Eddy
4
This is the result of my HijackThis Log Analyzer:
CHECKING HIJACKTHIS, INTERNET EXPLORER, WINDOWS AND SOFTWARE FIREWALL:
You are using the latest version of HijackThis.
Old version of Internet Explorer detected, please update.
Your Operating System is not up-to-date. (Latest service pack not installed)
No software firewall detected. If you are not using a
hardware firewall, it is highly recommended to install one.
THESE ARE EITHER HARMFULL OR A SECURITY RISK
WE STRONGLY RECOMMEND TO FIX THEM :
\windows\system32\usbn.exe
o4 - hklm..\run: [usbn] c:\windows\system32\usbn.exe -go -c7 -w1
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe (file missing)
o9 - extra ‘tools’ menuitem: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe (file missing)
o16 - dpf: {11111111-1111-1111-1111-111191113457} - file://c:\ied_s7.cab
o16 - dpf: {11111111-1111-1111-1111-511111193457} - file://c:\x.cab
o16 - dpf: {11111111-1111-1111-1111-511111193458} - file://c:\x.cab
o16 - dpf: {23232323-2323-2323-2323-232323291122} - file://c:\x.cab
o16 - dpf: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (yinststarter class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
o16 - dpf: {4c39376e-fa9d-4349-bacc-d305c1750ef3} (epuimagecontrol class) - http://tools.ebayimg.com/eps/wl/activex/epuwalcontrol_v1-0-3-17.cab
o21 - ssodl: systemcheck2 - {54645654-2225-4455-44a1-9f4543d34545} - c:\windows\system32\vbsys2.dll
THE FOLLOWING ITEMS ARE NOT NEEDED TO LOAD
AT BOOTIME FOR THE SYSTEM TO WORK PROPERLY:
o4 - hklm..\run: [supastatus] c:\program files\internet explorer\connection wizard\status.exe
o4 - hkcu..\run: [msmsgs] “c:\program files\messenger\msmsgs.exe” /background
o4 - hkcu..\run: [spyware doctor] “c:\program files\spyware doctor\swdoctor.exe” /q
WE HAVE NO INFO ON THE FOLLOWING ITEMS. THEY CAN BE BAD OR GOOD.
YOU HAVE TO VERIFY THEM MANUALLY. PLEASE TELL US IF YOU HAVE INFO ON THEM :
\program files\telstra\signup\tbpt.exe
o4 - hklm..\run: [supastatus] c:\program files\internet explorer\connection wizard\status.exe
o4 - hklm..\run: [{f7d90bd2-14a9-11d3-ad9e-00aa0064ec94}] c:\program files\telstra\signup\tbpt.exe