JavaRuntime.00.exe

A

altvic

New Member
Every time I boot up I get Microsoft send error report for this file JavaRuntime.00.exe. I cannot delete the file, even with a download deleter programme. If I check the Send Error Report the error keeps returning immediately. Spybot, adaware, avg not found a problem.

HiJack file below:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:32, on 14/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Documents and Settings\Dad\Local Settings\Application Data\JavaRuntime.00.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\dwwin.exe
D:\Downloads\scan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Java Update] C:\Documents and Settings\Dad\Local Settings\Application Data\JavaRuntime.00.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1219938552078
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7507 bytes
 
Hello,

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

In your reply:
  • Post the combo fix log
  • Post a Fresh Hijackthis log

Thankyou
 
Hi Cohen
as requested.

ComboFix 08-09-14.01 - Dad 2008-09-14 22:29:43.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.560 [GMT 1:00]
Running from: D:\Downloads\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\PCHealthCenter

.
((((((((((((((((((((((((( Files Created from 2008-08-14 to 2008-09-14 )))))))))))))))))))))))))))))))
.

2008-09-14 15:36 . 2008-09-14 15:40 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-12 11:23 . 2008-09-12 11:23 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Roxio
2008-09-12 11:23 . 2008-09-12 11:23 <DIR> d-------- C:\Documents and Settings\Dad\Application Data\Roxio
2008-09-12 09:43 . 2008-09-12 09:43 <DIR> d-------- C:\Program Files\MAPILab Ltd
2008-09-12 09:43 . 2008-09-12 09:43 <DIR> d-------- C:\Program Files\Common Files\MAPILab Ltd
2008-09-12 09:36 . 2008-09-12 09:36 <DIR> d-------- C:\Program Files\Common Files\Sperry Software
2008-09-12 09:36 . 2008-09-12 09:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ODIR
2008-09-12 09:36 . 1998-08-28 13:09 352,256 --a------ C:\WINDOWS\system32\vsflex6.ocx
2008-09-12 09:36 . 1998-03-27 16:06 244,224 --a------ C:\WINDOWS\system32\vsocx6.ocx
2008-09-12 09:19 . 2008-09-12 09:19 <DIR> d-------- C:\Program Files\ODIR
2008-09-12 09:19 . 2000-12-06 00:00 209,608 --a------ C:\WINDOWS\system32\Tabctl32.ocx
2008-09-11 14:59 . 2008-09-14 16:00 <DIR> d--h----- C:\$AVG8.VAULT$
2008-09-11 09:46 . 2008-09-11 09:46 <DIR> d-------- C:\Documents and Settings\Dad\Application Data\Blackberry Desktop
2008-09-11 09:16 . 2008-09-11 09:16 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-09-11 09:01 . 2008-09-14 09:06 16,870,712 --a------ C:\WINDOWS\system32\mso.dll
2008-09-11 09:01 . 2008-09-13 11:55 676,224 --a------ C:\WINDOWS\system32\OGACheckControl.DLL
2008-09-10 15:53 . 2008-09-14 22:32 3,108,896 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-10 15:53 . 2008-09-14 19:30 30,536 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-10 15:38 . 2008-09-10 15:38 <DIR> d-------- C:\Program Files\ZoneAlarmSB
2008-09-10 15:36 . 2008-09-10 15:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-09-10 15:36 . 2008-09-10 15:38 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-09-10 15:35 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-09-10 15:34 . 2008-09-10 15:34 <DIR> d-------- C:\Program Files\Zone Labs
2008-09-10 15:33 . 2008-09-14 22:27 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-09-10 15:02 . 2008-09-10 15:02 <DIR> d-------- C:\Documents and Settings\Dad\Application Data\Research In Motion
2008-09-10 15:02 . 2008-09-12 23:13 256 --a------ C:\WINDOWS\system32\pool.bin
2008-09-10 13:26 . 2008-09-10 13:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-09-10 13:25 . 2008-09-10 13:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sonic
2008-09-10 13:22 . 2008-09-10 13:23 <DIR> d-------- C:\Program Files\Roxio
2008-09-10 13:22 . 2008-09-10 13:22 <DIR> d-------- C:\Program Files\Common Files\Sonic Shared
2008-09-10 13:22 . 2008-09-10 13:22 <DIR> d-------- C:\Program Files\Common Files\Roxio Shared
2008-09-10 13:22 . 2008-09-12 11:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Roxio
2008-09-10 13:15 . 2007-01-18 10:24 26,496 -ra------ C:\WINDOWS\system32\drivers\RimSerial.sys
2008-09-10 13:13 . 2008-09-10 13:13 <DIR> d-------- C:\Program Files\Research In Motion
2008-09-10 13:13 . 2008-09-10 13:14 <DIR> d-------- C:\Program Files\Common Files\Research In Motion
2008-09-10 13:09 . 2008-09-10 13:09 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-09-07 05:23 . 2008-09-07 05:23 <DIR> d--hs---- C:\Documents and Settings\Administrator\PrivacIE
2008-09-06 19:30 . 2008-09-06 19:33 <DIR> d-------- C:\Program Files\Weather Watcher
2008-09-06 19:17 . 2008-09-06 19:20 <DIR> d-------- C:\Program Files\RegCure
2008-09-04 18:17 . 2008-09-04 18:17 <DIR> d-------- C:\Documents and Settings\Dad\Application Data\Windows Search
2008-09-01 23:43 . 2008-09-01 23:43 <DIR> d-------- C:\WINDOWS\Sun
2008-09-01 23:42 . 2008-09-01 23:42 <DIR> d-------- C:\Program Files\Google
2008-09-01 16:22 . 2008-09-01 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
2008-09-01 16:22 . 2008-09-01 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
2008-09-01 16:19 . 2008-09-01 16:19 30,720 --a------ C:\WINDOWS\6816White12.dat
2008-09-01 16:19 . 2008-09-01 16:19 30,720 --a------ C:\WINDOWS\6816Dark12.dat
2008-09-01 16:19 . 2008-09-01 18:07 414 --a------ C:\WINDOWS\Ausba4.ini
2008-09-01 16:19 . 2008-09-01 16:19 6 --a------ C:\WINDOWS\6816Exposure.dat
2008-09-01 16:19 . 2008-09-01 16:19 4 --a------ C:\WINDOWS\6816Error.dat
2008-09-01 16:19 . 2008-09-01 16:19 3 --a------ C:\WINDOWS\6816Offset.dat
2008-09-01 16:19 . 2008-09-01 16:19 3 --a------ C:\WINDOWS\6816Gain.dat
2008-09-01 09:17 . 2008-09-01 09:17 <DIR> d-------- C:\Program Files\eAnnouncer
2008-09-01 09:17 . 2008-09-13 09:29 <DIR> d-------- C:\Documents and Settings\Dad\Application Data\eAnnouncer
2008-09-01 00:08 . 2008-09-01 00:08 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-09-01 00:07 . 2008-09-14 00:26 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-09-01 00:07 . 2008-09-01 00:07 <DIR> d-------- C:\Program Files\AVG
2008-09-01 00:07 . 2008-09-01 09:30 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-08-31 23:52 . 2008-09-01 00:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8
2008-08-31 22:02 . 2008-08-31 22:02 <DIR> d--hs---- C:\Documents and Settings\Dad\PrivacIE
2008-08-31 21:55 . 2008-08-31 21:56 <DIR> d--h-c--- C:\WINDOWS\ie8
2008-08-31 21:47 . 2008-08-31 21:47 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-08-31 17:33 . 2008-08-31 17:33 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-31 16:04 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-08-31 16:04 . 2008-07-18 22:07 210,976 --a------ C:\WINDOWS\system32\muweb.dll
2008-08-31 07:35 . 2008-09-14 16:30 <DIR> d-------- C:\Documents and Settings\Administrator
2008-08-30 20:24 . 2008-08-30 20:24 <DIR> d-------- C:\Program Files\Lavasoft
2008-08-30 20:24 . 2008-08-31 17:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-30 17:22 . 2008-09-14 22:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-29 07:51 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-08-29 00:40 . 2008-08-29 00:42 <DIR> d-------- C:\Program Files\Windows Live
2008-08-29 00:40 . 2008-08-31 06:31 <DIR> d----c--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-29 00:39 . 2008-08-29 00:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-29 00:32 . 2008-08-29 00:32 <DIR> d-------- C:\Documents and Settings\Dad\Application Data\Windows Desktop Search
2008-08-29 00:31 . 2008-08-29 00:31 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy
2008-08-29 00:31 . 2008-08-29 00:31 <DIR> d-------- C:\Program Files\Windows Desktop Search
2008-08-29 00:31 . 2008-03-07 18:02 192,000 -----c--- C:\WINDOWS\system32\dllcache\offfilt.dll
2008-08-29 00:31 . 2008-03-07 18:02 98,304 -----c--- C:\WINDOWS\system32\dllcache\nlhtml.dll
2008-08-29 00:31 . 2008-03-07 18:02 29,696 -----c--- C:\WINDOWS\system32\dllcache\mimefilt.dll
2008-08-29 00:29 . 2008-08-22 03:10 11,985,408 --a--c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-08-29 00:29 . 2008-07-29 22:58 3,670,112 --a--c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-08-29 00:29 . 2008-08-22 03:06 1,778,688 --a--c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-08-29 00:29 . 2008-08-22 03:15 1,216,512 --a--c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-08-29 00:29 . 2008-08-22 03:05 580,608 --a--c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-08-29 00:29 . 2008-08-22 02:42 443,392 --a--c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-08-29 00:29 . 2008-08-22 03:05 61,952 --a--c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-08-29 00:29 . 2008-08-22 03:05 53,760 --a--c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-08-29 00:29 . 2008-06-23 10:20 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-08-29 00:15 . 2008-08-29 00:15 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-08-29 00:13 . 2008-08-31 08:09 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-08-29 00:13 . 2008-08-29 00:14 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-08-28 23:31 . 2008-05-01 15:33 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-28 23:30 . 2008-04-11 20:04 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-28 23:29 . 2008-07-22 15:45 1,214,526 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-08-28 23:29 . 2008-07-22 15:45 790,846 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-08-28 23:29 . 2008-07-22 15:45 9,696 -----c--- C:\WINDOWS\system32\dllcache\drvmain.sdb
2008-08-28 23:28 . 2008-06-13 12:05 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-28 23:28 . 2008-05-08 15:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-08-28 23:15 . 2008-07-18 22:09 25,800 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-08-28 21:57 . 2008-08-28 21:57 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-08-28 21:57 . 2008-08-28 21:57 <DIR> d-------- C:\WINDOWS\system32\en
2008-08-28 21:57 . 2008-08-28 21:57 <DIR> d-------- C:\WINDOWS\system32\bits
2008-08-28 21:57 . 2008-08-28 21:57 <DIR> d-------- C:\WINDOWS\l2schemas
2008-08-28 17:36 . 2006-11-01 18:31 1,669,120 -----c--- C:\WINDOWS\system32\dllcache\setup_wm.exe
2008-08-28 17:35 . 2008-04-14 01:12 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-08-28 17:34 . 2006-10-18 21:47 991,744 -----c--- C:\WINDOWS\system32\dllcache\drmv2clt.dll
2008-08-28 17:33 . 2006-10-18 21:47 542,720 -----c--- C:\WINDOWS\system32\dllcache\blackbox.dll
2008-08-28 16:53 . 2008-08-29 09:03 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-08-28 16:49 . 2008-07-18 22:10 45,768 --a------ C:\WINDOWS\system32\wups2.dll
2008-08-28 16:49 . 2008-07-18 22:10 33,992 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-08-28 16:49 . 2008-07-18 22:09 25,800 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-08-28 16:49 . 2008-07-18 22:08 20,680 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-08-28 16:47 . 2008-08-28 16:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-08-28 16:27 . 2008-08-28 16:28 <DIR> d-------- C:\Program Files\BitLord
2008-08-28 16:21 . 2008-08-28 16:21 <DIR> d--hs---- C:\Documents and Settings\Dad\UserData
2008-08-26 11:03 . 2008-09-12 11:41 <DIR> d-------- C:\Documents and Settings\Dad\Application Data\skypePM
2008-08-26 11:03 . 2008-08-26 11:03 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-08-26 11:02 . 2008-09-12 12:10 <DIR> d-------- C:\Documents and Settings\Dad\Application Data\Skype
2008-08-26 11:01 . 2008-08-26 11:01 <DIR> d-------- C:\Program Files\Skype
2008-08-26 11:01 . 2008-08-26 11:01 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-08-26 11:01 . 2008-08-26 11:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-08-25 22:51 . 2001-05-03 10:36 4,710 --a------ C:\WINDOWS\system32\fc.ico
2008-08-25 22:51 . 1996-02-26 22:15 2,528 --a------ C:\WINDOWS\FCIC.INI
2008-08-25 22:28 . 2008-04-13 19:45 60,032 --a------ C:\WINDOWS\system32\drivers\usbaudio.sys
2008-08-25 22:28 . 2008-04-13 19:45 32,128 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-08-25 22:28 . 2008-04-14 01:11 21,504 --a------ C:\WINDOWS\system32\hidserv.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-14 17:51 756,608 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
2008-09-14 12:04 1,427,456 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2008-09-14 08:25 479,232 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-09-14 08:25 1,417,216 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-09-14 07:27 1,410,048 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-08-25 12:37 24,064 ----a-w C:\WINDOWS\autoload.exe
2008-08-25 10:46 --------- d-----w C:\Program Files\microsoft frontpage
2008-08-22 02:08 878,592 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-22 02:08 43,008 ----a-w C:\WINDOWS\system32\licmgr10.dll
2008-08-22 02:07 18,944 ----a-w C:\WINDOWS\system32\corpol.dll
2008-08-22 02:06 72,704 ----a-w C:\WINDOWS\system32\admparse.dll
2008-08-22 02:06 71,680 ----a-w C:\WINDOWS\system32\iesetup.dll
2008-08-22 02:06 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-08-22 02:05 48,640 ------w C:\WINDOWS\system32\PrivacIE.dll
2008-08-22 02:05 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-08-22 02:05 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
2008-08-22 02:04 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
2008-08-22 01:57 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
2008-08-05 16:55 265,720 ----a-w C:\WINDOWS\system32\msdbg2.dll
2008-07-18 21:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 21:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 21:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 21:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 21:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 21:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 21:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-09 08:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 17:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
.

((((((((((((((((((((((((((((( snapshot@2008-09-14_18.59.09.78 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-14 18:31:32 16,384 ------w C:\WINDOWS\temp\Perflib_Perfdata_7f4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-09-01 1235736]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
path=
backup=

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Manager.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 01:12 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-09-12 20:29 133104 C:\Documents and Settings\Dad\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 07:00 33648 C:\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
--a------ 2006-11-13 13:39 1289000 C:\Program Files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--------- 2005-07-08 15:25 1397760 C:\Program Files\Ahead\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
---hs---- 2008-04-14 01:12 1695232 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
-ra------ 2003-01-10 15:04 4263936 C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
--a------ 2008-06-08 12:24 236016 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-09-01 23:42 162744 C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nForce Tray Options]
-ra------ 2002-11-13 08:34 73728 C:\WINDOWS\system32\sstray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
-ra------ 2003-01-10 15:04 315392 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Office12\\OUTLOOK.EXE"=
"C:\\Office12\\GROOVE.EXE"=
"C:\\Office12\\ONENOTE.EXE"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\BitLord\\BitLord.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-09-01 97928]
R2 ATTSCAP;AVerMedia, WDM MPEG-2 TS Capture (DVBT);C:\WINDOWS\system32\drivers\attscap.sys [2003-06-24 18048]
R2 ATVCAP;AVerMedia, DVB-T WDM Video Capture;C:\WINDOWS\system32\drivers\atvcap.sys [2003-06-24 56320]
R2 ATXBAR;AVerMedia, DVB-T WDM Crossbar;C:\WINDOWS\system32\drivers\ATXBAR.sys [2003-06-24 8576]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-01 231704]
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\j2tcx1li.default\
FF -: plugin - C:\Documents and Settings\Dad\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-14 22:32:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-14 22:34:10
ComboFix-quarantined-files.txt 2008-09-14 21:34:03
ComboFix2.txt 2008-09-14 18:00:03
ComboFix3.txt 2008-09-07 04:08:29
ComboFix4.txt 2008-09-01 12:53:05
ComboFix5.txt 2008-09-14 21:29:00

Pre-Run: 73,156,239,360 bytes free
Post-Run: 73,120,681,984 bytes free

280 --- E O F --- 2008-09-10 11:37:28





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:15:19, on 14/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Dad\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
D:\Downloads\scan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Java Update] C:\Documents and Settings\Dad\Local Settings\Application Data\JavaRuntime.00.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1219938552078
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7452 bytes
 
Well there are a few things there that might need to be fixed, i'm not sure what instructions to post to fix it, i suggest you wait for a pro like ceewi1 and he will be able to help you a bit more.

Cheers.
 
You must log in or register to reply here.
Back
Top