Sponsored By

lsondermann@optonline.net

Ad.yeildmanager. Be Gone![RESOLVED]

Recommended Posts

I run Intelinet every day. AVG once in a while. Tried PC TOOLS. Went through the self-help list and deleated as instructed, but the freaking thing is still here. I can't use my eBay search at all. It's making me nuts.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:08:31 PM, on 11/26/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Apoint\Apoint.exeAd

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Apoint\HidFind.exe

C:\Program Files\Apoint\Apntex.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\Creative\ShareDLL\CtNotify.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Creative\ShareDLL\MediaDet.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\WINDOWS\system32\CTSVCCDA.EXE

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe

C:\Program Files\Spyware Doctor\pctsTray.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Documents and Settings\LINDA SONDERMANN\Local Settings\Application

Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Program Files\Intelinet\Intelinet.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgw.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Intelinet\intelin2.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\dllhost.exe

C:\PROGRA~1\MICROS~4\Office10\OUTLOOK.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://www.dell.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-

784B7D6BE0B3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} -

C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-

B461-4BC5-8870-4C09146192CA} - C:\Program

Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -

C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -

c:\program files\google\googletoolbar6.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-

A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll

O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} -

C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -

C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} -

C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} -

C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll

O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)

O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe"

O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"

O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"

O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"

O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07

\bin\jusched.exe"

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program

Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -

atboottime

O4 - HKLM\..\Run: [dla] "C:\WINDOWS\system32\dla\tfswctrl.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common

Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common

Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program

Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software

Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2

\eBayTBDaemon.exe

O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] "C:\WINDOWS\system32

\spool\drivers\w32x86\3\hpztsb04.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support

Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader

8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support

Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920

\dlbkbmgr.exe"

O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common

Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search &

Destroy\TeaTimer.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\LINDA

SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [intelinet] C:\Program Files\Intelinet\Intelinet.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe

/RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe

/RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe

/RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe

/RUNONCE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common

Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Event Reminder.lnk = C:\Program

Files\Broderbund\PrintMaster\PMremind.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital

Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital

Imaging\bin\hpqthb08.exe

O4 - Global Startup: LUMIX Simple Viewer.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10

\OSA.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1

\MICROS~4\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay

Toolbar2\eBayTb.dll/RCSearch.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-

00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -

C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-

47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-

f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-

00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) -

file://C:\Program Files\Herod's Lost Tomb\Images\stg_drm.ocx

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

http://www.update.microsoft.com/microsoftu...86/client/muweb

_site.cab?1194798768671

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) -

https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file://C:\Program

Files\Mystery P.I. - The New York Fortune\Images\armhelper.ocx

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program

Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. -

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1

\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1

\Grisoft\AVG7\avgupsvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd -

C:\WINDOWS\system32\CTSVCCDA.EXE

O23 - Service: DSBrokerService - Unknown owner - C:\Program

Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: IntelinetSecure - Unknown owner - C:\Program Files\Intelinet\intelin2.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -

C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program

Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program

Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program

Files\Spyware Doctor\pctsSvc.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter)

(sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support

Center\bin\sprtsvc.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner -

C:\WINDOWS\System32\wltrysvc.exe

O24 - Desktop Component 0: (no name) -

http://www.knitpicks.com/images/structure/...MP3download.gif

--

End of file - 12693 bytes

Share this post


Link to post
Share on other sites

Welcome to BestTechie! I'm Ryan, and I'll be helping you fix your computer.

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

-RYan

Share this post


Link to post
Share on other sites

Hey, Ryan,

Here is the log file from mbam. Gosh, I sure hope this works!

Malwarebytes' Anti-Malware 1.30

Database version: 1427

Windows 5.1.2600 Service Pack 3

11/26/2008 7:08:44 PM

mbam-log-2008-11-26 (19-08-44).txt

Scan type: Full Scan (C:\|)

Objects scanned: 260311

Time elapsed: 2 hour(s), 9 minute(s), 4 second(s)

Memory Processes Infected: 1

Memory Modules Infected: 0

Registry Keys Infected: 7

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 5

Files Infected: 58

Memory Processes Infected:

C:\Program Files\Intelinet\intelin2.exe (Rogue.Intelinet) -> Unloaded process successfully.

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\intelinetsecure (Rogue.Intelinet) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\intelinetsecure (Rogue.Intelinet) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelinetsecure (Rogue.Intelinet) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Intelinet_is1 (Rogue.Intelinet) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\SpyClean (Rogue.SpyClean) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\Program Files\Intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Database (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Start Menu\Programs\Intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully.

Files Infected:

C:\Program Files\Intelinet\intelin2.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Intelinet.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP908\A0320160.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP908\A0320167.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\BCKManager.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\CheckRegistry.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\hashes.md5 (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\ListLogs.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\ManageRegistry.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\MFC71.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\msvcp71.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\msvcr71.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\SpywareGuard.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Spywarehandler.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\unins000.dat (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\unins000.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{093A90A7-B13F-4313-A6F5-AE6C90814FEF}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{237264C1-9B03-479E-98C3-EBFB5B636587}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{2699C183-858F-45CC-9754-DFCE7365088C}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{4F30ACE4-B904-4B12-9F65-105EDCD0FA20}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{57D3E3AA-E29E-46CF-9788-C12D63E67C03}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{82FE6BCB-CD7C-4A2A-985E-B8E253F9B06D}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{9816C857-C27B-4FD6-A2BD-CDD8A9A5FDD8}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{A0479FED-59B7-49B3-B546-6512070066AF}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{AB25CEBE-D765-49D7-9D88-91A3A0F14AFB}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Backup\{E277414C-FE4F-456F-B7BE-274FA729F7FC}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Database\Immunizer.db (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Database\Spyware.db (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_10_29.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_10_30.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_10_31.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_01.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_02.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_04.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_05.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_06.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_07.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_08.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_09.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_10.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_11.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_12.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_13.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_14.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_15.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_17.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_18.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_19.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_20.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_21.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_23.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_24.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_25.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Program Files\Intelinet\Logs\2008_11_26.log (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Start Menu\Programs\Intelinet\Intelinet.lnk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Start Menu\Programs\Intelinet\Uninstall Intelinet.lnk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Documents and Settings\LINDA SONDERMANN\Desktop\Intelinet.lnk (Rogue.Intelinet) -> Quarantined and deleted successfully.

C:\Documents and Settings\LINDA SONDERMANN\Application Data\Microsoft\Internet Explorer\Quick Launch\Intelinet.lnk (Rogue.Intelinet) -> Quarantined and deleted successfully.

Share this post


Link to post
Share on other sites

That looks How is the computer running?

Please post a new hijackthis log, as well as an uninstall list.

To obtain an Uninstall list.

  • Open HijackThis, click Config, click Misc Tools

    Click "
    Open Uninstall Manager
    "

    Click "Save List" (generates
    uninstall_list.txt
    )

-Ryan

Share this post


Link to post
Share on other sites

As of an hour ago, I still can't use eBay search. Here is the HJT log, and the Uninstall log. Thanks, Ryan!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:35:50 PM, on 11/26/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\WINDOWS\ehome\ehtray.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\WINDOWS\system32\CTSVCCDA.EXE

C:\Program Files\Apoint\Apntex.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Apoint\HidFind.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\Creative\ShareDLL\CtNotify.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Creative\ShareDLL\MediaDet.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Documents and Settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Spyware Doctor\pctsTray.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Spyware Doctor\pctsSvc.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\PROGRA~1\MICROS~4\Office10\OUTLOOK.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll

O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll

O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)

O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe"

O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"

O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"

O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"

O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [dla] "C:\WINDOWS\system32\dla\tfswctrl.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"

O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: LUMIX Simple Viewer.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Herod's Lost Tomb\Images\stg_drm.ocx

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194798768671

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file://C:\Program Files\Mystery P.I. - The New York Fortune\Images\armhelper.ocx

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

O24 - Desktop Component 0: (no name) - http://www.knitpicks.com/images/structure/...MP3download.gif

--

End of file - 12454 bytes

33 Corners

7 Wonders - Treasures of Seven

ABBYY FineReader 5.0 Sprint

Ad-Aware

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)

Adobe Flash Player ActiveX

Adobe Flash Player Plugin

Adobe Photoshop 7.0

Adobe Reader 8.1.2

Adobe Shockwave Player 11

Advanced Registry Optimizer

AIM 6

Alchemy

Alchemy and Bejeweled Pack

ALPS Touch Pad Driver

AOL Coach Version 1.0(Build:20040229.1 en)

AOL Connectivity Services

AOL Uninstaller (Choose which Products to Remove)

AOLIcon

Ask Toolbar

AVG 7.5

Axialis IconWorkshop 6.0

Ben 10 Alien Force Bounty Hunters

Between the Worlds

Big Fish Games Client

Boggle

Boggle Supreme

Book of Legends

Bookworm Adventures

Broadcom Management Programs 2

Caterpillar Construction Tycoon

Chowder for Windows version 1.0

Complete Spanish

Conexant D110 MDC V.9x Modem

Consumer Complete Care Services Agreement

Creative PC-CAM 300 Driver

Creative PC-CAM Center

Creative WebCam Monitor

Creative WebCam PhotoEditor

Dell AIO Printer A920

Dell Digital Jukebox Driver

Dell Driver Reset Tool

Dell Support Center

Dell Wireless WLAN Card

DellSupport

Digital Content Portal

Digital Line Detect

Disney Pirates of the Caribbean Online

Disney's Ready for Math with Pooh

Disney's Toontown Online

Dr. Lynch - Grave Secrets

eBay Toolbar Featuring Yahoo!

EducateU

Elf Bowling - Hawaiian Vacation

Elf Bowling 7 1/7 - The Last Insult

ELIcon

Escape The Museum

FaxTools

GdiplusUpgrade

Go Go Gourmet - Chef of the Year

Google AFE

Google Toolbar for Internet Explorer

Herod's Lost Tomb

Hidden Expedition Titanic (remove only)

Hidden Mysteries Civil War

HijackThis 2.0.2

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB952287)

HP Image Zone 4.0

HP Product Detection

HP Scanjet 4070

HP Software Update

HP Update

Intel® Graphics Media Accelerator Driver for Mobile

Internal Network Card Power Management

J2SE Runtime Environment 5.0 Update 10

J2SE Runtime Environment 5.0 Update 11

J2SE Runtime Environment 5.0 Update 6

J2SE Runtime Environment 5.0 Update 9

Java 2 Runtime Environment, SE v1.4.2_03

Java 6 Update 2

Java 6 Update 3

Java 6 Update 5

Java 6 Update 7

Java SE Runtime Environment 6 Update 1

Jewel Quest Mysteries - Curse of the Emerald Tear

JumpStart 3rd Grade v1.2

Kidzui

Knitware Sweaters 2.50

Learn2 Player (Uninstall Only)

LUMIX Simple Viewer

Mah Jong Medley

Mahjong Escape - Ancient Japan

Mahjongg - Ancient Mayas

Malwarebytes' Anti-Malware

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB928366)

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft FrontPage 2000 SR-1

Microsoft Image Composer 1.5

Microsoft Office 2000 SR-1 Disc 2

Microsoft Office 2000 SR-1 Professional

Microsoft Office XP Media Content

Microsoft Office XP Standard

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Web Publishing Wizard 1.52

Mighty Math Calculating Crew (Remove only)

Modem Helper

Mozilla Firefox (2.0.0.11)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 and SOAP Toolkit 3.0

Mushroom Age

Musicmatch for Windows Media Player

Mystery Case Files: Madame Fate (remove only)

Mystery P.I. - The New York Fortune

Nancy Drew: Ghost Dogs of Moon Lake

NeedleTrax

NetWaiting

NetZeroInstallers

Oozic Player

OTOY

Otto

PayPal Plug-In

PHOTOfunSTUDIO -viewer-

PhotoSmart Printer Software

PixMaker

PixScreenCE_1.5

PowerDVD 5.5

Print-A-Grid

PrintMaster

QuickBooks Premier: Accountant Edition 2003

QuickSet

QuickTime

RealArcade

RealPlayer

Rescue Heroes Tremor Trouble

Rhapsody Player Engine

Rosetta Stone Version 3

SCRABBLE

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Slingo Deluxe

Slingo Deluxe

Snood 4

Snood 4 Beta version 6.1

Snood Deluxe

Snood for Windows version 3.52-W

Snood Poppers 1.0

Snood Slide 2.0

Snood Solitaire version 1.1

Snood Towers for Windows version 1.02

Snoodoku for Windows Version 1.1W

Sonic DLA

Sonic Encoders

Sonic MyDVD LE

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

Spelling Dictionaries Support For Adobe Reader 8

SPOREâ„¢ Creature Creator Trial Edition

Spybot - Search & Destroy

Spybot - Search & Destroy 1.4

Spyware Doctor 6.0

Stitch Motif Maker Demo

Sweater Wizard V3

Time Force

TONKA Search & Rescue 2

Tri-Peaks Solitaire To Go

Turbo Lister 2

Unity Web Player

Update for Windows Media Player 10 (KB910393)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update Rollup 2 for Windows XP Media Center Edition 2005

Viewpoint Manager (Remove Only)

Viewpoint Media Player

WebCyberCoach 3.2 Dell

Wild Stitches v.1 Demo

Windows Genuine Advantage v1.3.0254.0

Windows Installer Clean Up

Windows Live Messenger

Windows Media Format 11 runtime

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 10 Hotfix - KB895316

Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]

Windows Media Player 11

Windows Media Player 11

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB925766

Windows XP Service Pack 3

WinZip

WinZip Self-Extractor

World Mosaics

Yahoo! Toolbar

Zam Beezee

Zodiac Tower

Zoombinis Island Odyssey

Zoombinis Logical Journey

Share this post


Link to post
Share on other sites

Please download JavaRa to your desktop and unzip it to its own folder

  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

Open HiJack This and scan. When it finishes, put an X in the box next to these following item(s)

O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Close all open windows except for HiJack This and click fix checked.

Reboot your computer.

Please rescan with HijackThis and post a fresh log in this same topic, and let us know how your system's working. :)

-Ryan

Share this post


Link to post
Share on other sites

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:20:25 PM, on 11/30/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Apoint\Apoint.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\WINDOWS\system32\CTSVCCDA.EXE

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Apoint\HidFind.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\Program Files\Creative\ShareDLL\CtNotify.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Program Files\Creative\ShareDLL\MediaDet.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Spyware Doctor\pctsTray.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Documents and Settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\WINDOWS\system32\fxssvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll

O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll

O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)

O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe"

O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"

O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"

O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"

O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [dla] "C:\WINDOWS\system32\dla\tfswctrl.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"

O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: LUMIX Simple Viewer.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Mortimer Beckett and the Time Paradox\Images\stg_drm.ocx

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194798768671

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Mortimer Beckett and the Time Paradox\Images\armhelper.ocx

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

O24 - Desktop Component 0: (no name) - http://www.knitpicks.com/images/structure/...MP3download.gif

--

End of file - 12149 bytes

Thanks, Ryan! Still had ad.yeildmanager taking over my search engines as of this morning. Let's hope this does the trick. Linda

Share this post


Link to post
Share on other sites

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Intel® Pentium® M processor 1.70GHz )

BIOS : Phoenix ROM BIOS PLUS Version 1.10 A09

USER : LINDA SONDERMANN ( Administrator )

BOOT : Normal boot

Antivirus : AVG 7.5.552 7.5.552 (Activated)

C:\ (Local Disk) - NTFS - Total:88 Go (Free:42 Go)

D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )

Option : [1] ( Sun 11/30/2008|21:59 )

--------------------\\ Listing folders in APPLIC~1

[02/15/2006|12:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Corel

[02/15/2006|12:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Google

[08/16/2005|05:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities

[12/31/2007|07:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft

[02/15/2006|12:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun

[03/26/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe

[11/06/2007|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL

[03/21/2006|09:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads

[11/06/2007|05:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP

[05/24/2008|06:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Astar Games

[04/19/2008|07:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Avg7

[03/08/2008|09:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BigFishGamesCache

[08/20/2008|01:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BVRP Software

[08/04/2008|05:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> cerasus.media

[03/04/2006|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Chasing Dogs Studios

[12/01/2007|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Christmasville

[02/27/2008|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Dell

[11/14/2008|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> eBay

[08/20/2008|03:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> EscapeTheMuseum

[08/27/2008|03:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet

[10/24/2008|05:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Flood Light Games

[08/16/2008|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Fugazo

[04/22/2008|04:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Gogii

[11/19/2008|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Gogii Games

[07/20/2007|06:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google

[12/31/2007|07:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Grisoft

[02/15/2006|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek

[02/22/2006|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard

[12/30/2007|07:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HiddenSecretsNightmare

[02/15/2006|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield

[05/04/2007|04:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> JollyBear

[10/22/2008|02:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft

[11/26/2008|04:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes

[01/09/2008|07:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft

[11/05/2008|07:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MumboJumbo

[06/13/2007|09:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> n7-89-o9-3r-4t-r9

[02/27/2006|06:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Otto

[10/17/2008|07:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Tools

[11/17/2008|08:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PlayFirst

[04/05/2008|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PlayPond

[02/03/2008|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QB9 S.R.L

[02/15/2006|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime

[03/24/2007|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> RoboForm

[09/06/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Rosetta Stone

[08/27/2008|05:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> RosettaStoneLtdBackup

[12/25/2006|03:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sandlot Games

[02/25/2006|03:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBT

[05/16/2007|06:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SpinTop

[06/29/2007|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SpinTop Games

[10/21/2008|04:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy

[11/29/2006|06:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SugarGames

[12/23/2007|02:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SupportSoft

[04/01/2007|02:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec

[11/30/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP

[07/26/2008|03:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TERMINAL Studio

[08/04/2008|03:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TheRace_dev

[03/04/2006|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Trymedia

[11/13/2008|06:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint

[11/30/2008|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WholeSecurity

[05/11/2006|07:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage

[11/30/2008|02:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinZip

[04/04/2008|01:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinZipSE

[03/22/2007|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo! Companion

[02/15/2006|12:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Corel

[02/15/2006|12:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Google

[08/16/2005|05:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities

[02/26/2006|06:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

[02/15/2006|12:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun

[03/21/2006|09:02] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> acccore

[06/04/2008|02:23] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Adobe

[03/24/2006|09:48] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> AdobeAUM

[03/04/2007|03:44] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> AdobeUM

[11/30/2008|08:00] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> AVG7

[01/16/2007|12:53] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Axialis

[08/04/2008|05:33] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> cerasus.media

[04/22/2007|06:22] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> CyberLink

[11/14/2008|12:19] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> eBay

[11/29/2008|06:47] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> ForgottenRiddles

[05/02/2008|10:45] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Friday's games

[02/07/2007|06:43] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> funkitron

[09/17/2006|07:15] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Gaijin Ent

[11/19/2008|05:36] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Gogii Games

[08/03/2006|07:41] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Google

[04/11/2007|09:15] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Gtek

[07/11/2006|10:44] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Help

[08/16/2005|05:50] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Identities

[12/23/2007|03:10] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> InstallShield

[01/09/2008|07:59] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Lavasoft

[11/28/2008|07:01] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Leadertech

[04/18/2007|06:30] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Macromedia

[11/26/2008|04:53] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Malwarebytes

[01/01/2008|11:02] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Microsoft

[02/27/2006|06:02] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Otto

[12/23/2007|03:11] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Panasonic

[11/10/2008|08:20] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> PC Tools

[11/17/2008|08:47] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> PlayFirst

[11/13/2008|06:48] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Real

[10/22/2008|01:31] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Sammsoft

[08/04/2008|07:20] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Snood

[02/22/2006|09:00] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Sonic

[11/07/2007|07:50] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> SpinTop

[11/20/2008|07:00] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> SpinTop Games

[02/15/2006|12:31] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Sun

[03/22/2007|11:06] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Symantec

[12/29/2007|11:19] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> URSE Games

[11/13/2008|06:46] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> Viewpoint

[11/30/2008|06:39] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> WholeSecurity

[11/04/2007|12:06] C:\DOCUME~1\LINDAS~1\APPLIC~1\<DIR> WinRAR

[12/31/2007|07:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> AVG7

[11/26/2007|08:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Google

[11/15/2008|09:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Help

[10/04/2008|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[10/21/2006|10:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Symantec

[12/31/2007|07:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[11/30/2008 08:13 PM][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUser.job

[02/05/2007 04:08 PM][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job

[11/30/2008 03:13 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT

[08/10/2004 06:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[11/11/2007|09:31] C:\Program Files\<DIR> 3DGroove

[11/13/2008|06:48] C:\Program Files\<DIR> 7 Wonders - Treasures of Seven

[08/20/2008|01:11] C:\Program Files\<DIR> ABBYY FineReader 5.0 Sprint

[08/20/2008|01:11] C:\Program Files\<DIR> ABBYY FineReader 6.0

[10/11/2008|01:40] C:\Program Files\<DIR> Activision Value

[11/27/2008|06:41] C:\Program Files\<DIR> Adobe

[10/22/2008|01:54] C:\Program Files\<DIR> Advanced Registry Optimizer

[04/21/2007|12:24] C:\Program Files\<DIR> Agatha Christie - Death on the Nile

[11/06/2007|05:52] C:\Program Files\<DIR> AIM6

[09/16/2007|03:31] C:\Program Files\<DIR> America Online 9.0

[03/21/2006|08:50] C:\Program Files\<DIR> AOD

[04/24/2006|05:30] C:\Program Files\<DIR> AOL

[02/15/2006|12:42] C:\Program Files\<DIR> AOL Companion

[12/11/2007|05:03] C:\Program Files\<DIR> AOL Games

[09/16/2007|03:31] C:\Program Files\<DIR> Apoint

[10/22/2008|01:31] C:\Program Files\<DIR> AskBarDis

[01/16/2007|12:53] C:\Program Files\<DIR> Axialis

[10/28/2008|04:34] C:\Program Files\<DIR> Between the Worlds

[09/16/2007|03:31] C:\Program Files\<DIR> BFG

[06/10/2008|08:57] C:\Program Files\<DIR> bfgclient

[08/21/2008|07:57] C:\Program Files\<DIR> Boggle

[11/17/2008|05:19] C:\Program Files\<DIR> Book of Legends

[08/29/2007|09:15] C:\Program Files\<DIR> Borland

[02/15/2006|12:35] C:\Program Files\<DIR> Broadcom

[11/06/2006|06:11] C:\Program Files\<DIR> Broderbund

[03/25/2007|09:21] C:\Program Files\<DIR> CA

[08/30/2008|08:54] C:\Program Files\<DIR> Cartoon Network

[11/24/2008|11:03] C:\Program Files\<DIR> Chowder

[11/13/2008|07:52] C:\Program Files\<DIR> Common Files

[08/16/2005|05:38] C:\Program Files\<DIR> ComPlus Applications

[02/15/2006|12:19] C:\Program Files\<DIR> CONEXANT

[03/22/2007|11:02] C:\Program Files\<DIR> Creative

[02/15/2006|12:38] C:\Program Files\<DIR> CyberLink

[02/12/2008|10:28] C:\Program Files\<DIR> Davidson

[02/15/2006|12:48] C:\Program Files\<DIR> Dell

[08/30/2008|11:33] C:\Program Files\<DIR> Dell A920

[08/30/2008|11:36] C:\Program Files\<DIR> Dell AIO Printer A920

[12/23/2007|02:38] C:\Program Files\<DIR> Dell Support Center

[04/11/2007|08:50] C:\Program Files\<DIR> DellSupport

[02/15/2006|12:37] C:\Program Files\<DIR> Digital Line Detect

[10/21/2006|11:47] C:\Program Files\<DIR> directx

[04/19/2007|09:07] C:\Program Files\<DIR> Disney

[01/13/2008|02:48] C:\Program Files\<DIR> Disney Interactive

[11/13/2008|06:47] C:\Program Files\<DIR> Dr. Lynch - Grave Secrets

[09/20/2007|09:40] C:\Program Files\<DIR> eBay

[02/12/2008|10:54] C:\Program Files\<DIR> Edmark

[11/13/2008|06:46] C:\Program Files\<DIR> Electronic Arts

[07/08/2008|06:42] C:\Program Files\<DIR> Elf Bowling - Hawaiian Vacation

[01/02/2008|03:33] C:\Program Files\<DIR> Elf Bowling 7 17 - The Last Insult

[09/16/2007|03:31] C:\Program Files\<DIR> EnglishOtto

[09/17/2008|06:27] C:\Program Files\<DIR> Escape The Museum

[08/20/2008|01:09] C:\Program Files\<DIR> FaxTools

[09/15/2007|10:49] C:\Program Files\<DIR> Fisher-Price®

[11/27/2008|08:54] C:\Program Files\<DIR> Forgotten Riddles - The Mayan Princess

[09/16/2007|03:31] C:\Program Files\<DIR> GameHouse

[11/11/2008|08:05] C:\Program Files\<DIR> GameMill Entertainment

[05/16/2007|06:09] C:\Program Files\<DIR> Games

[05/16/2007|06:08] C:\Program Files\<DIR> GemMaster

[11/30/2006|06:38] C:\Program Files\<DIR> GH-SCRABBLE

[11/13/2008|06:47] C:\Program Files\<DIR> Go Go Gourmet - Chef of the Year

[02/04/2007|04:10] C:\Program Files\<DIR> Google

[02/15/2006|12:51] C:\Program Files\<DIR> GoogleAFE

[04/09/2007|01:11] C:\Program Files\<DIR> Grisoft

[11/30/2008|04:15] C:\Program Files\<DIR> Hawaiian Explorer Pearl Harbor

[11/17/2008|04:48] C:\Program Files\<DIR> Herod's Lost Tomb

[02/22/2006|10:17] C:\Program Files\<DIR> Hewlett-Packard

[10/11/2008|05:16] C:\Program Files\<DIR> Hidden Expedition - Everest

[10/26/2008|09:31] C:\Program Files\<DIR> Hidden Expedition Titanic

[08/19/2007|06:07] C:\Program Files\<DIR> HP

[01/11/2008|01:33] C:\Program Files\<DIR> hp photosmart

[08/30/2008|11:12] C:\Program Files\<DIR> HP PhotoSmart Printers

[09/27/2008|11:26] C:\Program Files\<DIR> Infogrames Interactive

[11/13/2008|06:34] C:\Program Files\<DIR> InstallShield Installation Information

[02/15/2006|12:36] C:\Program Files\<DIR> Intel

[08/31/2008|09:19] C:\Program Files\<DIR> Internet Explorer

[02/25/2006|03:15] C:\Program Files\<DIR> Intuit

[07/17/2008|06:49] C:\Program Files\<DIR> Java

[11/13/2008|06:47] C:\Program Files\<DIR> Jewel Quest Mysteries - Curse of the Emerald Tear

[11/13/2008|06:47] C:\Program Files\<DIR> Kidzui

[03/01/2008|01:09] C:\Program Files\<DIR> Knitting Wizards

[08/29/2007|09:15] C:\Program Files\<DIR> Knitware

[10/22/2008|02:21] C:\Program Files\<DIR> Lavasoft

[02/15/2006|12:42] C:\Program Files\<DIR> Learn2.com

[07/27/2008|06:53] C:\Program Files\<DIR> Mah Jong Medley

[03/24/2008|03:24] C:\Program Files\<DIR> Mahjong Escape - Ancient Japan

[08/05/2008|08:16] C:\Program Files\<DIR> Mahjongg - Ancient Mayas

[11/26/2008|04:53] C:\Program Files\<DIR> Malwarebytes' Anti-Malware

[08/31/2008|10:26] C:\Program Files\<DIR> Messenger

[11/01/2007|05:15] C:\Program Files\<DIR> Microsoft ActiveSync

[08/16/2005|05:43] C:\Program Files\<DIR> microsoft frontpage

[09/16/2007|03:32] C:\Program Files\<DIR> Microsoft Image Composer

[02/05/2007|04:06] C:\Program Files\<DIR> Microsoft IntelliPoint

[11/01/2007|05:08] C:\Program Files\<DIR> Microsoft Office

[02/15/2006|12:40] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition

[11/13/2008|06:47] C:\Program Files\<DIR> Microsoft Plus! Photo Story 2 LE

[02/22/2006|11:07] C:\Program Files\<DIR> Microsoft Visual Studio

[09/16/2007|03:32] C:\Program Files\<DIR> Modem Helper

[09/16/2007|03:32] C:\Program Files\<DIR> Monopoly 3

[03/22/2007|11:04] C:\Program Files\<DIR> Monopoly Here & Now Edition

[11/27/2008|12:28] C:\Program Files\<DIR> Mortimer Beckett and the Time Paradox

[08/31/2008|09:19] C:\Program Files\<DIR> Movie Maker

[11/13/2008|06:47] C:\Program Files\<DIR> Mozilla Firefox

[08/07/2007|10:06] C:\Program Files\<DIR> MSECACHE

[08/16/2005|05:37] C:\Program Files\<DIR> MSN

[02/11/2008|05:28] C:\Program Files\<DIR> MSN Games

[08/16/2005|05:37] C:\Program Files\<DIR> MSN Gaming Zone

[10/26/2008|10:56] C:\Program Files\<DIR> MSN Messenger

[11/18/2006|06:57] C:\Program Files\<DIR> MSXML 4.0

[11/13/2008|06:47] C:\Program Files\<DIR> Mushroom Age

[12/06/2007|09:16] C:\Program Files\<DIR> MUSICMATCH

[11/13/2008|06:47] C:\Program Files\<DIR> Mystery Case Files - Madame Fate

[10/14/2008|06:46] C:\Program Files\<DIR> Mystery Case Files - Ravenhearst

[11/14/2008|06:58] C:\Program Files\<DIR> Mystery P.I. - The New York Fortune

[01/29/2007|02:26] C:\Program Files\<DIR> Mysteryville

[01/29/2007|03:21] C:\Program Files\<DIR> Nancy Drew

[05/31/2008|05:37] C:\Program Files\<DIR> NeedlTx

[08/31/2008|09:09] C:\Program Files\<DIR> NetMeeting

[09/16/2007|03:32] C:\Program Files\<DIR> NetWaiting

[02/15/2006|12:39] C:\Program Files\<DIR> NetZeroInstallers

[03/28/2007|08:39] C:\Program Files\<DIR> Norton Internet Security

[03/22/2007|11:07] C:\Program Files\<DIR> Norton Password Manager

[10/26/2008|05:18] C:\Program Files\<DIR> Norton Security Scan

[12/22/2007|06:31] C:\Program Files\<DIR> Nstorm

[06/23/2006|10:08] C:\Program Files\<DIR> OfficeUpdate11

[08/16/2005|05:38] C:\Program Files\<DIR> Online Services

[08/31/2008|09:09] C:\Program Files\<DIR> Outlook Express

[12/23/2007|03:12] C:\Program Files\<DIR> Panasonic

[11/30/2006|06:38] C:\Program Files\<DIR> Pantheon

[07/15/2008|09:17] C:\Program Files\<DIR> PayPal

[03/28/2007|08:13] C:\Program Files\<DIR> PCSecurityShield

[02/22/2006|10:46] C:\Program Files\<DIR> PixAround.com

[10/26/2006|02:04] C:\Program Files\<DIR> PopCap Games

[06/23/2006|10:39] C:\Program Files\<DIR> QuickTime

[11/30/2006|06:38] C:\Program Files\<DIR> Rainbow Mystery

[11/13/2008|06:48] C:\Program Files\<DIR> Real

[08/17/2006|07:50] C:\Program Files\<DIR> ReflexiveArcade

[09/16/2007|03:32] C:\Program Files\<DIR> RGB

[08/27/2008|05:14] C:\Program Files\<DIR> Rosetta Stone

[09/16/2007|03:32] C:\Program Files\<DIR> SCRABBLE

[03/24/2007|10:22] C:\Program Files\<DIR> Siber Systems

[02/15/2006|12:19] C:\Program Files\<DIR> Sigmatel

[08/27/2006|08:20] C:\Program Files\<DIR> Slingo

[02/18/2008|02:38] C:\Program Files\<DIR> Slingo Deluxe

[02/25/2006|03:08] C:\Program Files\<DIR> Snapshot Viewer

[02/07/2008|08:20] C:\Program Files\<DIR> Snood

[09/09/2007|07:39] C:\Program Files\<DIR> Snood 4 Beta

[09/25/2008|06:19] C:\Program Files\<DIR> Snood Deluxe

[01/30/2007|08:21] C:\Program Files\<DIR> Snood Solitaire

[11/02/2008|07:38] C:\Program Files\<DIR> Snood Towers

[10/23/2008|05:55] C:\Program Files\<DIR> Snoodoku

[02/15/2006|12:43] C:\Program Files\<DIR> Sonic

[10/21/2008|12:46] C:\Program Files\<DIR> Spybot - Search & Destroy

[11/28/2008|09:24] C:\Program Files\<DIR> Spyware Doctor

[10/17/2008|06:03] C:\Program Files\<DIR> Spyware Doctor(2)

[11/30/2006|06:38] C:\Program Files\<DIR> Sweetopia

[04/01/2007|02:48] C:\Program Files\<DIR> Symantec

[03/13/2008|03:23] C:\Program Files\<DIR> The Adventure Company

[06/08/2008|02:14] C:\Program Files\<DIR> The Learning Company

[11/02/2008|04:10] C:\Program Files\<DIR> THQ

[03/16/2006|11:23] C:\Program Files\<DIR> TLI

[11/11/2008|08:55] C:\Program Files\<DIR> Trend Micro

[11/18/2007|08:53] C:\Program Files\<DIR> Turtix

[08/16/2005|05:50] C:\Program Files\<DIR> Uninstall Information

[05/17/2008|07:37] C:\Program Files\<DIR> Unity

[11/13/2008|06:46] C:\Program Files\<DIR> Viewpoint

[06/10/2008|08:33] C:\Program Files\<DIR> Virtools

[11/06/2006|06:31] C:\Program Files\<DIR> Web Publish

[02/15/2006|12:45] C:\Program Files\<DIR> WebCyberCoach

[03/26/2007|10:54] C:\Program Files\<DIR> Windows Installer Clean Up

[03/31/2008|02:37] C:\Program Files\<DIR> Windows Media Connect 2

[02/16/2008|02:29] C:\Program Files\<DIR> Windows Media Player

[08/31/2008|09:09] C:\Program Files\<DIR> Windows NT

[08/16/2005|05:37] C:\Program Files\<DIR> Windows Plus

[08/16/2005|05:40] C:\Program Files\<DIR> WindowsUpdate

[11/30/2008|02:44] C:\Program Files\<DIR> WinZip

[04/04/2008|01:46] C:\Program Files\<DIR> WinZip Self-Extractor

[10/23/2008|03:29] C:\Program Files\<DIR> WOMGames

[11/13/2008|06:46] C:\Program Files\<DIR> World Mosaics

[11/18/2007|08:54] C:\Program Files\<DIR> Xango Tango

[08/16/2005|05:43] C:\Program Files\<DIR> xerox

[03/22/2007|11:06] C:\Program Files\<DIR> Yahoo!

--------------------\\ Listing Folders in C:\Program Files\Common Files

[11/27/2008|06:41] C:\Program Files\Common Files\<DIR> Adobe

[11/06/2007|05:51] C:\Program Files\Common Files\<DIR> AOL

[02/15/2006|12:42] C:\Program Files\Common Files\<DIR> aolshare

[11/06/2006|06:09] C:\Program Files\Common Files\<DIR> Broderbund

[02/22/2006|11:07] C:\Program Files\Common Files\<DIR> Designer

[02/22/2006|10:15] C:\Program Files\Common Files\<DIR> Hewlett-Packard

[02/22/2006|10:16] C:\Program Files\Common Files\<DIR> HP

[02/15/2006|12:43] C:\Program Files\Common Files\<DIR> InstallShield

[02/25/2006|03:16] C:\Program Files\Common Files\<DIR> Intuit

[02/15/2006|12:31] C:\Program Files\Common Files\<DIR> Java

[09/15/2007|10:50] C:\Program Files\Common Files\<DIR> Knowledge Adventure

[02/25/2006|03:16] C:\Program Files\Common Files\<DIR> LHSPF

[08/27/2008|03:57] C:\Program Files\Common Files\<DIR> Macrovision Shared

[11/26/2008|10:39] C:\Program Files\Common Files\<DIR> Microsoft Shared

[03/21/2006|06:38] C:\Program Files\Common Files\<DIR> MimarSinan

[08/16/2005|05:40] C:\Program Files\Common Files\<DIR> MSSoap

[02/15/2006|12:42] C:\Program Files\Common Files\<DIR> Nullsoft

[08/16/2005|05:33] C:\Program Files\Common Files\<DIR> ODBC

[02/22/2006|10:46] C:\Program Files\Common Files\<DIR> PixAround.com

[11/13/2008|06:48] C:\Program Files\Common Files\<DIR> Real

[08/16/2005|05:40] C:\Program Files\Common Files\<DIR> Services

[02/15/2006|12:43] C:\Program Files\Common Files\<DIR> Sonic Shared

[08/16/2005|05:33] C:\Program Files\Common Files\<DIR> SpeechEngines

[12/23/2007|02:38] C:\Program Files\Common Files\<DIR> supportsoft

[10/26/2008|05:18] C:\Program Files\Common Files\<DIR> Symantec Shared

[08/31/2008|09:09] C:\Program Files\Common Files\<DIR> System

[02/15/2006|12:40] C:\Program Files\Common Files\<DIR> TiVo Shared

[02/25/2006|03:46] C:\Program Files\Common Files\<DIR> WexTech Shared

[10/22/2008|02:20] C:\Program Files\Common Files\<DIR> Wise Installation Wizard

[11/13/2008|06:48] C:\Program Files\Common Files\<DIR> xing shared

--------------------\\ Process

( 72 Processes )

iexplore.exe ~ [PID:564]

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsc85.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsd36.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nse2E.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsh90.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsisdt.dll

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsj7B.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsl184.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsl378.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsm80.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsr40.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsr76.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nss14.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nss25.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nss47.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nst325.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nst4C.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nst51.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsv7C.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsv9B.tmp

C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp\nsx19.tmp

C:\DOCUME~1\LINDAS~1\Cookies\linda [email protected][1].txt

C:\DOCUME~1\LINDAS~1\Cookies\linda [email protected][1].txt

C:\DOCUME~1\LINDAS~1\Cookies\linda [email protected][3].txt

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN

--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-11-30 22:01:51

Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:

ZwClose

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

--------------------\\ Searching for other infections

No other infections found !

[F:1139][D:157]-> C:\DOCUME~1\LINDAS~1\LOCALS~1\Temp

[F:1476][D:0]-> C:\DOCUME~1\LINDAS~1\Cookies

[F:7311][D:37]-> C:\DOCUME~1\LINDAS~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Sun 11/30/2008|22:15 - Option : [1]

--------------------\\ Scan completed at 22:15:09

Share this post


Link to post
Share on other sites

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------


    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combofix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

-Ryan

Share this post


Link to post
Share on other sites

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 7:59:57 PM, on 12/1/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\WINDOWS\system32\CTSVCCDA.EXE

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\Creative\ShareDLL\CtNotify.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Apoint\HidFind.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Creative\ShareDLL\MediaDet.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Documents and Settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll

O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll

O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe"

O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"

O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"

O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"

O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [dla] "C:\WINDOWS\system32\dla\tfswctrl.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: LUMIX Simple Viewer.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file://C:\Program Files\Mortimer Beckett and the Time Paradox\Images\stg_drm.ocx

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194798768671

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Mortimer Beckett and the Time Paradox\Images\armhelper.ocx

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

O24 - Desktop Component 0: (no name) - http://www.knitpicks.com/images/structure/...MP3download.gif

--

End of file - 11932 bytes

AND ...

ComboFix 08-12-01.01 - LINDA SONDERMANN 2008-12-01 19:37:33.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.223 [GMT -5:00]

Running from: c:\documents and settings\LINDA SONDERMANN\Desktop\ComboFix.exe

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\Downloaded Program Files\setup.inf

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\music\mainmenumusic.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\areabomb.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\beetlezap.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\bonusrow.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\bonustimer.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\bucketfilled.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\clearpyramid.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle1a.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle1b.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle1c.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle2a.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle2b.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle2c.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\colorchain.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\dialogbox.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\drumbeat.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\fillrow.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\gateopen.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\helptip.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\powerup.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\rotateboardleft.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\timerup.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\warning.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx\warning2.ogg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\artifacts-bb.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\bar.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\chamber0.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\chamber1.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\circledoor.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\full_screen_dialog.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\global-hs-bb_large.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\global-hs-bb_small.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\help-bb_large.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\help-bb_small.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\hexfield.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\hidden-artifact_icon.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\large_dialog.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\local-hs-bb.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\mainmenu.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\small_dialog.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\textfield.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds\trifield.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\beetlehover1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\beetlehover2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\beetlehover3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\beetlehover4.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\beetleshock1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\beetleshock2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\beetleshock3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\beetleshock4.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\beetletatoo.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\dirt.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\scarabpost.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\scarabpostovr.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles\tritop.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowdown_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowdown_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowdown_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowleft_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowleft_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowleft_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowright_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowright_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowright_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowup_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowup_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\arrowup_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\bluearrowleft_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\bluearrowleft_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\bluearrowleft_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\bluearrowright_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\bluearrowright_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\bluearrowright_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\checkdown.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\checkup.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\long_button_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\long_button_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\long_button_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\orange-button_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\orange-button_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\orange-button_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\rotleft_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\rotleft_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\rotleft_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\rotright_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\rotright_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\rotright_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\simplebutton_down.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\simplebutton_over.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\simplebutton_up.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\sliderknob.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\sliderknobover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons\sliderrail.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters\anwar\look\pl0001.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters\bast\look\bl0001.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters\kristine\look\kl0001.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\crackedstopper.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\cursor.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\doorlights.txt

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\fonts\jackarmstrong.mvec

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\fonts\lithos.mvec

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\greybomb.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\helptips\arrowkeys.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\helptips\helptip.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\levels\levels.dat

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\models\disk.mesh

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\models\equilateraltriangle.mesh

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\models\flattri.mesh

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\models\pyramid.mesh

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\models\quad.mesh

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\models\rotatingpyramid.mesh

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\models\scarabpanel.mesh

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\p1icon.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\scenes\page1-0.xml

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\scenes\page1-1.xml

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\scenes\panel1-0-1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\scenes\panel1-1-1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\scorecloud.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\setup.xml

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\areashockwave.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\bolt_1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\bolt_2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\bolt_3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\bolt_4.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\bolt_starter.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\bolt_tail.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\flash.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\rubble.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\smoke.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\smoke2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx\smoke3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\splash\aol_logo.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\splash\playfirst_logo.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\statues\statue0\snake_dirty.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\statues\statue1\arm01_dirty.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\statues\statue1\mask01_1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\statues\statue1\statue01_dirty.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\stopper.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\timer.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\timerglow.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\timericon.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\tm.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mouseblue1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mouseblue2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mouseblue3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mousegreen1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mousegreen2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mousegreen3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mousered1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mousered2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mousered3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mouseyellow1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mouseyellow2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails\mouseyellow3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\areabomb.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\areabombrollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\blue.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\bluerollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\boardfill.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\brick.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\brick1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\brick2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\brick3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\bricktip.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared4.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared5.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared6.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\eye1.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\eye2.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\eye3.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\eye4.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\green.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\greenrollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\plain_tri-blue.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\plain_tri-bluerollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\plain_tri-green.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\plain_tri-greenrollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\plain_tri-red.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\plain_tri-redrollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\plain_tri-yellow.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\plain_tri-yellowrollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\red.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\redrollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\wild.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\wildrollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\yellow.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\yellowrollover.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\upsell\image0.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\upsell\image1.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\upsell\image2.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\upsell\image3.jpg

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\bluebucket.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\buckettriangle.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\chainlink.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\chaintip.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\genericbucket.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\greenbucket.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\redbucket.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\smallblue.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\smallgreen.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\smallred.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\smallyellow.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\urnglow.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\urnplatform.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns\yellowbucket.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\assets\warning.png

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\error.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\game.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\gameover.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\hiscore.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\hiscoreinfo.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\hiscoresubmit.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\instructions.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\leveldesign.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\levelover.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\mainarcade.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\mainconfirm.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\maincontinue.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\maingames.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\mainpuzzle.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\maphelptip.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\options.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\pause.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\quitconfirm.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\start.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\storyplayer.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\style.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\screens\upsell.lua

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\strings.xml

c:\windows\Downloaded Program Files\TriJinx.1.0.0.67\TriJinx.exe

c:\windows\IE4 Error Log.txt

.

((((((((((((((((((((((((( Files Created from 2008-11-02 to 2008-12-02 )))))))))))))))))))))))))))))))

.

2008-12-01 16:30 . 2008-12-01 16:30 <DIR> d-------- c:\program files\Bejeweled Twist

2008-11-30 21:58 . 2008-11-30 22:15 <DIR> d----c--- C:\Lop SD

2008-11-30 21:51 . 2008-11-30 21:57 <DIR> d-------- c:\documents and settings\LINDA SONDERMANN\.SunDownloadManager

2008-11-30 14:42 . 2008-11-30 14:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\WinZip

2008-11-30 07:37 . 2008-11-30 07:37 54,156 --ah----- c:\windows\QTFont.qfn

2008-11-30 07:37 . 2008-11-30 07:37 1,409 --a------ c:\windows\QTFont.for

2008-11-29 18:49 . 2008-11-29 18:49 <DIR> d-------- c:\windows\system32\ActiveX

2008-11-29 18:49 . 2008-11-30 16:54 <DIR> d-------- c:\program files\Hawaiian Explorer Pearl Harbor

2008-11-27 20:55 . 2008-11-29 18:47 <DIR> d-------- c:\documents and settings\LINDA SONDERMANN\Application Data\ForgottenRiddles

2008-11-27 20:54 . 2008-11-27 20:54 <DIR> d-------- c:\program files\Forgotten Riddles - The Mayan Princess

2008-11-27 11:51 . 2008-11-27 12:28 <DIR> d-------- c:\program files\Mortimer Beckett and the Time Paradox

2008-11-26 16:53 . 2008-11-26 16:53 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2008-11-26 16:53 . 2008-11-26 16:53 <DIR> d-------- c:\documents and settings\LINDA SONDERMANN\Application Data\Malwarebytes

2008-11-26 16:53 . 2008-11-26 16:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2008-11-26 16:53 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2008-11-26 16:53 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2008-11-24 23:00 . 2008-11-24 23:03 <DIR> d-------- c:\program files\Chowder

2008-11-19 17:36 . 2008-11-19 17:36 <DIR> d-------- c:\documents and settings\LINDA SONDERMANN\Application Data\Gogii Games

2008-11-19 17:36 . 2008-11-19 17:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\Gogii Games

2008-11-17 20:47 . 2008-11-17 20:47 <DIR> d-------- c:\documents and settings\LINDA SONDERMANN\Application Data\PlayFirst

2008-11-17 17:19 . 2008-11-17 17:19 <DIR> d-------- c:\program files\Book of Legends

2008-11-17 16:45 . 2008-11-17 16:48 <DIR> d-------- c:\program files\Herod's Lost Tomb

2008-11-14 18:57 . 2008-11-14 18:58 <DIR> d-------- c:\program files\Mystery P.I. - The New York Fortune

2008-11-14 12:19 . 2008-11-14 12:19 <DIR> d-------- c:\documents and settings\LINDA SONDERMANN\Application Data\eBay

2008-11-13 19:14 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll

2008-11-13 19:14 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui

2008-11-13 18:48 . 2008-11-13 18:48 <DIR> d-------- c:\program files\Common Files\xing shared

2008-11-13 18:48 . 2008-11-13 18:48 <DIR> d-------- c:\program files\7 Wonders - Treasures of Seven

2008-11-13 18:47 . 2008-11-13 18:47 <DIR> d-------- c:\program files\Mystery Case Files - Madame Fate

2008-11-13 18:47 . 2008-11-13 18:47 <DIR> d-------- c:\program files\Mushroom Age

2008-11-13 18:47 . 2008-11-13 18:47 <DIR> d-------- c:\program files\Microsoft Plus! Photo Story 2 LE

2008-11-13 18:47 . 2008-11-13 18:47 <DIR> d-------- c:\program files\Kidzui

2008-11-13 18:47 . 2008-11-13 18:47 <DIR> d-------- c:\program files\Jewel Quest Mysteries - Curse of the Emerald Tear

2008-11-13 18:47 . 2008-11-13 18:47 <DIR> d-------- c:\program files\Go Go Gourmet - Chef of the Year

2008-11-13 18:47 . 2008-11-13 18:47 <DIR> d-------- c:\program files\Dr. Lynch - Grave Secrets

2008-11-13 18:46 . 2008-11-13 18:46 <DIR> d-------- c:\program files\World Mosaics

2008-11-13 18:46 . 2008-11-13 18:46 <DIR> d-------- c:\program files\Viewpoint

2008-11-13 18:46 . 2008-11-13 18:46 <DIR> d-------- c:\program files\Electronic Arts

2008-11-13 18:46 . 2008-11-13 18:46 <DIR> d-------- c:\documents and settings\LINDA SONDERMANN\Application Data\Viewpoint

2008-11-12 09:40 . 2008-10-24 06:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys

2008-11-12 09:39 . 2008-09-04 12:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll

2008-11-11 20:05 . 2008-11-11 20:05 <DIR> d-------- c:\program files\GameMill Entertainment

2008-11-11 08:55 . 2008-11-11 08:55 <DIR> d-------- c:\program files\Trend Micro

2008-11-10 08:20 . 2008-11-10 08:20 <DIR> d-------- c:\documents and settings\LINDA SONDERMANN\Application Data\PC Tools

2008-11-10 08:20 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys

2008-11-10 08:20 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys

2008-11-10 08:20 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys

2008-11-10 08:20 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys

2008-11-02 19:35 . 2008-11-02 19:38 <DIR> d-------- c:\program files\Snood Towers

2008-11-02 16:10 . 2008-11-02 16:10 <DIR> d-------- c:\program files\THQ

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-02 00:17 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP

2008-12-01 23:49 --------- d-----w c:\documents and settings\LINDA SONDERMANN\Application Data\WholeSecurity

2008-12-01 23:49 --------- d-----w c:\documents and settings\All Users\Application Data\WholeSecurity

2008-12-01 15:55 --------- d-----w c:\documents and settings\LINDA SONDERMANN\Application Data\AVG7

2008-12-01 12:50 --------- d-----w c:\program files\Spyware Doctor

2008-11-29 00:01 --------- d-----w c:\documents and settings\LINDA SONDERMANN\Application Data\Leadertech

2008-11-27 23:41 --------- d-----w c:\program files\Common Files\Adobe

2008-11-21 00:00 --------- d-----w c:\documents and settings\LINDA SONDERMANN\Application Data\SpinTop Games

2008-11-18 01:47 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst

2008-11-14 17:19 --------- d-----w c:\documents and settings\All Users\Application Data\eBay

2008-11-13 23:48 --------- d-----w c:\program files\Real

2008-11-13 23:48 --------- d-----w c:\program files\Common Files\Real

2008-11-13 23:46 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint

2008-11-13 23:34 --------- d--h--w c:\program files\InstallShield Installation Information

2008-11-06 00:37 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo

2008-10-28 21:34 --------- d-----w c:\program files\Between the Worlds

2008-10-27 22:11 164 -c--a-w C:\install.dat

2008-10-27 02:31 --------- d-----w c:\program files\Hidden Expedition Titanic

2008-10-26 22:18 --------- d-----w c:\program files\Norton Security Scan

2008-10-26 22:18 --------- d-----w c:\program files\Common Files\Symantec Shared

2008-10-26 15:56 --------- d-----w c:\program files\MSN Messenger

2008-10-24 22:23 --------- d-----w c:\documents and settings\All Users\Application Data\Flood Light Games

2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys

2008-10-23 22:55 --------- d-----w c:\program files\Snoodoku

2008-10-23 20:29 --------- d-----w c:\program files\WOMGames

2008-10-22 19:21 --------- d-----w c:\program files\Lavasoft

2008-10-22 19:21 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft

2008-10-22 19:20 --------- d-----w c:\program files\Common Files\Wise Installation Wizard

2008-10-22 18:54 --------- d-----w c:\program files\Advanced Registry Optimizer

2008-10-22 18:31 --------- d-----w c:\program files\AskBarDis

2008-10-22 18:31 --------- d-----w c:\documents and settings\LINDA SONDERMANN\Application Data\Sammsoft

2008-10-21 21:02 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2008-10-21 19:45 61,224 ----a-w c:\documents and settings\LINDA SONDERMANN\GoToAssistDownloadHelper.exe

2008-10-21 17:46 --------- d-----w c:\program files\Spybot - Search & Destroy

2008-10-18 00:18 --------- d-----w c:\documents and settings\All Users\Application Data\PC Tools

2008-10-17 23:03 --------- d-----w c:\program files\Spyware Doctor(2)

2008-10-14 23:46 --------- d-----w c:\program files\Mystery Case Files - Ravenhearst

2008-10-11 22:16 --------- d-----w c:\program files\Hidden Expedition - Everest

2008-10-11 18:40 --------- d-----w c:\program files\Activision Value

2008-03-08 14:33 0 ----a-w c:\program files\temp01

2007-03-26 12:02 630,784 ----a-w c:\documents and settings\LINDA SONDERMANN\GoToAssist_chat2way__317_en.exe

2006-12-11 00:24 557,056 ----a-w c:\documents and settings\LINDA SONDERMANN\GoToAssist_phone__317_en.exe

2006-06-25 16:24 774,144 ----a-w c:\program files\RngInterstitial.dll

2006-02-27 23:02 251 ----a-w c:\program files\wt3d.ini

2006-02-26 00:48 557,056 ----a-w c:\documents and settings\LINDA SONDERMANN\chatlnk.exe

2006-05-12 13:36 56 --sh--r c:\windows\system32\4BC3057C5F.sys

2006-05-12 13:36 3,558 --sha-w c:\windows\system32\KGyGaAvL.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]

"Google Update"="c:\documents and settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-16 133104]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]

"Apoint"="c:\program files\Apoint\Apoint.exe" [2005-10-07 176128]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-02-15 98304]

"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]

"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]

"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]

"Disc Detector"="c:\program files\Creative\ShareDLL\CtNotify.exe" [2001-04-02 191488]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]

"eBayToolbar"="c:\program files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [2008-08-06 652528]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2006-11-21 842584]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-08-23 196608]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]

"AVG7_CC"="c:\progra~1\Grisoft\AVG7\avgcc.exe" [2008-10-17 590848]

"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2005-09-01 684032]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 202544]

"Dell AIO Printer A920"="c:\program files\Dell AIO Printer A920\dlbkbmgr.exe" [2003-06-02 270336]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-12 185872]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2007-12-31 219136]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-02-25 113664]

Event Reminder.lnk - c:\program files\Broderbund\PrintMaster\PMremind.exe [2006-11-06 323584]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 241664]

HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-05-28 53248]

LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2007-12-23 57344]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-09-10 525664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.iv41"= ir41_32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\America Online 9.0\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=

"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=

"c:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=

"c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=

"c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=

"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=

"c:\\Program Files\\Cartoon Network\\Ben 10 Bounty Hunters\\RT_Multiplayer.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"c:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

S3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [2008-01-11 18864]

S3 PD016BLK;Creative PC-CAM 300 (Still Image);c:\windows\system32\DRIVERS\PD016blk.sys [2006-02-22 28665]

S3 PD016VID;Creative PC-CAM 300 (Video);c:\windows\system32\DRIVERS\PD016vid.sys [2006-02-22 433152]

S4 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" [2007-06-03 24652]

*Newly Created Service* - CATCHME

*Newly Created Service* - PROCEXP90

.

Contents of the 'Scheduled Tasks' folder

2008-12-01 c:\windows\Tasks\GoogleUpdateTaskUser.job

- c:\documents and settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-16 16:46]

2007-02-05 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job

- c:\program files\Microsoft IntelliPoint\ipoint.exe [2006-11-21 17:09]

.

- - - - ORPHANS REMOVED - - - -

Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)

.

------- Supplementary Scan -------

.

mStart Page = hxxp://www.dell.com

uInternet Connection Wizard,ShellNext = iexplore

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000

IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

c:\windows\Downloaded Program Files\CONFLICT.46\stg_drm.ocx - c:\windows\Downloaded Program Files\CONFLICT.47\stg_drm.ocx

O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9}

file://c:\program files\Mortimer Beckett and the Time Paradox\Images\stg_drm.ocx

c:\windows\Downloaded Program Files\CONFLICT.3\armhelper.ocx - c:\windows\Downloaded Program Files\CONFLICT.4\armhelper.ocx

c:\windows\Downloaded Program Files\CONFLICT.5\armhelper.ocx

c:\windows\Downloaded Program Files\CONFLICT.6\armhelper.ocx

c:\windows\Downloaded Program Files\CONFLICT.7\armhelper.ocx

O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54}

file://c:\program files\Mortimer Beckett and the Time Paradox\Images\armhelper.ocx

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-01 19:44:09

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Disc Detector = c:\program files\Creative\ShareDLL\CtNotify.exe?X???????????????? C?????Disc Detector?B???A???????A?? [email protected][email protected]?? [email protected][email protected]?B???A???????A?? [email protected][email protected]?P [email protected]?a?????????????????B?????? ???????????????????p????????B

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-12-01 19:47:43

ComboFix-quarantined-files.txt 2008-12-02 00:47:10

Pre-Run: 45,164,515,328 bytes free

Post-Run: 45,674,184,704 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

471 --- E O F --- 2008-11-27 03:40:34

Thanks, again, Ryan!

Share this post


Link to post
Share on other sites

hmm... I can't see anything that you would causing your issue.

Please update and perform another full scan with MBAM, and then post the log.

-Ryan

Share this post


Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.30

Database version: 1427

Windows 5.1.2600 Service Pack 3

12/3/2008 1:45:05 PM

mbam-log-2008-12-03 (13-45-05).txt

Scan type: Full Scan (C:\|)

Objects scanned: 252658

Time elapsed: 3 hour(s), 48 minute(s), 53 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

This is really irritating. If I use the eBay search engine, I get about 4 seconds before the page flips over. If I use Google or one of the others, I get a few minutes, but I always lose the page, sooner or later. It's really cutting into my holiday shopping, not to mention, my eBay sales ...

Share this post


Link to post
Share on other sites

Sorry for the delay, I wanted to get a second opinion because I couldn't find anything malicious.

Open HiJack This and scan. When it finishes, put an X in the box next to these following item(s)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

Close all open windows except for HiJack This and click fix checked.

Reboot your computer.

Please rescan with HijackThis and post a fresh log in this same topic, and let us know how your system's working. :)

-Ryan

Share this post


Link to post
Share on other sites

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 6:09:46 PM, on 12/5/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\WINDOWS\system32\CTSVCCDA.EXE

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Apoint\HidFind.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\Creative\ShareDLL\CtNotify.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

C:\Program Files\Creative\ShareDLL\MediaDet.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe

C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Documents and Settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll

O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe"

O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"

O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"

O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"

O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [dla] "C:\WINDOWS\system32\dla\tfswctrl.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\LINDA SONDERMANN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: LUMIX Simple Viewer.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Bejeweled Twist\Images\stg_drm.ocx

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194798768671

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Mortimer Beckett and the Time Paradox\Images\armhelper.ocx

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

O24 - Desktop Component 0: (no name) - http://www.knitpicks.com/images/structure/...MP3download.gif

--

End of file - 11442 bytes

Share this post


Link to post
Share on other sites

Ryan ... I think it might be GONE! Dare I say it? You mean to tell me that it was a Google toolbar or a Yahoo tool bar that brought this hideous thing in? I always heard that downloading toolbars was trouble.

At the risk of jumping in too soon, THANK YOU!!!!

(Fingers crossed) I hope this is it! You were magnificent! Patient, quick to respond, and thorough! I will tell everyone I know! :thumbsup:

Linda

Share this post


Link to post
Share on other sites

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.