n1ck4lyf

Members
  • Content count

    7
  • Joined

  • Last visited

About n1ck4lyf

  • Rank
    New Member

Contact Methods

  • ICQ
    0
  1. vundofix found no errors. but i did the other things you said. Thx Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:40:35 PM, on 4/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrv51.exe C:\Program Files\Panda Security\Panda Antivirus 2008\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Panda Security\Panda Antivirus 2008\ApvxdWin.exe C:\WINDOWS\stsystra.exe C:\Program Files\OptusNet DSL Internet\DSC.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\dvd43\dvd43_tray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Panda Security\Panda Antivirus 2008\WebProxy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Panda Security\Panda Antivirus 2008\psimreal.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: {9fe3446d-fc2d-4909-fea4-8082d63d73aa} - {aa37d36d-2808-4aef-9094-d2cfd6443ef9} - C:\WINDOWS\system32\xuhcwyww.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QQLD Agent] C:\WINDOWS\system32\Sys32\QQLD.exe O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" /s O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?76a265e0cd544361abe453ae28f3c5e4 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?76a265e0cd544361abe453ae28f3c5e4 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrv51.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9328 bytes
  2. ok i did that. here they are VundoFix V6.6.2 Checking Java version... Scan started at 10:40:31 PM 27/11/2007 Listing files found while scanning.... C:\windows\system32\aojltwjx.dll C:\windows\system32\aojltwjx.dllbox C:\windows\system32\drvtapr.dll C:\windows\system32\drvvobr.dll C:\windows\system32\wqmeurwu.dll Beginning removal... Attempting to delete C:\windows\system32\aojltwjx.dll C:\windows\system32\aojltwjx.dll Has been deleted! Attempting to delete C:\windows\system32\aojltwjx.dllbox C:\windows\system32\aojltwjx.dllbox Has been deleted! Attempting to delete C:\windows\system32\drvtapr.dll C:\windows\system32\drvtapr.dll Has been deleted! Attempting to delete C:\windows\system32\drvvobr.dll C:\windows\system32\drvvobr.dll Has been deleted! Attempting to delete C:\windows\system32\wqmeurwu.dll C:\windows\system32\wqmeurwu.dll Has been deleted! Performing Repairs to the registry. Done! VundoFix V6.6.2 Checking Java version... Scan started at 3:02:22 PM 1/12/2007 Listing files found while scanning.... C:\WINDOWS\system32\wfvgbbim.dll C:\windows\system32\wfvgbbim.dllbox VundoFix V6.6.2 Checking Java version... Scan started at 8:20:05 PM 3/12/2007 Listing files found while scanning.... C:\WINDOWS\system32\wfvgbbim.dll C:\windows\system32\wfvgbbim.dllbox Beginning removal... Attempting to delete C:\windows\system32\wfvgbbim.dllbox C:\windows\system32\wfvgbbim.dllbox Has been deleted! Performing Repairs to the registry. Done! --------------------------------------------------------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:48:13 PM, on 3/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrv51.exe C:\Program Files\Panda Security\Panda Antivirus 2008\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\Panda Security\Panda Antivirus 2008\WebProxy.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\stsystra.exe C:\Program Files\OptusNet DSL Internet\DSC.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\dvd43\dvd43_tray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Panda Security\Panda Antivirus 2008\WebProxy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Panda Security\Panda Antivirus 2008\psimreal.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {16975C1E-950B-F58A-B187-08ED8F89A6B0} - C:\Program Files\Xhsxfzvt\nqxwjuqz.dll (file missing) O2 - BHO: (no name) - {35BFEF80-9814-0F5F-9961-0444D2412BD9} - C:\Program Files\Cestzfde\jaspsadd.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: {9fe3446d-fc2d-4909-fea4-8082d63d73aa} - {aa37d36d-2808-4aef-9094-d2cfd6443ef9} - C:\WINDOWS\system32\xuhcwyww.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file) O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QQLD Agent] C:\WINDOWS\system32\Sys32\QQLD.exe O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [LanzarL2007] "C:\DOCUME~1\Nick\LOCALS~1\Temp\{51C4F6AA-16AE-4C1D-9A52-6B6C5A925AB5}\{D1DA2BA7-2592-4036-9BB2-DCCABDE8DC1A}\..\..\L2007tmp\Setup.exe" /SETUP:"/l0x0009" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" /s O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1177238915-1292428093-839522115-1011\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'DELTA 3775') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?76a265e0cd544361abe453ae28f3c5e4 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?76a265e0cd544361abe453ae28f3c5e4 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O20 - Winlogon Notify: winubg32 - winubg32.dll (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrv51.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 10083 bytes thank you for the help B)
  3. hi. the panda scan dosnt work. when it starts downloading the updates, it stops at 472 seconds remaining. here is the combofix scan and hijackthis ComboFix 07-11-19.4C - Nick 2007-12-01 12:54:52.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.488 [GMT 11:00] Running from: C:\Documents and Settings\Nick\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Administrator.DIMENSIO-53255A\Desktop\Live Safety Center.lnk C:\Documents and Settings\Administrator.DIMENSIO-53255A\Desktop\Online Security Guide.lnk C:\Documents and Settings\Administrator.DIMENSIO-53255A\Favorites\Online Security Guide.lnk C:\Documents and Settings\All Users\Application Data.\klqtozqv.dll C:\Documents and Settings\All Users\Start Menu\Live Safety Center.lnk C:\Documents and Settings\All Users\Start Menu\Online Security Guide.lnk C:\Documents and Settings\DELTA 3775\Application Data\MANTEC~1 C:\Documents and Settings\DELTA 3775\Application Data\MANTEC~1\??mantec\ C:\Documents and Settings\Nick\Desktop\Live Safety Center.lnk C:\Documents and Settings\Nick\Desktop\Online Security Guide.lnk C:\Documents and Settings\Nick\Favorites\Online Security Guide.lnk C:\Program Files\Common Files\sstem~1 C:\Program Files\Common Files\sstem~1\s?stem\ C:\Program Files\SecCenter C:\Program Files\SecCenter\scprot4.exe C:\WINDOWS\cookies.ini C:\WINDOWS\system32\__c00C8A40.dat C:\WINDOWS\system32\drivers\sfsync02.sys C:\WINDOWS\system32\jpctbdjm.dll C:\WINDOWS\system32\ohmmilmv.dll C:\WINDOWS\system32\orqss.ini C:\WINDOWS\system32\orqss.ini2 C:\WINDOWS\system32\ssqro.dll C:\WINDOWS\system32\usnracpb.dll C:\WINDOWS\system32\utudupeg.exe C:\WINDOWS\system32\wfvgbbim.dllbox C:\WINDOWS\system32\yqlchgwc.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE -------\LEGACY_SFSYNC02 -------\DomainService -------\sfsync02 ((((((((((((((((((((((((( Files Created from 2007-11-01 to 2007-12-01 ))))))))))))))))))))))))))))))) . 2007-12-01 13:03 20,810 ---hs---- C:\WINDOWS\system32\wfvgbbim.dllbox 2007-12-01 12:54 145,984 --a------ C:\WINDOWS\system32\wfvgbbim.dll 2007-12-01 12:53 145,984 --a------ C:\WINDOWS\system32\jqqtoxcg.dll 2007-12-01 12:23 78,912 --a------ C:\WINDOWS\system32\xuhcwyww.dll 2007-11-30 12:52 <DIR> d-------- C:\Documents and Settings\DELTA 3775\Application Data\Apple Computer 2007-11-30 12:00 <DIR> d-------- C:\Documents and Settings\DELTA 3775\Application Data\Grisoft 2007-11-29 18:10 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-11-29 18:10 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-11-29 18:10 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-11-29 11:48 <DIR> d-------- C:\Documents and Settings\Michelle\Application Data\Grisoft 2007-11-28 18:13 30,590 --a------ C:\WINDOWS\system32\pavas.ico 2007-11-28 18:13 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico 2007-11-28 18:13 1,406 --a------ C:\WINDOWS\system32\Help.ico 2007-11-28 18:12 <DIR> d-------- C:\WINDOWS\system32\ActiveScan 2007-11-28 17:29 <DIR> d-------- C:\Documents and Settings\Nick\Application Data\Grisoft 2007-11-28 17:29 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-11-28 15:59 85,056 --a------ C:\WINDOWS\system32\oplpsabs.dll 2007-11-28 15:53 71,232 --a------ C:\WINDOWS\system32\njcncvos.exe 2007-11-28 14:37 78,912 --a------ C:\WINDOWS\system32\ecvhbhhj.dll 2007-11-28 14:31 784,545 --ahs---- C:\WINDOWS\system32\besgpalq.ini 2007-11-28 14:25 71,232 --a------ C:\WINDOWS\system32\mbgemxrr.exe 2007-11-27 22:40 <DIR> d-------- C:\VundoFix Backups 2007-11-27 22:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic 2007-11-27 21:45 784,485 --ahs---- C:\WINDOWS\system32\lwmuojlt.ini 2007-11-27 21:45 78,912 --a------ C:\WINDOWS\system32\hwjchqhj.dll 2007-11-27 21:42 71,232 --a------ C:\WINDOWS\system32\vwddvgxb.exe 2007-11-27 21:34 71,232 --a------ C:\WINDOWS\system32\ncjqcafb.exe 2007-11-27 12:09 <DIR> d-------- C:\Documents and Settings\DELTA 3775\Contacts 2007-11-27 12:00 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2007-11-27 11:46 <DIR> d-------- C:\Program Files\Windows Live 2007-11-27 11:46 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2007-11-27 11:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2007-11-27 09:37 <DIR> d-------- C:\WINDOWS\system32\jobkremw 2007-11-26 22:45 <DIR> d-------- C:\Program Files\Mixxx 2007-11-26 21:50 <DIR> d-------- C:\Program Files\mxgnofqh 2007-11-26 18:33 34,304 --a------ C:\WINDOWS\system32\jkkigef.dll 2007-11-26 11:07 776,312 --ahs---- C:\WINDOWS\system32\hafvrgyg.ini 2007-11-26 11:07 85,056 --a------ C:\WINDOWS\system32\gygrvfah.dll 2007-11-26 10:55 131,072 --a------ C:\Documents and Settings\All Users\Application Data\jatqlcrk.dll 2007-11-25 22:49 131,072 --a------ C:\Documents and Settings\All Users\Application Data\etijqzev.dll 2007-11-25 21:30 131,072 --a------ C:\Documents and Settings\All Users\Application Data\bmzgrktu.dll 2007-11-25 20:28 0 --a------ C:\WINDOWS\system32\mcrh.tmp 2007-11-25 19:49 <DIR> d-------- C:\Downloads 2007-11-25 19:49 <DIR> d-------- C:\Documents and Settings\Nick\Application Data\Orbit 2007-11-25 00:57 776,252 --ahs---- C:\WINDOWS\system32\kxpbjqrh.ini 2007-11-25 00:51 81,472 --a------ C:\WINDOWS\system32\gboqpoye.dll 2007-11-24 13:15 <DIR> d-------- C:\Program Files\Free DVD Ripper 2007-11-24 13:15 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL 2007-11-24 13:15 16,512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS 2007-11-24 12:38 <DIR> d-------- C:\WINDOWS\system32\vgfddwtv 2007-11-24 12:38 131,072 --a------ C:\Documents and Settings\All Users\Application Data\exibifwn.dll 2007-11-24 12:38 34,304 --a------ C:\WINDOWS\system32\opnlljh.dll 2007-11-24 09:18 <DIR> d-------- C:\Program Files\MagicISO 2007-11-23 21:08 <DIR> d-------- C:\Program Files\Red Kawa 2007-11-23 21:08 <DIR> d-------- C:\Program Files\AviSynth 2.5 2007-11-23 19:26 <DIR> d-------- C:\Program Files\E-Zsoft 2007-11-23 19:20 <DIR> d-------- C:\Documents and Settings\Michelle\Application Data\Apple Computer 2007-11-20 15:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\AVG7 2007-11-18 19:05 <DIR> d---s---- C:\Documents and Settings\Nick\UserData 2007-11-18 17:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield 2007-11-18 17:36 <DIR> d-------- C:\WINDOWS\system32\dla 2007-11-18 17:36 <DIR> d-------- C:\Program Files\Sonic 2007-11-18 17:36 98,360 --a------ C:\WINDOWS\dla.exe 2007-11-18 17:36 88,080 --a------ C:\WINDOWS\system32\drivers\drvmcdb.sys 2007-11-18 17:36 61,500 --a------ C:\WINDOWS\system32\tfswapi.dll 2007-11-18 17:36 40,544 --a------ C:\WINDOWS\system32\drivers\drvnddm.sys 2007-11-18 17:36 23,545 --a------ C:\WINDOWS\system32\drivers\ssrtln.sys 2007-11-18 17:36 5,627 --a------ C:\WINDOWS\system32\drivers\sscdbhk5.sys 2007-11-18 17:35 <DIR> d-------- C:\Program Files\Common Files\Sonic Shared 2007-11-15 21:02 508,240 --a------ C:\ie6setupOe.exe 2007-11-13 19:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-11-13 19:55 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll 2007-11-12 14:42 <DIR> d-------- C:\Documents and Settings\DELTA 3775\Shared 2007-11-12 14:42 <DIR> d-------- C:\Documents and Settings\DELTA 3775\Incomplete 2007-11-12 14:42 <DIR> d-------- C:\Documents and Settings\DELTA 3775\Application Data\LimeWire 2007-11-06 18:44 <DIR> d-------- C:\Documents and Settings\Michelle\Application Data\LimeWire 2007-11-06 16:27 <DIR> d-------- C:\Program Files\Xvid 2007-11-06 16:27 159,744 --a------ C:\WINDOWS\system32\xvidvfw.dll 2007-11-06 16:27 77,824 --a------ C:\WINDOWS\system32\xvid.ax 2007-11-05 22:04 1,156 --a------ C:\WINDOWS\mozver.dat 2007-11-05 21:58 0 --a------ C:\WINDOWS\nsreg.dat 2007-11-04 12:08 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll 2007-11-03 20:01 <DIR> d-------- C:\WINDOWS\Sun 2007-11-03 14:13 <DIR> d-------- C:\Mp3 Output 2007-11-03 14:12 <DIR> d-------- C:\Program Files\Smallvideosoft 2007-11-03 14:12 1,872,821 --a------ C:\WINDOWS\system32\cygwin1.dll 2007-11-03 14:12 761,856 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-11-03 14:12 383,238 --a------ C:\WINDOWS\system32\libmp3lame-0.dll 2007-11-03 14:12 66,048 --a------ C:\WINDOWS\system32\cygz.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-30 11:47 --------- d-----w C:\Program Files\Windows Live Toolbar 2007-11-30 06:03 10,414,112 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2007-11-28 05:02 78,912 ----a-w C:\WINDOWS\system32\qvalppmu.dll 2007-11-28 03:31 85,056 ----a-w C:\WINDOWS\system32\qlapgseb.dll 2007-11-27 12:02 124,388 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-11-27 04:48 --------- d-----w C:\Documents and Settings\Nick\Application Data\LimeWire 2007-11-26 08:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\BVRP Software 2007-11-26 00:04 79,936 ----a-w C:\WINDOWS\system32\suvjybbi.dll 2007-11-24 07:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip 2007-11-23 08:39 --------- d-----w C:\Program Files\QuickTime 2007-11-18 06:37 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-11-18 06:27 --------- d-----w C:\Program Files\Google 2007-11-15 01:57 --------- d-----w C:\Program Files\Freecorder 2007-10-31 11:18 2,293,712 ----a-w C:\Program Files\FLV PlayerFCSetup.exe 2007-10-31 11:16 --------- d-----w C:\Program Files\FLV Player 2007-10-31 03:09 30,464 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys 2007-10-31 02:03 245,408 ----a-w C:\WINDOWS\system32\unicows.dll 2007-10-29 11:03 --------- d-----w C:\Documents and Settings\Nick\Application Data\Screen Calendar 2007-10-29 09:17 --------- d-----w C:\Program Files\Screen Calendar 2007-10-29 09:17 --------- d-----w C:\Program Files\Common Files\Outlook Security Manager 2007-10-28 06:09 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-28 05:57 --------- d-----w C:\Program Files\THQ 2007-10-23 08:52 163,712 ----a-w C:\WINDOWS\system32\drivers\vidstub.sys 2007-10-23 08:48 --------- d-----w C:\Program Files\Stardock 2007-10-23 08:48 --------- d-----w C:\Program Files\Common Files\Stardock 2007-10-23 06:06 585,728 ----a-w C:\WINDOWS\WLXPGSS.SCR 2007-10-21 09:52 --------- d-----w C:\Program Files\Microsoft Games 2007-10-21 03:47 11,376 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-10-21 03:45 --------- d-----w C:\Program Files\Firefly Studios 2007-10-18 00:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll 2007-10-17 17:23 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe 2007-10-14 02:33 --------- d-----w C:\Program Files\Intel 2007-10-09 01:45 --------- d-----w C:\Program Files\Halo Trial 2007-10-09 01:05 --------- d-----w C:\Program Files\MSXML 4.0 2007-10-08 11:12 --------- d-----w C:\Program Files\Alcohol Soft 2007-10-08 11:04 --------- d-----w C:\Program Files\VirtualDJ 2007-10-07 03:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Age of Empires 3 2007-10-04 12:53 --------- d-----w C:\Documents and Settings\Nick\Application Data\mIRC 2007-10-04 08:55 --------- d-----w C:\Program Files\mIRC 2007-10-04 00:15 --------- d-----w C:\Program Files\Motorola Phone Tools 2007-10-03 02:44 --------- d-----w C:\Documents and Settings\Nick\Application Data\InstallShield 2007-10-03 02:38 24,192 ----a-w C:\Documents and Settings\Nick\usbsermptxp.sys 2007-10-03 02:38 22,768 ----a-w C:\WINDOWS\system32\drivers\usbsermpt.sys 2007-10-03 02:38 22,768 ----a-w C:\Documents and Settings\Nick\usbsermpt.sys 2007-10-01 00:14 --------- d-----w C:\Program Files\Selectsoft 2007-09-20 11:08 68,096 ----a-w C:\WINDOWS\ScUnin.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{16975C1E-950B-F58A-B187-08ED8F89A6B0}] C:\Program Files\Xhsxfzvt\nqxwjuqz.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{35BFEF80-9814-0F5F-9961-0444D2412BD9}] C:\Program Files\Cestzfde\jaspsadd.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}] 2007-12-01 12:54 145984 --a------ C:\WINDOWS\system32\wfvgbbim.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{aa37d36d-2808-4aef-9094-d2cfd6443ef9}] 2007-12-01 12:23 78912 --a------ C:\WINDOWS\system32\xuhcwyww.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\wfvgbbim.dll [2007-12-01 12:54 145984] [HKEY_CLASSES_ROOT\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\wfvgbbim.dll [2007-12-01 12:54 145984] [HKEY_CLASSES_ROOT\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 23:00] "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 21:27] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 19:20 C:\WINDOWS\stsystra.exe] "Desktop Service Centre"="C:\Program Files\OptusNet DSL Internet\DSC.exe" [2005-11-30 13:21] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 22:54] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 17:55] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 05:00] "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 17:19] "dvd43"="C:\Program Files\dvd43\dvd43_tray.exe" [2006-05-22 14:26] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-04-05 15:22] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-04-05 15:19] "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-04-05 15:23] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51] "QQLD Agent"="C:\WINDOWS\system32\Sys32\QQLD.exe" [] "BootSkin Startup Jobs"="C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" [2004-04-26 17:21] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-03-16 05:33] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-14 23:43] "600334c0"="C:\WINDOWS\system32\oplpsabs.dll" [2007-11-28 15:59] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 20:25] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 23:00] C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\ Outlook Express.lnk - C:\Program Files\Outlook Express\msimn.exe [2007-09-14 15:51:43] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wfvgbbim] wfvgbbim.dll 2007-12-01 12:54 145984 C:\WINDOWS\system32\wfvgbbim.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32] winubg32.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\ssqro.dll S3 ASPI;Advanced SCSI Programming Interface Driver;\??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys . Contents of the 'Scheduled Tasks' folder "2007-11-26 06:18:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" "2007-12-01 01:55:10 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-01 13:05:02 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-01 13:06:34 - machine was rebooted . --- E O F --- ----------------------------------------------------------------------------------hijackthis-------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:22:56 PM, on 1/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\stsystra.exe C:\Program Files\OptusNet DSL Internet\DSC.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\dvd43\dvd43_tray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {16975C1E-950B-F58A-B187-08ED8F89A6B0} - C:\Program Files\Xhsxfzvt\nqxwjuqz.dll (file missing) O2 - BHO: (no name) - {35BFEF80-9814-0F5F-9961-0444D2412BD9} - C:\Program Files\Cestzfde\jaspsadd.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\wfvgbbim.dll O2 - BHO: {9fe3446d-fc2d-4909-fea4-8082d63d73aa} - {aa37d36d-2808-4aef-9094-d2cfd6443ef9} - C:\WINDOWS\system32\xuhcwyww.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\wfvgbbim.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QQLD Agent] C:\WINDOWS\system32\Sys32\QQLD.exe O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [600334c0] rundll32.exe "C:\WINDOWS\system32\oplpsabs.dll",b O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?76a265e0cd544361abe453ae28f3c5e4 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?76a265e0cd544361abe453ae28f3c5e4 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O20 - Winlogon Notify: wfvgbbim - C:\WINDOWS\SYSTEM32\wfvgbbim.dll O20 - Winlogon Notify: winubg32 - winubg32.dll (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9467 bytes
  4. hi, sry about that. i choose this 1... seams to b helping more B)
  5. ok here they are... SmitFraudFix v2.256 Scan done at 18:16:25.23, Thu 29/11/2007 Run from C:\Documents and Settings\Nick\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode
  6. hi, thx for the help. pandaActiveScan wasnt working, but here are the avg and hijack this thx avg scan--- --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 6:07:18 PM 28/11/2007 + Scan result: C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP109\A0088240.exe -> Downloader.Alphabet : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP110\A0090248.exe -> Downloader.Alphabet : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP111\A0090448.exe -> Downloader.Alphabet : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP111\A0090641.exe -> Downloader.Alphabet : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP111\A0091750.exe -> Downloader.Alphabet : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP112\A0091914.exe -> Downloader.Alphabet : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP112\A0091943.exe -> Downloader.Alphabet : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP114\A0092158.exe -> Downloader.Alphabet : Cleaned with backup (quarantined). C:\Documents and Settings\Michelle\Local Settings\Temporary Internet Files\Content.IE5\Y7KT0RA3\mosx1024[1] -> Downloader.ConHook.hl : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP114\A0092295.dll -> Downloader.ConHook.hl : Cleaned with backup (quarantined). C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). C:\WINDOWS\system32\__c00A5F05.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). C:\WINDOWS\system32\foafwxul.dll -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [2880] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [2960] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [3300] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [3424] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [3516] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [3584] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [3640] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [3724] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [452] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [580] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). [928] C:\WINDOWS\system32\__c0047BC4.dat -> Downloader.ConHook.hl : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP111\A0090685.exe -> Downloader.PurityScan.eg : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP112\A0091912.exe -> Downloader.PurityScan.eg : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP114\A0092293.exe -> Downloader.PurityScan.eg : Cleaned with backup (quarantined). C:\Documents and Settings\DELTA 3775\Application Data\–Ö—Émantec\rundll32.exe -> Downloader.PurityScan.ej : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP112\A0091913.exe -> Downloader.PurityScan.ej : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP114\A0092290.exe -> Downloader.PurityScan.ej : Cleaned with backup (quarantined). C:\Documents and Settings\Michelle\Local Settings\Temporary Internet Files\Content.IE5\IXIFE1WB\poiu[1] -> Downloader.Tiny.id : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP114\A0092298.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP96\A0073123.exe -> Downloader.VB.bsa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP96\A0073124.exe -> Downloader.VB.bsa : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP109\A0088229.exe -> Not-A-Virus.Hoax.Win32.Renos.hx : Ignored. C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP114\A0092292.exe -> Not-A-Virus.Hoax.Win32.Renos.hx : Ignored. :mozilla.19:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.214:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.215:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.216:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.217:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.218:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.61:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.62:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.63:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.64:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Nick\Cookies\nick@2o7[2].txt -> TrackingCookie.2o7 : Cleaned. :mozilla.174:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.175:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.176:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.178:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.179:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.180:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.181:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.182:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.388:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.228:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.229:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.330:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.285:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.63:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.73:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.422:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.423:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.424:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.74:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.75:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.76:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.91:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.92:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.93:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.13:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.18:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.33:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\DELTA 3775\Cookies\delta 3775@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\Nick\Cookies\nick@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.92:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.62:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.63:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.64:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.65:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.66:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.67:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.68:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.69:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.70:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.177:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned. :mozilla.389:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.390:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.100:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.18:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.20:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.101:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.102:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.103:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.104:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.105:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.106:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.218:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.69:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.70:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.71:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.72:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.160:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.161:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.22:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.23:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.19:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. C:\Documents and Settings\DELTA 3775\Cookies\delta 3775@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.24:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Netflame : Cleaned. :mozilla.277:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.81:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.82:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.83:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.413:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.157:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.158:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.159:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.160:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.11:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.12:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.14:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.170:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.171:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.172:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.173:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.174:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.175:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.17:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.6:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.71:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.72:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.73:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.74:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.75:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.76:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.77:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.86:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.8:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.9:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.209:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.210:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.133:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.134:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.135:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.136:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.137:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.138:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.188:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.189:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.190:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.191:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.219:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.72:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.73:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.193:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.194:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.195:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.196:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.197:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.198:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.465:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.64:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. E:\rob 2\Cookies\rob_2@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned. :mozilla.231:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.65:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\m69fn92l.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.353:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Wegcash : Cleaned. :mozilla.354:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Wegcash : Cleaned. :mozilla.213:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.214:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.215:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.216:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.217:C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\5k5fhnfm.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.278:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.280:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.281:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.282:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.283:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.284:C:\Documents and Settings\DELTA 3775\Application Data\Mozilla\Firefox\Profiles\a7d141q4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP111\A0090562.exe/keygen.exe -> Trojan.Agent.cro : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP111\A0090565.exe -> Trojan.Agent.cro : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP95\A0071643.exe -> Trojan.Crack.h : Cleaned with backup (quarantined). C:\System Volume Information\_restore{9074E3F2-1AA7-4116-BD62-137A33A7407E}\RP95\A0071644.exe -> Trojan.Crack.h : Cleaned with backup (quarantined). ::Report end hijack this scan--- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:23:14 PM, on 28/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\stsystra.exe C:\Program Files\OptusNet DSL Internet\DSC.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\dvd43\dvd43_tray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\SecCenter\scprot4.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.optusnet.com.au/dsl/favorites/homepage O1 - Hosts: 216.107.242.199 l2authd.lineage2.com O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file) O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QQLD Agent] C:\WINDOWS\system32\Sys32\QQLD.exe O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvtap.dll,startup O4 - HKLM\..\Run: [rcpwjmna] rundll32.exe "C:\Program Files\mxgnofqh\yjuvkdkj.dll",Init O4 - HKLM\..\Run: [sC2] C:\Program Files\SecCenter\scprot4.exe O4 - HKLM\..\Run: [600334c0] rundll32.exe "C:\WINDOWS\system32\oplpsabs.dll",b O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?76a265e0cd544361abe453ae28f3c5e4 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?76a265e0cd544361abe453ae28f3c5e4 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0047BC4.dat O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\uxexvnse.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8503 bytes
  7. hi, what ever is wrong with my computer adds 2 icons to desktop, every time i delete, they re appear. Also, it constantly tries to open web pages. any assistance would be greatly appreciated. also messages occur in system tray. im out of ideas, thx hijack this-- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:40:43 PM, on 27/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\installer\WLSetupSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\stsystra.exe C:\Program Files\OptusNet DSL Internet\DSC.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\dvd43\dvd43_tray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\TEMP\winF0.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\SecCenter\scprot4.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\COMMON~1\SSTEM~1\scanregw.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\iTunes\iTunes.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\mgrs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.optusnet.com.au/dsl/favorites/homepage O1 - Hosts: 216.107.242.199 l2authd.lineage2.com O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\aojltwjx.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QQLD Agent] C:\WINDOWS\system32\Sys32\QQLD.exe O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvtap.dll,startup O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\winF0.exe O4 - HKLM\..\Run: [rcpwjmna] rundll32.exe "C:\Program Files\mxgnofqh\yjuvkdkj.dll",Init O4 - HKLM\..\Run: [sC2] C:\Program Files\SecCenter\scprot4.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe O4 - HKCU\..\Run: [sen] "C:\PROGRA~1\COMMON~1\SSTEM~1\scanregw.exe" -vt yazb O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?76a265e0cd544361abe453ae28f3c5e4 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?76a265e0cd544361abe453ae28f3c5e4 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\__c009C16B.dat O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\uxexvnse.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8411 bytes