Strange Desktop

confuzzled · #1 29th Dec 2007, 19:52

I left my laptop at home for a couple of days and when I returned, I immediately noticed that my desktop icons, wallpaper and windows were much larger than usual. Apparently, my cousin tinkered with my laptop while I was away and downloaded a lot of new programs. I remembered having the same symptoms before and thought it might be caused by a virus. I tried scanning my system twice with two different AVPs (BitDefender and Trend Micro PC-cillin), but they only got adwares which I quarantined and deleted. Nothing really changed. I tried to scan it again using an online scanner (Kaspersky), but it skipped several locked files and told me that my system was clean.

I am now following the sticky on malware removal. Currently on step 3.

Am I (and the AVPs) really missing something or am I simply paranoid? Help please.

**evilfantasy** · #2 29th Dec 2007, 19:58

After step 3 go ahead and skip to step 6 and post those two logs.

confuzzled · #3 30th Dec 2007, 12:33

Thanks for the speedy reply. I remember following the procedures in step 3 but apparently I did the quick scan on SUPER. There is definitely nothing quick about it though since it lasted almost 17 hours. I'm posting it's log here anyway, along with the HijackThis log while I'm doing another SUPER scan (hopefully it's the complete one this time). SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 12/31/2007 at 06:55 AM Application Version : 3.9.1008 Core Rules Database Version : 3259 Trace Rules Database Version: 1365 Scan type : Quick Scan Total Scan Time : 16:58:47 Memory items scanned : 894 Memory threats detected : 0 Registry items scanned : 1062 Registry threats detected : 0 File items scanned : 602956 File threats detected : 264 Adware.Tracking Cookie C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@atdmt[2].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@apmebf[1].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@doubleclick[1].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@mediaplex[1].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@adinterax[1].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@citi.bridgetrack[2].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@questionmarket[2].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@bluestreak[2].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@ad.yieldmanager[2].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@richmedia.yahoo[2].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@2o7[2].txt C:\Users\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@ads.pointroll[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@adinterax[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\g@richmedia.yahoo[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@3.adbrite[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@acronymfinder[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@acvs.mediaonenetwork[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@adbrite[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@adinterax[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@ads.apn.co[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@ads.ookla[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@ads.realtechnetwork[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@apnonline.112.2o7[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@ehg-closetmaid.hitbox[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@imrworldwide[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@mediaonenetwork[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@mediaplex[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@multiply.112.2o7[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@revsci[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@richmedia.yahoo[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@tracker.mediatracker.co[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@valueclick[1].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@videoegg.adbureau[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@vnet.valueclick[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@www.burstnet[2].txt C:\Documents and Settings\G\AppData\Roaming\Microsoft\Windows\Cooki es\Low\g@www.googleadservices[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\g@adinterax[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\g@richmedia.yahoo[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@3.adbrite[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@acronymfinder[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@acvs.mediaone network[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@adbrite[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@adinterax[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@ads.apn.co[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@ads.ookla[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@ads.realtechn etwork[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@apnonline.112 .2o7[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@ehg-closetmaid.hitbox[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@imrworldwide[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@mediaonenetwo rk[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@mediaplex[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@multiply.112. 2o7[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@revsci[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@richmedia.yah oo[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@tracker.media tracker.co[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@valueclick[1].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@videoegg.adbu reau[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@vnet.valuecli ck[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@www.burstnet[2].txt C:\Documents and Settings\G\Application Data\Microsoft\Windows\Cookies\Low\g@www.googleads ervices[2].txt C:\Documents and Settings\G\Cookies\g@adinterax[1].txt C:\Documents and Settings\G\Cookies\g@richmedia.yahoo[2].txt C:\Documents and Settings\G\Cookies\Low\g@3.adbrite[1].txt C:\Documents and Settings\G\Cookies\Low\g@acronymfinder[1].txt C:\Documents and Settings\G\Cookies\Low\g@acvs.mediaonenetwork[1].txt C:\Documents and Settings\G\Cookies\Low\g@adbrite[2].txt C:\Documents and Settings\G\Cookies\Low\g@adinterax[1].txt C:\Documents and Settings\G\Cookies\Low\g@ads.apn.co[2].txt C:\Documents and Settings\G\Cookies\Low\g@ads.ookla[2].txt C:\Documents and Settings\G\Cookies\Low\g@ads.realtechnetwork[1].txt C:\Documents and Settings\G\Cookies\Low\g@apnonline.112.2o7[1].txt C:\Documents and Settings\G\Cookies\Low\g@ehg-closetmaid.hitbox[1].txt C:\Documents and Settings\G\Cookies\Low\g@imrworldwide[2].txt C:\Documents and Settings\G\Cookies\Low\g@mediaonenetwork[1].txt C:\Documents and Settings\G\Cookies\Low\g@mediaplex[1].txt C:\Documents and Settings\G\Cookies\Low\g@multiply.112.2o7[1].txt C:\Documents and Settings\G\Cookies\Low\g@revsci[2].txt C:\Documents and Settings\G\Cookies\Low\g@richmedia.yahoo[1].txt C:\Documents and Settings\G\Cookies\Low\g@tracker.mediatracker.co[2].txt C:\Documents and Settings\G\Cookies\Low\g@valueclick[1].txt C:\Documents and Settings\G\Cookies\Low\g@videoegg.adbureau[2].txt C:\Documents and Settings\G\Cookies\Low\g@vnet.valueclick[2].txt C:\Documents and Settings\G\Cookies\Low\g@www.burstnet[2].txt C:\Documents and Settings\G\Cookies\Low\g@www.googleadservices[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\guest@ad.yieldmanager[1].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@3.adbrite[1].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@acvs.mediaonenetwork[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ad.yieldmanager[1].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@adbrite[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ads.realtechnetwork[1].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ads.realtechnetwork[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@adtech[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@atdmt[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@bs.serving-sys[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@casalemedia[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@doubleclick[1].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@fastclick[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@imrworldwide[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@mediaonenetwork[1].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@msnportal.112.2o7[1].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@overture[1].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@questionmarket[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@revsci[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@serving-sys[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@videoegg.adbureau[2].txt C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@www.w3counter[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\guest@ad.yieldmanag er[1].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@3.adbrite[1].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@acvs.medi aonenetwork[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@ad.yieldm anager[1].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@adbrite[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@ads.realt echnetwork[1].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@ads.realt echnetwork[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@adtech[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@atdmt[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@bs.servin g-sys[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@casalemed ia[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@doublecli ck[1].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@fastclick[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@imrworldw ide[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@mediaonen etwork[1].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@msnportal .112.2o7[1].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@overture[1].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@questionm arket[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@revsci[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@serving-sys[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@videoegg. adbureau[2].txt C:\Documents and Settings\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@www.w3cou nter[2].txt C:\Documents and Settings\Guest\Cookies\guest@ad.yieldmanager[1].txt C:\Documents and Settings\Guest\Cookies\Low\guest@3.adbrite[1].txt C:\Documents and Settings\Guest\Cookies\Low\guest@acvs.mediaonenetw ork[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@ad.yieldmanager[1].txt C:\Documents and Settings\Guest\Cookies\Low\guest@adbrite[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@ads.realtechnetwo rk[1].txt C:\Documents and Settings\Guest\Cookies\Low\guest@ads.realtechnetwo rk[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@adtech[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@atdmt[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@bs.serving-sys[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@casalemedia[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@doubleclick[1].txt C:\Documents and Settings\Guest\Cookies\Low\guest@fastclick[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@imrworldwide[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@mediaonenetwork[1].txt C:\Documents and Settings\Guest\Cookies\Low\guest@msnportal.112.2o7[1].txt C:\Documents and Settings\Guest\Cookies\Low\guest@overture[1].txt C:\Documents and Settings\Guest\Cookies\Low\guest@questionmarket[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@revsci[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@serving-sys[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@videoegg.adbureau[2].txt C:\Documents and Settings\Guest\Cookies\Low\guest@www.w3counter[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\g@adinterax[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\g@richmedia.yahoo[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@3.adbrite[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@acronymfinder[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@acvs.mediaone network[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@adbrite[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@adinterax[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@ads.apn.co[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@ads.ookla[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@ads.realtechn etwork[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@apnonline.112 .2o7[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@ehg-closetmaid.hitbox[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@imrworldwide[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@mediaonenetwo rk[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@mediaplex[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@multiply.112. 2o7[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@revsci[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@richmedia.yah oo[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@tracker.media tracker.co[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@valueclick[1].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@videoegg.adbu reau[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@vnet.valuecli ck[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@www.burstnet[2].txt C:\Users\G\Application Data\Microsoft\Windows\Cookies\Low\g@www.googleads ervices[2].txt C:\Users\G\Cookies\g@adinterax[1].txt C:\Users\G\Cookies\g@richmedia.yahoo[2].txt C:\Users\G\Cookies\Low\g@3.adbrite[1].txt C:\Users\G\Cookies\Low\g@acronymfinder[1].txt C:\Users\G\Cookies\Low\g@acvs.mediaonenetwork[1].txt C:\Users\G\Cookies\Low\g@adbrite[2].txt C:\Users\G\Cookies\Low\g@adinterax[1].txt C:\Users\G\Cookies\Low\g@ads.apn.co[2].txt C:\Users\G\Cookies\Low\g@ads.ookla[2].txt C:\Users\G\Cookies\Low\g@ads.realtechnetwork[1].txt C:\Users\G\Cookies\Low\g@apnonline.112.2o7[1].txt C:\Users\G\Cookies\Low\g@ehg-closetmaid.hitbox[1].txt C:\Users\G\Cookies\Low\g@imrworldwide[2].txt C:\Users\G\Cookies\Low\g@mediaonenetwork[1].txt C:\Users\G\Cookies\Low\g@mediaplex[1].txt C:\Users\G\Cookies\Low\g@multiply.112.2o7[1].txt C:\Users\G\Cookies\Low\g@revsci[2].txt C:\Users\G\Cookies\Low\g@richmedia.yahoo[1].txt C:\Users\G\Cookies\Low\g@tracker.mediatracker.co[2].txt C:\Users\G\Cookies\Low\g@valueclick[1].txt C:\Users\G\Cookies\Low\g@videoegg.adbureau[2].txt C:\Users\G\Cookies\Low\g@vnet.valueclick[2].txt C:\Users\G\Cookies\Low\g@www.burstnet[2].txt C:\Users\G\Cookies\Low\g@www.googleadservices[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\guest@ad.yieldmanager[1].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@3.adbrite[1].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@acvs.mediaonenetwork[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ad.yieldmanager[1].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@adbrite[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ads.realtechnetwork[1].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@ads.realtechnetwork[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@adtech[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@atdmt[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@bs.serving-sys[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@casalemedia[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@doubleclick[1].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@fastclick[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@imrworldwide[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@mediaonenetwork[1].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@msnportal.112.2o7[1].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@overture[1].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@questionmarket[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@revsci[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@serving-sys[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@videoegg.adbureau[2].txt C:\Users\Guest\AppData\Roaming\Microsoft\Windows\C ookies\Low\guest@www.w3counter[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\guest@ad.yieldmanag er[1].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@3.adbrite[1].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@acvs.medi aonenetwork[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@ad.yieldm anager[1].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@adbrite[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@ads.realt echnetwork[1].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@ads.realt echnetwork[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@adtech[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@atdmt[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@bs.servin g-sys[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@casalemed ia[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@doublecli ck[1].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@fastclick[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@imrworldw ide[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@mediaonen etwork[1].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@msnportal .112.2o7[1].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@overture[1].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@questionm arket[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@revsci[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@serving-sys[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@videoegg. adbureau[2].txt C:\Users\Guest\Application Data\Microsoft\Windows\Cookies\Low\guest@www.w3cou nter[2].txt C:\Users\Guest\Cookies\guest@ad.yieldmanager[1].txt C:\Users\Guest\Cookies\Low\guest@3.adbrite[1].txt C:\Users\Guest\Cookies\Low\guest@acvs.mediaonenetw ork[2].txt C:\Users\Guest\Cookies\Low\guest@ad.yieldmanager[1].txt C:\Users\Guest\Cookies\Low\guest@adbrite[2].txt C:\Users\Guest\Cookies\Low\guest@ads.realtechnetwo rk[1].txt C:\Users\Guest\Cookies\Low\guest@ads.realtechnetwo rk[2].txt C:\Users\Guest\Cookies\Low\guest@adtech[2].txt C:\Users\Guest\Cookies\Low\guest@atdmt[2].txt C:\Users\Guest\Cookies\Low\guest@bs.serving-sys[2].txt C:\Users\Guest\Cookies\Low\guest@casalemedia[2].txt C:\Users\Guest\Cookies\Low\guest@doubleclick[1].txt C:\Users\Guest\Cookies\Low\guest@fastclick[2].txt C:\Users\Guest\Cookies\Low\guest@imrworldwide[2].txt C:\Users\Guest\Cookies\Low\guest@mediaonenetwork[1].txt C:\Users\Guest\Cookies\Low\guest@msnportal.112.2o7[1].txt C:\Users\Guest\Cookies\Low\guest@overture[1].txt C:\Users\Guest\Cookies\Low\guest@questionmarket[2].txt C:\Users\Guest\Cookies\Low\guest@revsci[2].txt C:\Users\Guest\Cookies\Low\guest@serving-sys[2].txt C:\Users\Guest\Cookies\Low\guest@videoegg.adbureau[2].txt C:\Users\Guest\Cookies\Low\guest@www.w3counter[2].txt

**evilfantasy** · #4 30th Dec 2007, 12:49

Try to post another HijackThis log.

The lines should be laid out in order like this.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:37:44 a.m., on 31/12/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe

And so on. It is very hard to read the way it came out.

confuzzled · #5 30th Dec 2007, 12:56

Er... I don't know what I'm doing wrong... I'm just copy+pasting it from notepad.

**evilfantasy** · #6 30th Dec 2007, 13:05

I will work with it.

Try restarting the computer. Unless you have recently.

confuzzled · #7 30th Dec 2007, 13:24

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:37:44 a.m., on 31/12/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gZoom.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.nz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF269~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\system32\bgsvcgen.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 12269 bytes
--

Permission to delete the previous one?

**Hybr!d** · #8 30th Dec 2007, 13:37

What did you do different to make the log post correctly?

**evilfantasy** · #9 30th Dec 2007, 13:53

I think it comes down to a restart.

Did you run a drive cleaner recently? More specifically ATF Cleaner.

I think the drive cleaner removes something in the Java console which messes with the formatting and a restart sets it straight. This is only an assumption though.

**evilfantasy** · #10 30th Dec 2007, 14:03

How many antivirus do you have installed?

Pick one and uninstall the others, this is unnecessary and can cause problems.

==========

Open HijackThis and select Do a system scan only then place a check mark next to:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Close all windows and click fix checked

==========

Your Java is out of date leaving your system vulnerable.
Older versions have vulnerabilities that malware can use to infect your system.

Updating Java:* Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
* Check for any item with Java Runtime Environment (JRE or J2SE) in the name.
** The latest version is Java 6 Update 3. Remove all other entries.
* Click the Remove or Change/Remove button.
* Repeat as many times as necessary to remove each of the Java versions.
* Reboot your computer once all Java components are removed.
* Download the latest version of Java Runtime Environment (JRE) 6
* Click the Free Java Download button.
* Click the Download Now button.
* When the Software Installation dialog box opens. Click on the Install Now button.
* Follow the prompts to complete installation.

==========

How is the computer running now?

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Strange PC Performance	Razer	General Hardware Chat	0	5th Jun 2009 15:32
Strange Lettersigns on IE	Sandra	Web Browsers & FTP Clients	2	9th Apr 2009 09:56
Strange Setup	jj110	Windows Operating Systems	9	21st Oct 2008 17:06
Window Desktop versus Google Desktop	ozzie	General Software Chat	2	9th Nov 2007 12:03
Strange Extension :- .yar	nand998	General Software Chat	3	21st Oct 2007 07:16