Home   News  Product reviews  Website reviews  Forums   Competitions  Subscribe 
Search
You are not logged in.
Login | New user registration 		Main Index | Search | Active Topics | Who's Online | FAQ / HELP

Security >> HijackThis logs help and analysis
Previous topic Previous   View all topics Index   Next topic Next   Threaded Mode Threaded  
 |  Print Topic
Jump to first unread post. Pages: 1
grahalex
regular


Reg'd: Sat
Posts: 45
Please check log - start up problems !!
      #385157 - Tue Feb 19 2008 03:26 AM
Reply to this post Reply   Reply to this post Quote  

Please can someone check my log. My PC is slow to start up , sometimes the start bar doesn't load at all and I have to restart and sometimes the quick start icons change to completely different icons but have same function ie internet explorer etc.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:16:21, on 19/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\CACHEM~1\CachemanXP.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Firefly Media Server\firefly.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kontiki\KService.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\AOL\1179865871\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\Dit.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
c:\program files\common files\aol\1179865871\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
c:\program files\common files\aol\1179865871\ee\aolsoftware.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&query=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1179865871\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [CICache] CICache.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CachemanXP (CachemanXPService) - Outertech - C:\PROGRA~1\CACHEM~1\CachemanXP.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Firefly Media Server - Ron Pedde - C:\Program Files\Firefly Media Server\firefly.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Roku - Mark Heaton - C:\Program Files\RokuNSE\Roku.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 12203 bytes

Post Extras: Print Post   Remind Me!   Notify Moderator  
bricatModerator
HijackThis Helper


Reg'd: Wed
Posts: 29029
Loc: belfast
Re: Please check log - start up problems !! [Re: grahalex]
      #385170 - Tue Feb 19 2008 08:56 AM
Reply to this post Reply   Reply to this post Quote  

firstly you need to remove some of these :-

AVG Anti-Spyware
Ad-Aware 2007
AOL\Active Security Monitor
AOL antiSpyware
Search & Destroy\TeaTimer.exe

you have 5 antispyware programs running in real time.i would remove 4 of them and leave
avg antispyware running. they will definitely be slowing down your computer and could be conflicting with each other.


Then :-

Please download ComboFix from either of these two locations

BleepingComputerComboFix
geeks to go combofix

* Double click combofix.exe & follow the prompts.
* When finished, it shall produce a log for you. Post that log in your next reply

Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


Post back with the log from ComboFix and a new HJT log please.

--------------------
MY HELP IS FREE,BUT PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST SPYWARE.

You don't stop laughing when you get old, you get old when you stop laughing!

Post Extras: Print Post   Remind Me!   Notify Moderator  
grahalex
regular


Reg'd: Sat
Posts: 45
Re: Please check log - start up problems !! [Re: bricat]
      #385282 - Tue Feb 19 2008 08:48 PM
Reply to this post Reply   Reply to this post Quote  

The version of AVG that I have is the free one without resident shield, should I still keep it or use another one, Ad Aware perhaps ?

Post Extras: Print Post   Remind Me!   Notify Moderator  
grahalex
regular


Reg'd: Sat
Posts: 45
Re: Please check log - start up problems !! [Re: grahalex]
      #385290 - Tue Feb 19 2008 09:39 PM
Reply to this post Reply   Reply to this post Quote  

Here is combofix log

"Graham" - 2008-02-19 20:58:17 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2008-01-19 to 2008-02-19 )))))))))))))))))))))))))))))))


2008-02-15 10:35 <DIR> d-------- C:\Perl
2008-02-06 07:21 <DIR> d-------- C:\DOCUME~1\Rachel\APPLIC~1\Sereniti
2008-02-04 18:10 <DIR> d-------- C:\DOCUME~1\CATHER~1\WINDOWS
2008-02-01 07:41 <DIR> d-------- C:\DOCUME~1\CATHER~1\APPLIC~1\Sereniti
2008-01-31 16:09 <DIR> d-------- C:\DOCUME~1\Annette\APPLIC~1\Sereniti
2008-01-31 15:52 <DIR> d-------- C:\DOCUME~1\Graham\APPLIC~1\Sereniti
2008-01-31 15:38 <DIR> d-------- C:\DOCUME~1\Graham\APPLIC~1\WeatherWatcher
2008-01-29 20:23 <DIR> d-------- C:\Program Files\iPod
2008-01-29 20:22 <DIR> d-------- C:\Program Files\QuickTime
2008-01-29 19:37 86,016 --a------ C:\WINDOWS\Dit.exe
2008-01-29 19:37 61,440 --a------ C:\WINDOWS\DitExp.exe
2008-01-29 19:37 266,240 -r------- C:\WINDOWS\Dit.DLL
2008-01-29 19:37 24,576 --a------ C:\WINDOWS\CICache.exe
2008-01-29 19:37 13,568 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS
2008-01-28 17:49 <DIR> d-------- C:\DOCUME~1\Graham\.freeguide
2008-01-27 20:54 123,664 --a------ C:\WINDOWS\system32\MSJInt35.dll
2008-01-27 20:53 24,848 --a------ C:\WINDOWS\system32\MSJtEr35.dll
2008-01-27 20:52 71,680 --a------ C:\WINDOWS\ST5UNST.EXE
2008-01-27 20:52 29,696 --a------ C:\WINDOWS\system32\VB5StKit.dll
2008-01-27 11:00 <DIR> d-------- C:\Program Files\DupKiller
2008-01-27 10:40 <DIR> d-------- C:\Program Files\Desktop Graffitist
2008-01-27 10:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Earthsim
2008-01-27 10:28 <DIR> d-------- C:\Program Files\CachemanXP
2008-01-26 09:30 <DIR> d-------- C:\Bourne 3
2008-01-25 17:01 <DIR> d-------- C:\Program Files\Microsoft IntelliPoint
2008-01-25 16:50 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-01-25 16:33 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-01-20 23:15 <DIR> d-------- C:\SKILLB


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2008-02-19 21:00:19 31,733,792 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-19 20:58:38 -------- d-----w C:\Program Files\Firefly Media Server
2008-02-19 20:03:31 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\LimeWire
2008-02-19 17:27:31 372,272 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-17 16:50:42 -------- d-----w C:\Program Files\SpywareBlaster
2008-02-16 09:50:47 -------- d-----w C:\Program Files\LimeWire
2008-02-08 18:15:50 -------- d-----w C:\Program Files\DivX
2008-01-31 15:38:20 -------- d-----w C:\Program Files\Weather Watcher
2008-01-29 20:23:47 -------- d-----w C:\Program Files\iTunes
2008-01-29 19:37:37 -------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-28 07:28:02 -------- d-----w C:\Program Files\VideoLAN
2008-01-25 17:01:46 -------- d-----w C:\Program Files\Microsoft Hardware
2008-01-24 05:43:56 -------- d-----w C:\Program Files\Family Tree Maker 2005
2008-01-21 07:11:43 -------- d-----w C:\Program Files\Common Files\AOL
2008-01-18 22:18:27 -------- d-----w C:\Program Files\MFInstall
2008-01-18 14:43:49 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-10 05:22:54 -------- d-----w C:\Program Files\MusicBrainz Picard
2008-01-09 07:28:03 -------- d-----w C:\Program Files\RokuNSE
2008-01-06 10:51:27 -------- d-----w C:\Program Files\Lavalys
2008-01-06 10:37:16 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-01-06 10:33:35 -------- d-----w C:\Program Files\Realtek AC97
2008-01-04 21:59:04 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-01-04 21:58:50 3,596,288 -c--a-w C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 21:58:42 200,704 -c--a-w C:\WINDOWS\system32\ssldivx.dll
2008-01-04 21:58:42 1,044,480 -c--a-w C:\WINDOWS\system32\libdivx.dll
2008-01-04 21:57:22 81,920 -c--a-w C:\WINDOWS\system32\dpl100.dll
2008-01-04 21:57:22 196,608 -c--a-w C:\WINDOWS\system32\dtu100.dll
2008-01-04 21:57:16 53,248 -c--a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-01-04 21:57:14 593,920 -c--a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-01-04 21:57:14 57,344 -c--a-w C:\WINDOWS\system32\dpv11.dll
2008-01-04 21:57:14 344,064 -c--a-w C:\WINDOWS\system32\dpus11.dll
2008-01-04 21:57:14 294,912 -c--a-w C:\WINDOWS\system32\dpu11.dll
2008-01-04 21:57:14 294,912 -c--a-w C:\WINDOWS\system32\dpu10.dll
2008-01-04 21:57:12 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-01-04 21:57:10 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-01-04 21:57:10 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-01-04 21:57:10 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-01-04 21:56:48 156,992 -c--a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 21:56:24 12,288 -c--a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-01-04 15:05:15 -------- d-----w C:\Program Files\Kontiki
2008-01-01 23:47:19 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\TwonkyMedia
2008-01-01 16:12:21 -------- d-----w C:\Program Files\tl-it.de
2008-01-01 13:43:13 -------- d-----w C:\Program Files\BitComet
2008-01-01 13:41:34 -------- d-----w C:\Program Files\Roku Radio Snooper
2008-01-01 13:39:58 46 ----a-w C:\WINDOWS\system32\DonationCoder_rokusnooper_InstallInfo.dat
2008-01-01 13:39:46 -------- d-----w C:\Program Files\WinPcap
2008-01-01 12:31:14 -------- d-----w C:\Program Files\Musicmatch
2008-01-01 12:31:02 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\Musicmatch
2007-12-31 12:57:36 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\AutoTransfer
2007-12-25 08:58:13 -------- d-----w C:\Program Files\Diskeeper Corporation
2007-12-25 08:04:23 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\dvdcss
2007-12-25 07:41:26 -------- d-----w C:\Program Files\Elaborate Bytes
2007-12-23 23:21:55 -------- d-----w C:\Program Files\EsetOnlineScanner
2007-12-23 21:26:49 -------- d-----w C:\Program Files\RogueRemover FREE
2007-12-23 13:03:31 2,560 ----a-w C:\WINDOWS\system32\bitcometres.dll
2007-12-23 12:59:38 -------- d-----w C:\Program Files\WordBiz
2007-12-23 12:58:53 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-14 20:39:02 4,212 -c-h--w C:\WINDOWS\system32\zllictbl.dat
2007-12-13 12:05:48 531,248 ----a-w C:\WINDOWS\system32\es.scr
2007-12-07 15:30:30 103,776 -c--a-w C:\WINDOWS\system32\AOLDial.dll
2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 13:04:28 837,496 -c--a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54:04 95,608 -c--a-w C:\WINDOWS\system32\AvastSS.scr


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 22:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
2007-09-28 13:30 521528 --a------ C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
2007-12-17 11:12 56360 --a------ C:\Program Files\Windows Live\Family Safety\fssbho.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2008-01-04 17:21 1548624 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-09-25 00:11 501136 --a--c--- C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
2007-09-20 10:30 328752 --a------ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
2006-08-20 18:55 81920 --a--c--- C:\Program Files\Free Download Manager\iefdmcks.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 13:00]
"HostManager"="C:\Program Files\Common Files\AOL\1179865871\ee\AOLSoftware.exe" [2006-11-17 13:21]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 04:41]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05]
"IntelliPoint"="c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 15:52]
"CICache"="CICache.exe" [2002-09-05 14:21 C:\WINDOWS\CICache.exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 12:29]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages :\WINDOWS\syste

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]


Contents of the 'Scheduled Tasks' folder
2008-02-19 20:07:02 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-19 21:00:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2008-02-19 21:01:36
C:\ComboFix2.txt ... 2007-12-23 14:38
C:\ComboFix3.txt ... 2007-10-13 23:00

--- E O F ---

Post Extras: Print Post   Remind Me!   Notify Moderator  
grahalex
regular


Reg'd: Sat
Posts: 45
Re: Please check log - start up problems !! [Re: grahalex]
      #385295 - Tue Feb 19 2008 10:01 PM
Reply to this post Reply   Reply to this post Quote  

here is new HJT log

"Graham" - 2008-02-19 20:58:17 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2008-01-19 to 2008-02-19 )))))))))))))))))))))))))))))))


2008-02-15 10:35 <DIR> d-------- C:\Perl
2008-02-06 07:21 <DIR> d-------- C:\DOCUME~1\Rachel\APPLIC~1\Sereniti
2008-02-04 18:10 <DIR> d-------- C:\DOCUME~1\CATHER~1\WINDOWS
2008-02-01 07:41 <DIR> d-------- C:\DOCUME~1\CATHER~1\APPLIC~1\Sereniti
2008-01-31 16:09 <DIR> d-------- C:\DOCUME~1\Annette\APPLIC~1\Sereniti
2008-01-31 15:52 <DIR> d-------- C:\DOCUME~1\Graham\APPLIC~1\Sereniti
2008-01-31 15:38 <DIR> d-------- C:\DOCUME~1\Graham\APPLIC~1\WeatherWatcher
2008-01-29 20:23 <DIR> d-------- C:\Program Files\iPod
2008-01-29 20:22 <DIR> d-------- C:\Program Files\QuickTime
2008-01-29 19:37 86,016 --a------ C:\WINDOWS\Dit.exe
2008-01-29 19:37 61,440 --a------ C:\WINDOWS\DitExp.exe
2008-01-29 19:37 266,240 -r------- C:\WINDOWS\Dit.DLL
2008-01-29 19:37 24,576 --a------ C:\WINDOWS\CICache.exe
2008-01-29 19:37 13,568 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS
2008-01-28 17:49 <DIR> d-------- C:\DOCUME~1\Graham\.freeguide
2008-01-27 20:54 123,664 --a------ C:\WINDOWS\system32\MSJInt35.dll
2008-01-27 20:53 24,848 --a------ C:\WINDOWS\system32\MSJtEr35.dll
2008-01-27 20:52 71,680 --a------ C:\WINDOWS\ST5UNST.EXE
2008-01-27 20:52 29,696 --a------ C:\WINDOWS\system32\VB5StKit.dll
2008-01-27 11:00 <DIR> d-------- C:\Program Files\DupKiller
2008-01-27 10:40 <DIR> d-------- C:\Program Files\Desktop Graffitist
2008-01-27 10:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Earthsim
2008-01-27 10:28 <DIR> d-------- C:\Program Files\CachemanXP
2008-01-26 09:30 <DIR> d-------- C:\Bourne 3
2008-01-25 17:01 <DIR> d-------- C:\Program Files\Microsoft IntelliPoint
2008-01-25 16:50 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-01-25 16:33 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-01-20 23:15 <DIR> d-------- C:\SKILLB


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2008-02-19 21:00:19 31,733,792 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-19 20:58:38 -------- d-----w C:\Program Files\Firefly Media Server
2008-02-19 20:03:31 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\LimeWire
2008-02-19 17:27:31 372,272 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-17 16:50:42 -------- d-----w C:\Program Files\SpywareBlaster
2008-02-16 09:50:47 -------- d-----w C:\Program Files\LimeWire
2008-02-08 18:15:50 -------- d-----w C:\Program Files\DivX
2008-01-31 15:38:20 -------- d-----w C:\Program Files\Weather Watcher
2008-01-29 20:23:47 -------- d-----w C:\Program Files\iTunes
2008-01-29 19:37:37 -------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-28 07:28:02 -------- d-----w C:\Program Files\VideoLAN
2008-01-25 17:01:46 -------- d-----w C:\Program Files\Microsoft Hardware
2008-01-24 05:43:56 -------- d-----w C:\Program Files\Family Tree Maker 2005
2008-01-21 07:11:43 -------- d-----w C:\Program Files\Common Files\AOL
2008-01-18 22:18:27 -------- d-----w C:\Program Files\MFInstall
2008-01-18 14:43:49 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-10 05:22:54 -------- d-----w C:\Program Files\MusicBrainz Picard
2008-01-09 07:28:03 -------- d-----w C:\Program Files\RokuNSE
2008-01-06 10:51:27 -------- d-----w C:\Program Files\Lavalys
2008-01-06 10:37:16 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-01-06 10:33:35 -------- d-----w C:\Program Files\Realtek AC97
2008-01-04 21:59:04 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-01-04 21:58:50 3,596,288 -c--a-w C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 21:58:42 200,704 -c--a-w C:\WINDOWS\system32\ssldivx.dll
2008-01-04 21:58:42 1,044,480 -c--a-w C:\WINDOWS\system32\libdivx.dll
2008-01-04 21:57:22 81,920 -c--a-w C:\WINDOWS\system32\dpl100.dll
2008-01-04 21:57:22 196,608 -c--a-w C:\WINDOWS\system32\dtu100.dll
2008-01-04 21:57:16 53,248 -c--a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-01-04 21:57:14 593,920 -c--a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-01-04 21:57:14 57,344 -c--a-w C:\WINDOWS\system32\dpv11.dll
2008-01-04 21:57:14 344,064 -c--a-w C:\WINDOWS\system32\dpus11.dll
2008-01-04 21:57:14 294,912 -c--a-w C:\WINDOWS\system32\dpu11.dll
2008-01-04 21:57:14 294,912 -c--a-w C:\WINDOWS\system32\dpu10.dll
2008-01-04 21:57:12 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-01-04 21:57:10 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-01-04 21:57:10 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-01-04 21:57:10 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-01-04 21:56:48 156,992 -c--a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 21:56:24 12,288 -c--a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-01-04 15:05:15 -------- d-----w C:\Program Files\Kontiki
2008-01-01 23:47:19 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\TwonkyMedia
2008-01-01 16:12:21 -------- d-----w C:\Program Files\tl-it.de
2008-01-01 13:43:13 -------- d-----w C:\Program Files\BitComet
2008-01-01 13:41:34 -------- d-----w C:\Program Files\Roku Radio Snooper
2008-01-01 13:39:58 46 ----a-w C:\WINDOWS\system32\DonationCoder_rokusnooper_InstallInfo.dat
2008-01-01 13:39:46 -------- d-----w C:\Program Files\WinPcap
2008-01-01 12:31:14 -------- d-----w C:\Program Files\Musicmatch
2008-01-01 12:31:02 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\Musicmatch
2007-12-31 12:57:36 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\AutoTransfer
2007-12-25 08:58:13 -------- d-----w C:\Program Files\Diskeeper Corporation
2007-12-25 08:04:23 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\dvdcss
2007-12-25 07:41:26 -------- d-----w C:\Program Files\Elaborate Bytes
2007-12-23 23:21:55 -------- d-----w C:\Program Files\EsetOnlineScanner
2007-12-23 21:26:49 -------- d-----w C:\Program Files\RogueRemover FREE
2007-12-23 13:03:31 2,560 ----a-w C:\WINDOWS\system32\bitcometres.dll
2007-12-23 12:59:38 -------- d-----w C:\Program Files\WordBiz
2007-12-23 12:58:53 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-14 20:39:02 4,212 -c-h--w C:\WINDOWS\system32\zllictbl.dat
2007-12-13 12:05:48 531,248 ----a-w C:\WINDOWS\system32\es.scr
2007-12-07 15:30:30 103,776 -c--a-w C:\WINDOWS\system32\AOLDial.dll
2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 13:04:28 837,496 -c--a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54:04 95,608 -c--a-w C:\WINDOWS\system32\AvastSS.scr


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 22:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
2007-09-28 13:30 521528 --a------ C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
2007-12-17 11:12 56360 --a------ C:\Program Files\Windows Live\Family Safety\fssbho.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2008-01-04 17:21 1548624 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-09-25 00:11 501136 --a--c--- C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
2007-09-20 10:30 328752 --a------ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
2006-08-20 18:55 81920 --a--c--- C:\Program Files\Free Download Manager\iefdmcks.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 13:00]
"HostManager"="C:\Program Files\Common Files\AOL\1179865871\ee\AOLSoftware.exe" [2006-11-17 13:21]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 04:41]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05]
"IntelliPoint"="c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 15:52]
"CICache"="CICache.exe" [2002-09-05 14:21 C:\WINDOWS\CICache.exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 12:29]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages :\WINDOWS\syste

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]


Contents of the 'Scheduled Tasks' folder
2008-02-19 20:07:02 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-19 21:00:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2008-02-19 21:01:36
C:\ComboFix2.txt ... 2007-12-23 14:38
C:\ComboFix3.txt ... 2007-10-13 23:00

--- E O F ---

Post Extras: Print Post   Remind Me!   Notify Moderator  
bricatModerator
HijackThis Helper


Reg'd: Wed
Posts: 29029
Loc: belfast
Re: Please check log - start up problems !! [Re: grahalex]
      #385309 - Tue Feb 19 2008 11:43 PM
Reply to this post Reply   Reply to this post Quote  

Keep :- AVG Anti-Spyware and Search & Destroy\TeaTimer.exe.

Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.


1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.


Open *notepad* and copy/paste the text in the quotebox below into it:

Quote:



Registry::

[-HKEY_LOCAL_MACHINE\~\BrowserHelperObjects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00





Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.




Refering to the picture above, drag CFScript.txt into ComboFix.exe

Restart your computer.

When finished, it shall produce a log for you at C:\ComboFix.txt

Please copy and paste the ComboFix.txt along with a fresh HijackThis log (you posted the combo log twice in your last reply) in your next reply please and
let me know how it is running.


*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*

--------------------
MY HELP IS FREE,BUT PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST SPYWARE.

You don't stop laughing when you get old, you get old when you stop laughing!

Post Extras: Print Post   Remind Me!   Notify Moderator  
grahalex
regular


Reg'd: Sat
Posts: 45
Re: Please check log - start up problems !! [Re: bricat]
      #385329 - Wed Feb 20 2008 07:40 AM
Reply to this post Reply   Reply to this post Quote  

"Graham" - 2008-02-20 7:26:20 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2008-01-20 to 2008-02-20 )))))))))))))))))))))))))))))))


2008-02-15 10:35 <DIR> d-------- C:\Perl
2008-02-06 07:21 <DIR> d-------- C:\DOCUME~1\Rachel\APPLIC~1\Sereniti
2008-02-04 18:10 <DIR> d-------- C:\DOCUME~1\CATHER~1\WINDOWS
2008-02-01 07:41 <DIR> d-------- C:\DOCUME~1\CATHER~1\APPLIC~1\Sereniti
2008-01-31 16:09 <DIR> d-------- C:\DOCUME~1\Annette\APPLIC~1\Sereniti
2008-01-31 15:52 <DIR> d-------- C:\DOCUME~1\Graham\APPLIC~1\Sereniti
2008-01-31 15:38 <DIR> d-------- C:\DOCUME~1\Graham\APPLIC~1\WeatherWatcher
2008-01-29 20:23 <DIR> d-------- C:\Program Files\iPod
2008-01-29 20:22 <DIR> d-------- C:\Program Files\QuickTime
2008-01-29 19:37 86,016 --a------ C:\WINDOWS\Dit.exe
2008-01-29 19:37 61,440 --a------ C:\WINDOWS\DitExp.exe
2008-01-29 19:37 266,240 -r------- C:\WINDOWS\Dit.DLL
2008-01-29 19:37 24,576 --a------ C:\WINDOWS\CICache.exe
2008-01-29 19:37 13,568 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS
2008-01-28 17:49 <DIR> d-------- C:\DOCUME~1\Graham\.freeguide
2008-01-27 20:54 123,664 --a------ C:\WINDOWS\system32\MSJInt35.dll
2008-01-27 20:53 24,848 --a------ C:\WINDOWS\system32\MSJtEr35.dll
2008-01-27 20:52 71,680 --a------ C:\WINDOWS\ST5UNST.EXE
2008-01-27 20:52 29,696 --a------ C:\WINDOWS\system32\VB5StKit.dll
2008-01-27 11:00 <DIR> d-------- C:\Program Files\DupKiller
2008-01-27 10:40 <DIR> d-------- C:\Program Files\Desktop Graffitist
2008-01-27 10:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Earthsim
2008-01-27 10:28 <DIR> d-------- C:\Program Files\CachemanXP
2008-01-26 09:30 <DIR> d-------- C:\Bourne 3
2008-01-25 17:01 <DIR> d-------- C:\Program Files\Microsoft IntelliPoint
2008-01-25 16:50 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-01-25 16:33 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-01-20 23:15 <DIR> d-------- C:\SKILLB


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2008-02-20 07:27:29 32,071,712 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-20 07:24:21 -------- d-----w C:\Program Files\Firefly Media Server
2008-02-19 23:43:06 376,640 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-19 20:03:31 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\LimeWire
2008-02-17 16:50:42 -------- d-----w C:\Program Files\SpywareBlaster
2008-02-16 09:50:47 -------- d-----w C:\Program Files\LimeWire
2008-02-08 18:15:50 -------- d-----w C:\Program Files\DivX
2008-01-31 15:38:20 -------- d-----w C:\Program Files\Weather Watcher
2008-01-29 20:23:47 -------- d-----w C:\Program Files\iTunes
2008-01-29 19:37:37 -------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-28 07:28:02 -------- d-----w C:\Program Files\VideoLAN
2008-01-25 17:01:46 -------- d-----w C:\Program Files\Microsoft Hardware
2008-01-24 05:43:56 -------- d-----w C:\Program Files\Family Tree Maker 2005
2008-01-21 07:11:43 -------- d-----w C:\Program Files\Common Files\AOL
2008-01-18 22:18:27 -------- d-----w C:\Program Files\MFInstall
2008-01-18 14:43:49 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-10 05:22:54 -------- d-----w C:\Program Files\MusicBrainz Picard
2008-01-09 07:28:03 -------- d-----w C:\Program Files\RokuNSE
2008-01-06 10:51:27 -------- d-----w C:\Program Files\Lavalys
2008-01-06 10:37:16 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-01-06 10:33:35 -------- d-----w C:\Program Files\Realtek AC97
2008-01-04 21:59:04 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-01-04 21:58:50 3,596,288 -c--a-w C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 21:58:42 200,704 -c--a-w C:\WINDOWS\system32\ssldivx.dll
2008-01-04 21:58:42 1,044,480 -c--a-w C:\WINDOWS\system32\libdivx.dll
2008-01-04 21:57:22 81,920 -c--a-w C:\WINDOWS\system32\dpl100.dll
2008-01-04 21:57:22 196,608 -c--a-w C:\WINDOWS\system32\dtu100.dll
2008-01-04 21:57:16 53,248 -c--a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-01-04 21:57:14 593,920 -c--a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-01-04 21:57:14 57,344 -c--a-w C:\WINDOWS\system32\dpv11.dll
2008-01-04 21:57:14 344,064 -c--a-w C:\WINDOWS\system32\dpus11.dll
2008-01-04 21:57:14 294,912 -c--a-w C:\WINDOWS\system32\dpu11.dll
2008-01-04 21:57:14 294,912 -c--a-w C:\WINDOWS\system32\dpu10.dll
2008-01-04 21:57:12 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-01-04 21:57:10 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-01-04 21:57:10 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-01-04 21:57:10 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-01-04 21:56:48 156,992 -c--a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 21:56:24 12,288 -c--a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-01-04 15:05:15 -------- d-----w C:\Program Files\Kontiki
2008-01-01 23:47:19 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\TwonkyMedia
2008-01-01 16:12:21 -------- d-----w C:\Program Files\tl-it.de
2008-01-01 13:43:13 -------- d-----w C:\Program Files\BitComet
2008-01-01 13:41:34 -------- d-----w C:\Program Files\Roku Radio Snooper
2008-01-01 13:39:58 46 ----a-w C:\WINDOWS\system32\DonationCoder_rokusnooper_InstallInfo.dat
2008-01-01 13:39:46 -------- d-----w C:\Program Files\WinPcap
2008-01-01 12:31:14 -------- d-----w C:\Program Files\Musicmatch
2008-01-01 12:31:02 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\Musicmatch
2007-12-31 12:57:36 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\AutoTransfer
2007-12-25 08:58:13 -------- d-----w C:\Program Files\Diskeeper Corporation
2007-12-25 08:04:23 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\dvdcss
2007-12-25 07:41:26 -------- d-----w C:\Program Files\Elaborate Bytes
2007-12-23 23:21:55 -------- d-----w C:\Program Files\EsetOnlineScanner
2007-12-23 21:26:49 -------- d-----w C:\Program Files\RogueRemover FREE
2007-12-23 13:03:31 2,560 -c--a-w C:\WINDOWS\system32\bitcometres.dll
2007-12-23 12:59:38 -------- d-----w C:\Program Files\WordBiz
2007-12-23 12:58:53 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-14 20:39:02 4,212 -c-h--w C:\WINDOWS\system32\zllictbl.dat
2007-12-13 12:05:48 531,248 ----a-w C:\WINDOWS\system32\es.scr
2007-12-07 15:30:30 103,776 -c--a-w C:\WINDOWS\system32\AOLDial.dll
2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 13:04:28 837,496 -c--a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54:04 95,608 -c--a-w C:\WINDOWS\system32\AvastSS.scr


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 22:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
2007-09-28 13:30 521528 --a------ C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
2007-12-17 11:12 56360 --a------ C:\Program Files\Windows Live\Family Safety\fssbho.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2008-01-04 17:21 1548624 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-09-25 00:11 501136 --a--c--- C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
2007-09-20 10:30 328752 --a------ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
2006-08-20 18:55 81920 --a--c--- C:\Program Files\Free Download Manager\iefdmcks.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 13:00]
"HostManager"="C:\Program Files\Common Files\AOL\1179865871\ee\AOLSoftware.exe" [2006-11-17 13:21]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 04:41]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05]
"IntelliPoint"="c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 15:52]
"CICache"="CICache.exe" [2002-09-05 14:21 C:\WINDOWS\CICache.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-10 15:27]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 12:29]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages :\WINDOWS\syste

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]


Contents of the 'Scheduled Tasks' folder
2008-02-19 20:07:02 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-20 07:27:48
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2008-02-20 7:28:35
C:\ComboFix2.txt ... 2008-02-20 07:25
C:\ComboFix3.txt ... 2008-02-19 21:01

--- E O F ---

Post Extras: Print Post   Remind Me!   Notify Moderator  
bricatModerator
HijackThis Helper


Reg'd: Wed
Posts: 29029
Loc: belfast
Re: Please check log - start up problems !! [Re: grahalex]
      #385349 - Wed Feb 20 2008 09:29 AM
Reply to this post Reply   Reply to this post Quote  

can you try that again, it hasn't worked correctly.

what happened when you dragged the notepad text over and dropped it into combofix ?

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

including :-

AVG Anti-Spyware
Ad-Aware 2007
AOL\Active Security Monitor
AOL antiSpyware
Search & Destroy\TeaTimer.exe
avast anti virus.

--------------------
MY HELP IS FREE,BUT PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST SPYWARE.

You don't stop laughing when you get old, you get old when you stop laughing!

Post Extras: Print Post   Remind Me!   Notify Moderator  
grahalex
regular


Reg'd: Sat
Posts: 45
Re: Please check log - start up problems !! [Re: bricat]
      #385427 - Wed Feb 20 2008 06:20 PM
Reply to this post Reply   Reply to this post Quote  

Hi bricat, when I drag the script file into combofix it opens a run window, I press run and combo starts up, but then it asks me to press 1 to continue or 2 to abort and it won,t let me press either number.Iv'e run combo anyway, see what you think.

"Graham" - 2008-02-20 18:12:33 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2008-01-20 to 2008-02-20 )))))))))))))))))))))))))))))))


2008-02-15 10:35 <DIR> d-------- C:\Perl
2008-02-06 07:21 <DIR> d-------- C:\DOCUME~1\Rachel\APPLIC~1\Sereniti
2008-02-04 18:10 <DIR> d-------- C:\DOCUME~1\CATHER~1\WINDOWS
2008-02-01 07:41 <DIR> d-------- C:\DOCUME~1\CATHER~1\APPLIC~1\Sereniti
2008-01-31 16:09 <DIR> d-------- C:\DOCUME~1\Annette\APPLIC~1\Sereniti
2008-01-31 15:52 <DIR> d-------- C:\DOCUME~1\Graham\APPLIC~1\Sereniti
2008-01-31 15:38 <DIR> d-------- C:\DOCUME~1\Graham\APPLIC~1\WeatherWatcher
2008-01-29 20:23 <DIR> d-------- C:\Program Files\iPod
2008-01-29 20:22 <DIR> d-------- C:\Program Files\QuickTime
2008-01-29 19:37 86,016 --a------ C:\WINDOWS\Dit.exe
2008-01-29 19:37 61,440 --a------ C:\WINDOWS\DitExp.exe
2008-01-29 19:37 266,240 -r------- C:\WINDOWS\Dit.DLL
2008-01-29 19:37 24,576 --a------ C:\WINDOWS\CICache.exe
2008-01-29 19:37 13,568 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS
2008-01-28 17:49 <DIR> d-------- C:\DOCUME~1\Graham\.freeguide
2008-01-27 20:54 123,664 --a------ C:\WINDOWS\system32\MSJInt35.dll
2008-01-27 20:53 24,848 --a------ C:\WINDOWS\system32\MSJtEr35.dll
2008-01-27 20:52 71,680 --a------ C:\WINDOWS\ST5UNST.EXE
2008-01-27 20:52 29,696 --a------ C:\WINDOWS\system32\VB5StKit.dll
2008-01-27 11:00 <DIR> d-------- C:\Program Files\DupKiller
2008-01-27 10:40 <DIR> d-------- C:\Program Files\Desktop Graffitist
2008-01-27 10:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Earthsim
2008-01-27 10:28 <DIR> d-------- C:\Program Files\CachemanXP
2008-01-26 09:30 <DIR> d-------- C:\Bourne 3
2008-01-25 17:01 <DIR> d-------- C:\Program Files\Microsoft IntelliPoint
2008-01-25 16:50 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-01-25 16:33 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-01-20 23:15 <DIR> d-------- C:\SKILLB


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2008-02-20 18:14:26 32,266,272 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-20 18:13:53 -------- d-----w C:\Program Files\Firefly Media Server
2008-02-20 16:43:23 379,616 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-19 20:03:31 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\LimeWire
2008-02-17 16:50:42 -------- d-----w C:\Program Files\SpywareBlaster
2008-02-16 09:50:47 -------- d-----w C:\Program Files\LimeWire
2008-02-08 18:15:50 -------- d-----w C:\Program Files\DivX
2008-01-31 15:38:20 -------- d-----w C:\Program Files\Weather Watcher
2008-01-29 20:23:47 -------- d-----w C:\Program Files\iTunes
2008-01-29 19:37:37 -------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-28 07:28:02 -------- d-----w C:\Program Files\VideoLAN
2008-01-25 17:01:46 -------- d-----w C:\Program Files\Microsoft Hardware
2008-01-24 05:43:56 -------- d-----w C:\Program Files\Family Tree Maker 2005
2008-01-21 07:11:43 -------- d-----w C:\Program Files\Common Files\AOL
2008-01-18 22:18:27 -------- d-----w C:\Program Files\MFInstall
2008-01-18 14:43:49 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-10 05:22:54 -------- d-----w C:\Program Files\MusicBrainz Picard
2008-01-09 07:28:03 -------- d-----w C:\Program Files\RokuNSE
2008-01-06 10:51:27 -------- d-----w C:\Program Files\Lavalys
2008-01-06 10:37:16 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-01-06 10:33:35 -------- d-----w C:\Program Files\Realtek AC97
2008-01-04 21:59:04 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-01-04 21:58:50 3,596,288 -c--a-w C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 21:58:42 200,704 -c--a-w C:\WINDOWS\system32\ssldivx.dll
2008-01-04 21:58:42 1,044,480 -c--a-w C:\WINDOWS\system32\libdivx.dll
2008-01-04 21:57:22 81,920 -c--a-w C:\WINDOWS\system32\dpl100.dll
2008-01-04 21:57:22 196,608 -c--a-w C:\WINDOWS\system32\dtu100.dll
2008-01-04 21:57:16 53,248 -c--a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-01-04 21:57:14 593,920 -c--a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-01-04 21:57:14 57,344 -c--a-w C:\WINDOWS\system32\dpv11.dll
2008-01-04 21:57:14 344,064 -c--a-w C:\WINDOWS\system32\dpus11.dll
2008-01-04 21:57:14 294,912 -c--a-w C:\WINDOWS\system32\dpu11.dll
2008-01-04 21:57:14 294,912 -c--a-w C:\WINDOWS\system32\dpu10.dll
2008-01-04 21:57:12 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-01-04 21:57:10 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-01-04 21:57:10 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-01-04 21:57:10 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-01-04 21:56:48 156,992 -c--a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 21:56:24 12,288 -c--a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-01-04 15:05:15 -------- d-----w C:\Program Files\Kontiki
2008-01-01 23:47:19 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\TwonkyMedia
2008-01-01 16:12:21 -------- d-----w C:\Program Files\tl-it.de
2008-01-01 13:43:13 -------- d-----w C:\Program Files\BitComet
2008-01-01 13:41:34 -------- d-----w C:\Program Files\Roku Radio Snooper
2008-01-01 13:39:58 46 ----a-w C:\WINDOWS\system32\DonationCoder_rokusnooper_InstallInfo.dat
2008-01-01 13:39:46 -------- d-----w C:\Program Files\WinPcap
2008-01-01 12:31:14 -------- d-----w C:\Program Files\Musicmatch
2008-01-01 12:31:02 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\Musicmatch
2007-12-31 12:57:36 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\AutoTransfer
2007-12-25 08:58:13 -------- d-----w C:\Program Files\Diskeeper Corporation
2007-12-25 08:04:23 -------- d-----w C:\DOCUME~1\Graham\APPLIC~1\dvdcss
2007-12-25 07:41:26 -------- d-----w C:\Program Files\Elaborate Bytes
2007-12-23 23:21:55 -------- d-----w C:\Program Files\EsetOnlineScanner
2007-12-23 21:26:49 -------- d-----w C:\Program Files\RogueRemover FREE
2007-12-23 13:03:31 2,560 -c--a-w C:\WINDOWS\system32\bitcometres.dll
2007-12-23 12:59:38 -------- d-----w C:\Program Files\WordBiz
2007-12-23 12:58:53 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-14 20:39:02 4,212 -c-h--w C:\WINDOWS\system32\zllictbl.dat
2007-12-13 12:05:48 531,248 ----a-w C:\WINDOWS\system32\es.scr
2007-12-07 15:30:30 103,776 -c--a-w C:\WINDOWS\system32\AOLDial.dll
2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 13:04:28 837,496 -c--a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54:04 95,608 -c--a-w C:\WINDOWS\system32\AvastSS.scr


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 22:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
2007-09-28 13:30 521528 --a------ C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
2007-12-17 11:12 56360 --a------ C:\Program Files\Windows Live\Family Safety\fssbho.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2008-01-04 17:21 1548624 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-09-25 00:11 501136 --a--c--- C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
2007-09-20 10:30 328752 --a------ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
2006-08-20 18:55 81920 --a--c--- C:\Program Files\Free Download Manager\iefdmcks.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 13:00]
"HostManager"="C:\Program Files\Common Files\AOL\1179865871\ee\AOLSoftware.exe" [2006-11-17 13:21]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 04:41]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05]
"IntelliPoint"="c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 15:52]
"CICache"="CICache.exe" [2002-09-05 14:21 C:\WINDOWS\CICache.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-10 15:27]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 12:29]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages :\WINDOWS\syste

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]


Contents of the 'Scheduled Tasks' folder
2008-02-19 20:07:02 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-20 18:14:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2008-02-20 18:15:12
C:\ComboFix2.txt ... 2008-02-20 07:28
C:\ComboFix3.txt ... 2008-02-20 07:25

--- E O F ---

Post Extras: Print Post   Remind Me!   Notify Moderator  
grahalex
regular


Reg'd: Sat
Posts: 45
Re: Please check log - start up problems !! [Re: grahalex]
      #385428 - Wed Feb 20 2008 06:22 PM
Reply to this post Reply   Reply to this post Quote  

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:23:56, on 20/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Firefly Media Server\firefly.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kontiki\KService.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\wanmpsvc.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\AOL\1179865871\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\program files\common files\aol\1179865871\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
c:\program files\common files\aol\1179865871\ee\aolsoftware.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&query=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1179865871\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [CICache] CICache.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CachemanXP (CachemanXPService) - Outertech - C:\PROGRA~1\CACHEM~1\CachemanXP.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Firefly Media Server - Ron Pedde - C:\Program Files\Firefly Media Server\firefly.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Roku - Mark Heaton - C:\Program Files\RokuNSE\Roku.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 11744 bytes

Post Extras: Print Post   Remind Me!   Notify Moderator  
bricatModerator
HijackThis Helper


Reg'd: Wed
Posts: 29029
Loc: belfast
Re: Please check log - start up problems !! [Re: grahalex]
      #385432 - Wed Feb 20 2008 07:00 PM
Reply to this post Reply   Reply to this post Quote  

Quote:

asks me to press 1 to continue or 2 to abort and it won,t let me press either number



are you hitting the number 1 on your keyboard ?

--------------------
MY HELP IS FREE,BUT PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST SPYWARE.

You don't stop laughing when you get old, you get old when you stop laughing!

Post Extras: Print Post   Remind Me!