HELP !!!! Laptop come to a hault

[yuyjust]

My laptop is slowly dying and I don't know what to do. First of startup time took a whole lot longer that used to (now it will take up to 7 min just to boot up), I no longer have access to Ctrl+Alt+Enter to bring up task manager, further investigation (search) reveal that I no longer have taskmrgr.exe (atleast it didnt show up when I search), Somehow I cant seem to find c:/windows/system32 folder. And after I use my laptop for 10-15 min it seem to just slow down almost to a stop ( I can't switch app, open new task etc,) I recently install and uninstall limewire if that could be the culprit

Here is my Hijackthis log file..... please advise I'm losing my mind over this

Logfile of HijackThis v1.99.1
Scan saved at 4:52:01 PM, on 9/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PalmVNC\WinVNC\WinVNC.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\outlook\outlook.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\bfu\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.averatec.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.averatec.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [PalmTether] "C:\Program Files\PalmTether\TetherApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.2.89.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sprint PCS v3 Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -service (file missing)

[guestolo]

Can you do the following please:
I see you have made a folder called bfu that you put Hijackthis in

These are my typical instructions, ensure to follow them
==Download and SAVE [color=\"red\"]Brute Force Uninstaller[/color][/b] to your desktop.

• Right click the BFU folder on your desktop, and choose Extract All
  
• Click "Next"
• In the box to choose where to extract the files to, click "Browse"
• Click on the + sign next to "My Computer"
• Click on "Local Disk (C:) or whatever your primary drive is
• Select the bfu folder you created
  
• Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
  

[color=\"red\"]RIGHT-CLICK HERE[/color][/b] and choose "Save As" (in IE it's "Save Target As") in order to download [color=\"red\"]Alcan worm remover[/color].
Save it in the same folder you made earlier (c:\BFU).

==Download and install Windows CleanUp! 4.5.2
Don't run a scan yet

CleanUp! attempts to delete files from various temporary directories (including download directories/caches),
as well as emptying the Recycle Bins.
If you make a habit of saving files that you wish to keep in any of these places,  they will be deleted when CleanUp! is run.
Please move them too a different location before we run this tool if the above is true
Note: It is generally considered poor practice to use temporary folders or the Recycle Bin to store files you intend to keep.

Please download, install, and update  Ewido anti-spyware[list=1]

• Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
  
• After the update finishes (the status bar at the bottom will display "Update successful")
• Close Ewido. Do not run it yet.
  

Print the remainder of these instructions and/or save them to a text file on desktop for reference

Reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode on the screen that appears.

Once in safe mode
==Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):

    * Empty Recycle Bins
    * Delete Cookies
    * Delete Prefetch files
    * Cleanup! All Users

Click OK
Press the CleanUp! button to start the program.
When it's done>>Click Close
DECLINE to Log off or Restart the computer
NOTE: The first time you run CleanUp! it may prompt to run in Demonstration mode
Deny this, we want to run the actual cleanup!!
If you do happen to run demonstation mode the first time, be sure to run the Clean mode afterwards
Run it twice

==Go to Start > My Computer and navigate to the C:\BFU folder.

• Start the Brute Force Uninstaller by doubleclicking BFU.exe
  
• Next to the scriptline to execute field click the folder icon and select alcanshorty.bfu
  
• Press Execute and let it do it’s job. (You ought to see a progress bar if you did this correctly.)
  
• Wait for the complete script execution box to pop up and press OK.
  
• Press exit to terminate the BFU program.
  

Ewido Scan

• Then run Ewido and click on the Scanner tab at the top and then click on Complete System Scan.  This scan can take quite a while to run, so be prepared.
  
• Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
  
• Click on "Save Report", then "Save Report As".  This will create a text file.  Make sure you know where to find this file again (like on the Desktop).

Reboot back to Normal mode
Back in Windows

Post back the following please
1. Post the whole report from Ewido's
2. Run a fresh scan and save logfile with Hijackthis and post back a fresh log

[yuyjust]

here is the new hijackthis log after done all your reccomendation:

Logfile of HijackThis v1.99.1
Scan saved at 6:57:32 PM, on 9/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PalmVNC\WinVNC\WinVNC.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\bfu\BFU.exe
C:\bfu\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.averatec.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.averatec.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.2.89.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sprint PCS v3 Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\PalmVNC\WinVNC\WinVNC.exe" -service (file missing)





And here is the ewido report:


---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

 + Created at:   6:51:59 PM 9/4/2006

 + Scan result:   



C:\WINDOWS\pss\aimkc.exeCommon Startup -> Downloader.Qoologic.bj : Cleaned.
:mozilla.590:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.257:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.355:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.177:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.178:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.143:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.128:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.129:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.130:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.148:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.151:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.152:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.153:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.154:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.62:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.63:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.65:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.66:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.67:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.68:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.416:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.403:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.404:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.77:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.79:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.82:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.83:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.88:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.89:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.90:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.91:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.92:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.93:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.94:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.95:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.96:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.214:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.341:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.38:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.272:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.302:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.303:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.220:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.155:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.158:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.160:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.161:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.162:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.163:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.164:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.262:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.118:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.119:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.120:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.121:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.122:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.276:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.298:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.299:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.300:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.301:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.314:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.468:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.490:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.491:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.492:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.493:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.484:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.537:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.538:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.539:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.575:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.81:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.84:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.304:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.412:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.345:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.346:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.347:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.348:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.258:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.259:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.145:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.146:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.147:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.548:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.136:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.137:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.138:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.139:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.140:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.264:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.265:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.266:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.267:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.485:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.171:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.172:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.173:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.174:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.175:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.176:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.180:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.182:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.183:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.165:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.166:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.167:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.373:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.235:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.236:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.237:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.238:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.239:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.240:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.241:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.242:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.85:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.86:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.531:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.581:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.486:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.196:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.197:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.342:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.343:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.344:C:\Documents and Settings\Act\Application Data\Mozilla\Firefox\Profiles\o8b6cir2.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end



Thank you again in advance for your help

[guestolo]

Can I just see one more log please

1. Download this file - [color=\"red\"]combofix.exe[/color]
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

[yuyjust]

combofix log


Act - 06-09-04 21:28:20.20
ComboFix 06.09.04BT - Running from: C:\Documents and Settings\Act\Desktop

Microsoft Windows XP [Version 5.1.2600]

((((((((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
 
 
C:\WINDOWS\keyboard1.dat
C:\WINDOWS\newname.dat
C:\WINDOWS\winsysupd21.dat
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tracert.com
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Program Files\outlook
 
 
(((((((((((((((((((((((((((((((   Files Created from 2006-08-04 to 2006-09-04  ))))))))))))))))))))))))))))))))))
 

2006-08-28   14:41   48,128   --a------   C:\WINDOWS\system32\nmwcdcls.dll
2006-08-28   14:41   4,608   --a------   C:\WINDOWS\system32\nmwcdlog.dll
2006-08-28   14:41   31,232   --a------   C:\WINDOWS\system32\nmwcdcocls.dll
2006-08-12   14:26   40,960   --a------   C:\WINDOWS\system32\SSubTmr6.dll
2006-08-12   14:26   118,784   --a------   C:\WINDOWS\system32\vbalNCSM6.dll
2006-08-12   14:26   101,888   --a------   C:\WINDOWS\system32\Vb6stkit.dll
2006-08-08   00:45   175,104   --a------   C:\onoes.exe
2006-08-06   14:53   0   ---hs----   C:\WINDOWS\system32\tasklist.com
 

((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-09-04 18:48   --------   d--------   C:\Program Files\Mozilla Firefox
2006-09-04 17:16   --------   d--------   C:\Program Files\ewido anti-spyware 4.0
2006-09-04 17:04   --------   d--------   C:\Program Files\QuoteTracker
2006-09-04 17:04   --------   d--------   C:\Program Files\Norton AntiVirus
2006-09-04 16:38   --------   d--------   C:\Program Files\Microsoft ActiveSync
2006-09-04 16:37   --------   d--------   C:\Program Files\Common Files\AOL
2006-09-04 16:34   --------   d--------   C:\Program Files\Gizmo Project
2006-09-04 16:30   --------   d--------   C:\Program Files\FairUse Wizard 2
2006-09-04 16:30   --------   d--------   C:\Program Files\BitTorrent
2006-09-04 16:30   --------   d--------   C:\Documents and Settings\Act\Application Data\AdobeUM
2006-09-04 11:23   --------   d--------   C:\Program Files\WinRAR
2006-09-03 18:57   --------   d--------   C:\Documents and Settings\Act\Application Data\BitTorrent
2006-09-02 18:32   --------   d--------   C:\Program Files\Adobe
2006-08-28 14:41   --------   d--------   C:\Program Files\Nokia
2006-08-28 14:40   --------   d--h-----   C:\Program Files\InstallShield Installation Information
2006-08-26 00:26   --------   d--------   C:\Program Files\PalmVNC
2006-08-25 22:01   --------   d--------   C:\Program Files\Orb Networks
2006-08-25 16:32   --------   d--------   C:\Program Files\support.com
2006-08-16 03:02   --------   d--------   C:\Program Files\Internet Explorer
2006-08-12 14:23   --------   d--------   C:\Program Files\eGames
2006-08-06 15:42   --------   d--------   C:\Program Files\IGN
2006-07-30 22:37   --------   d--------   C:\Program Files\InterActual
2006-07-27 06:24   679424   --a------   C:\WINDOWS\system32\inetcomm.dll
2006-07-24 14:06   --------   d--------   C:\Program Files\StocksAndWeatherToday
2006-07-24 11:25   --------   d--------   C:\Program Files\SBSH
2006-07-23 22:10   --------   d--------   C:\Program Files\Microsoft.NET
2006-07-23 21:03   --------   d--------   C:\Program Files\Common Files\Microsoft Shared
2006-07-23 20:59   --------   d---s----   C:\Documents and Settings\Act\Application Data\Microsoft
2006-07-23 19:33   2508   --a------   C:\Documents and Settings\Act\Application Data\$_hpcst$.hpc
2006-07-21 01:24   72704   --a------   C:\WINDOWS\system32\hlink.dll
2006-07-19 01:46   --------   d--------   C:\Program Files\AIM
2006-07-19 01:40   --------   d--------   C:\Program Files\AOL
2006-07-19 01:40   --------   d--------   C:\Documents and Settings\Act\Application Data\Aim
2006-07-19 01:39   --------   d--------   C:\Program Files\Common Files
2006-07-19 01:39   --------   d--------   C:\Program Files\AOD
2006-07-15 01:47   --------   d--------   C:\Program Files\Palm
2006-07-12 22:25   --------   d--------   C:\Program Files\FontSmoother
2006-07-11 01:53   --------   d--------   C:\Program Files\Lavasoft
2006-07-11 01:53   --------   d--------   C:\Documents and Settings\Act\Application Data\Lavasoft
2006-07-11 01:21   --------   d--------   C:\Program Files\NewDotNet
2006-07-11 00:24   --------   d--------   C:\Program Files\TGTSoft
2006-07-08 23:41   --------   d--------   C:\Program Files\Windows NT
2006-07-05 14:32   --------   d--------   C:\Program Files\NCH Swift Sound
2006-06-15 00:29   1389   --a------   C:\Documents and Settings\Act\Application Data\.googlewebacchosts
 

((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinVNC"="\"C:\\Program Files\\PalmVNC\\WinVNC\\WinVNC.exe\" -servicehelper"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Orb"="\"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
  00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
  00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
  00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^Act^Start Menu^Programs^Startup^Palm Registration.lnk]
"path"="C:\\Documents and Settings\\Act\\Start Menu\\Programs\\Startup\\Palm Registration.lnk"
"backup"="C:\\WINDOWS\\pss\\Palm Registration.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\Palm\\register.exe /remind /language=EN /INTL=\"false\" /PRNM=\"Palm\""
"item"="Palm Registration"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^Act^Start Menu^Programs^Startup^palmOne Registration.lnk]
"path"="C:\\Documents and Settings\\Act\\Start Menu\\Programs\\Startup\\palmOne Registration.lnk"
"backup"="C:\\WINDOWS\\pss\\palmOne Registration.lnkStartup"
"location"="Startup"
"command"="C:\\Program Files\\palmOne\\register.exe /remind /language=EN /PRNM=\"palmOne\""
"item"="palmOne Registration"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HotSync Manager.lnk"
"backup"="C:\\WINDOWS\\pss\\HotSync Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\Program Files\\palmOne\\Hotsync.exe -logon"
"item"="HotSync Manager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HOTSYNCSHORTCUTNAME.lnk"
"backup"="C:\\WINDOWS\\pss\\HOTSYNCSHORTCUTNAME.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\Program Files\\palmOne\\Hotsync.exe -logon"
"item"="HOTSYNCSHORTCUTNAME"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Run Google Web Accelerator.lnk"
"backup"="C:\\WINDOWS\\pss\\Run Google Web Accelerator.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Google\\WEBACC~1\\GOOGLE~2.EXE "
"item"="Run Google Web Accelerator"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\AIM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim"
"hkey"="HKCU"
"command"="C:\\PROGRA~1\\AIM\\aim.exe -cnetwait.odl"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Aim6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLLaunch"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\AOL\\Launch\\AOLLaunch.exe\" /d locale=en-US ee://aol/imApp"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ccApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ccApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\H/PC Connection Agent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="wcescomm"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\HostManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLHostManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\AOL\\1153298420\\ee\\AOLHostManager.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\HP Component Manager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpcmpmgr"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ISUSPM Startup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="isuspm"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ISUSScheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="issch"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NAV CfgWiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CfgWiz"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Symantec Shared\\CfgWiz.exe /GUID NAV /CMDLINE \"REBOOT\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PalmTether]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TetherApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\PalmTether\\TetherApp.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Power2GoExpress]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpcmpmgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\spc_w]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nzspc"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\NZSearch\\nzspc.exe\" -w"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Start WingMan Profiler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="lwemon"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Logitech\\Profiler\\lwemon.exe\" /noui"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Symantec NetDriver Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SNDMon"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SynTPLpr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPLpr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ViewMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ViewMgr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"inimapping"="0"
 
 
 
 
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
 
backup-20060904-170422-386
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Act.job
C:\WINDOWS\tasks\Symantec NetDetect.job
 
Completion time: Mon 09/04/2006 21:31:57.64
ComboFix.txt

[guestolo]

Can I see one more log
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

[yuyjust]

Here is the Hijackthis uninstall manager list



Actiontec Bluetooth Software
Ad-Aware SE Personal
Adobe Reader 6.0
AOL Instant Messenger
AOL Toolbar 2.0
CC_ccStart
ccCommon
CleanUp!
Comcast High-Speed Internet Install Wizard
ewido anti-spyware 4.0
FairUse Wizard 2
FontSmoother 1.76
Google Toolbar for Internet Explorer
Google Web Accelerator
HandWallet
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
Hotfix for Windows XP (KB909394)
HP PSC & OfficeJet 3.5
InterActual Player
iTunes
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.1_07
Java Web Start
Kaspersky Online Scanner
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Logitech Gaming Software
Macromedia Flash Player 8
Mahjongg Master 5
Medi@Show
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft ActiveSync 4.0
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Mozilla Firefox (1.5.0.6)
MSRedist
Nokia Connectivity Cable Driver
Nokia Internet Tablet Software Update Wizard
Norton AntiVirus 2004
Norton AntiVirus 2004 (Symantec Corporation)
Norton AntiVirus Parent MSI
Norton WMI Update
Orb
Palm
PalmVNC 2.0
Pocket Tunes 3.1.3
Power2Go 3.0
PowerDVD
PowerStarter
QuickTime
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Samsung USB Driver (MCCI 4.16)
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Smart Link 56K Modem
Spb Weather
Sprint PCS Connection Manager
Symantec Script Blocking Installer
SymNet
Synaptics Pointing Device Driver
UniChrome Graphics Driver and Utilities
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
VIA Audio Driver Setup Program
Viewpoint Media Player
Vintage Slots Of Colorado, Inc StocksAndWeatherToday
WinAce Archiver
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
XP Codec Pack

[yuyjust]

bump

[guestolo]

Can you find and delete these files and folders
Exact names and locations

C:\Program Files\NewDotNet <-folder
C:\onoes.exe <-file
C:\WINDOWS\system32\tasklist.com <-file

Access your add/remove programs and remove
Viewpoint Media Player
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.1_07
Java Web Start

Reboot the computer
Back in Windows
Go to this link
http://java.sun.com/javase/downloads/index.jsp

Click on the "Download" button next to
Java Runtime Environment (JRE) 5.0 Update 8
Select the Radio button next to Accept License Agreement
The page will refresh
Download and save to desktop the
Windows Offline Installation, Multi-language installer


Once you have the installer saved
double click to Install and follow the prompts
Once installed, you can delete the installer from desktop
Come back here and post a fresh hijackthis log and let me know how things are running