Tech Support Forum - View Single Post - Internet Explorer Pop-ups

Disko_Stu · 06-29-2007, 10:53 PM

Hey sUBs, thanks for the help.

I downloaded and ran ComboFix and it went through the first stage fine and then restarted, when I logged back in it continued and it just never ended :( I put it on before bed and it ran for over 10 hours and just never produced a log file.It was just stalled on the 'FIND3M' stage. To make note I never clicked or ran any other programs or files or folders whilst it was going! The best I could do was find the log file INSIDE the ComboFix directory which I believe is incomplete. I've also got a text file of all the quarentined files that I can post if you need. To finish up I ran HiJack This and produced a log file for you to look at, if you will. Hopefully you can assist, thanks.

_____________________

ComboFix Log (Imcomplete I believe)

"Jacqui Hampton" - 2007-06-30 2:46:13 - ComboFix 07-06-29.3 - Service Pack 2

(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\bbeeg.ini
C:\WINDOWS\system32\bbeeg.bak1
C:\WINDOWS\system32\geebb.dll

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

((((((((((((((((((((((((( Files Created from 2007-05-28 to 2007-06-29 )))))))))))))))))))))))))))))))

2007-06-29 21:46 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-29 16:51 0 --a------ C:\WINDOWS\nsreg.dat
2007-06-29 16:11 <DIR> d-------- C:\Deckard
2007-06-28 20:48 1,048,576 --ah----- C:\DOCUME~1\LOCALS~1.NTA\NTUSER.DAT
2007-06-28 20:48 <DIR> d---s---- C:\DOCUME~1\LOCALS~1.NTA\UserData
2007-06-28 20:47 <DIR> d--hs---- C:\FOUND.000
2007-06-24 00:27 4,672 --a------ C:\WINDOWS\system32\dxjbgfji.exe
2007-06-23 23:35 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2007-06-22 11:37 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\Atari
2007-06-22 11:14 197,120 --a------ C:\WINDOWS\patchw32.dll
2007-06-22 11:14 <DIR> d-------- C:\Program Files\Common Files\PocketSoft
2007-06-22 11:14 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\Leadertech
2007-06-22 11:09 <DIR> d-------- C:\Program Files\Atari
2007-06-21 16:12 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\FileMaker
2007-06-21 12:12 125,504 --a------ C:\WINDOWS\system32\ubtcpwlp.dll
2007-06-21 11:37 <DIR> d-------- C:\WINDOWS\system32\qkchukoe
2007-06-21 11:04 60,928 --a------ C:\WINDOWS\system32\lcmrvx.dll
2007-06-13 22:02 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\Tenebril
2007-06-13 21:53 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tenebril
2007-06-13 21:52 40,960 --a-s---- C:\WINDOWS\system32\ProcessKiller.dll
2007-06-13 21:52 180,224 --a-s---- C:\WINDOWS\system32\archlib.dll
2007-06-13 21:52 169,544 --a-s---- C:\WINDOWS\system32\SecuLoad.dll
2007-06-13 21:52 1,103,944 --a-s---- C:\WINDOWS\system32\Protector.dll
2007-06-13 21:52 <DIR> d-------- C:\WINDOWS\system32\tenarchlib
2007-06-13 21:52 <DIR> d-------- C:\Program Files\SpyCatcher
2007-06-13 21:47 56,832 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\ctqbgngx.exe
2007-06-13 17:57 754,808 --a------ C:\WINDOWS\system32\LiveProtectSetup.exe
2007-06-13 17:42 24,643 --a------ C:\WINDOWS\system32\ssqoonn.dll
2007-06-12 17:20 <DIR> d-------- C:\Program Files\Yahoo! Games
2007-06-11 16:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
2007-06-11 16:12 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\Sandlot Games
2007-05-01 18:49 167,936 --a------ C:\WINDOWS\system32\mm4095oo.dll

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-29 17:51:06 12 ----a-w C:\WINDOWS\bthservsdp.dat
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-01 08:49:06 16 ----a-w C:\WINDOWS\system32\a99vi88f.dat
2007-05-01 08:49:02 573,944 ----a-w C:\WINDOWS\system32\nc5vfm94.dat
2007-05-01 08:48:58 2,256 ----a-w C:\WINDOWS\system32\rl5ba39o.dat
2007-04-26 06

10 690,757 ----a-w C:\WINDOWS\system32\fppcbmfb.exe
2007-04-25 14:21:16 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-20 02:46:26 45,056 ----a-w C:\WINDOWS\system32\qbb5o8jg.exe
2007-04-18 16:12:24 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-18 06:08:36 107,520 ----a-w C:\WINDOWS\63ffj9lp.exe
2007-04-16 12:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 12:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 12:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 12:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 12:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 12:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 12:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 12:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-05 00:34:12 16,384 ----a-w C:\WINDOWS\hfhjxefc.exe

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{00000010-6F7D-442C-93E3-4A4827C2E4C8}=C:\WINDOWS\nem220.dll [2005-03-06 16:37]
{02478D38-C3F9-4efb-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll [2004-09-29 11:02]
{0A87E45F-537A-40B4-B812-E2544C21A09F}=C:\Program Files\SpyCatcher\SCActiveBlock.dll [2005-08-22 21:57]
{6A3D18F9-DB38-80C8-1A64-FE8DB02185EF}=C:\WINDOWS\system32\lcmrvx.dll [2007-06-21 00:49]
{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}=C:\WINDOWS\system32\ssqoonn.dll [2007-06-13 17:42]
{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}=C:\WINDOWS\wsem303.dll [2005-03-10 19:54]
{9394EDE7-C8B5-483E-8773-474BF36AF6E4}=C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 16:42]
{9E8125C9-9511-4E77-97DC-522439AB8F68}=C:\WINDOWS\system32\ubtcpwlp.dll [2007-06-21 12:12]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [2007-01-19 23:55]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-06-28 23:40]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-au\msntb.dll [2006-01-17 16:04]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"="CTHELPER.EXE" [2003-06-20 14:55 C:\WINDOWS\system32\CTHELPER.EXE]
"AsioReg"="REGSVR32.exe" [2004-08-04 18:56 C:\WINDOWS\system32\regsvr32.exe]
"SBDrvDet"="C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 18:06]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 19:53 C:\WINDOWS\soundman.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 11:52]
"nwiz"="nwiz.exe" [2004-04-23 14:24 C:\WINDOWS\system32\nwiz.exe]
"vptray"="C:\Program Files\NavNT\vptray.exe" [2001-09-24 06:59]
"IST Service"="C:\Program Files\ISTsvc\istsvc.exe" []
"Internet Optimizer"="C:\Program Files\Internet Optimizer\optimize313.exe" []
"Muahwzyt"="C:\Program Files\Zxlmgww\Yzagfp.exe" []
"Media Access"="C:\Program Files\Media Access\MediaAccK.exe" []
"Media Pass"="C:\Program Files\Media Pass\MediaPassK.exe" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe" [2005-08-26 17:14]
"Nokia Tray Application"="C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe" [2003-02-10 14:30]
"DataLayer"="C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe" [2003-10-07 06:44]
"csrss"="" []
"SurfAccuracy"="C:\Program Files\SurfAccuracy\SAcc.exe" [2007-04-05 10:31]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-02-11 14:52]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-12-20 20:54]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 18:56 C:\WINDOWS\system32\bthprops.cpl]
"DriveSMART"="C:\PROGRA~1\COMPUA~1\smartapp.exe" []
"F5D9050"="C:\Program Files\Belkin\F5D9050\Belkinwcui.exe" [2006-03-14 15:52]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 12:31]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 12:24]
"ctqbgngx.exe"="C:\Documents and Settings\All Users\Application Data\ctqbgngx.exe" [2007-06-13 21:47]
"SpyCatcher Reminder"="C:\Program Files\SpyCatcher\SpyCatcher.exe" [2007-05-07 11:56]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-28 23:40]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 12:06]
"Ttah"="C:\WINDOWS\SCURIT~1\regsvr32.exe" []
"Blixzhi"="C:\Program Files\?ystem\?srss.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"="C:\WINDOWS\system32\ssqoonn.dll" [2007-06-13 17:42]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljge]
C:\WINDOWS\system32\mljge.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SOFTWARE]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqoonn]
ssqoonn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=secuload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs
NtmlSvc

*Newly Created Service* - GTNDIS5

________________________________

Hijack This log completed after ComboFix

Logfile of HijackThis v1.99.1
Scan saved at 02:45, on 2007-06-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ANYCOM\Blue USB-120-240\bin\btwdins.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\ComboFix\catchme.cfexe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Documents and Settings\All Users\Application Data\ctqbgngx.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ANYCOM\Blue USB-120-240\BTTray.exe
C:\Program Files\SpyCatcher\Protector.exe
C:\Program Files\SpyCatcher\Scheduler daemon.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ninemsn.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: ninemsn - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-au\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize313.exe"
O4 - HKLM\..\Run: [Muahwzyt] C:\Program Files\Zxlmgww\Yzagfp.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Media Pass] C:\Program Files\Media Pass\MediaPassK.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DriveSMART] C:\PROGRA~1\COMPUA~1\smartapp.exe STARTUP
O4 - HKLM\..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ctqbgngx.exe] C:\Documents and Settings\All Users\Application Data\ctqbgngx.exe
O4 - HKLM\..\Run: [SpyCatcher Reminder] C:\Program Files\SpyCatcher\SpyCatcher.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Ttah] "C:\WINDOWS\SCURIT~1\regsvr32.exe" -vt yazb
O4 - HKCU\..\Run: [Blixzhi] "C:\Program Files\?ystem\?srss.exe"
O4 - Startup: csrss.lnk = ?
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: SpyCatcher Protector.lnk = C:\Program Files\SpyCatcher\Protector.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Mu...ridge-c106.cab
O16 - DPF: {16BED5D9-AA6B-4A96-A134-C1958893490F} (VacPro.int_ver40v) - http://advnt01.com/dialer/intES_ver40v.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/.../GAME_UNO1.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: secuload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\ANYCOM\Blue USB-120-240\bin\btwdins.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

06-29-2007, 10:53 PM	#3 (permalink)
Disko_Stu Registered User Join Date: May 2007 Location: Australia Posts: 43 OS: Windows XP and Vista	Re: Internet Explorer Pop-ups Hey sUBs, thanks for the help. I downloaded and ran ComboFix and it went through the first stage fine and then restarted, when I logged back in it continued and it just never ended :( I put it on before bed and it ran for over 10 hours and just never produced a log file.It was just stalled on the 'FIND3M' stage. To make note I never clicked or ran any other programs or files or folders whilst it was going! The best I could do was find the log file INSIDE the ComboFix directory which I believe is incomplete. I've also got a text file of all the quarentined files that I can post if you need. To finish up I ran HiJack This and produced a log file for you to look at, if you will. Hopefully you can assist, thanks. _____________________ ComboFix Log (Imcomplete I believe) "Jacqui Hampton" - 2007-06-30 2:46:13 - ComboFix 07-06-29.3 - Service Pack 2 (((((((((((((((((((((((((((((((((((((((((((( V Log ))))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\bbeeg.ini C:\WINDOWS\system32\bbeeg.bak1 C:\WINDOWS\system32\geebb.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ((((((((((((((((((((((((( Files Created from 2007-05-28 to 2007-06-29 ))))))))))))))))))))))))))))))) 2007-06-29 21:46 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-29 16:51 0 --a------ C:\WINDOWS\nsreg.dat 2007-06-29 16:11 <DIR> d-------- C:\Deckard 2007-06-28 20:48 1,048,576 --ah----- C:\DOCUME~1\LOCALS~1.NTA\NTUSER.DAT 2007-06-28 20:48 <DIR> d---s---- C:\DOCUME~1\LOCALS~1.NTA\UserData 2007-06-28 20:47 <DIR> d--hs---- C:\FOUND.000 2007-06-24 00:27 4,672 --a------ C:\WINDOWS\system32\dxjbgfji.exe 2007-06-23 23:35 <DIR> d-------- C:\WINDOWS\SxsCaPendDel 2007-06-22 11:37 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\Atari 2007-06-22 11:14 197,120 --a------ C:\WINDOWS\patchw32.dll 2007-06-22 11:14 <DIR> d-------- C:\Program Files\Common Files\PocketSoft 2007-06-22 11:14 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\Leadertech 2007-06-22 11:09 <DIR> d-------- C:\Program Files\Atari 2007-06-21 16:12 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\FileMaker 2007-06-21 12:12 125,504 --a------ C:\WINDOWS\system32\ubtcpwlp.dll 2007-06-21 11:37 <DIR> d-------- C:\WINDOWS\system32\qkchukoe 2007-06-21 11:04 60,928 --a------ C:\WINDOWS\system32\lcmrvx.dll 2007-06-13 22:02 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\Tenebril 2007-06-13 21:53 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tenebril 2007-06-13 21:52 40,960 --a-s---- C:\WINDOWS\system32\ProcessKiller.dll 2007-06-13 21:52 180,224 --a-s---- C:\WINDOWS\system32\archlib.dll 2007-06-13 21:52 169,544 --a-s---- C:\WINDOWS\system32\SecuLoad.dll 2007-06-13 21:52 1,103,944 --a-s---- C:\WINDOWS\system32\Protector.dll 2007-06-13 21:52 <DIR> d-------- C:\WINDOWS\system32\tenarchlib 2007-06-13 21:52 <DIR> d-------- C:\Program Files\SpyCatcher 2007-06-13 21:47 56,832 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\ctqbgngx.exe 2007-06-13 17:57 754,808 --a------ C:\WINDOWS\system32\LiveProtectSetup.exe 2007-06-13 17:42 24,643 --a------ C:\WINDOWS\system32\ssqoonn.dll 2007-06-12 17:20 <DIR> d-------- C:\Program Files\Yahoo! Games 2007-06-11 16:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games 2007-06-11 16:12 <DIR> d-------- C:\DOCUME~1\JACQUI~1\APPLIC~1\Sandlot Games 2007-05-01 18:49 167,936 --a------ C:\WINDOWS\system32\mm4095oo.dll (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-29 17:51:06 12 ----a-w C:\WINDOWS\bthservsdp.dat 2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-01 08:49:06 16 ----a-w C:\WINDOWS\system32\a99vi88f.dat 2007-05-01 08:49:02 573,944 ----a-w C:\WINDOWS\system32\nc5vfm94.dat 2007-05-01 08:48:58 2,256 ----a-w C:\WINDOWS\system32\rl5ba39o.dat 2007-04-26 0610 690,757 ----a-w C:\WINDOWS\system32\fppcbmfb.exe 2007-04-25 14:21:16 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-20 02:46:26 45,056 ----a-w C:\WINDOWS\system32\qbb5o8jg.exe 2007-04-18 16:12:24 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-18 06:08:36 107,520 ----a-w C:\WINDOWS\63ffj9lp.exe 2007-04-16 12:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 12:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 12:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 12:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 12:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 12:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 12:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 12:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-05 00:34:12 16,384 ----a-w C:\WINDOWS\hfhjxefc.exe ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {00000010-6F7D-442C-93E3-4A4827C2E4C8}=C:\WINDOWS\nem220.dll [2005-03-06 16:37] {02478D38-C3F9-4efb-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll [2004-09-29 11:02] {0A87E45F-537A-40B4-B812-E2544C21A09F}=C:\Program Files\SpyCatcher\SCActiveBlock.dll [2005-08-22 21:57] {6A3D18F9-DB38-80C8-1A64-FE8DB02185EF}=C:\WINDOWS\system32\lcmrvx.dll [2007-06-21 00:49] {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}=C:\WINDOWS\system32\ssqoonn.dll [2007-06-13 17:42] {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}=C:\WINDOWS\wsem303.dll [2005-03-10 19:54] {9394EDE7-C8B5-483E-8773-474BF36AF6E4}=C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 16:42] {9E8125C9-9511-4E77-97DC-522439AB8F68}=C:\WINDOWS\system32\ubtcpwlp.dll [2007-06-21 12:12] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [2007-01-19 23:55] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-06-28 23:40] {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-au\msntb.dll [2006-01-17 16:04] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTHelper"="CTHELPER.EXE" [2003-06-20 14:55 C:\WINDOWS\system32\CTHELPER.EXE] "AsioReg"="REGSVR32.exe" [2004-08-04 18:56 C:\WINDOWS\system32\regsvr32.exe] "SBDrvDet"="C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 18:06] "SoundMan"="SOUNDMAN.EXE" [2003-12-19 19:53 C:\WINDOWS\soundman.exe] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 11:52] "nwiz"="nwiz.exe" [2004-04-23 14:24 C:\WINDOWS\system32\nwiz.exe] "vptray"="C:\Program Files\NavNT\vptray.exe" [2001-09-24 06:59] "IST Service"="C:\Program Files\ISTsvc\istsvc.exe" [] "Internet Optimizer"="C:\Program Files\Internet Optimizer\optimize313.exe" [] "Muahwzyt"="C:\Program Files\Zxlmgww\Yzagfp.exe" [] "Media Access"="C:\Program Files\Media Access\MediaAccK.exe" [] "Media Pass"="C:\Program Files\Media Pass\MediaPassK.exe" [] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe" [2005-08-26 17:14] "Nokia Tray Application"="C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe" [2003-02-10 14:30] "DataLayer"="C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe" [2003-10-07 06:44] "csrss"="" [] "SurfAccuracy"="C:\Program Files\SurfAccuracy\SAcc.exe" [2007-04-05 10:31] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-02-11 14:52] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-12-20 20:54] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 18:56 C:\WINDOWS\system32\bthprops.cpl] "DriveSMART"="C:\PROGRA~1\COMPUA~1\smartapp.exe" [] "F5D9050"="C:\Program Files\Belkin\F5D9050\Belkinwcui.exe" [2006-03-14 15:52] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 12:31] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 12:24] "ctqbgngx.exe"="C:\Documents and Settings\All Users\Application Data\ctqbgngx.exe" [2007-06-13 21:47] "SpyCatcher Reminder"="C:\Program Files\SpyCatcher\SpyCatcher.exe" [2007-05-07 11:56] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-28 23:40] "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 12:06] "Ttah"="C:\WINDOWS\SCURIT~1\regsvr32.exe" [] "Blixzhi"="C:\Program Files\?ystem\?srss.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"="C:\WINDOWS\system32\ssqoonn.dll" [2007-06-13 17:42] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljge] C:\WINDOWS\system32\mljge.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SOFTWARE] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqoonn] ssqoonn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=secuload.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs BthServ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs NtmlSvc Newly Created Service - GTNDIS5 ________________________________ Hijack This log completed after ComboFix Logfile of HijackThis v1.99.1 Scan saved at 02:45, on 2007-06-30 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ANYCOM\Blue USB-120-240\bin\btwdins.exe C:\Program Files\NavNT\defwatch.exe C:\Program Files\NavNT\rtvscan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsgSys.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\ComboFix\catchme.cfexe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\NavNT\vptray.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Belkin\F5D9050\Belkinwcui.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Documents and Settings\All Users\Application Data\ctqbgngx.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ANYCOM\Blue USB-120-240\BTTray.exe C:\Program Files\SpyCatcher\Protector.exe C:\Program Files\SpyCatcher\Scheduler daemon.exe C:\WINDOWS\system32\LVComsX.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ninemsn.com.au/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O3 - Toolbar: ninemsn - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-au\msntb.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize313.exe" O4 - HKLM\..\Run: [Muahwzyt] C:\Program Files\Zxlmgww\Yzagfp.exe O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe O4 - HKLM\..\Run: [Media Pass] C:\Program Files\Media Pass\MediaPassK.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [DriveSMART] C:\PROGRA~1\COMPUA~1\smartapp.exe STARTUP O4 - HKLM\..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [ctqbgngx.exe] C:\Documents and Settings\All Users\Application Data\ctqbgngx.exe O4 - HKLM\..\Run: [SpyCatcher Reminder] C:\Program Files\SpyCatcher\SpyCatcher.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Ttah] "C:\WINDOWS\SCURIT~1\regsvr32.exe" -vt yazb O4 - HKCU\..\Run: [Blixzhi] "C:\Program Files\?ystem\?srss.exe" O4 - Startup: csrss.lnk = ? O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: SpyCatcher Protector.lnk = C:\Program Files\SpyCatcher\Protector.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Mu...ridge-c106.cab O16 - DPF: {16BED5D9-AA6B-4A96-A134-C1958893490F} (VacPro.int_ver40v) - http://advnt01.com/dialer/intES_ver40v.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/.../GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: secuload.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\ANYCOM\Blue USB-120-240\bin\btwdins.exe O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe