I have a problem logging into some sites. (eg: hotmail,you tube,all shops online) I CAN log into sites using someone else's laptop in my home, so the problem does not lie with the router, and the cookie settings are all fine. I have had confirmation of usernames and passwords with these companies so the problem has to lie within mydesktop somewhere. I have tried logging in with mcafee turned on and off. If the problem is browser settings or internet settings I am a novice with computers, so I don't know what to change. Any help is greatly appreciated. Thanks.

Welcome to http://www.pcguide.com/ubb/pcgubb.gif

It is likely that your computer is infected and that is interfering with your log in... Please post a HijackThis log so we can check...

http://www.merijn.org/programs.php

To run HJT, extract it to a permanent folder such as one you create like C:\HJT or the Desktop. Close all open windows and
browsers and make sure that all programs are enabled if you use msconfig. Run it and Scan, then Save the log.
When the log window appears, Right click to Copy it, open your browser and come here to Paste the entire log. Do
not make any changes until it is checked since most items are either benign or essential to the computer.

Welcome to http://www.pcguide.com/ubb/pcgubb.gif Discussion Forums!

What browser and OS are you using?

[Edit] Budfred is on his toes and beat me to it!

windows xp media center 2005 & internet explorer

Budfred, I meant it when I said I am a novice. Your advice lost me sorry. If I do what you said does that mean you can look at everything on my computer? Sounds dodgy!

Budfred, I meant it when I said I am a novice. Your advice lost me sorry. If I do what you said does that mean you can look at everything on my computer? Sounds dodgy!

It just lists processes that are running and other such objects. You can't really get any personal information or go and see everythong on the computer. It is the best way to solve problems like this.

If you don't feel comfortable posting it that is up to you.

Budfred, I meant it when I said I am a novice. Your advice lost me sorry. If I do what you said does that mean you can look at everything on my computer? Sounds dodgy!

If you look around the forum, particularly in Applications and Security, you will see this is a standard tool we use to help people sort out malware problems... It is good that your are cautious, but the evidence is here that we can be trusted with this...

Budfred, i'll post the details as soon as I work out how to do it!

If you don't understand any part of the instructions, say what and I will give more detail about how to do it...

Budfred, I worked out how to send the info, but it was nearly 15000 words(or characters) and i'm only allowed 5000?

Break it up into 3 posts or as many as it takes...

Post here, not by PM...

Edit: I do not help by PM... I deleted your PMs...

Logfile of HijackThis v1.99.1
Scan saved at 22:35:43, on 11/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Morpheus\Morpheus.exe
C:\Program Files\Vasilios Applications\TranspApps\TranspApps.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\SAMHAL~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.skybroadband.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/radio1/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3061218
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.skybroadband.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband
R3 - URLSearchHook: (no name) - {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\3.bin\MBSRCAS.DLL
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: MorpheusToolbar BHO - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\3.bin\MORPHBAR.DLL
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {D73F49B1-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\3.bin\MBSRCAS.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\3.bin\MORPHBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O4 - Startup: TranspApps.lnk = C:\Program Files\Vasilios Applications\TranspApps\TranspApps.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Search - [url]http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZC[/url]
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?4ac8fd0a94244bb0abb47d04cbc30b86
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?4ac8fd0a94244bb0abb47d04cbc30b86

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com (file missing)
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://login.live.com
O15 - Trusted Zone: http://by106fd.bay106.hotmail.msn.com
O15 - Trusted Zone: http://bband.sky.com
O15 - Trusted Zone: http://www.skybroadband.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

You must do as Budfred has instructed and inform the other forum you are no getting help here..... Please provide us with a link.

You must do as Budfred has instructed and inform the other forum you are no getting help here..... Please provide us with a link.

Wrong thread classicsoftware...

hale.s,

Please move HJT to a permanent folder before we continue... Open Windows Explorer and click on the C: drive to hightlight it, then click on the File menu on the top tool bar, select New and then Folder... It will create a new unnamed folder, so name it HJT or something like that... Find the HijackThis zip file that you downloaded and right click on it... Choose to Extract it and direct it to extract to that folder... Run it from there from now on so that backups are preserved...

Next, open a HJT scan and put checks by:

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZC

This may be the main problem... Did you intentionally set restrictions with protection software?? If not, check this too...

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

Anything in your Trusted Zone has fairly free access to your computer, make sure you are comfortable having all of these have that level of access and check any that you are not comfortable with:

O15 - Trusted Zone: http://login.live.com
O15 - Trusted Zone: http://by106fd.bay106.hotmail.msn.com
O15 - Trusted Zone: http://bband.sky.com
O15 - Trusted Zone: http://www.skybroadband.com

Close all open windows except HJT and press Fix checked...

Go to Control Panel - Add or Remove Programs and remove MyWebSearch or anything resembling that name in the list...

Reboot and post a fresh log, note any problems that continue...

Thanks for the help, if I get stuck i'll be back tomorrow obout the same time. Nice one!

My bad, too fast on the trigger......

hi i've done everything you've said. i put the checks in and they got deleted. i still have the same problems though. i log in to most programs and nothing happens, it just stays on the same screen.

i've also checked all firewalls to allow the programs, and they are all fine.

Without seeing the log I asked you to post, I don't know what to suggest next...

Scan saved at 09:05:21, on 15/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Morpheus\Morpheus.exe
C:\Program Files\Vasilios Applications\TranspApps\TranspApps.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.skybroadband.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/radio1/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3061218
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.skybroadband.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband
R3 - URLSearchHook: (no name) - {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\3.bin\MBSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: MorpheusToolbar BHO - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\3.bin\MORPHBAR.DLL
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {D73F49B1-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\3.bin\MBSRCAS.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\3.bin\MORPHBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O4 - Startup: TranspApps.lnk = C:\Program Files\Vasilios Applications\TranspApps\TranspApps.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - [url]http://favorites.live.com/quickadd.aspx[/url]
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - [url]http://www.skybroadband.com[/url] (file missing)
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

Use HJT to fix this:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Otherwise, your log looks okay... Try these scans to see if they pick up anything more:

* Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Doubleclick the drweb-cureit.exe file and Allow to run the express scan
This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
Once the short scan has finished, mark the drives that you want to scan.
Select all drives. A red dot shows which drives have been chosen.
Click the green arrow at the right, and the scan will start.
Click 'Yes to all' if it asks if you want to cure/move the file.
When the scan has finished, look if you can click next icon next to the files found: http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif
If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif
This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
Save the report to your desktop. The report will be called DrWeb.csv
Close Dr.Web Cureit.
Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.


And then:

* Click here (http://support.f-secure.com/enu/home/ols.shtml) to use the F-Secure Online Scanner
Then click the Start Scanning button below.
You should get a notification (bar on top) to install the activeX. Click on it and select to install the ActiveX.
Once the ActiveX is installed, you should accept the License terms by clicking OK below to start the scan.
In case you are having problems with installing the ActiveX/starting the scan, please read here (http://support.f-secure.com/enu/home/ols-faq.shtml).
Click the Full System Scan button.
It will start to download scanner components and databases. This can take a while.
The main scan will start.
Once the scan finished scanning, click the Automatic cleaning (recommended) button
It could be possible that your firewall gives an alert - allow it, because that's a connection you establish to submit infected files to F-Secure.
The cleaning can take a while, so please be patient.
Then click the Show report button and copy and paste what's present under results in your next reply.


Post both logs here...

Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\ D:\


--------------------------------------------------------------------------------

Result: 62 malware found
Tracking Cookie (spyware)
System (Disinfected)
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System (Submitted)
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
System
W32/DLoader.AMSO (virus)
C:\PROGRAM FILES\DIGSTREAM\DIGSTREAM.EXE (Submitted)

--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 39877
System: 5459
Not scanned: 6
Actions:
Disinfected: 1
Renamed: 0
Deleted: 0
None: 61
Submitted: 2
Files not scanned:
C:\HIBERFIL.SYS
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3AD391678A80 6EC4D691E83AAA393B6F_24ADF822-76F7-4481-B30B-FF1B40F8687F
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DAC1A3461B71 8130D43354416B1A0810_24ADF822-76F7-4481-B30B-FF1B40F8687F

--------------------------------------------------------------------------------

Options
Scanning engines:
F-Secure Libra: 2.4.2, 2007-02-14
F-Secure AVP: 7.0.171, 2007-02-16
F-Secure Orion: 1.2.37, 2007-02-16
F-Secure Blacklight: 1.0.53, 0000-00-00
F-Secure Draco: 1.0.35, 0260-02-44
F-Secure Pegasus: 1.19.0, 2007-01-12
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX

I used hjt to clean the file.........drwebcureit found no problems with the scan......still same problems

Which scan is this??

Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\ D:\

Run this scan and let it fix what it finds...

Download Superantispyware (http://www.superantispyware.com/?tag=GOOGLE-SUPERANTISPYWARE)

Install the programme and when the first page opens on the bottom left will be a check for updates button click this to update the programme

Then run SuperAntispyware

On the first page select SCAN YOUR COMPUTER
On the next page select COMPLETE SCAN and tick ALL your drives
The next stage will take a while as your entire drive(s), memory and registry are scanned
When it has completed click NEXT
The next screen shows the problems found click OK
On the next screen place a tick against all items and select NEXT

Now to get the log Go to the PREFERENCES button on the right bottom
Select the STATISTICS/LOG tab
Highlight the scan just completed and click VIEW LOG
This will open a notepad text file copy and paste this to your next reply

Budfred....the last scan shown was f-line secure. (My replies take a while as I work away).

If spyware has been excluded consider whether it is only https:// web pages that are affected. http://www.duxcw.com/faq/win/xp/secure.htm

SUPERAntiSpyware Scan Log
Generated 02/25/2007 at 07:58 AM

Application Version : 3.5.1016

Core Rules Database Version : 3189
Trace Rules Database Version: 1199

Scan type : Complete Scan
Total Scan Time : 00:40:58

Memory items scanned : 622
Memory threats detected : 0
Registry items scanned : 5798
Registry threats detected : 0
File items scanned : 47206
File threats detected : 102

Adware.Tracking Cookie
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@statcounter[2].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@ad.uk.tangozebra[1].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@adrevolver[1].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@media.adrevolver[1].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@msnservices.112.2o7[1].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@ad.uk.tangozebra[3].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@atdmt[2].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@ad1.clickhype[1].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@doubleclick[1].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@msnportal.112.2o7[2].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@ehg-bskyb.hitbox[2].txt
C:\Documents and Settings\Sam Hale\Cookies\sam_hale@ads.telegraph.co[2].txt
C:\Documents and Settings\Amie Hale\Cookies\amie hale@2o7[1].txt
C:\Documents and Settings\Amie Hale\Cookies\amie hale@ads.morpheus[1].txt
C:\Documents and Settings\Amie Hale\Cookies\amie hale@ehg-bskyb.hitbox[2].txt
C:\Documents and Settings\Amie Hale\Cookies\amie hale@zedo[1].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@adrevolver[1].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@atdmt[2].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@boonty.122.2o7[1].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@burstnet[2].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@ehg-dig.hitbox[2].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@ehg-littlewoods.hitbox[1].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@hitbox[2].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@imrworldwide[2].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@media.adrevolver[1].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@mywebsearch[1].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@statcounter[2].txt
C:\Documents and Settings\Amie Hale\Cookies\amie_hale@xiti[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@1837online.77tracking[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@247realmedia[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@2o7[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ad.yieldmanager[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ads.morpheus[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ads.telegraph.co[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@bizrate.co[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@carphonewarehouse.112.2o7[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@casalemedia[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@centerparcs.112.2o7[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@doubleclick[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@e-2dj6wjlogkdzwlp.stats.esomniture[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ehg-carphonewarehouse.hitbox[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ehg-dig.hitbox[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ehg-hitent.hitbox[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ehg-littlewoods.hitbox[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ehg-mgnlimited.hitbox[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ehg-pharmacia.hitbox[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@ehg-rodale.hitbox[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@h.starware[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@interchangecorporation.122.2o7[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@jamster.co[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@media6.sitebrand[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@myticketmarket.112.2o7[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@order.jamster.co[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@revsci[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@roiservice[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@serif.112.2o7[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@teletext.112.2o7[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@trinitymirror.112.2o7[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@valueclick[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@www.etracker[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma parfitt@www.intelli-tracker[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@3d-screensaver-downloads[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@ad.uk.tangozebra[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@ad.uk.tangozebra[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@adrevolver[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@ads.pointroll[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@advertising[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@aoluk.122.2o7[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@atdmt[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@bizrate[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@burstnet[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@counter.surfcounters[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@counter2.hitslink[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@ehg-bskyb.hitbox[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@ehg-flextech.hitbox[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@hitbox[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@hotlog[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@imrworldwide[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@keepmedia[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@keywordmax[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@livenation.122.2o7[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@media.adrevolver[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@mediamgr.ugo[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@mediaplex[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@mediauk[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@msnportal.112.2o7[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@msnservices.112.2o7[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@mywebsearch[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@overture[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@questionmarket[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@server.iad.liveperson [1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@server.iad.liveperson [3].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@spylog[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@statcounter[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@stats.channel4[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@statse.webtrendslive[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@tracking.summitmedia. co[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@vhost.oddcast[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@web4.realtracker[1].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@www.3pintracking[2].txt
C:\Documents and Settings\Emma Parfitt\Cookies\emma_parfitt@zedo[2].txt

Adware.WhenU
C:\PROGRAM FILES\DAEMON TOOLS\SETUPDTSB.EXE

my last log shows addresses to everything, is this stuff safe to be shown or should i remove it.

If you mean what look like email addresses, those are actually cookies and hopefully they were removed... Did you have SuperAntispyware fix what it found??

If it did, there is a good chance your computer is clean... How is it running??

The first part of your F-Secure log doesn't look like it usually does, it may be a good idea to run it again...