0

Hello, Today when i got on the computer i noticed a red x on the taskbar and it kept on bringing up a bubble saying that i need to download something to get rid of it, i just closed it then i noticed that my desktop background had changed to black and had a message in the bottom right hand corner saying something like your computer is in danger windows security center recommends you donwload a program to fix it or something along them lines
i ran SuperAnti Spyware and iot seemed to get rid of the problem but then i went to change the background back and it is still disabled!!


Logfile of HijackThis v1.99.1
Scan saved at 5:44:16 PM, on 4/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\OptusNet DSL Internet\DSC.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Documents and Settings\Internet2\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [virtual-ie] winlogi.exe
O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ITPIPSetup] "D:\setupstb.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [virtual-ie] winlogi.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/games/clients/y/zt3_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potg_x.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/binaries/P2EClient/EGAUTH_1049_EN_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://socceroosfan01.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.dlv4.com/binaries/IA/sysiasvc32_EN_XP.cab
O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_EN_XP.cab
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binaries/IA/syswbsvc32_EN_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9EB4F647-FE4A-42F9-9F5C-B8FB28DD02F9} - http://scripts.dlv4.com/binaries/IA/sysia32svc_EN_XP.cab
O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1073_XP.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SysWgu - Unknown owner - \\?\C:\Program Files\Common Files\System\aux.exe (file missing)

1
Contributor
1
Reply
2
Views
10 Years
Discussion Span
Last Post by Jake06
0

I have now done a ewido anti-spyware scan in safe mode and and a new hijackthis and here are the reports

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:57:35 PM 9/09/2006

+ Scan result:

C:\WINDOWS\system32\tmmgr.dll -> Downloader.Agent.anj : Cleaned with backup (quarantined).
:mozilla.57:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.68:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.96:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.97:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-3.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.256:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-3.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.261:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.279:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.63:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.75:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.76:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.77:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Internet2\Cookies\internet2@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.214:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.7:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.8:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.9:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.43:C:\FOUND.213\FILE0001.CHK -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.27:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.50:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.51:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.57:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.64:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.98:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.103:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.105:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.40:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.41:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.52:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.55:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.80:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.81:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.95:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.45:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.65:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.301:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.302:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.303:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.37:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.215:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
:mozilla.107:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.108:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.109:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.110:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.111:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.112:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.276:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.14:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\4mz65j7i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.231:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.237:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.238:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.58:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.59:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.60:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.225:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.226:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.227:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.228:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.90:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.208:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.212:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.213:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.308:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.309:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.310:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.108:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.109:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.265:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\Internet2\Cookies\internet2@paycounter[1].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
:mozilla.137:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.138:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.91:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.92:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.93:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.94:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.95:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\Internet2\Cookies\internet2@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.29:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.45:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.38:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.257:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.258:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.259:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.260:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Internet2\Cookies\internet2@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.101:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.102:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.248:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.249:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.250:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.124:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.125:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.126:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.127:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.128:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.129:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.130:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.131:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.147:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.179:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.180:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.181:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.182:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.100:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.46:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.47:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.48:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.49:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.73:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.74:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.98:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.99:C:\Documents and Settings\Internet2\Application Data\Mozilla\Firefox\Profiles\3rjrl11l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.83:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.84:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.85:C:\Documents and Settings\Jake.OEM-VSW4ECXI8FT\Application Data\Mozilla\Firefox\Profiles\01f5ql6g.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UDC6_0001_D10M2905NetInstaller.exe -> Trojan.Fakealert : Cleaned with backup (quarantined).


::Report end


Logfile of HijackThis v1.99.1
Scan saved at 6:27:06 PM, on 9/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\OptusNet DSL Internet\DSC.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Internet2\Desktop\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [virtual-ie] winlogi.exe
O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ITPIPSetup] "D:\setupstb.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunServices: [virtual-ie] winlogi.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/games/clients/y/zt3_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potg_x.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/binaries/P2EClient/EGAUTH_1049_EN_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://socceroosfan01.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.dlv4.com/binaries/IA/sysiasvc32_EN_XP.cab
O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_EN_XP.cab
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binaries/IA/syswbsvc32_EN_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9EB4F647-FE4A-42F9-9F5C-B8FB28DD02F9} - http://scripts.dlv4.com/binaries/IA/sysia32svc_EN_XP.cab
O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1073_XP.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SysWgu - Unknown owner - \\?\C:\Program Files\Common Files\System\aux.exe (file missing)


and i still cant change my desktop background

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.