Right, I have read the before you post guide, it's quite long so I hope I haven't made any foolish errors as I really do have high hopes for the expertise from these forums. My computer use is to a good level so should understand most instructions, please help.
So here's the HJTLog.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:54, on 16/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\OEM02Mon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
c:\Program Files\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe
C:\WINDOWS\Integrator.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smallbiz.dell.com/en_uk?hl=en&client=dell-usuk&channel=uk-smb&ibd=2080117
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.google.com/smallbiz.dell.com/en_uk?hl=en&client=dell-usuk&channel=uk-smb&ibd=2080117
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://partnerpage.google.com/smallbiz.dell.com/en_uk?hl=en&client=dell-usuk&channel=uk-smb&ibd=2080117
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 203.162.183.222:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6793ea78-b790-4ada-a045-ef4ad6a3158f} - C:\WINDOWS\system32\veseyusi.dll (file missing)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [System Files Updater] C:\WINDOWS\FlyakiteOSX\System Files Updater.exe /S
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\WINDOWS\TEMP\E_S260.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [prnet] "C:\WINDOWS\system32\prnet.tmp"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2096] command.com /c del "C:\WINDOWS\system32\drivers\SKYNETrownthon.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2184] cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETrownthon.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9056] command.com /c del "C:\WINDOWS\system32\drivers\SKYNETrownthon.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3700] cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETrownthon.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9968] command.com /c del "C:\WINDOWS\system32\SKYNETklvmpxuw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7575] cmd.exe /c del "C:\WINDOWS\system32\SKYNETklvmpxuw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1504] command.com /c del "C:\WINDOWS\system32\SKYNETklvmpxuw.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5458] cmd.exe /c del "C:\WINDOWS\system32\SKYNETklvmpxuw.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3844] command.com /c del "C:\WINDOWS\system32\SKYNETqlotpwbu.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4811] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqlotpwbu.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6852] command.com /c del "C:\WINDOWS\system32\SKYNETqlotpwbu.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4222] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqlotpwbu.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7507] command.com /c del "C:\WINDOWS\system32\SKYNETqbuexdus.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5669] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqbuexdus.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9066] command.com /c del "C:\WINDOWS\system32\SKYNETqbuexdus.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8400] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqbuexdus.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2454] command.com /c del "C:\WINDOWS\system32\SKYNETqcdmvywq.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2745] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqcdmvywq.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8841] command.com /c del "C:\WINDOWS\system32\SKYNETqcdmvywq.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7102] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqcdmvywq.dat"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SearchSpy] C:\Program Files\SearchSpy\SearchSpyMenu.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB4991] command.com /c del "C:\WINDOWS\system32\drivers\SKYNETrownthon.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6923] cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETrownthon.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8887] command.com /c del "C:\WINDOWS\system32\drivers\SKYNETrownthon.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2477] cmd.exe /c del "C:\WINDOWS\system32\drivers\SKYNETrownthon.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6494] command.com /c del "C:\WINDOWS\system32\SKYNETklvmpxuw.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1557] cmd.exe /c del "C:\WINDOWS\system32\SKYNETklvmpxuw.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8700] command.com /c del "C:\WINDOWS\system32\SKYNETklvmpxuw.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6390] cmd.exe /c del "C:\WINDOWS\system32\SKYNETklvmpxuw.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4144] command.com /c del "C:\WINDOWS\system32\SKYNETqlotpwbu.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3309] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqlotpwbu.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB642] command.com /c del "C:\WINDOWS\system32\SKYNETqlotpwbu.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD546] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqlotpwbu.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1969] command.com /c del "C:\WINDOWS\system32\SKYNETqbuexdus.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4644] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqbuexdus.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9281] command.com /c del "C:\WINDOWS\system32\SKYNETqbuexdus.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2118] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqbuexdus.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3131] command.com /c del "C:\WINDOWS\system32\SKYNETqcdmvywq.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2026] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqcdmvywq.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7190] command.com /c del "C:\WINDOWS\system32\SKYNETqcdmvywq.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3804] cmd.exe /c del "C:\WINDOWS\system32\SKYNETqcdmvywq.dat"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Battery Doubler.lnk = C:\Program Files\Dachshund Software\Battery Doubler\Battery Doubler.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Device Detector 2.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Phone Connection Monitor.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201017859971
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201018829846
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\yijazowi.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 18899 bytes

Hi prozak

Download gmer.zip (http://gmer.net/gmer.zip) and save to your desktop.
alternate download site (http://hype.free.googlepages.com/gmer.zip)

Unzip/extract the file to its own folder. (Click here (http://www.bleepingcomputer.com/tutorials/tutorial105.html) for information on how to do this if not sure. Win 2000 users click here (http://www.bleepingcomputer.com/tutorials/tutorial106.html).
When you have done this, disconnect from the Internet and close all running programs.
There is a small chance this application may crash your computer so save any work you have open.
Double-click on Gmer.exe to start the program.
Allow the gmer.sys driver to load if asked.
If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
Click on the Rootkit tab.
Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
Click on the "Scan" and wait for the scan to finish.
Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
Note: If you have any problems, try running GMER in SAFE MODE (http://www.bleepingcomputer.com/forums/tutorial61.html)"
Important! Please do not select the "Show all" checkbox during the scan..

Hey Shaba :) thankyou for your reply, here's the result.

GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net
Rootkit scan 2009-08-19 12:06:05
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

INT 0x62 ? 8A914BF8
INT 0x73 ? 8A914BF8
INT 0x73 ? 8A914BF8
INT 0x84 ? 8A73EF00
INT 0x94 ? 8A73EF00
INT 0x94 ? 8A73EF00
INT 0x94 ? 8A73EF00
INT 0xB4 ? 8A73EF00
INT 0xB4 ? 8A73EF00
INT 0xB4 ? 8A73EF00
INT 0xB4 ? 8A73EF00

Code 8A5A02A8 ZwEnumerateKey
Code 8A59FE50 ZwFlushInstructionCache
Code 8A5A0DB6 IofCallDriver
Code 8A3AA856 IofCompleteRequest

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!IofCallDriver 804EF1A6 5 Bytes JMP 8A5A0DBB
.text ntkrnlpa.exe!IofCompleteRequest 804EF236 5 Bytes JMP 8A3AA85B
PAGE ntkrnlpa.exe!ZwFlushInstructionCache 805B6812 5 Bytes JMP 8A59FE54
PAGE ntkrnlpa.exe!ZwEnumerateKey 80623FF0 5 Bytes JMP 8A5A02AC
? spob.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload B90DD8AC 5 Bytes JMP 8A73E4E0

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\OEM02Mon.exe[172] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 0891000A
.text C:\WINDOWS\system32\hkcmd.exe[236] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 089B000A
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[372] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 00A1000A
.text C:\WINDOWS\system32\igfxpers.exe[376] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 003B000A
.text C:\WINDOWS\system32\KADxMain.exe[468] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 009B000A
.text C:\Program Files\Java\jre6\bin\jusched.exe[496] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 51981CE2 C:\PROGRA~1\DVDREG~1\DVDShell.dll (DVD Region-Free Shell Module/Fengtao Software Inc.)
.text C:\WINDOWS\stsystra.exe[520] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 009B000A
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[528] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 08EB000A
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[540] ntdll.dll!LdrLoadDll 7C9163C3 3 Bytes JMP 0892000A
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[540] ntdll.dll!LdrLoadDll + 4 7C9163C7 1 Byte [8C]
.text C:\WINDOWS\system32\svchost.exe[548] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 0067000A
.text ...
.text C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe[1460] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Windows Live Messenger/Microsoft Corporation)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1540] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 00C1000A
.text C:\WINDOWS\system32\scardsvr.exe[1748] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 0066000A
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[1784] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 08CF000A
.text C:\WINDOWS\Explorer.EXE[1820] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 00B7000A
.text C:\WINDOWS\Explorer.EXE[1820] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 51981CE2 C:\PROGRA~1\DVDREG~1\DVDShell.dll (DVD Region-Free Shell Module/Fengtao Software Inc.)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1852] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 00C9000A
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1932] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 00F0000A
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[1980] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 0078000A
.text C:\Program Files\iPod\bin\iPodService.exe[1992] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 0074000A
.text C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe[2056] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 003C000A
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EAC040] spob.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EAC13C] spob.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EAC0BE] spob.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EAC7FC] spob.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EAC6D2] spob.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EBBD92] spob.sys

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A9821F8
Device \FileSystem\Fastfat \FatCdrom 88DD4500
Device \FileSystem\Udfs \UdfsCdRom 8A69A500
Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Roxio)
Device \FileSystem\Udfs \UdfsDisk 8A69A500
Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Roxio)

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\sptd \Device\650393742 spob.sys
Device \Driver\usbuhci \Device\USBPDO-0 8A748500
Device \Driver\usbuhci \Device\USBPDO-1 8A748500
Device \Driver\usbehci \Device\USBPDO-2 8A84F500
Device \Driver\usbuhci \Device\USBPDO-3 8A748500
Device \Driver\NetBT \Device\NetBT_Tcpip_{99FA03D6-E5BA-4B98-90BF-8B89A7041609} 8A5CA1F8
Device \Driver\usbuhci \Device\USBPDO-4 8A748500

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbehci \Device\USBPDO-5 8A84F500
Device \Driver\usbuhci \Device\USBPDO-6 8A748500
Device \Driver\PCI_PNP1242 \Device\00000057 spob.sys
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A9841F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A9841F8
Device \Driver\Cdrom \Device\CdRom0 8A839500
Device \Driver\NetBT \Device\NetBT_Tcpip_{FC662B75-5C88-4606-95D2-0AD135903345} 8A5CA1F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 8A9841F8
Device \Driver\Ftdisk \Device\HarddiskVolume4 8A9841F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A5CA1F8
Device \Driver\NetBT \Device\NetbiosSmb 8A5CA1F8

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 8A748500
Device \Driver\usbuhci \Device\USBFDO-1 8A748500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A69F500
Device \Driver\usbehci \Device\USBFDO-2 8A84F500
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A69F500
Device \Driver\usbuhci \Device\USBFDO-3 8A748500
Device \Driver\usbuhci \Device\USBFDO-4 8A748500
Device \Driver\Ftdisk \Device\FtControl 8A9841F8
Device \Driver\usbuhci \Device\USBFDO-5 8A748500
Device \Driver\usbehci \Device\USBFDO-6 8A84F500
Device \Driver\adsfp9aa \Device\Scsi\adsfp9aa1 8A6731F8
Device \Driver\adsfp9aa \Device\Scsi\adsfp9aa1Port2Path0Target0Lun0 8A6731F8
Device \FileSystem\Fastfat \Fat 88DD4500

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs 88E311F8

---- Services - GMER 1.0.15 ----

Service C:\WINDOWS\system32\drivers\SKYNETrownthon.sys (*** hidden *** ) [SYSTEM] SKYNETjwqbapmy <-- ROOTKIT !!!

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy@start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy@type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy@group file system
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy@imagepath \systemroot\system32\drivers\SKYNETrownthon.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\main
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\main@aid 10093
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\main@sid 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\main@cmddelay 14400
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\main\delete
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\main\injector
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\main\injector@* SKYNETwsp.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\main\tasks
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\modules
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\modules@SKYNETrk.sys \systemroot\system32\drivers\SKYNETrownthon.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\modules@SKYNETcmd.dll \systemroot\system32\SKYNETklvmpxuw.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\modules@SKYNETlog.dat \systemroot\system32\SKYNETqbuexdus.dat
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\modules@SKYNETwsp.dll \systemroot\system32\SKYNETqlotpwbu.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETjwqbapmy\modules@SKYNET.dat \systemroot\system32\SKYNETqcdmvywq.dat
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE4 0xC4 0x5D 0xBD ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x80 0xF8 0xFA 0x2F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x21 0xBE 0x27 0xAC ...
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy@start 1
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy@type 1
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy@group file system
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy@imagepath \systemroot\system32\drivers\SKYNETrownthon.sys
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\main (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\main@aid 10093
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\main@sid 0
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\main@cmddelay 14400
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\main\delete (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\main\injector (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\main\injector@* SKYNETwsp.dll
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\main\tasks (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\modules@SKYNETrk.sys \systemroot\system32\drivers\SKYNETrownthon.sys
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\modules@SKYNETcmd.dll \systemroot\system32\SKYNETklvmpxuw.dll
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\modules@SKYNETlog.dat \systemroot\system32\SKYNETqbuexdus.dat
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\modules@SKYNETwsp.dll \systemroot\system32\SKYNETqlotpwbu.dll
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETjwqbapmy\modules@SKYNET.dat \systemroot\system32\SKYNETqcdmvywq.dat
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE4 0xC4 0x5D 0xBD ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x80 0xF8 0xFA 0x2F ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x21 0xBE 0x27 0xAC ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE4 0xC4 0x5D 0xBD ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x80 0xF8 0xFA 0x2F ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x21 0xBE 0x27 0xAC ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8141D874-02E7-3B03-461F-59ADDF4FDF86}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8141D874-02E7-3B03-461F-59ADDF4FDF86}@iakldgdlldeopaokgk 0x6A 0x61 0x70 0x68 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8141D874-02E7-3B03-461F-59ADDF4FDF86}@haelnpfodgcokpin 0x6A 0x61 0x70 0x68 ...

---- Files - GMER 1.0.15 ----

File C:\i386\sqlsrv32.rll (size mismatch) 442368/90112 bytes executable
File C:\i386\HDMIchs.dll (size mismatch) 61952/50688 bytes executable
File C:\i386\wscript.hlp (size mismatch) 757760/12377 bytes executable

---- EOF - GMER 1.0.15 ----

Sorry for late reply, I didn't get email notification from this one.

We will continue with ComboFix. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix


Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.


Click Yes to allow ComboFix to continue scanning for malware.


When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New HijackThis log.

A word of warning: Please do not run ComboFix on your own. This tool is not a toy and not for everyday use.

ComboFix 09-08-22.06 - Luke 24/08/2009 10:09.1.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1539 [GMT 1:00]
Running from: c:\documents and settings\Luke\Desktop\Virus Fix\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Luke\Application Data\inst.exe
c:\documents and settings\Luke\Application Data\pidle
C:\Documents
c:\windows\Installer\529b4a1.msp
c:\windows\Installer\529b4a2.msp
c:\windows\Installer\529b4a3.msp
c:\windows\Installer\529b4a4.msp
c:\windows\Installer\529b4a5.msp
c:\windows\Installer\529b4a6.msp
c:\windows\Installer\529b4a7.msp
c:\windows\Installer\529b4a8.msp
c:\windows\Installer\529b4a9.msp
c:\windows\Installer\56b51a1.msp
c:\windows\Installer\56b51a2.msp
c:\windows\Installer\56b51a3.msp
c:\windows\Installer\56b51a4.msp
c:\windows\Installer\56b51a5.msp
c:\windows\Installer\56b51a6.msp
c:\windows\Installer\56b51a7.msp
c:\windows\Installer\56b51a8.msp
c:\windows\Installer\56b51a9.msp
c:\windows\run.log
c:\windows\system32\drivers\SKYNETrownthon.sys
c:\windows\system32\lowsec
c:\windows\system32\SKYNETklvmpxuw.dll
c:\windows\system32\SKYNETlog.dat
c:\windows\system32\SKYNETqbuexdus.dat
c:\windows\system32\SKYNETqcdmvywq.dat
c:\windows\system32\SKYNETqlotpwbu.dll
c:\windows\twain_16.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SKYNETjwqbapmy
-------\Legacy_SKYNETjwqbapmy


((((((((((((((((((((((((( Files Created from 2009-07-24 to 2009-08-24 )))))))))))))))))))))))))))))))
.

2009-08-23 10:33 . 2009-07-26 11:32 1111320 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgssie.dll
2009-08-23 10:33 . 2009-07-26 11:32 353048 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgxch32.dll
2009-08-23 10:33 . 2009-07-26 11:32 2301720 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avguiadv.dll
2009-08-23 10:33 . 2009-07-26 11:32 3403032 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-08-16 12:28 . 2009-08-16 12:28 -------- d-----w- c:\program files\Trend Micro
2009-08-16 12:24 . 2009-08-16 12:24 -------- d-----w- c:\program files\ERUNT
2009-08-15 17:59 . 2009-08-15 18:00 -------- d-----w- C:\ecbd25c7c40e7dcb99ca1e38a6
2009-08-15 17:59 . 2009-08-15 20:01 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-11 21:38 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-10 16:29 . 2009-08-10 16:29 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-09 13:46 . 2009-08-09 13:46 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-08-05 09:01 . 2009-08-05 09:01 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-24 09:24 . 2001-10-13 13:11 78 ----a-w- c:\windows\battery.dat
2009-08-24 08:50 . 2008-01-22 17:52 -------- d-----w- c:\documents and settings\Luke\Application Data\uTorrent
2009-08-23 10:33 . 2009-02-15 13:47 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-23 10:33 . 2009-02-15 13:46 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-23 10:33 . 2009-02-15 13:46 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-16 11:32 . 2009-04-23 07:44 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-15 20:02 . 2008-01-22 15:48 62256 ----a-w- c:\documents and settings\Luke\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-11 23:28 . 2008-01-17 15:09 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-09 20:16 . 2008-01-26 01:43 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-08-05 09:01 . 2004-08-10 12:51 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 17:18 . 2008-07-10 18:41 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-02 14:20 . 2008-06-07 17:00 -------- d-----w- c:\program files\Cheat Engine
2009-07-17 19:01 . 2004-08-10 12:50 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 22:43 . 2004-08-10 12:51 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-09 18:47 . 2009-07-09 18:41 5589408 ----a-w- c:\documents and settings\Luke\Application Data\TVU networks\TVU AutoUpgrade\TVUPlayer2.4.5.3.exe
2009-07-03 17:09 . 2004-08-10 12:51 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-16 14:36 . 2004-08-10 12:51 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2004-08-10 12:51 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-12 12:31 . 2004-08-10 12:51 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:13 . 2004-08-10 12:50 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 08:19 . 2004-08-10 13:01 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:14 . 2004-08-10 12:51 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:09 . 2004-08-10 12:51 1291264 ----a-w- c:\windows\system32\quartz.dll
2008-02-28 00:03 . 2008-02-28 00:03 197 --sha-w- c:\program files\Common Files\maxtreme.dat
2008-01-27 20:45 . 2008-01-17 15:03 76 --sh--r- c:\windows\CT4CET.bin
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-02-05 160592]
"Tracks Eraser Pro"="c:\program files\Acesoft\Tracks Eraser Pro\te.exe" [2007-01-16 1335296]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-03 851968]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-06 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-06 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-06 138008]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-28 36864]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-11 136600]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-07-20 1228800]
"KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-11-01 189736]
"WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2008-02-09 456024]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-23 2007832]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2007-06-06 405504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Luke\Start Menu\Programs\Startup\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-2-3 3581680]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]
Device Detector 2.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2008-11-23 114688]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-1-17 50688]
Phone Connection Monitor.lnk - c:\program files\Sony Ericsson\Mobile\audevicemgr.exe [2008-6-8 754176]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-23 10:33 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RoxWatch9"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Team Craxtion\\Craxtion4\\Craxtion.exe"=
"c:\\Program Files\\Dell\\Dell Webcam Center\\LiveCamDe.exe"=
"c:\\Program Files\\InternetCalls.com\\InternetCalls\\InternetCalls.exe"=
"c:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=
"c:\\Halo CE Portable Edition By Am3n\\App\\haloce.exe"=
"c:\\Program Files\\XLink Kai\\kaiEngine.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [21/01/2008 20:28 21512]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [15/02/2009 14:46 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [15/02/2009 14:47 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [15/02/2009 14:45 297752]
R2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\CamthWDM.sys [09/02/2008 05:58 941784]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [10/08/2004 13:51 14336]
R3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [16/09/2008 23:15 219264]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\drivers\OEM02Dev.sys [17/01/2008 15:32 235520]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\drivers\OEM02Vfx.sys [17/01/2008 15:32 7424]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [21/01/2008 20:28 26248]
S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [07/09/2008 08:58 36928]
S3 XDva120;XDva120;\??\c:\windows\system32\XDva120.sys --> c:\windows\system32\XDva120.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 11:34]

2008-10-30 c:\windows\Tasks\shutdown.job
- c:\windows\system32\shutdown.exe [2004-08-10 00:12]
.
- - - - ORPHANS REMOVED - - - -

BHO-{6793ea78-b790-4ada-a045-ef4ad6a3158f} - c:\windows\system32\veseyusi.dll
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKCU-Run-SearchSpy - c:\program files\SearchSpy\SearchSpyMenu.exe
HKLM-Run-System Files Updater - c:\windows\FlyakiteOSX\System Files Updater.exe
HKLM-Run-prnet - c:\windows\system32\prnet.tmp


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://partnerpage.google.com/smallbiz.dell.com/en_uk?hl=en&client=dell-usuk&channel=uk-smb&ibd=2080117
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 203.162.183.222:80
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Luke\Application Data\Mozilla\Firefox\Profiles\2ltdm4nj.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPStreamPlug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-24 10:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2071560091-4037542173-4045409059-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8141D874-02E7-3B03-461F-59ADDF4FDF86}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iakldgdlldeopaokgk"=hex:6a,61,70,68,70,6a,68,6a,69,63,6d,69,66,68,62,6e,6a,6c,
62,68,00,02
"haelnpfodgcokpin"=hex:6a,61,70,68,6f,6a,63,6a,68,62,6f,6e,70,6c,61,65,61,67,
6c,70,00,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3232)
c:\windows\system32\WININET.dll
c:\program files\Stardock\ObjectDock\DockShellHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\windows\system32\CDRTC.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKEEPER.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\windows\system32\scardsvr.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Crypserv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe
c:\progra~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
c:\program files\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe
c:\windows\Integrator.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-08-24 10:32 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-24 09:32

Pre-Run: 1,087,590,400 bytes free
Post-Run: 1,186,000,896 bytes free

272 --- E O F --- 2009-08-17 20:39

New HJT log, thankyou for your help :) Although please note I am going on vacation for a week so I'll next be able to reply on the 30th, sorry, thanks.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:24, on 24/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\OEM02Mon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
c:\Program Files\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe
C:\WINDOWS\Integrator.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.google.com/smallbiz.dell.com/en_uk?hl=en&client=dell-usuk&channel=uk-smb&ibd=2080117
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://partnerpage.google.com/smallbiz.dell.com/en_uk?hl=en&client=dell-usuk&channel=uk-smb&ibd=2080117
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 203.162.183.222:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Battery Doubler.lnk = C:\Program Files\Dachshund Software\Battery Doubler\Battery Doubler.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Device Detector 2.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Phone Connection Monitor.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201017859971
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201018829846
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 13490 bytes

Please install recovery console manually like described in my link.

After that, please rerun combofix and post back a fresh combofix log.

Due to the lack of feedback this Topic is closed.

If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

Everyone else please begin a New Topic.