realtechnetwork.net/(&H100001) 220 bytes
Cookie:other@62.4.84.53/(&H100001) 328 bytes
Cookie:other@dist.belnk.com/(&H100001) 129 bytes
Cookie:other@a.photobucket.com/(&H100001) 278 bytes
Cookie:other@sdc.mcafee.com/(&H100001) 140 bytes
Cookie:other@mediaplex.com/(&H100001) 79 bytes
Cookie:other@belnk.com/(&H100001) 204 bytes
Cookie:other@www.incrediseek.com/(&H100001) 154 bytes
Cookie:other@update.ta.earthlink.net/(&H100001) 115 bytes
Cookie:other@demr.mspaceads.com/(&H100001) 121 bytes
Cookie:other@valueclick.com/(&H100001) 194 bytes
Cookie:other@tradedoubler.com/(&H100001) 188 bytes
Cookie:other@musicmatch.com/(&H100001) 100 bytes
Cookie:other@38.116.139.202/(&H100001) 285 bytes
Cookie:other@www.pandasoftware.com/activescan/activescan/(&H100001) 146 bytes
Cookie:other@adopt.euroclick.com/(&H100001) 363 bytes
Cookie:other@revenue.net/(&H100001) 178 bytes
Cookie:other@atwola.com/(&H100001) 98 bytes
Cookie:other@winantivirus.com/(&H100001) 158 bytes
Cookie:other@css.facebook.com/(&H100001) 156 bytes
Cookie:other@dell.com/(&H100001) 104 bytes
Cookie:other@tribalfusion.com/(&H100001) 87 bytes
Cookie:other@aol.com/(&H100001) 66 bytes
Cookie:other@onestoponlineshop.net/(&H100001) 160 bytes
Cookie:other@realmedia.com/(&H100001) 266 bytes
Cookie:other@yourseeker.com/(&H100001) 146 bytes
Cookie:other@adknowledge.com/(&H100001) 104 bytes
Cookie:other@z1.adserver.com/(&H100001) 209 bytes
Cookie:other@casalemedia.com/(&H100001) 940 bytes
Cookie:other@brodbfm.net/(&H100001) 271 bytes
Cookie:other@stcloudstate.facebook.com/(&H100001) 279 bytes
Cookie:other@linksynergy.com/(&H100001) 87 bytes
Cookie:other@myway.com/(&H100001) 469 bytes
Cookie:other@adrevolver.com/(&H100001) 117 bytes
Cookie:other@normandale.facebook.com/(&H100001) 106 bytes
Cookie:other@2o7.net/(&H100001) 376 bytes
Cookie:other@photobucket.com/(&H100001) 197 bytes
Cookie:other@us.mcafee.com/(&H100001) 84 bytes
Cookie:other@bluestreak.com/(&H100001) 114 bytes
Cookie:other@media.adrevolver.com/adrevolver/(&H100001) 511 bytes
Cookie:other@atdmt.com/(&H100001) 95 bytes
Cookie:other@ad.yieldmanager.com/(&H100001) 1.99KB
Cookie:other@www.fedex.com/(&H100001) 71 bytes
Cookie:other@castlecops.com/(&H100001) 76 bytes
Cookie:other@home7.myspace.com/(&H100001) 85 bytes
Cookie:other@aimtoday.aol.com/(&H100001) 105 bytes
Cookie:other@fastclick.net/(&H100001) 222 bytes
Cookie:other@ehg.fedex.com/(&H100001) 1006 bytes
Cookie:other@counter.hitslink.com/(&H100001) 410 bytes
Cookie:other@zedo.com/(&H100001) 360 bytes
Cookie:other@yahoo.com/(&H100001) 155 bytes
Cookie:other@mspaceads.com/(&H100001) 98 bytes
Cookie:other@202.67.220.227/(&H100001) 70 bytes
C:\Documents and Settings\Other\Local Settings\History\History.IE5\desktop.ini 113 bytes
Marked for deletion: C:\Documents and Settings\Other\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Marked for deletion: C:\Documents and Settings\Other\Local Settings\History\History.IE5\index.dat
C:\WINDOWS\TEMP\Cookies\index.dat 32.00KB
C:\WINDOWS\TEMP\Cookies\other@mcafee[1].txt 84 bytes
C:\WINDOWS\TEMP\History\History.IE5\desktop.ini 113 bytes
C:\WINDOWS\TEMP\History\History.IE5\index.dat 16.00KB
C:\WINDOWS\TEMP\T30DebugLogFile.txt 0 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\0LU3KHIB\appinstru[1].htm 16 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\0LU3KHIB\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\9T8CVS5S\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\G1YJC5EZ\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\GQBULD51\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\index.dat 32.00KB
C:\DOCUME~1\Other\LOCALS~1\Temp\bbassistant.log 414 bytes
C:\DOCUME~1\Other\LOCALS~1\Temp\EML15.tmp 4.36MB
C:\DOCUME~1\Other\LOCALS~1\Temp\EML18.tmp 68.01KB
C:\DOCUME~1\Other\LOCALS~1\Temp\EML2E.tmp 32.00KB
C:\DOCUME~1\Other\LOCALS~1\Temp\EML32.tmp 11.72KB
C:\DOCUME~1\Other\LOCALS~1\Temp\flaE.tmp 0.49MB
C:\DOCUME~1\Other\LOCALS~1\Temp\JET4B2D.tmp 0 bytes
C:\DOCUME~1\Other\LOCALS~1\Temp\jusched.log 1.21KB
C:\DOCUME~1\Other\LOCALS~1\Temp\qdiagd.log 159 bytes
C:\DOCUME~1\Other\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe 0.21MB
C:\DOCUME~1\Other\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\hijackthis.log 13.08KB
C:\WINDOWS\system32\wbem\Logs\wbemess.log 18.15KB
C:\WINDOWS\system32\wbem\Logs\wbemprox.log 175 bytes
C:\WINDOWS\system32\wbem\Logs\wmiprov.log 603 bytes
C:\WINDOWS\system32\wbem\Logs\wbemess.lo_ 64.03KB
C:\WINDOWS\0.log 0 bytes
C:\WINDOWS\setupapi.log 20.97KB
C:\WINDOWS\ntbtlog.txt 0.83MB
C:\Documents and Settings\Other\Application Data\Macromedia\Flash Player\#SharedObjects\LXBLTXP5\localhost\core.sol 53 bytes
C:\Documents and Settings\Other\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#local\settings.sol 75 bytes
C:\Documents and Settings\Other\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 323 bytes
------------------------------------------------------------------------------------------

HiJackThis Logfile:
Logfile of HijackThis v1.99.1
Scan saved at 7:09:40 PM, on 1/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLHostManager.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLServiceHost.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Other\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0c190e33-d718-4e44-a87b-492357c29d65} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O2 - BHO: (no name) - {51799f3c-1d34-4d58-91d1-22a39d12f1bc} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: (no name) - {827DC836-DD9F-4A68-A602-5812EB50A834} - (no file)
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {d06b7173-bc02-43b5-ad5a-e0655d89754f} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: (no name) - {d1cf8813-c8b0-4cfd-985d-ce466d05d3b4} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Pop-Up Blocker - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1124423101\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [SprintDSLSetup] D:\installs\BrdJmp\SprintDSLSetup.exe
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\samnsp.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O20 - Winlogon Notify: binurl - C:\WINDOWS\AppPatch\binurl.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

And the vundofix text:
VundoFix V2.15 by Atri
--------------------------------------------------------------------------------------

(it didnt say anything)

First:
You are currently using hijackthis from a temporary directory, or from the Desktop.
This can cause problems and will leave backups scattered.

Please create a directory on your c: drive called c:\hijackthis and download and unzip hijackthis into that directory.
Run the program from that directory from now on.

It is essential that you follow these steps or certain important features of the program will not function correctly.



Second:
Check the following items in HijackThis.
(note: If any R* items do not appear in Safe Mode, re-run HiJackThis in Normal Mode and remove them after you finish removing these items.)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com

O2 - BHO: (no name) - {0c190e33-d718-4e44-a87b-492357c29d65} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: (no name) - {51799f3c-1d34-4d58-91d1-22a39d12f1bc} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: (no name) - {827DC836-DD9F-4A68-A602-5812EB50A834} - (no file)
O2 - BHO: (no name) - {d06b7173-bc02-43b5-ad5a-e0655d89754f} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)
O2 - BHO: (no name) - {d1cf8813-c8b0-4cfd-985d-ce466d05d3b4} - C:\WINDOWS\system32\xguvwtjf.dll (file missing)

O20 - Winlogon Notify: binurl - C:\WINDOWS\AppPatch\binurl.dll (file missing)

Close all windows except HijackThis and click Fix checked.

Reboot in normal mode

Run HiJackThis again and post a new log in this thread.


Third:
Please download SilentRunners from here:
http://www.silentrunners.org/Silent%20Runners.zip
Unzip it to the desktop and double-click on it.
If you get any kind of warning message about scripts, please choose to allow the script to run.
When the scan is finished, a message will pop up and a logfile will have been created on the desktop.
Please post the entire contents of this logfile for me to see.

Logfile of HijackThis v1.99.1
Scan saved at 9:45:44 PM, on 1/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLHostManager.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Common Files\AOL\1124423101\ee\AOLServiceHost.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\AOL\1124423101\ee\AOLServiceHost.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Pop-Up Blocker - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1124423101\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [SprintDSLSetup] D:\installs\BrdJmp\SprintDSLSetup.exe
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\samnsp.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

"Silent Runners.vbs", revision 43, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"DellSupport" = ""C:\Program Files\Dell Support\DSAgnt.exe" /startup" ["Gteko Ltd."]
"AIM" = "C:\Program Files\AIM\aim.exe -cnetwait.odl" ["America Online, Inc."]
"Weather" = "C:\Program Files\AWS\WeatherBug\Weather.exe 1" [file not found]
"Yahoo! Pager" = "C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet" ["Yahoo! Inc."]
"msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS]
"E6TaskPanel" = ""C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart" ["EarthLink, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"IgfxTray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]
"HotKeysCmds" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" ["Sun Microsystems, Inc."]
"SoundMAXPnP" = "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" ["Analog Devices, Inc."]
"PCMService" = ""C:\Program Files\Dell\Media Experience\PCMService.exe"" ["CyberLink Corp."]
"DVDLauncher" = ""C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"" ["CyberLink Corp."]
"RealTray" = "C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER" ["RealNetworks, Inc."]
"VSOCheckTask" = ""C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask" ["McAfee, Inc."]
"MCAgentExe" = "c:\PROGRA~1\mcafee.com\agent\mcagent.exe" ["McAfee, Inc"]
"MCUpdateExe" = "C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" ["McAfee, Inc"]
"MMTray" = ""C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"" ["Musicmatch, Inc."]
"VirusScan Online" = "C:\Program Files\McAfee.com\VSO\mcvsshld.exe" ["McAfee, Inc."]
"MPFExe" = "C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" ["McAfee Security"]
"Dell Photo AIO Printer 922" = ""C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"" [empty string]
"iHatePopups.exe" = (empty string)
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"ViewMgr" = "C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe" ["Viewpoint Corporation"]
"MimBoot" = "C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe" ["Musicmatch, Inc."]
"HostManager" = "C:\Program Files\Common Files\AOL\1124423101\ee\AOLHostManager.exe" ["America Online, Inc."]
"OASClnt" = "C:\Program Files\McAfee.com\VSO\oasclnt.exe" ["McAfee, Inc."]
"SprintDSLSetup" = "D:\installs\BrdJmp\SprintDSLSetup.exe" [file not found]
"SprintModemUpdate" = "javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate" ["Sun Microsystems, Inc."]
"Motive SmartBridge" = "C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe" ["Sprint"]
"BJCFD" = "C:\Program Files\BroadJump\Client Foundation\CFD.exe" ["BroadJump, Inc."]
"SNM" = "C:\Program Files\SpyNoMore\SNM.exe /startup" [file not found]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{02478D38-C3F9-4efb-9B51-7695ECA05670}\(Default) = "Yahoo! Companion BHO" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll" ["Yahoo! Inc."]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{4B5F2E08-6F39-479a-B547-B2026E4C7EDF}\(Default) = "EarthLink Popup Blocker"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\EarthLink TotalAccess\PnEL.dll" ["EarthLink, Inc."]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = "SSVHelper Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}\(Default) = "AOL Toolbar Launcher"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll" ["America Online, Inc."]
{A7327C09-B521-4EDB-8509-7D2660C9EC98}\(Default) = "Viewpoint Toolbar BHO" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll" [file not found]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = "Google Toolbar Helper" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{955B7B84-5308-419c-8ED8-0B9CA3C56985}" = "6 Months of AOL Included"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\aolshare\shell\us\shellext.dll" ["America Online, Inc."]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{acb4a560-3606-11d3-aef4-00104bd0f92d}" = "KodakShellExtension"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\KODAK\IFSCore\kodakshx.dll" ["Eastman Kodak Company"]
"{5464D816-CF16-4784-B9F3-75C0DB52B499}" = "Yahoo! Mail"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\ymmapi.dll" ["Yahoo! Inc."]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! igfxcui\DLLName = "igfxsrvc.dll" ["Intel Corporation"]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Yahoo! Mail\(Default) = "{5464D816-CF16-4784-B9F3-75C0DB52B499}"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\ymmapi.dll" ["Yahoo! Inc."]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Other\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]


Startup items in "Other" & "All Users" startup folders:
-------------------------------------------------------

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"America Online 9.0 Tray Icon" -> shortcut to: "C:\Program Files\America Online 9.0\aoltray.exe -check" ["America Online, Inc."]
"Digimax Viewer 2.1" -> shortcut to: "C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe /s" ["STOIK Imaging (www.stoik.com)"]
"Digital Line Detect" -> shortcut to: "C:\Program Files\Digital Line Detect\DLG.exe" ["BVRP Software"]
"Kodak EasyShare software" -> shortcut to: "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe -h" ["Eastman Kodak Company"]
"Monitor" -> shortcut to: "C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe -r" ["Arcsoft, Inc."]
"NkbMonitor.exe" -> shortcut to: "C:\Program Files\Nikon\PictureProject\NkbMonitor.exe" ["Nikon Corporation"]
"Sprint virtual assistant" -> shortcut to: "C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe -boot" ["Motive Communications, Inc."]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000002\LibraryPath = "C:\Program Files\Neoteris\Secure Application Manager\samnsp.dll" ["Neoteris"]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000004\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = "Yahoo! Companion" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll" ["Yahoo! Inc."]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = "&Google" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

"{DE9C389F-3316-41A7-809B-AA305ED9D922}" = "AOL Toolbar" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll" ["America Online, Inc."]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{BA52B914-B692-46C4-B683-905236F6F655}" = "McAfee VirusScan"
-> {CLSID}\InProcServer32\(Default) = "c:\progra~1\mcafee.com\vso\mcvsshl.dll" ["McAfee, Inc."]

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = "Yahoo! Companion" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll" ["Yahoo! Inc."]

"{F8AD5AA5-D966-4667-9DAF-2561D68B2012}" = "Viewpoint Toolbar" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll" ["Viewpoint Corporation"]

"{D7F30B62-8269-41AF-9539-B2697FA7D77E}" = "Pop-Up Blocker"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\EarthLink TotalAccess\PnEL.dll" ["EarthLink, Inc."]

"{DE9C389F-3316-41A7-809B-AA305ED9D922}" = "AOL Toolbar"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll" ["America Online, Inc."]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = "&Google" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

Explorer Bars

HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD}\ = "&Yahoo! Messenger" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll" ["Yahoo! Inc."]

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD}\ = "&Yahoo! Messenger" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll" ["Yahoo! Inc."]

{FE54FA40-D68C-11D2-98FA-00C0F0318AFE}\ = "Real.com" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\Shdocvw.dll" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."]

{3369AF0D-62E9-4BDA-8103-B4C75499B578}\
"ButtonText" = "AOL Toolbar"
"CLSIDExtension" = "{DE9C389F-3316-41A7-809B-AA305ED9D922}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll" ["America Online, Inc."]

{4528BBE0-4E08-11D5-AD55-00010333D0AD}\
"ButtonText" = "Messenger"
"MenuText" = "Yahoo! Messenger"
"CLSIDExtension" = "{4C171D40-8277-11D5-AD55-00010333D0AD}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll" ["Yahoo! Inc."]

{AC9E2541-2814-11D5-BC6D-00B0D0A1DE45}\
"ButtonText" = "AIM"
"Exec" = "C:\Program Files\AIM\aim.exe" ["America Online, Inc."]

{CD67F990-D8E9-11D2-98FE-00C0F0318AFE}\
"ButtonText" = "Real.com"

{D81CA86B-EF63-42AF-BEE3-4502D9A03C2D}\
"ButtonText" = "MUSICMATCH MX Web Player"
"Script" = "http://wwws.musicmatch.com/mmz/openWebRadio.html" [file not found]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

AOL Connectivity Service, AOL ACS, "C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe" ["America Online, Inc."]
HTTP SSL, HTTPFilter, "C:\WINDOWS\System32\svchost.exe -k HTTPFilter" {"C:\WINDOWS\System32\w3ssl.dll" [MS]}
Kodak Camera Connection Software, KodakCCS, "C:\WINDOWS\system32\drivers\KodakCCS.exe" ["Eastman Kodak Company"]
McAfee Personal Firewall Service, MpfService, "C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe" ["McAfee Corporation"]
McAfee Task Scheduler, McTskshd.exe, "c:\PROGRA~1\mcafee.com\agent\mctskshd.exe" ["McAfee, Inc"]
McAfee WSC Integration, McDetect.exe, "c:\program files\mcafee.com\agent\mcdetect.exe" ["McAfee, Inc"]
McAfee.com McShield, McShield, "c:\PROGRA~1\mcafee.com\vso\mcshield.exe" ["McAfee Inc."]
WAN Miniport (ATW) Service, WANMiniportService, ""C:\WINDOWS\wanmpsvc.exe"" ["America Online, Inc."]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
Dell 922 Port\Driver = "dlbtlmpm.DLL" ["Dell"]
Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 122 seconds.
+ The search for all Registry CLSIDs containing dormant Explorer Bars
took 9 seconds.
---------- (total run time: 155 seconds)