Logfile of HijackThis v1.99.1
Scan saved at 11:23:50 PM, on 4/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\MAKTray.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\MAKHKEY.EXE
C:\WINDOWS\MidTrans.exe
E:\SMS510\prog\exec\wserver.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ZTE CDMA1X MODEM\Bin\FastConnect.exe
C:\Program Files\Netbooster Client\Configurator\ventcfg.exe
C:\Program Files\Netbooster Client\Client\ventc.exe
C:\Program Files\Netbooster Client\squid\ventcsquid.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcunlinkd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\MicroSCADA.ELECTPP.002\Desktop\hijackthis .exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://clickmanu.com
F2 - REG:system.ini: Shell=Explorer.exe, System
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, System
O1 - Hosts: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <title>404 Not Found</title>
O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=utf8" />
O1 - Hosts: <style type="text/css">
O1 - Hosts: body {
O1 - Hosts: font-family: Verdana, Arial, Helvetica, sans-serif;
O1 - Hosts: font-size: 12px;
O1 - Hosts: background-color:#367E8E;
O1 - Hosts: scrollbar-base-color: #005B70;
O1 - Hosts: scrollbar-arrow-color: #F3960B;
O1 - Hosts: scrollbar-DarkShadow-Color: #000000;
O1 - Hosts: color: #FFFFFF;
O1 - Hosts: margin:0;
O1 - Hosts: }
O1 - Hosts: a { color:#021f25; text-decoration:none}
O1 - Hosts: h1 {
O1 - Hosts: font-size: 18px;
O1 - Hosts: color: #FB9802;
O1 - Hosts: padding-bottom: 10px;
O1 - Hosts: background-image: url(sys_cpanel/images/bottombody.jpg);
O1 - Hosts: background-repeat: repeat-x;
O1 - Hosts: padding:5px 0 10px 15px;
O1 - Hosts: margin:0;
O1 - Hosts: }
O1 - Hosts: padding-left: 25px;
O1 - Hosts: padding-right: 25px;
O1 - Hosts: line-height: 18px;
O1 - Hosts: padding-top: 5px;
O1 - Hosts: padding-bottom: 5px;
O1 - Hosts: }
O1 - Hosts: h2 {
O1 - Hosts: font-size: 14px;
O1 - Hosts: font-weight: bold;
O1 - Hosts: color: #FF9900;
O1 - Hosts: padding-left: 15px;
O1 - Hosts: }
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <div id="body-content">
O1 - Hosts: <!-- start content-->
O1 - Hosts: <!--
O1 - Hosts: instead of REQUEST_URI, we could show absolute URL via:
O1 - Hosts: http://HTTP_HOST/REQUEST_URI
O1 - Hosts: but what if its https:// or other protocol?
O1 - Hosts: SERVER_PORT_SECURE doesn't seem to be used
O1 - Hosts: SERVER_PORT logic would break if they use alternate ports
O1 - Hosts: -->
O1 - Hosts: <h1>404 Not Found</h1>
O1 - Hosts: <p>The server can not find the requested page:</p>
O1 - Hosts: <blockquote>
O1 - Hosts: 72.232.108.82/~grimsby/images/button1.pdf (port 80)
O1 - Hosts: </blockquote>
O1 - Hosts: <p>
O1 - Hosts: Please forward this error screen to delta.g3network.co.uk's
O1 - Hosts: <a href="mailto:root@delta.g3network.co.uk?subject=Er ror message [404] 404 Not Found for 72.232.108.82/~grimsby/images/button1.pdf port 80 on Wednesday, 16-Apr-2008 18:28:09 BST">
O1 - Hosts: WebMaster</a>.
O1 - Hosts: </p>
O1 - Hosts: <hr />
O1 - Hosts: <ADDRESS>Apache/1.3.41 Server at delta.g3network.co.uk Port 80</ADDRESS>
O1 - Hosts: <!-- end content -->
O1 - Hosts: </div>
O1 - Hosts: </body>
O1 - Hosts: </html>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [Venturi Configurator] C:\Program Files\Netbooster Client\Configurator\ventcfg.exe -nomsgbox
O4 - HKLM\..\Run: [MAKTray] MAKTray.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Explorer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MicroSCADA Wserver.LNK = E:\SMS510\prog\exec\wserver.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (file missing)
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'vwlsp.dll' missing
O17 - HKLM\System\CCS\Services\Tcpip\..\{04AB4531-D0BB-401C-8F80-A93522065420}: NameServer = 202.138.103.100 202.138.96.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{04AB4531-D0BB-401C-8F80-A93522065420}: NameServer = 202.138.103.100 202.138.96.2
O18 - Protocol: stibo - {FFAD3420-6D61-44F6-BA25-293F17152D79} - C:\Program Files\Common Files\Stibo\RS_ProtocolHandler.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Client Access Express Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MicroSCADA - Unknown owner - E:\SMS510\prog\exec\serv.exe
O23 - Service: Venturi Client (VenturiClient) - Venturi Wireless - C:\Program Files\Netbooster Client\Client\ventc.exe