We just tried the lavasoft and it didn't seem to help much, we are getting a error message now about IE being unable to open a page:Hijack This
Merijn.org
be careful with this app though, only delete things you know to be dodgey.
Ad-Aware @ Lavasoft - The Original Anti-Spyware Company - Lavasoft
ad-aware
erm...
Windows Defender home
Microsoft defender
andddd
Firefox
Firefox - Rediscover the Web
uk.celldorado.com/UK/ADS/1194106180/index.php?trackid=797154821&addid=1194106180&tduid=b1d6a70d508b0a1f45cf0c0e985db888.
1 9.5% O2 (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
2 0.0% O2 (no name) - {8A61098D-612B-4EF2-943D-64E920684061} - C:\WINDOWS\system32\gebxwtu.dll
3 0.0% O2 (no name) - {949787D8-485C-46F6-B13C-E30372794FC7} - C:\WINDOWS\system32\ddcyy.dll
4 0.0% O20 ddcyy - C:\WINDOWS\system32\ddcyy.dll
5 0.0% O20 gebxwtu - C:\WINDOWS\SYSTEM32\gebxwtu.dll
6 32.9% O22 Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
7 31.8% O22 Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
8 4.8% O23 AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
9 4.8% O23 AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
10 3.4% O23 AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
11 0.0% O23 Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
12 36.7% O4 [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
13 24.1% O4 [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
14 23.8% O4 [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
15 9.4% O4 [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
16 8.4% O4 [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
17 8.1% O4 [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
18 7.9% O4 [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
19 5.3% O4 [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
20 4.7% O4 [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
21 4.5% O4 Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
22 4.3% O4 [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
23 3.4% O4 [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
24 2.0% O4 [WinampAgent] C:\Program Files\Winamp\winampa.exe
25 1.5% O4 [SigmatelSysTrayApp] stsystra.exe
26 1.0% O4 [Persistence] C:\WINDOWS\system32\igfxpers.exe
27 0.0% O4 [GPLv3] rundll32.exe "C:\WINDOWS\system32\kayegoot.dll",realset
28 2.9% O8 E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
29 29.5% O9 Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
30 29.1% O9 Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
31 57.2% P01 C:\WINDOWS\Explorer.EXE
32 55.9% P01 C:\WINDOWS\system32\svchost.exe
33 55.8% P01 C:\WINDOWS\system32\lsass.exe
34 55.8% P01 C:\WINDOWS\system32\winlogon.exe
35 55.8% P01 C:\WINDOWS\system32\services.exe
36 55.7% P01 C:\WINDOWS\System32\smss.exe
37 53.6% P01 C:\WINDOWS\system32\spoolsv.exe
38 38.9% P01 C:\WINDOWS\system32\ctfmon.exe
39 22.2% P01 C:\Program Files\Internet Explorer\iexplore.exe
40 9.8% P01 C:\Program Files\Messenger\msmsgs.exe
41 8.0% P01 C:\Program Files\Mozilla Firefox\firefox.exe
42 7.4% P01 C:\WINDOWS\System32\hkcmd.exe
43 5.4% P01 C:\Program Files\Windows Defender\MSASCui.exe
44 5.4% P01 C:\Program Files\Windows Defender\MsMpEng.exe
45 4.8% P01 C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
46 4.8% P01 C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
47 4.0% P01 C:\WINDOWS\system32\igfxpers.exe
48 3.9% P01 C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
49 3.5% P01 C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
50 2.0% P01 C:\Program Files\Winamp\winampa.exe
51 1.5% P01 C:\WINDOWS\stsystra.exe
52 0.0% P01 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
53 0.0% P01 C:\Documents and Settings\Paul Tinkerbell.PAUL-63E27E412C\Desktop\HiJackThis_v2.exe
54 0.9% R0 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google