Because I'd viewed previous threads, I kinda already used VundoFix (which means the scan was clean). These were the results of the previous Vundo scan:
VundoFix Log.
VundoFix V6.6.2
Checking Java version...
Scan started at 8:38:58 PM 18/11/2007
Listing files found while scanning....
C:\windows\system32\awvuv.dll
C:\windows\system32\ddayx.dll
C:\windows\system32\ddcaw.dll
C:\windows\system32\dgjlm.ini
C:\windows\system32\dgjlm.ini2
C:\windows\system32\fccby.dll
C:\windows\system32\iknmp.ini
C:\windows\system32\mljgd.dll
C:\windows\system32\opppp.dll
C:\windows\system32\pmnki.dll
C:\windows\system32\ppppo.ini
C:\windows\system32\ppppo.ini2
C:\windows\system32\vuvwa.ini
C:\windows\system32\vuvwa.ini2
C:\windows\system32\wacdd.ini
C:\windows\system32\wacdd.ini2
C:\windows\system32\xyadd.ini
C:\windows\system32\xyadd.ini2
C:\windows\system32\ybccf.ini
C:\windows\system32\ybccf.ini2
Beginning removal...
Attempting to delete C:\windows\system32\awvuv.dll
C:\windows\system32\awvuv.dll Has been deleted!
Attempting to delete C:\windows\system32\ddayx.dll
C:\windows\system32\ddayx.dll Has been deleted!
Attempting to delete C:\windows\system32\ddcaw.dll
C:\windows\system32\ddcaw.dll Has been deleted!
Attempting to delete C:\windows\system32\dgjlm.ini
C:\windows\system32\dgjlm.ini Has been deleted!
Attempting to delete C:\windows\system32\dgjlm.ini2
C:\windows\system32\dgjlm.ini2 Has been deleted!
Attempting to delete C:\windows\system32\fccby.dll
C:\windows\system32\fccby.dll Has been deleted!
Attempting to delete C:\windows\system32\iknmp.ini
C:\windows\system32\iknmp.ini Has been deleted!
Attempting to delete C:\windows\system32\mljgd.dll
C:\windows\system32\mljgd.dll Has been deleted!
Attempting to delete C:\windows\system32\opppp.dll
C:\windows\system32\opppp.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnki.dll
C:\windows\system32\pmnki.dll Has been deleted!
Attempting to delete C:\windows\system32\ppppo.ini
C:\windows\system32\ppppo.ini Has been deleted!
Attempting to delete C:\windows\system32\ppppo.ini2
C:\windows\system32\ppppo.ini2 Has been deleted!
Attempting to delete C:\windows\system32\vuvwa.ini
C:\windows\system32\vuvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\vuvwa.ini2
C:\windows\system32\vuvwa.ini2 Has been deleted!
Attempting to delete C:\windows\system32\wacdd.ini
C:\windows\system32\wacdd.ini Has been deleted!
Attempting to delete C:\windows\system32\wacdd.ini2
C:\windows\system32\wacdd.ini2 Has been deleted!
Attempting to delete C:\windows\system32\xyadd.ini
C:\windows\system32\xyadd.ini Has been deleted!
Attempting to delete C:\windows\system32\xyadd.ini2
C:\windows\system32\xyadd.ini2 Has been deleted!
Attempting to delete C:\windows\system32\ybccf.ini
C:\windows\system32\ybccf.ini Has been deleted!
Attempting to delete C:\windows\system32\ybccf.ini2
C:\windows\system32\ybccf.ini2 Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.6.2
Checking Java version...
Scan started at 10:13:41 PM 18/11/2007
Listing files found while scanning....
No infected files were found.
VundoFix V6.6.2
Checking Java version...
Scan started at 3:48:50 PM 2007-11-20
Listing files found while scanning....
SmitFraudFix:
SmitFraudFix v2.253
Scan done at 16:05:26.32, 2007-11-20
Run from C:\Documents and Settings\dis0003\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\NETGEAR\WG511v2\wlancfg5.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
hosts file corrupted !
127.0.0.1 legal-at-spybot.info
127.0.0.1
www.legal-at-spybot.info
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\dis0003
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\dis0003\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\dis0003\Favorites
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="\"\",wbsys.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: NETGEAR WG511v2 54 Mbps Wireless PC Card - Packet Scheduler Miniport
DNS Server Search Order: 10.0.0.138
DNS Server Search Order: 10.0.0.138
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CE3C0847-A744-439C-AF04-145D3C4775F1}: DhcpNameServer=10.0.0.138 10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CE3C0847-A744-439C-AF04-145D3C4775F1}: DhcpNameServer=10.0.0.138 10.0.0.138
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
Hijackthis Report:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:07, on 2007-11-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\NETGEAR\WG511v2\wlancfg5.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://intranet.balwynhs.vic.edu.au/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.balwynhs.vic.edu.au;172.*;*.education.vic.gov.au;*.sofweb.vic.edu.au;*.vass.vic.edu.au;*.eduweb.vic.gov.au;*.edudev.vic.gov.au;*.edumail.vic.gov.au;*.otte.vic.gov.au;*.icon.edu.vic.gov.au;*.ultranet.vic.edu.au;*.vcaa.vic.edu.au;*.local
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: Dictionary.com - {11359F4A-B191-42D7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\lexbar.dll
O3 - Toolbar: Pop-Up Stopper &Companion - {8F05B1A8-9D77-4B8F-AF54-6B2202066F95} - C:\Program Files\Panicware\Pop-Up Stopper Companion\popupus.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [SpybotDeletingA6803] command /c del "C:\Program Files\SpywareBot\DataBase.ref"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4467] cmd /c del "C:\Program Files\SpywareBot\DataBase.ref"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5110] command /c del "C:\Program Files\Spywarebot\Launcher.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5727] cmd /c del "C:\Program Files\Spywarebot\Launcher.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8890] command /c del "C:\Program Files\SpywareBot\SpywareBot.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4007] cmd /c del "C:\Program Files\SpywareBot\SpywareBot.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8352] command /c del "C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\Uninstall SpywareBot.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4192] cmd /c del "C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\Uninstall SpywareBot.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5612] command /c del "C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot on the Web.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7566] cmd /c del "C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot on the Web.lnk"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB8854] command /c del "C:\Program Files\SpywareBot\DataBase.ref"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4786] cmd /c del "C:\Program Files\SpywareBot\DataBase.ref"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3100] command /c del "C:\Program Files\Spywarebot\Launcher.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6116] cmd /c del "C:\Program Files\Spywarebot\Launcher.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4276] command /c del "C:\Program Files\SpywareBot\SpywareBot.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4551] cmd /c del "C:\Program Files\SpywareBot\SpywareBot.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6473] command /c del "C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\Uninstall SpywareBot.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7812] cmd /c del "C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\Uninstall SpywareBot.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6712] command /c del "C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot on the Web.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5577] cmd /c del "C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot on the Web.lnk"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NETGEAR Smart Wizard.lnk = ?
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\IESpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\IESpell\wikipedia.HTM
O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Search &Dictionary - C:\Program files\Lexico\Toolbar\dictionary.htm
O8 - Extra context menu item: Search &Thesaurus - C:\Program files\Lexico\Toolbar\thesaurus.htm
O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O15 - Trusted Zone:
http://toolbar.imageshack.us
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/EN-AU/.../GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/microsof...?1189310573102
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) -
http://toolbar.imageshack.us/toolbar...ackToolbar.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsof...?1189310549718
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} -
http://dictionary.reference.com/tool...bar/lexico.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary...r.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = balwynhs.vic.edu.au
O17 - HKLM\Software\..\Telephony: DomainName = balwynhs.vic.edu.au
O17 - HKLM\System\CCS\Services\Tcpip\..\{64E8F97B-0E16-4880-B1DC-B4BE5415C0CD}: Domain = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE3C0847-A744-439C-AF04-145D3C4775F1}: Domain = vic.bigpond.net.au
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = balwynhs.vic.edu.au
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = balwynhs.vic.edu.au
O20 - AppInit_DLLs: "",wbsys.dll
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
--
End of file - 13316 bytes
Marked Solved 
Offline 
