|
| ||
| Background Locked, and Red X in the taskbar Hello, Today when i got on the computer i noticed a red x on the taskbar and it kept on bringing up a bubble saying that i need to download something to get rid of it, i just closed it then i noticed that my desktop background had changed to black and had a message in the bottom right hand corner saying something like your computer is in danger windows security center recommends you donwload a program to fix it or something along them lines i ran SuperAnti Spyware and iot seemed to get rid of the problem but then i went to change the background back and it is still disabled!! Logfile of HijackThis v1.99.1 Scan saved at 5:44:16 PM, on 4/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\htpatch.exe C:\WINDOWS\system32\CTHELPER.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe C:\Program Files\OptusNet DSL Internet\DSC.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe C:\Documents and Settings\Internet2\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.optusnet.com.au/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl.optusnet.com.au/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [virtual-ie] winlogi.exe O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [ITPIPSetup] "D:\setupstb.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunServices: [virtual-ie] winlogi.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/ O16 - DPF: JT's Blocks - http://download.games.yahoo.com/game...s/y/blt1_x.cab O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/game...ts/y/xt0_x.cab O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/game...ts/y/zt3_x.cab O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/game.../y/mjst4_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/potg_x.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freewar...eanerstart.cab O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/binari...1049_EN_XP.cab O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binari...SS_1070_XP.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://socceroosfan01.spaces.msn.com...d/MsnPUpld.cab O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.dlv4.com/binaries/IA/...vc32_EN_XP.cab O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_EN_XP.cab O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binari...vc32_EN_XP.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {9EB4F647-FE4A-42F9-9F5C-B8FB28DD02F9} - http://scripts.dlv4.com/binaries/IA/...2svc_EN_XP.cab O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binari...SS_1073_XP.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: SysWgu - Unknown owner - \\?\C:\Program Files\Common Files\System\aux.exe (file missing) |
| ||
| Re: Background Locked, and Red X in the taskbar I have now done a ewido anti-spyware scan in safe mode and and a new hijackthis and here are the reports --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 5:57:35 PM 9/09/2006 + Scan result: C:\WINDOWS\system32\tmmgr.dll -> Downloader.Agent.anj : Cleaned with backup (quarantined). :mozilla.57:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.68:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.96:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.97:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.24:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.24:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-3.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.256:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.25:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-3.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.261:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.26:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.279:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.63:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.75:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.76:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.77:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Internet2\Cookies\internet2@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.10:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.214:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.7:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.8:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.9:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.43:C:\FOUND.213\FILE0001.CHK -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.23:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.24:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.25:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.26:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.27:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.50:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.51:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.57:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). :mozilla.64:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). :mozilla.98:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). :mozilla.103:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.105:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.39:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.40:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.41:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.52:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.55:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.80:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined). :mozilla.81:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined). :mozilla.95:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined). :mozilla.45:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). :mozilla.65:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). :mozilla.301:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). :mozilla.302:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). :mozilla.303:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). :mozilla.37:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). :mozilla.215:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined). :mozilla.107:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.108:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.109:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.110:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.111:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.112:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.276:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.14:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\4mz65j7i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.231:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.237:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.238:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.58:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.59:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.60:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.225:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined). :mozilla.226:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined). :mozilla.227:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined). :mozilla.228:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined). :mozilla.90:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined). :mozilla.208:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined). :mozilla.212:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined). :mozilla.213:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined). :mozilla.308:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). :mozilla.309:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.310:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.108:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). :mozilla.109:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). :mozilla.265:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). C:\Documents and Settings\Internet2\Cookies\internet2@paycounter[1].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined). :mozilla.137:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined). :mozilla.138:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined). :mozilla.91:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.92:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.93:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.94:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.95:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). C:\Documents and Settings\Internet2\Cookies\internet2@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.29:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). :mozilla.31:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). :mozilla.36:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). :mozilla.45:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). :mozilla.36:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined). :mozilla.38:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined). :mozilla.20:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.21:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.22:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.23:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.257:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.258:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.259:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.260:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). C:\Documents and Settings\Internet2\Cookies\internet2@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.101:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.102:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.248:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.249:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.250:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.124:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.125:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.126:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.127:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.128:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.129:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.130:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.131:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.35:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.147:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined). :mozilla.179:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined). :mozilla.180:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined). :mozilla.181:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined). :mozilla.182:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined). :mozilla.100:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined). :mozilla.46:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.47:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.48:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.49:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.72:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.73:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.74:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.98:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.99:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.83:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). :mozilla.84:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). :mozilla.85:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). C:\WINDOWS\Downloaded Program Files\UDC6_0001_D10M2905NetInstaller.exe -> Trojan.Fakealert : Cleaned with backup (quarantined). ::Report end Logfile of HijackThis v1.99.1 Scan saved at 6:27:06 PM, on 9/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\htpatch.exe C:\WINDOWS\system32\CTHELPER.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe C:\Program Files\OptusNet DSL Internet\DSC.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Documents and Settings\Internet2\Desktop\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.optusnet.com.au/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl.optusnet.com.au/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [virtual-ie] winlogi.exe O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [ITPIPSetup] "D:\setupstb.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\RunServices: [virtual-ie] winlogi.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/ O16 - DPF: JT's Blocks - http://download.games.yahoo.com/game...s/y/blt1_x.cab O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/game...ts/y/xt0_x.cab O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/game...ts/y/zt3_x.cab O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/game.../y/mjst4_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/potg_x.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freewar...eanerstart.cab O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/binari...1049_EN_XP.cab O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binari...SS_1070_XP.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://socceroosfan01.spaces.msn.com...d/MsnPUpld.cab O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.dlv4.com/binaries/IA/...vc32_EN_XP.cab O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_EN_XP.cab O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binari...vc32_EN_XP.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {9EB4F647-FE4A-42F9-9F5C-B8FB28DD02F9} - http://scripts.dlv4.com/binaries/IA/...2svc_EN_XP.cab O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binari...SS_1073_XP.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: SysWgu - Unknown owner - \\?\C:\Program Files\Common Files\System\aux.exe (file missing) and i still cant change my desktop background |
| All times are GMT -4. The time now is 3:43 pm. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC