Background Locked, and Red X in the taskbar

Expand Post »

Hello, Today when i got on the computer i noticed a red x on the taskbar and it kept on bringing up a bubble saying that i need to download something to get rid of it, i just closed it then i noticed that my desktop background had changed to black and had a message in the bottom right hand corner saying something like your computer is in danger windows security center recommends you donwload a program to fix it or something along them lines
i ran SuperAnti Spyware and iot seemed to get rid of the problem but then i went to change the background back and it is still disabled!!

Logfile of HijackThis v1.99.1
Scan saved at 5:44:16 PM, on 4/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\OptusNet DSL Internet\DSC.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Documents and Settings\Internet2\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [virtual-ie] winlogi.exe
O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ITPIPSetup] "D:\setupstb.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [virtual-ie] winlogi.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/game...s/y/blt1_x.cab
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/game...ts/y/xt0_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/game...ts/y/zt3_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/game.../y/mjst4_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/potg_x.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freewar...eanerstart.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/binari...1049_EN_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binari...SS_1070_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://socceroosfan01.spaces.msn.com...d/MsnPUpld.cab
O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.dlv4.com/binaries/IA/...vc32_EN_XP.cab
O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_EN_XP.cab
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binari...vc32_EN_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9EB4F647-FE4A-42F9-9F5C-B8FB28DD02F9} - http://scripts.dlv4.com/binaries/IA/...2svc_EN_XP.cab
O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binari...SS_1073_XP.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SysWgu - Unknown owner - \\?\C:\Program Files\Common Files\System\aux.exe (file missing)

Similar Threads

Please help- Virus Pop Up in Taskbar and Desktop Background Lock Out in Viruses, Spyware and other Nasties
Locked Background + Virus in Viruses, Spyware and other Nasties
desktop background is locked, what to do. (hijackthis log file is posted) in Viruses, Spyware and other Nasties
For maraniba: Desktop background locked out in Viruses, Spyware and other Nasties
antivirusGold and red circle with white X in Viruses, Spyware and other Nasties

Jake06

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

2 posts
since Sep 2006

Permalink

Sep 9th, 2006

Re: Background Locked, and Red X in the taskbar

I have now done a ewido anti-spyware scan in safe mode and and a new hijackthis and here are the reports

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:57:35 PM 9/09/2006

+ Scan result:

C:\WINDOWS\system32\tmmgr.dll -> Downloader.Agent.anj : Cleaned with backup (quarantined).
:mozilla.57:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.68:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.96:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.97:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-3.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.256:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-3.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.261:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.279:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.63:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.75:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.76:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.77:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Internet2\Cookies\internet2@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.214:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.7:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.8:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.9:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.43:C:\FOUND.213\FILE0001.CHK -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.27:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.50:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.51:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.57:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.64:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.98:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.103:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.105:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.40:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.41:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.52:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.55:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.80:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.81:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.95:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.45:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.65:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.301:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.302:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.303:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.37:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.215:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
:mozilla.107:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.108:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.109:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.110:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.111:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.112:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.276:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.14:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\4mz65j7i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.231:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.237:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.238:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.58:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.59:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.60:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.225:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.226:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.227:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.228:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.90:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.208:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.212:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.213:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.308:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.309:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.310:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.108:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.109:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.265:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\Internet2\Cookies\internet2@paycounter[1].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
:mozilla.137:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.138:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.91:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.92:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.93:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.94:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.95:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\Internet2\Cookies\internet2@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.29:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.45:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.38:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.257:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.258:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.259:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.260:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Internet2\Cookies\internet2@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.101:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.102:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.248:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.249:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.250:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.124:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.125:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.126:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.127:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.128:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.129:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.130:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.131:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.147:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.179:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.180:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.181:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.182:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.100:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.46:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.47:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.48:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.49:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.73:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.74:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.98:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.99:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.83:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.84:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.85:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UDC6_0001_D10M2905NetInstaller.exe -> Trojan.Fakealert : Cleaned with backup (quarantined).

::Report end

Logfile of HijackThis v1.99.1
Scan saved at 6:27:06 PM, on 9/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\OptusNet DSL Internet\DSC.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Internet2\Desktop\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [virtual-ie] winlogi.exe
O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ITPIPSetup] "D:\setupstb.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunServices: [virtual-ie] winlogi.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/game...s/y/blt1_x.cab
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/game...ts/y/xt0_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/game...ts/y/zt3_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/game.../y/mjst4_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/potg_x.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freewar...eanerstart.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/binari...1049_EN_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binari...SS_1070_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://socceroosfan01.spaces.msn.com...d/MsnPUpld.cab
O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.dlv4.com/binaries/IA/...vc32_EN_XP.cab
O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_EN_XP.cab
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binari...vc32_EN_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9EB4F647-FE4A-42F9-9F5C-B8FB28DD02F9} - http://scripts.dlv4.com/binaries/IA/...2svc_EN_XP.cab
O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binari...SS_1073_XP.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SysWgu - Unknown owner - \\?\C:\Program Files\Common Files\System\aux.exe (file missing)

and i still cant change my desktop background

Jake06

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

2 posts
since Sep 2006

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: Help with Virus Alert ! HJT and SmitfraudFix log included

Next Thread in Viruses, Spyware and other Nasties Forum Timeline: ntsystem.exe

DaniWeb Message

Cancel Changes

User Name
Password