Anti spyware programs reporting spyware I cannot find

Trend Micro HouseCall (free vers) and Panda ActiveScan(free vers) are telling me I have Gator on my PC. I cannot find any traces of them and neither do any of the following programs. Norton anti-virus (including gator removal scan), ZoneAlarm Pro, Microsoft anti spyware Beta, PC Pitstop free scan, spybot and Adaware.

I run Firefox latest browser as main browser, IE as needed and occasionally Netscape and Opera.
Do I just ignore these problems or continue trying to find Gator?
I have searched the registry for Gain and Gator and they do not appear to exist there.

Trend Micro has told me that the following are on my system (all appear to be Gator related). Trak_SE.77235, BHO_SE.66436, BHO_SE.66440, BHO-SE>66444, BH)_SE.66449,KEYL_SE.71724,ADW.SE.72688 and Trak_se.77235

Thank you one and all for whoever can help.
Following is my HijackThis log.

Logfile of HijackThis v1.99.1
Scan saved at 6:38:08 PM, on 12/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Microsoft Office\Office\1033\msoffice.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ProcessExp\procexp.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\hijackthis\HijackThis.exe

N3 - Netscape 7: user_pref( "browser.startup.homepage ", "http://my.yahoo.com/ "); (C:\Documents and Settings\Georgia Bodle\Application Data\Mozilla\Profiles\default\onbxkbhx.slt\prefs.js)
N3 - Netscape 7: user_pref( "browser.search.defaultengine ", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src "); (C:\Documents and Settings\Georgia Bodle\Application Data\Mozilla\Profiles\default\onbxkbhx.slt\prefs.js)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O12 - Plugin for .xml: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pcpitstop.com/pestscan/pestscan.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (CwlscInstall Object) - https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase2213.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

 

hello. my name is mrsmith. I work on tuesday. Tuesday is my secretary. LOL just kidding.
Please do the following:
Start up HiJack This and click on "scan system "
then place a checkmark next to the following items:
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

now click on "fix selected" and restart your computer.

Now run HiJack This and post your new log.
Thank You.

 

I removed the items suggested by Mr Smith

following is new HJT log file.

Thanks

Logfile of HijackThis v1.99.1
Scan saved at 4:20:24 PM, on 12/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Microsoft Office\Office\1033\msoffice.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office\1033\wfxmsrvr.exe
C:\PROGRA~1\MICROS~4\Office\1033\OLFMOD32.EXE
C:\Program Files\Norton AntiVirus\OPScan.exe
C:\Program Files\hijackthis\HijackThis.exe

N3 - Netscape 7: user_pref( "browser.startup.homepage ", "http://my.yahoo.com/ "); (C:\Documents and Settings\Georgia Bodle\Application Data\Mozilla\Profiles\default\onbxkbhx.slt\prefs.js)
N3 - Netscape 7: user_pref( "browser.search.defaultengine ", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src "); (C:\Documents and Settings\Georgia Bodle\Application Data\Mozilla\Profiles\default\onbxkbhx.slt\prefs.js)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O12 - Plugin for .xml: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (CwlscInstall Object) - https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase2213.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

 

jorjab--You might also want to run another scan with Housecall and/or Panda to see if they still report the baddies. Did you ever run a search to see if you had those files on the PC?
I am a little surprised the antivirus programs did not offer to quarantine or delete if they found Gator. Perhaps that is because Gator is really spyware and not a virus.
You could try
1) http://www.pchell.com/support/gator.shtml
2) Download, install and update the reference files for AdAware SE Personal (free)
http://www.lavasoft.de/support/download/
Then scan your PC with AdAware. If it finds any Gator related material, it should offer to delete.
If still no success, lots of other removal ideas here
http://www.google.com/search?source...&rls=GGLD,GGLD:2004-31,GGLD:en&q=remove+gator

 

Yahoo and Claria (formerly Gator) are in bed together. They could be detecting it in Yahoo! Companion.

Yahoo Gives Adware a Pass

 

Re comments from WelshJim
" Did you ever run a search to see if you had those files on the PC? " Yes I had done that and found nothing.

re comment from Whiskey Man

Just removed Yahoo tool bar, which Firefox does not currently allow for anyway, it was used in previous version of Firefox.

" Download, install and update the reference files for AdAware SE Personal (free) http://www.lavasoft.de/support/download/
Then scan your PC with AdAware. "
Yes I had done that and do it regularly - It found nothing.

trend micro still finds the following Trak_se.77236
BHO_SE.66436, 66440, 66444 and 66449 and Keyl_SE.71724
do not like TrendMicro - takes forever and I am suspicious of it as the Shredder (CWShredder) they recommend definitely installs spyware.

Just ran Panda scan again still says I have Gator in the registry.

"1) http://www.pchell.com/support/gator.shtml "
This does not help as none of these things show gator as being on my PC.

"If still no success, lots of other removal ideas here
http://www.google.com/search?sourcei...q=remove+gator
Most of the links do not help.
Found this, I am trying called XOFTSpy (never heard of it before)- am running free scan on pc (after remove Yahoo toolbar). It appears to be finding things of another nature. Will post that info tomorrow after investigating the results as well as this particular program.

My computer runs fine and does not appear to be sending out any info I do not want it to send nor redirect me anywhere. My cookies are kept clean except for necessary ones.
I keep wondering if I really have a problem or not?

Thanks all
I am supposed to be wrapping presents now instead of fooling with this problem and My adult son has more serious problems on his laptop, I may have to help him solve his problems which are probably ones I can figure out myself.
I think I am getting punchy at this point.
Happy Holidays, Merry Christmas, Happy Hannukah, Happy Kwanzaa, Celebrate the Winter Solstice and whatever else applies to you.

Jorjab

 

OK I have some issues with your log. will explain in a bit but have to get everything together for you.
good that you uninstalled Yahoo. especially after seeing whiskeymans post.
do you currently have McAffee Virus scan on your computer?
Do me a favor, 1st restart your computer and do not open any programs, browsers or anything other than what is listed below.
Next make sure all files and folders are showing. open windows explorer and under tools > folder options > view tab > select "show hidden files and folders ". click on ok and close windows explorer.
Now create a new restore point (under the all programs > accessories > system tools > system restore) and then run the Diskk Cleanup utility that comes with your operating system (in same location as system restore) make sure all boxes are checked (except compressed files) and then click on the more options tab. at the bottom of window you will see system restore. click on clean up and then when prompted click OK. Now run what ever Clean up utility you have (hopefully CCleaner http://www.ccleaner.com/ccdownload.asp or cleaup40 http://www.stevengould.org/downloads/cleanup/CleanUp40.exe ).
now shut down your computer and wait 10 - 15 seconds then turn it back on. Before you do anything else run HiJack This and save the log. then post your new log and let me know about the McAffee Virus Scan.
Thank you.

 

1 more thing

the XOFTspy you mentioned was on the rouge list. they have recently been removed. sorry I should have mentioned it on last post.
http://www.spywarewarrior.com/rogue_anti-spyware.htm
You will find them on the DE-LISTED list towards bottom of page.

 

Thanks for that info whiskeyman, I thought something was going on there with Yahoo but havent taken the time to find out myself. I have refused to have any Yahoo software on my computer for years.
jorjab, hopefully your gator issue was resolved by uninstalling Yahoo. also I would like to know, have you noticed anything at all that you thought was strange?
and notice that a couple of the entries you reported found in your 1st post were not in your 3rd post? (Namely ADW.SE.72688 and Trak_se.77235) this is on the assumption that 1 of your 1st entries was a typo. I am curious to see what is left after uninstalling yahoo.
Now, here is my issue with your log file. the following are legitimate entries but have some descrepancies. especially if you ran HiJack this at a fresh restart.
1st are these entries:
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
>>> these are quite easily used by adware, spyware, trojans, etc. and should not be showing on a fresh restart. even with java enabled on your browser.
Next are these entries:
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
>>> these entries are for legitimate programs but should not be showing " (file missing) "
then finally are these entries:
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
>>> these are also legitimate entries but should not be showing the " (file missing) " on them. I also use microsoft outlook for my email client. (Office XP w/sp3) and my windows messenger is completely disabled, however here are the entries from my log file:
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Notice the diference? in essence here is what i am saying.
the first 2 entries relating to the sun java consol are legitimate entries and should be left alone. However, on a fresh restart they should not be showing up in your log. this is a sign of "foul play" to me and usually ends up being related to adware, spyware, virus', etc.
the last 4 however are definitly a problem and need to be dealt with. these are basically "holes" in your system so even if you get rid of gator, you still have holes that are exploitable by malware if you happened to catch another "cold ". LOL.
Anyways, Please do the following:
restart your computer.
open hijack this and click on "scan system ".
place a checkmark next to any of the following items that still exist as they appear here:
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
now click on "fix selected" and when it is finished, restart your computer.
Now open CCleaner. first click on analyze, then click on run cleaner.
Now restart your computer again.
open HiJack This and click on "scan and save log ".
Now you can go to the online scan sites and see if they still show gator in your system.
either way, Please post your new log and let us know the results.
Thank you.

***NOTE***
Removing the npTrident.dll makes your NB more secure. currently it can be embedded on a webpage even if you have Site Controls set to "display like Netscape ", and that opens you to all IE security bugs. In my opinion, it would be best to use IE for what you need IE features for (like windows update or online scans) and use NB the rest of the time.
Netscape browser plugin "show as IE" security risk - To remove the "Display as IE" option, just go to the C:\Program Files\Netscape\Netscape Browser\plugins directory and remove the file npTrident.dll (you may need to have the 'show system files' option set in Windows "Folder Options" to view *.dll files in that directory).
>>> O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
>>> O12 - Plugin for .xml: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll

 

Will look into everything currently suggested after 12/27/2005 and then post again.

Thanks, jorjab