Let´s start with the standard procedure -

 

Please download free  Trial of Superantispyware
http://www.superantispyware.com/superantispywarefreevspro.html

Install it using the Standard Install option. (You will be asked for your e-mail address, it is safe to give it.

close the program

 

 

Download and install:  http://www.filehippo.com/download_ccleaner/
For a basic version of CCleaner with no Yahoo Toolbar, select the second or third install option as follows:
Even if you selected Option 2 or 3, if you do not want the Yahoo Toolbar installed:
Uncheck "Add CCleaner Yahoo! Toolbar", as it is checked by default during CCleaner Setup

 

Download Free Trial of Spysweeper
http://www.spywarefri.dk/downloads1/ssf...793616.exe 
http://www.spywarefri.dk/downloads1/ssfsetup972_1837793616.exe

Install it using the Standard Install option. (You will be asked for your e-mail address, it is safe to give it. If you receive alerts from your firewall, allow all activities for Spy Sweeper)
You will be prompted to check for updated definitions, please do so.
(This may take several minutes)

 

 

 

 

Reboot into Safe  Mode   by tapping F8 after the BIOS has loaded.
The Windows Advanced Options Menu appears.
Ensure that the Safe mode option is selected.
Press Enter. The computer then begins to start in Safe mode.

 

 

 

Open Ccleaner.

1. Before first use, check under Options, Advanced, and UNCHECK "Only delete files in Windows Temp folder older than 48 hours".
2. A pop up box will appear advising this process will permanently delete files from your system.
3. Then select the items you wish to clean up.
In the Windows Tab:
Clean all entries in the "Internet Explorer". If you prefer to keep your cookies, uncheck the Cookies entry. Deleting cookies will require re-entry of user names and passwords on next visit to sites that require users log in.
Clean all the entries in the "Windows Explorer" section.
Clean all entries in the "System" section.
Clean all entries in the "Advanced" section.
Clean any others that you choose.

In the Applications Tab:
Clean all (optionally, except cookies) in the Firefox/Mozilla section if you use it.
Clean all in the Opera section if you use it.
Clean Sun Java in the Internet Section.
Clean any others that you choose.
4. Then click the "Run Cleaner" button and it will scan and clean your system. Click exit.

 

 

 

 

Run Spysweeper:
Click on "Options > Sweep Options" and check "Sweep all Folders on Selected drives". Check "Local Disc C".
Under What to Sweep: check all of the boxes except Sweep Contents of Compressed Files and do not Sweep Systemrestore Folder.

Click on Sweep and allow it to fully scan your system.

When the sweep has finished, click "Remove". Click "Select All" and then "Next".
From 'Results', select the Session Log tab. Click Save to File and save the log somewhere convenient.

Exit Spy Sweeper.

 

Start Superantispyware/rightclick on the black/yellow bug in tray.

Hit - Scan Your Computer - button

Click on the drive(s) you want to scan. Put a check in - Perform Complete Scan, then next

it will scan now. When scan have finished, put a checkmark with  all items it found. Next, after cleaning, let it Reboot

 

 

Next go to Start- Search and scrolldown using the scroll bar on the right. Go down to More advanced options and click.
Be sure the first three boxes are selected:
Search System folders
Search Hidden Files and folders
Search SubFolders
And Find:
superantispyware log

 

Post this log along with fresh hijackthis log, spysweeper log and tell how things are running

 

 

 

 

 

 

---

Regards - Touch  

 

 

 

kozmage -> I suggest You read My signature !

I´ve therefore removed your log, push on Before posting a log, also in my signature

 

 

 

 

Logfile of HijackThis v1.99.1
Scan saved at 21:36:34, on 17/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\mgabg.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\PDesk\PDesk.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\iriver\iriver plus\iAgent.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis 1.99.1\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com.au/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {F94576BB-EFFD-411B-8CCD-A53AC7D9A1F1} - C:\WINDOWS\System32\plna.dll (file missing)
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Windows Recylinder Check] fqzhhlqmqv.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\RunServices: [Windows Recylinder Check] fqzhhlqmqv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [iPlusAgent] C:\Program Files\iriver\iriver plus\iAgent.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Paciqmt] C:\DOCUME~1\CLAREV~1\APPLIC~1\RACLE~1\nslookup.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:  C:\WINDOWS\system32\regedit.dll
O20 - Winlogon Notify: khffeee - khffeee.dll (file missing)
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\System32\mgabg.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

 

 

********
17:27: |       Start of Session, 17 June 2006       |
17:27: Spy Sweeper started
17:27: Sweep initiated using definitions version 701
17:27: Starting Memory Sweep
17:29: Memory Sweep Complete, Elapsed Time: 00:02:09
17:29: Starting Registry Sweep
17:29:   Found Adware: blazefind
17:29:   HKCR\admilliservx.installer\  (3 subtraces) (ID = 104436)
17:29:   HKLM\software\classes\admilliservx.installer\  (3 subtraces) (ID = 104466)
17:29:   HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/admilliservx.dll\  (2 subtraces) (ID = 104525)
17:29:   HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\admilliservx.dll (ID = 104540)
17:29:   Found Adware: cws spage.html hijack
17:29:   HKLM\software\microsoft\internet explorer\main\ || search bar (ID = 112652)
17:29:   Found Adware: gain - common components
17:29:   HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\hdplugin1019.dll (ID = 126786)
17:29:   Found Adware: give4free
17:29:   HKLM\software\give4free plugin\  (5 subtraces) (ID = 126848)
17:29:   Found Adware: hotbar
17:29:   HKCR\interface\{9dd19d39-2cdc-465b-bb21-1d433590ba3d}\  (8 subtraces) (ID = 127331)
17:29:   HKCR\interface\{20d21e02-8c1c-41fe-9826-dab4c223436c}\  (8 subtraces) (ID = 127333)
17:29:   HKCR\interface\{66291bef-c867-43c0-a7b4-d13393814bcd}\  (8 subtraces) (ID = 127342)
17:29:   HKCR\interface\{7138714c-9819-4ab1-9a86-e7c413c9a99e}\  (8 subtraces) (ID = 127344)
17:29:   HKCR\interface\{a1772e14-9291-454e-aede-02161fbc3e59}\  (8 subtraces) (ID = 127347)
17:29:   HKLM\software\classes\interface\{9dd19d39-2cdc-465b-bb21-1d433590ba3d}\  (8 subtraces) (ID = 127496)
17:29:   HKLM\software\classes\interface\{20d21e02-8c1c-41fe-9826-dab4c223436c}\  (8 subtraces) (ID = 127498)
17:29:   HKLM\software\classes\interface\{66291bef-c867-43c0-a7b4-d13393814bcd}\  (8 subtraces) (ID = 127506)
17:29:   HKLM\software\classes\interface\{7138714c-9819-4ab1-9a86-e7c413c9a99e}\  (8 subtraces) (ID = 127507)
17:29:   HKLM\software\classes\interface\{a1772e14-9291-454e-aede-02161fbc3e59}\  (8 subtraces) (ID = 127509)
17:29:   HKLM\software\classes\typelib\{5ba32d9e-f1bd-476c-ad42-97c9379a57a4}\  (9 subtraces) (ID = 127538)
17:29:   HKLM\software\classes\typelib\{842d315a-7e1e-448b-96e8-9e76d1820be2}\  (9 subtraces) (ID = 127546)
17:29:   HKLM\software\classes\typelib\{522985f4-ba43-45a0-9b20-ab5f82c0ff7e}\  (9 subtraces) (ID = 127548)
17:29:   HKLM\software\classes\typelib\{ab357854-7a72-4fbe-9382-cc74b45a3add}\  (9 subtraces) (ID = 127551)
17:29:   HKLM\software\microsoft\internet explorer\extensions\{e77eda01-3c56-4a96-8d08-02b42891c169}\  (6 subtraces) (ID = 127582)
17:29:   HKCR\typelib\{5ba32d9e-f1bd-476c-ad42-97c9379a57a4}\  (9 subtraces) (ID = 127636)
17:29:   HKCR\typelib\{842d315a-7e1e-448b-96e8-9e76d1820be2}\  (9 subtraces) (ID = 127644)
17:29:   HKCR\typelib\{522985f4-ba43-45a0-9b20-ab5f82c0ff7e}\  (9 subtraces) (ID = 127646)
17:29:   HKCR\typelib\{ab357854-7a72-4fbe-9382-cc74b45a3add}\  (9 subtraces) (ID = 127649)
17:29:   Found Adware: searchrelevancy
17:29:   HKCR\searchrelevant\  (3 subtraces) (ID = 141291)
17:29:   HKLM\software\classes\searchrelevant\  (3 subtraces) (ID = 141296)
17:29:   Found Adware: winad
17:29:   HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\winadctlx.dll (ID = 147223)
17:29:   Found Adware: starware toolbar
17:29:   HKCR\clsid\{85a616ee-142c-4d52-9f45-c469964e109e}\  (2 subtraces) (ID = 1166078)
17:29:   HKLM\software\classes\clsid\{85a616ee-142c-4d52-9f45-c469964e109e}\  (2 subtraces) (ID = 1166114)
17:29:   Found Adware: elitemediagroup-mediamotor
17:29:   HKCR\interface\{41e1565d-b7a8-4251-bd79-e6c5facb2b5f}\  (7 subtraces) (ID = 1497876)
17:29:   HKCR\interface\{db312456-e762-4369-844a-aed9006b1b2f}\  (7 subtraces) (ID = 1497938)
17:29:   HKLM\software\classes\interface\{41e1565d-b7a8-4251-bd79-e6c5facb2b5f}\  (7 subtraces) (ID = 1502038)
17:29:   HKLM\software\classes\interface\{db312456-e762-4369-844a-aed9006b1b2f}\  (7 subtraces) (ID = 1502064)
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-500\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576)
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-1009\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576)
17:29:   Found Adware: 180search assistant/zango
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-1009\software\salm\  (13 subtraces) (ID = 135792)
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-1008\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576)
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-1007\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576)
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-1007\software\starware\  (14 subtraces) (ID = 142866)
17:29:   Found Adware: webrebates
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-1007\software\microsoft\internet explorer\menuext\web rebates.\  (2 subtraces) (ID = 866137)
17:29:   Found Adware: winantivirus pro
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-1007\software\winantivirus pro 2006\  (21 subtraces) (ID = 1216147)
17:29:   Found Adware: errorsafe
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-1007\software\error safe free\  (17 subtraces) (ID = 1236305)
17:29:   HKU\WRSS_Profile_S-1-5-21-2831404810-2863013580-1816216830-1007\software\microsoft\windows\currentversion\run\ || error safe (ID = 1239203)
17:29:   Found Adware: cws-aboutblank
17:29:   HKU\S-1-5-21-2831404810-2863013580-1816216830-1006\software\microsoft\internet explorer\main\ || search page_bak (ID = 115925)
17:29:   HKU\S-1-5-21-2831404810-2863013580-1816216830-1006\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576)
17:29:   HKU\S-1-5-21-2831404810-2863013580-1816216830-1006\software\microsoft\internet explorer\main\ || search page_bak (ID = 774883)
17:30:   HKU\S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576)
17:30: Registry Sweep Complete, Elapsed Time:00:00:30
17:30: Starting Cookie Sweep
17:30:   Found Spy Cookie: mywebsearch cookie
17:30:   janet vidler@mywebsearch[2].txt (ID = 3051)
17:30:   Found Spy Cookie: toprebates.com cookie
17:30:   janet vidler@www.toprebates[2].txt (ID = 3562)
17:30:   janet vidler@toprebates[2].txt (ID = 3561)
17:30:   john m vidler@toprebates[2].txt (ID = 3561)
17:30:   john m vidler@mywebsearch[3].txt (ID = 3051)
17:30:   Found Spy Cookie: clixgalore cookie
17:30:   john m vidler@www.clixgalore[1].txt (ID = 2417)
17:30:   john m vidler@mywebsearch[4].txt (ID = 3051)
17:30:   john m vidler@mywebsearch[2].txt (ID = 3051)
17:30:   john m vidler@mywebsearch[1].txt (ID = 3051)
17:30:   Found Spy Cookie: go.com cookie
17:30:   alex vidler@psc.disney.go[2].txt (ID = 2729)
17:30:   alex vidler@www.disney.go[2].txt (ID = 2729)
17:30:   alex vidler@mywebsearch[4].txt (ID = 3051)
17:30:   Found Spy Cookie: 64.62.232 cookie
17:30:   alex vidler@64.62.232[1].txt (ID = 1987)
17:30:   Found Spy Cookie: tickle cookie
17:30:   alex vidler@cookie.tickle[1].txt (ID = 3530)
17:30:   alex vidler@go[1].txt (ID = 2728)
17:30:   alex vidler@www.toprebates[2].txt (ID = 3562)
17:30:   alex vidler@mywebsearch[1].txt (ID = 3051)
17:30:   alex vidler@mywebsearch[2].txt (ID = 3051)
17:30:   Found Spy Cookie: ugo cookie
17:30:   alex vidler@mediamanager.ugo[1].txt (ID = 3609)
17:30:   Found Spy Cookie: rn11 cookie
17:30:   alex vidler@rn11[2].txt (ID = 3261)
17:30:   alex vidler@toprebates[2].txt (ID = 3561)
17:30:   alex vidler@disneyvideos.disney.go[1].txt (ID = 2729)
17:30:   alex vidler@search.disney.go[1].txt (ID = 2729)
17:30:   Found Spy Cookie: gamespy cookie
17:30:   alex vidler@gamespy[1].txt (ID = 2719)
17:30:   Found Spy Cookie: a cookie
17:30:   alex vidler@a[1].txt (ID = 2027)
17:30:   Found Spy Cookie: about cookie
17:30:   alex vidler@kidstvmovies.about[1].txt (ID = 2038)
17:30:   alex vidler@mywebsearch[5].txt (ID = 3051)
17:30:   Found Spy Cookie: did-it cookie
17:30:   alex vidler@did-it[1].txt (ID = 2523)
17:30:   alex vidler@about[1].txt (ID = 2037)
17:30:   alex vidler@go[2].txt (ID = 2728)
17:30:   alex vidler@psc.disney.go[3].txt (ID = 2729)
17:30: Cookie Sweep Complete, Elapsed Time: 00:00:01
17:30: Starting File Sweep
17:30:   Warning: Failed to open file "c:\pagefile.sys". Access is denied
17:39:   Warning: Failed to open file "c:\windows\system32\config\system.log". The process cannot access the file because it is being used by another process
17:39:   Warning: Failed to open file "c:\windows\system32\config\software.log". The process cannot access the file because it is being used by another process
17:39:   Warning: Failed to open file "c:\windows\system32\config\default.log". The process cannot access the file because it is being used by another process
17:39:   Warning: Failed to open file "c:\windows\system32\config\security". The process cannot access the file because it is being used by another process
17:39:   Warning: Failed to open file "c:\windows\system32\config\sam". The process cannot access the file because it is being used by another process
17:39:   Warning: Failed to open file "c:\windows\system32\config\sam.log". The process cannot access the file because it is being used by another process
17:39:   Warning: Failed to open file "c:\windows\system32\config\security.log". The process cannot access the file because it is being used by another process
17:39:   Warning: Failed to open file "c:\windows\system32\config\system". The process cannot access the file because it is being used by another process
17:39:   Warning: Failed to open file "c:\windows\system32\config\software". The process cannot access the file because it is being used by another process
17:39:   Warning: Failed to open file "c:\windows\system32\config\default". The process cannot access the file because it is being used by another process
18:04:   c:\documents and settings\all users\application data\winantivirus pro 2006 (ID = -2147453525)
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\ntuser.dat". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\ntuser.dat.log". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs0375be69-f69c-4688-afc7-550d7465edf0.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs0d69db93-75e3-4da6-8e48-de51fdfb3722.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs17510011-6e79-44f6-b899-47c622694c38.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs5cc19f5d-22fa-42eb-b10b-5b328255709b.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsd1c58916-6f7b-4fc2-982e-b614eb3b6985.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs6b9eba39-d0ce-467c-9b9c-d34c5bb0dc84.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs9a8106eb-ec5e-480b-a779-0e650dbd16c1.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs03818eb6-3968-44cc-bcd7-488a9ae93aa7.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsc01cfada-122b-4f48-a64b-73f075700d3b.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs3b3281a0-7915-4595-9d03-90a281375e8c.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs38e9fbe7-c0cc-4cec-8f13-4f8c74f93939.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs62964c71-2af5-441c-b3f0-990110a2e3f0.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsbb9ed8ce-05da-4433-8990-5a4885cb0162.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs62c2004b-eba5-4b8e-8b9a-5b31d7bb4b41.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscse7ac8c4a-46c4-45eb-a249-9cf271cf3fd7.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs504b31fd-c1d5-41ee-a670-5abc6287c2af.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsb479c2ed-c300-4650-8238-a00bc850514c.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsced9d7d0-752f-434f-a62f-0ff10ac1925e.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsf70155db-75ce-41be-86b6-a8f9310f42dc.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs8f02d82d-c843-44f7-832a-605aaf0774f8.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs5a1f599d-bad1-401f-85c4-da51ce1db503.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsa4a47045-cc06-4029-b2c1-e1d76c483c27.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs528afed9-57ec-4bbb-8933-696d651fbc20.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs8a15783d-724c-43cd-9eb0-ed746f672b06.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsd1a2094e-79fe-4b5a-ad46-c713765472cb.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs24d90396-93cd-426f-ba8d-508375e2efb7.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs6347c040-ad36-4715-b699-b97963243a16.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsa387ef77-9780-45e9-9cac-56abcfed058a.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs88fb2aea-caef-4263-9ebd-ab30121dc51c.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs617e786c-1f17-48ec-802c-79de5ad3d673.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsfe3a296d-3ee3-4f06-b720-4c516253e561.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsf58457bc-136e-49fd-9eeb-4fa1944e13f3.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs89ab83ae-2127-4d94-b2cf-b7b1588794a6.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs8b10e01f-5e39-4452-a0ca-e8ad739b724f.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs249b5c16-2d25-4cea-93ba-1358809ea44f.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs0d2b49e7-6dcd-47e4-8618-a27baf9f56c0.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs8588443d-9394-48ee-b293-0121e4ba2f81.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs10f566c5-a46b-479f-9f7e-691d8f5f7e72.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs9bb0e0d5-a7f0-4b40-a332-1e82367eb221.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs64f7e2b6-b379-41bb-9ce2-8ec2de41651d.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs67bc7d7d-f422-4b29-ba78-ba0c7e25072f.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsa200992a-812c-4bf7-b106-60c183877f9b.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs163f5ca2-9291-4f02-ae75-d955f6b18222.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs90d209f2-ad6b-4c97-a817-abdc6daa73a5.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs039cb440-bec0-4697-b190-fd4cd87a4908.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs6438380f-7c35-42a4-bdd5-f4d01a8fb285.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsc85d0a47-63d0-42b7-8e2f-5ff4ca19f5e4.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs28d8bc87-5be0-43de-a2de-a4e735e8e0b6.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsd8079899-88cf-4b6c-9ea4-b589e4cd2521.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscse52d8f81-adbf-453a-b79f-4cdfa6be70c3.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsf8fbc8c4-2f51-40ec-b81f-09b92c2e1b55.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs9c6526b9-3e92-44aa-8aa7-96251fb55d95.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs9b8b1fa6-1b05-4091-bd68-e8aac6c803c7.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsd0a3e2e0-0160-495a-87f4-7d681bb0b605.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs6bb1df7b-7442-4d2c-9110-f310e7e9bd55.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs7a477f2f-1926-41ba-9b35-0ebcb3a43a0c.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsf0f70543-2b64-4efd-bcdd-6ca07cf87bdc.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs77d5833d-804a-46b5-a67d-87815204fc6f.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs32d78b07-8113-45aa-9630-cf5f382b7c45.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs81b65352-f165-4712-bcc8-ebf5c6c98e08.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs4318dc68-5629-4799-94c6-8bf78ed924c5.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs89fe1bb4-0b3b-4e80-bb12-61452c3474e9.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs900d8015-b7a0-4e9c-89d9-11345ab3ae13.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs3c75ed54-038f-4984-bb03-68e2909202b0.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs1251d58f-aa49-4ce5-84f1-c9d222ea3eba.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs8aebafb9-42d7-413d-b5ea-7b366f4a33fa.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs310041cb-478d-4c45-bedb-d4f04dccf406.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs2c0ac0b8-2773-4ae7-bf3e-d5c3babc39b1.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscscffdfdc7-a962-4542-9384-1fe9dafd1d51.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsb82133f1-7a48-4b5e-b2a2-e009da79b605.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs214bb4a9-2e78-4172-bb2c-048eaf9fc57a.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs0764dbf6-39e1-4251-9708-929980850370.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs3433c39d-3bbf-4780-9f8e-a8c66d404910.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsbcb116e5-6303-4975-83d8-b9d1cafbf0f2.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs6a6a3b77-ffa6-4bdd-b52f-f041f82efa16.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs94e028cc-d626-4252-86f1-07e3410b0b2c.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs72f69b62-dd27-4700-b307-8000de076c02.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs04c60f24-fe32-417b-ac23-fbdf269e6150.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs9bbbf31a-a116-486b-889b-49783f3980bc.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsaff7567d-92a8-4a60-b5df-6d44c5479dc9.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs9d0f3efb-f848-410f-b3e9-d5db5d6bced1.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs7f5443a1-70b7-4534-ae90-a1fb67bc1e47.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs8a3aa6c4-8f5c-4720-8a42-7945f504506b.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs3445b852-504e-451a-8e2b-1af46cd35b48.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsd201305a-01db-4d21-b3e1-ea40ea2431d0.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsf4debd86-8f5d-4454-a898-bf1a7b06a95d.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs5a526aa8-ffcd-49fb-a7c1-7615e6a6fded.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs70804bdd-9a7b-4c17-860f-edce86fd047c.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs5d702081-a399-44ca-88dc-f212d0d8dfd4.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs1430aa83-4597-4e27-93e6-34c4f5b50fc2.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsd1f3a41e-bcb1-42db-a57a-9a168c6923db.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsef7ca369-8c16-49e9-8db6-28584db4743a.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsb392ab79-f787-4eb4-b525-dc16169df0ec.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsf0727abf-a5f1-4e75-ac25-6cac15582c7c.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs95ca01c4-87c9-4d98-84b9-4b31afda0678.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs86fc7965-e74b-41ca-ab5b-341c5b92965b.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsf582efc6-995b-44ad-a0d9-51dec1922185.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsfaa77324-ec2c-42e6-894c-1ca9774b24e9.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsb70aa0c6-4d49-43a1-adde-3645eb084c68.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsfdfd039a-497f-451c-b8f3-692b9f540956.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs147d4104-84b6-4ace-be42-6f55b22845ae.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscsfeefac7a-bfe7-4002-87c2-30fde2ac64af.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs246582f6-f572-4d65-8519-9db14b28c383.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\temp\sscs82b9bf70-ff62-4d52-b21e-6550fa7ce04e.tmp". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\clare vidler\ntuser.dat". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\clare vidler\ntuser.dat.log". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\clare vidler\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process
18:05:   Warning: Failed to open file "c:\documents and settings\clare vidler\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process
18:09:   wapchk.dll (ID = 291206)
18:09:   wapchk{0073a8f9-436b-4dc2-8835-4eaaacce4606}.dll (ID = 291206)
18:18:   c:\program files\searchrelevant (ID = -2147480349)
18:18:   c:\program files\webrebates4 (50 subtraces) (ID = -2147470148)
18:18:   readme.txt (ID = 119871)
18:18:   Found Adware: whenu searchbar/pricebandit
18:18:   03b8ccfc-d791-488b-bc7d-caca4d (ID = 129799)
18:18:   6c36b35a-274e-4417-b6f8-d35c39 (ID = 129801)
18:18:   d41b865d-a75d-43e0-9523-7239ee (ID = 161460)
18:18:   ae0a3824-1b7d-4711-8f89-307429 (ID = 129805)
18:18:   ecce30d9-c19c-458d-827e-4ae7ac (ID = 129770)
18:18:   Found Adware: whenu
18:18:   49be5409-b2a1-475d-81cd-9cdba0 (ID = 161463)
18:18:   f823348a-834b-445e-9b27-c3c42a (ID = 121866)
18:18:   0b3dd8ec-c2ad-4874-a129-0e53c8 (ID = 121849)
18:18:   119883df-f4d2-4b57-9fdc-1961bb (ID = 121821)
18:18:   4adabcc6-f53d-4243-842a-291f15 (ID = 121820)
18:18:   da3435d1-46f9-4d46-ba76-de03e7 (ID = 121854)
18:18:   4697194f-d064-466f-b8f0-7087c4 (ID = 121815)
18:18:   c775cb7b-5ca9-481c-9735-b23ee9 (ID = 121822)
18:18:   002c4779-0bd9-410f-8bcf-7bd664 (ID = 121823)
18:18:   7070da5e-4623-448d-8e3c-0b3aeb (ID = 121824)
18:18:   abbc853f-19f6-4707-b7e3-2a3e17 (ID = 62283)
18:18:   537a0f03-dd83-443e-bcc2-867c3d (ID = 121825)
18:18:   ec2d4edf-6794-4f9d-8bd6-1865ee (ID = 121826)
18:18:   c6b06bef-52c2-4f1c-9443-4e7ffb (ID = 121827)
18:18:   93e791c9-0f27-4a47-b9da-900fdd (ID = 121828)
18:18:   27efa252-0905-491c-85a2-4bfd5e (ID = 121829)
18:18:   be859526-3374-4193-a0bc-4d9c86 (ID = 121829)
18:18:   2e292ca9-0931-4789-a1cb-f74306 (ID = 121831)
18:18:   02c45a58-1c9a-4bd2-962b-a050b1 (ID = 121832)
18:18:   bf179e26-d69c-4523-a9df-9290eb (ID = 121833)
18:18:   36020cca-3b6c-4c82-905e-0ac12e (ID = 121834)
18:18:   a3d08168-b109-4e1f-9efb-cad3fa (ID = 121835)
18:18:   3f0ad5fc-98b8-4e39-9946-84e711 (ID = 121836)
18:18:   48260fcf-fdaa-4c93-b90a-ce3311 (ID = 121837)
18:18:   809ad3eb-bc90-4364-b22a-d20817 (ID = 121838)
18:18:   4931b6ef-37d6-4e7c-bf48-95f935 (ID = 62283)
18:18:   749fc21d-d59b-481f-b5ce-a7b10f (ID = 62283)
18:18:   f4f86c53-96e8-40db-878a-d4eb7e (ID = 121839)
18:18:   1c00d0cd-9e3a-49db-9e8a-0e3913 (ID = 121840)
18:18:   647c278a-57fb-4e0b-b18f-605112 (ID = 121819)
18:18:   b9d58b67-1413-45aa-8453-5b068d (ID = 121841)
18:18:   f8452868-4969-4880-8e56-c5d82f (ID = 121842)
18:18:   b8ca3a28-9f6c-4ef4-a608-0a21a5 (ID = 121844)
18:18:   d03d6b0e-dbee-41ca-b35d-528a52 (ID = 121845)
18:18:   f584e8cf-7f85-4848-9a80-76ed31 (ID = 121846)
18:18:   26d5eae6-5f90-4946-b5c2-701f40 (ID = 121849)
18:18:   0bd0604f-1027-4ec0-9d13-4a639a (ID = 62367)
18:18:   3ecd0787-4f9a-4459-be4d-79467b (ID = 121850)
18:18:   d5d8b404-0da3-4683-890d-ebaa35 (ID = 121851)
18:18:   a6ca54ad-c274-4b46-ab20-0384c9 (ID = 121852)
18:18:   0638fede-a54a-4ea4-a403-467705 (ID = 121853)
18:18:   5584f45b-ad22-4a31-8baa-6d071c (ID = 62382)
18:18:   7d0e831a-c91f-426a-aa9b-27b400 (ID = 121867)
18:18:   253f8b90-2d58-4f90-835d-d73bbf (ID = 121866)
18:18:   7d0035dc-1c69-4dbb-8588-35cbf9 (ID = 114339)
18:18:   b568e050-904c-414a-903d-1a8de4 (ID = 114390)
18:18:   b9e74bfe-d40b-4077-8243-fa7d58 (ID = 114353)
18:18:   4f4e2301-2f2d-4524-b783-669840 (ID = 62284)
18:18:   318c0ce0-d7cf-40e9-8a83-b2e7ed (ID = 62284)
18:18:   cb438c8b-d0f4-42a7-82da-e54752 (ID = 121860)
18:18:   bf16655e-52f6-4fbc-ba3f-00fc2d (ID = 62383)
18:18:   88e7cdbc-700b-4f77-9774-ec311c (ID = 121869)
18:18:   1c71cb44-61d5-418a-a149-0f079f (ID = 121868)
18:18:   43d48d3a-fe1c-426c-b4fe-caaed0 (ID = 62284)
18:18:   33b20ff2-61c8-4040-9715-80b57e (ID = 114354)
18:18:   4ac5b8bc-b619-43e5-8ac5-deba54 (ID = 114393)
18:18:   539d41b6-4efc-47f1-8083-38fa0a (ID = 114342)
18:18:   eae5b0c2-7c3d-4424-9023-506d57 (ID = 114355)
18:18:   86201b42-e574-425c-b5eb-7e6845 (ID = 114376)
18:18:   4c3199e3-ccc9-48d4-985f-07717e (ID = 114394)
18:18:   859a3793-909a-4964-9919-253eff (ID = 114343)
18:18:   a6db1d22-8076-445b-8735-1f1b18 (ID = 114356)
18:18:   73ddd455-458e-4922-a487-f26cbd (ID = 114377)
18:18:   3d2561ce-bbb1-47e5-97f6-99c6b6 (ID = 114391)
18:18:   cc718796-b443-40f0-8052-73b709 (ID = 114340)
18:18:   7867c0f4-db7f-4a05-a045-007e60 (ID = 121859)
18:18:   66d2a1c8-b829-4f36-9948-41e6eb (ID = 114375)
18:18:   32f1b1a1-766d-42d7-ac4e-c34f70 (ID = 114341)
18:18:   0027da9b-f82e-4638-956a-9bce32 (ID = 114341)
18:18:   8bb92c54-9869-48df-9417-9ae6c3 (ID = 121856)
18:18:   9806a050-8b3b-4a2d-b9e8-c82531 (ID = 114346)
18:18:   0f2000c1-59d8-40f3-8348-aabea3 (ID = 121858)
18:18:   10f65bc5-0712-439c-91e1-6d49fb (ID = 121862)
18:18:   4aa6793e-1865-4ab9-97e2-d14705 (ID = 114400)
18:18:   7878351e-1c0e-4019-b988-3776c4 (ID = 121855)
18:18:   d26e05d1-9af9-44f4-98c1-d4de3d (ID = 114359)
18:18:   e2d520ba-70b6-4764-b77d-9b3eb4 (ID = 121821)
18:18:   212ff295-bac4-4bb0-a35e-ed9607 (ID = 121820)
18:18:   faa8134e-31b9-49b0-881d-f9298a (ID = 121854)
18:18:   94644aef-56dc-484d-9f59-0fa790 (ID = 121815)
18:18:   6b8c76cf-239a-4874-9c7b-a3b46e (ID = 121822)
18:18:   45e6027c-3e13-4712-89ab-bbfce9 (ID = 121823)
18:18:   9210bf05-89de-4e6a-99a7-a50727 (ID = 121824)
18:18:   fe4951bd-605f-429b-bb44-e0c9c3 (ID = 62283)
18:18:   d46819a4-ec9f-4e74-a0a0-46494e (ID = 121825)
18:18:   9b3ed937-c70a-470b-b5ca-f1d5dd (ID = 121826)
18:18:   785f9480-ba46-4e61-abb3-4d49f8 (ID = 121827)
18:18:   374cdbcd-d1a8-4f31-ba1d-c82a2e (ID = 121828)
18:18:   c5bb87b1-0de7-48a7-be19-a4ea83 (ID = 121829)
18:18:   9d2005a7-bc1a-415a-908e-c6e4cd (ID = 121829)
18:18:   484e5e9b-7769-44ef-8021-b83c15 (ID = 121831)
18:18:   561ae579-e948-48f5-b029-6ff42d (ID = 121832)
18:18:   87c9080c-17e9-4423-85c1-190d1e (ID = 121833)
18:18:   c43cf03c-847f-43e4-8876-da0109 (ID = 121834)
18:18:   913e7177-8c2d-4d93-83c4-024996 (ID = 121835)
18:18:   4c861f27-5a7c-452b-81a8-563d21 (ID = 121836)
18:19:   90509a45-eb1c-4357-9780-aaa441 (ID = 121837)
18:19:   9d00e3df-b084-41c1-be99-a9cfbf (ID = 121838)
18:19:   7ed982ca-20c4-43c2-b46d-06f94a (ID = 62283)
18:19:   b4d46141-2bbf-4631-85e0-5045f9 (ID = 62283)
18:19:   a7f6f15c-c78c-477f-895a-9514c7 (ID = 121839)
18:19:   4cdb9067-c39f-4f75-be9b-691f71 (ID = 121840)
18:19:   478240e6-9c0d-4c6e-af6d-823da7 (ID = 121819)
18:19:   2dab4389-1533-4c37-b156-a3cca1 (ID = 121841)
18:19:   bf61ae55-f14b-424b-aa27-41d551 (ID = 121842)
18:19:   57e944a5-5a60-4d62-8385-b8ebf0 (ID = 121844)
18:19:   d137d3d0-aa03-4520-888a-5c111e (ID = 121845)
18:19:   a9f4d523-ed9c-4848-843b-0f9d2d (ID = 121846)
18:19:   e653d7d6-eee8-479a-b29c-c5e9b0 (ID = 121849)
18:19:   41033ddf-9b3e-4dc2-b71f-42a0a9 (ID = 62367)
18:19:   827bf4a9-887c-43ab-be7f-e17dd7 (ID = 121850)
18:19:   6e8749fd-8238-4696-8a92-e75fcb (ID = 121851)
18:19:   30ed72b0-70fc-4676-ab00-ad166a (ID = 121852)
18:19:   1530b16e-ea03-4d24-ad0f-9b5e65 (ID = 121853)
18:19:   971cf1cb-ec15-4ba1-975f-c34c2c (ID = 62382)
18:19:   345a1211-06c0-44d9-b665-6a43ad (ID = 121861)
18:19:   110858d8-2251-4a3f-baca-97726c (ID = 114346)
18:19:   79322083-9b1a-4de9-95f3-68b418 (ID = 121841)
18:19:   c6a4ac67-cc59-4fcf-9b69-d8f78e (ID = 121842)
18:19:   9b7a695c-7252-4cd4-b467-e5792a (ID = 121842)
18:19:   e04c618a-0885-490b-b7d8-5e46a9 (ID = 121844)
18:19:   2ab456b1-2fbd-4fab-9116-9f6722 (ID = 121844)
18:19:   a02bbbfc-ba7d-4947-a1a7-d73593 (ID = 121844)
18:19:   6be807a9-0a36-4ffd-95e9-f675ac (ID = 121843)
18:19:   72193c35-46fd-434a-9e0a-41e643 (ID = 62367)
18:19:   8dde3aa1-78df-4eb0-b774-129487 (ID = 121841)
18:19:   159401a3-d63e-4adc-ad15-df75d0 (ID = 121842)
18:19:   2028417b-f999-4d9a-ae02-59d6e1 (ID = 121842)
18:19:   e6cb21d1-7dfe-4d3c-b592-4275a1 (ID = 121844)
18:19:   b70635e8-b947-4dda-8f70-44dcc7 (ID = 121844)
18:19:   c0fb2b0f-bcd4-491e-9e83-44b0d6 (ID = 121844)
18:19:   c75e2e04-6b00-432d-b739-1275f8 (ID = 121843)
18:19:   cdb2db02-96c2-4bad-ad0a-4d53eb (ID = 62367)
18:19:   ff1c1e95-9dc8-4ce8-9f13-ef030a (ID = 121861)
18:19:   4e891ac8-782e-46c7-b76c-9c12f0 (ID = 121856)
18:19:   ae409f78-f57d-4754-baa7-70076d (ID = 121844)
18:19:   e572a46e-3943-440a-bb44-44f44d (ID = 121844)
18:19:   c68db5d7-4bc7-461b-a24c-292c70 (ID = 121844)
18:19:   645b0bfa-35cd-4fc2-b7c4-49346d (ID = 121844)
18:19:   bf219b45-361d-49d3-ba67-3ca783 (ID = 121843)
18:19:   81597b73-8218-4275-98d7-4cabb9 (ID = 62367)
18:19:   7c6ac372-f8f4-4b32-a2ae-815d95 (ID = 121844)
18:19:   d0dad1bb-2ad9-4fc7-ab01-a88be3 (ID = 121844)
18:19:   4e36bf10-a3ac-4b38-8825-96b2f8 (ID = 121844)
18:19:   01569cb9-3de8-4dc5-a842-f98b26 (ID = 121844)
18:19:   e52ba5ea-cb0d-4256-8939-da45bd (ID = 121843)
18:19:   068b6acf-7d36-4561-9093-c65838 (ID = 62367)
18:20:   a0110607.exe (ID = 305790)
18:20:   Found Adware: mirar webband
18:20:   a0111009.exe (ID = 272168)
18:20:   a0111011.exe (ID = 75172)
18:20:   a0111031.exe (ID = 62366)
18:21:   a0108036.dll (ID = 277521)
18:24:   a0105227.exe (ID = 269549)
18:24:   a0105236.exe (ID = 269561)
18:24:   a0105241.exe (ID = 269566)
18:24:   a0105248.exe (ID = 278936)
18:24:   a0105253.exe (ID = 278870)
18:35: File Sweep Complete, Elapsed Time: 01:05:31
18:35: Full Sweep has completed.  Elapsed time 01:08:23
18:35: Traces Found: 574
19:33: Removal process initiated
19:33:   Quarantining All Traces: blazefind
19:33:   Quarantining All Traces: cws spage.html hijack
19:33:   Quarantining All Traces: gain - common components
19:33:   Quarantining All Traces: give4free
19:33:   Quarantining All Traces: hotbar
19:35:   Quarantining All Traces: searchrelevancy
19:36:   Quarantining All Traces: winad
19:36:   Quarantining All Traces: starware toolbar
19:36:   Quarantining All Traces: elitemediagroup-mediamotor
19:36:   Quarantining All Traces: 180search assistant/zango
19:37:   Quarantining All Traces: webrebates
19:37:   Quarantining All Traces: winantivirus pro
19:38:   Quarantining All Traces: errorsafe
19:39:   Quarantining All Traces: cws-aboutblank
19:39:   Quarantining All Traces: mywebsearch cookie
19:40:   Quarantining All Traces: toprebates.com cookie
19:40:   Quarantining All Traces: clixgalore cookie
19:40:   Quarantining All Traces: go.com cookie
19:40:   Quarantining All Traces: 64.62.232 cookie
19:40:   Quarantining All Traces: tickle cookie
19:40:   Quarantining All Traces: ugo cookie
19:40:   Quarantining All Traces: rn11 cookie
19:40:   Quarantining All Traces: gamespy cookie
19:40:   Quarantining All Traces: a cookie
19:40:   Quarantining All Traces: about cookie
19:40:   Quarantining All Traces: did-it cookie
19:40:   Quarantining All Traces: whenu searchbar/pricebandit
19:40:   Quarantining All Traces: whenu
19:40:   Quarantining All Traces: mirar webband
19:41: Removal process completed.  Elapsed time 00:07:34
********
17:06: |       Start of Session, 17 June 2006       |
17:06: Spy Sweeper started
17:08: Your spyware definitions have been updated.
17:26: Program Version 4.5.8  (Build 683)  Using Spyware Definitions 701
17:27: |       End of Session, 17 June 2006       |

 

SUPERAntiSpyware Scan Log
Generated 06/17/2006 at 08:20 PM

Core Rules Database Version : 2982
Trace Rules Database Version: 1075

Memory threats detected   : 0
Registry threats detected : 0
File threats detected     : 0

Thankyou so much for the help! Hopefully everything's okay now but I'll wait for your reply

Spysweeper have been busy

However, there are still some items we have to fix manually -

 

 

Logfile of HijackThis v1.99.1
Scan saved at 11:02:18, on 18/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\mgabg.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\PDesk\PDesk.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\iriver\iriver plus\iAgent.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis 1.99.1\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com.au/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [iPlusAgent] C:\Program Files\iriver\iriver plus\iAgent.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\System32\mgabg.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

Clean log

 

 

 

 

My pleasure