medtran51

Members
  • Content Count

    13
  • Joined

  • Last visited

Posts posted by medtran51

  1. == Remove Programs ==

    Please go to Add/Remove Programs in the Control Panel, and remove the following programs

    • J2SE Runtime Environment 5.0 Update 10
      J2SE Runtime Environment 5.0 Update 11
      J2SE Runtime Environment 5.0 Update 9

    Reboot your computer.

    == Install Latest Java ==

    Please go to THIS page, and click on the Download link that is in the Java Runtime Environment (JRE) 6 section.

    Click the radio button next to Accept License Agreement after reviewing it. The page will refresh - this is normal.

    Download the Windows Offline Installation, Multi-language. You will want to save this to a location you will remember.

    Once it has finished downloading, double click it, and follow the prompts to install.

    If it asks to reboot, select Yes.

    Other than those outdated Java installations, I'm not seeing anything wrong. Read the following page, and follow the steps that it contains. http://users.telenet.be/bluepatchy/miekiem...owcomputer.html

    Let me know if that helps.

    -Ryan

    Ryan,

    It seems to working somewhat okay. A little slow on start up, but I went into the link and followed some of the things that it said to try and make things faster. Thanks for your help. You have been very helpful. This site is amazing. I will definitely keep this site in mind and if anyone I know is having problems, they need to contact Besttechie.net to help with their computer problems.

    Thanks again.

    Cheryl :thumbsup::D

  2. == Clear Temporary Files ==

    Please download ATF Cleaner by Atribune.

    This program is for XP and Windows 2000 only

    • Close all Internet Explorer, Firefox, and Opera windows before continuing.
      Double-click ATF-Cleaner.exe to run the program.
      Under Main choose: Select All
      Click the Empty Selected button.

    If you use Firefox browser

    • Click Firefox at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    If you use Opera browser

    • Click Opera at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    Click Exit on the Main menu to close the program.

    For Technical Support, double-click the e-mail address located at the bottom of each menu.

    == Clear System Restore==

    Let's make a new restore point and clear the others:

    • Go - Start>Programmes>Accessories>System Tools>System Restore>Create a New Restore point.
      Go - Start>Programmes>Accessories>System Tools>Disc Cleanup>"More Options" Tab>Remove All But Most Recent Point. Please do this for each hard drive that you have connected to the computer

    == Kaspersky Web Scanner ==

    Please do an online scan with Kaspersky WebScanner

    You will need to use Internet Explorer to do this

    Click on Accept

    You will be promted to install an ActiveX component from Kaspersky, Click Yes.

    • The program will launch and then begin downloading the latest definition files:
    • Once the files have been downloaded click on NEXT

    • Now click on Scan Settings
    • In the scan settings make that the following are selected:
      • Scan using the following Anti-Virus database:

      • Extended (if available otherwise Standard)

      • Scan Options:

      • Scan Archives
        Scan Mail Bases

      [*]Click OK

      [*]Now under select a target to scan:

      • Select My Computer

      [*]This will program will start and scan your system.

      [*]The scan will take a while so be patient and let it run.

      [*]Once the scan is complete it will display if your system has been infected.

      • Now click on the Save as Text button:

      [*]Save the file to your desktop.

      [*]Copy and paste that information in your next post.

    == Request Logs ==

    Please post the log from the Kaspersky scan along with an Uninstall List.

    • Open HijackThis, click Config, click Misc Tools
      Click "Open Uninstall Manager"
      Click "Save List" (generates uninstall_list.txt)

    -Ryan

    Ryan, Here is the Kaspersky scan along with the Uninstall List :rolleyes: .

    Welcome to the Kaspersky Online Scanner! Use it to scan your PC for viruses and other malware for free

    Warning: if you have installed Kaspersky Online Scanner Pro, please manually uninstall it using "Add/Remove Programs" before installing this version! Otherwise this version will not function correctly.

    Benefits:

    Kaspersky Anti-Virus exceptional detection rates and thorough scanning

    Hourly AV database updates available each time the Online Scanner is launched

    Heuristic analysis to detect unknown viruses

    Simple installation (just click on a link)

    Requirements and limitations:

    When using this service for the first time, you have to run with Administrator privileges in order to install the product. Also, you will need to download and install files about 400 KB in size followed by 9 MB of virus definitions.

    However, if you use the Online Scanner again, you will only need to download the files that have been updated since your last scan.

    The Online Scanner service offered by Kaspersky Lab uses Microsoft ActiveX technology. Microsoft ActiveX Technology and the Kaspersky Online Scanner work only with MS Internet Explorer 6.0 or higher.

    We cannot guarantee that the Online Scanner will function correctly if you are using any other browser or any Internet Explorer extensions (such as AvantBrowser). If you use a different browser, you can use the Kaspersky File Scanner to scan individual files.

    The free Kaspersky Online Scanner does not scan boot sectors and MBRs, so it cannot detect malicious code located in these areas.

    Please note: The free Kaspersky Online Scanner does not protect against malicious code, and cannot prevent future infections. It only detects malware that has already penetrated your computer. We strongly recommend that you install a full antivirus solution to protect your system.

    Privacy statement:

    The Kaspersky Online Scanner will collect information about the malicious programs found on your computer during the scanning process. The information will be sent to the Kaspersky Virus Lab for statistical purposes. No personal information about you or specific information about your system will be collected or transmitted to Kaspersky Lab.

    Select: All, None, Suspicious Selected objects: 0

    Scan settings:

    Here you can configure the scanning process.

    Scan using the following antivirus database:

    standard - detect viruses, worms, Trojans, rootkits

    extended - protect your computer from Spyware, adware, dialers and potentially dangerous software such as remote access utilities, prank programs and jokes. We do not recommend this option to beginners or inexperienced users.

    Scan options:

    Scan Archives - scan files inside archives

    Note: affects all targets except 'A File...' scan target.

    Scan Mail Bases - scan e-mails/attachments inside mail base files

    Note: affects all targets except 'My Email' and 'A File...' scan targets.

    Initialize Kaspersky Online Scanner

    (downloading and installing Kaspersky Online Scanner ActiveX from the server into your computer)

    Update Kaspersky Anti-Virus Databases [100%]:

    (downloading and installing the latest Kaspersky Anti-Virus Databases)

    Please wait to update the virus definitions...

    Downloading from url: http://downloads1.kaspersky-labs.com

    Downloading remote file: master.xml

    Downloading remote file: kavset.xml

    Downloading remote file: soft.xml

    Downloading remote file: updcfg.xml

    Downloading remote file: kernel.avc

    Downloading remote file: krnunp.avc

    Downloading remote file: krnexe.avc

    Downloading remote file: krnmacro.avc

    Downloading remote file: krnjava.avc

    Downloading remote file: krndos.avc

    Downloading remote file: krngen.avc

    Downloading remote file: krnexe32.avc

    Downloading from url: ftp://downloads4.kaspersky-labs.com

    Downloading remote file: master.xml

    Downloading remote file: krnexe32.avc

    Downloading remote file: krnengn.avc

    Downloading remote file: krn001.avc

    Downloading remote file: krn002.avc

    Downloading remote file: krn003.avc

    Downloading remote file: krn004.avc

    Downloading remote file: krn005.avc

    Downloading remote file: smart.avc

    Downloading remote file: ocr.avc

    Downloading remote file: chuka.avc

    Downloading remote file: fa001.avc

    Downloading remote file: base001c.avc

    Downloading remote file: base002c.avc

    Downloading remote file: base003c.avc

    Downloading remote file: base004c.avc

    Downloading remote file: base005c.avc

    Downloading remote file: base006c.avc

    Downloading remote file: base007c.avc

    Downloading remote file: base008c.avc

    Downloading remote file: base009c.avc

    Downloading remote file: base010c.avc

    Downloading remote file: base011c.avc

    Downloading remote file: base012c.avc

    Downloading remote file: base013c.avc

    Downloading remote file: base014c.avc

    Downloading remote file: base015c.avc

    Downloading remote file: base016c.avc

    Downloading remote file: base017c.avc

    Downloading remote file: base018c.avc

    Downloading remote file: base019c.avc

    Downloading remote file: base020c.avc

    Downloading remote file: base021c.avc

    Downloading remote file: base022c.avc

    Downloading remote file: base023c.avc

    Downloading remote file: base024c.avc

    Downloading remote file: base025c.avc

    Downloading remote file: base026c.avc

    Downloading remote file: base027c.avc

    Downloading remote file: base028c.avc

    Downloading remote file: base029c.avc

    Downloading remote file: base030c.avc

    Downloading remote file: base031c.avc

    Downloading remote file: base032c.avc

    Downloading remote file: base033c.avc

    Downloading remote file: base034c.avc

    Downloading remote file: base035c.avc

    Downloading remote file: base036c.avc

    Downloading remote file: base037c.avc

    Downloading remote file: base038c.avc

    Downloading remote file: base039c.avc

    Downloading remote file: base040c.avc

    Downloading remote file: base041c.avc

    Downloading remote file: base042c.avc

    Downloading remote file: base043c.avc

    Downloading remote file: base044c.avc

    Downloading remote file: base045c.avc

    Downloading remote file: base046c.avc

    Downloading remote file: base047c.avc

    Downloading remote file: base048c.avc

    Downloading remote file: base049c.avc

    Downloading remote file: base050c.avc

    Downloading remote file: base051c.avc

    Downloading remote file: base052c.avc

    Downloading remote file: base053c.avc

    Downloading remote file: base054c.avc

    Downloading remote file: base055c.avc

    Downloading remote file: base056c.avc

    Downloading remote file: base057c.avc

    Downloading remote file: base058c.avc

    Downloading remote file: base059c.avc

    Downloading remote file: base060c.avc

    Downloading remote file: base061c.avc

    Downloading remote file: base062c.avc

    Downloading remote file: base063c.avc

    Downloading remote file: base064c.avc

    Downloading remote file: base065c.avc

    Downloading remote file: base066c.avc

    Downloading remote file: base067c.avc

    Downloading remote file: base068c.avc

    Downloading remote file: base069c.avc

    Downloading remote file: base070c.avc

    Downloading remote file: base071c.avc

    Downloading remote file: base072c.avc

    Downloading remote file: base073c.avc

    Downloading remote file: base074c.avc

    Downloading remote file: base075c.avc

    Downloading remote file: base076c.avc

    Downloading remote file: base077c.avc

    Downloading remote file: base078c.avc

    Downloading remote file: base079c.avc

    Downloading remote file: base080c.avc

    Downloading remote file: base081c.avc

    Downloading remote file: base082c.avc

    Downloading remote file: base083c.avc

    Downloading remote file: base084c.avc

    Downloading remote file: base085c.avc

    Downloading remote file: base086c.avc

    Downloading remote file: base087c.avc

    Downloading remote file: base088c.avc

    Downloading remote file: base089c.avc

    Downloading remote file: base090c.avc

    Downloading remote file: base091c.avc

    Downloading remote file: base092c.avc

    Downloading remote file: base093c.avc

    Downloading remote file: base094c.avc

    Downloading remote file: base095c.avc

    Downloading remote file: base096c.avc

    Downloading remote file: base097c.avc

    Downloading remote file: base098c.avc

    Downloading remote file: dailyc.avc

    Downloading remote file: ext001c.avc

    Downloading remote file: ext002c.avc

    Downloading remote file: ext003c.avc

    Downloading remote file: ext004c.avc

    Downloading remote file: ext005c.avc

    Downloading remote file: ext006c.avc

    Downloading remote file: ext007c.avc

    Downloading remote file: ext008c.avc

    Downloading remote file: ext009c.avc

    Downloading remote file: ext010c.avc

    Downloading remote file: ext011c.avc

    Downloading remote file: daily-ec.avc

    Downloading remote file: base001.avc

    Downloading remote file: base002.avc

    Downloading remote file: base003.avc

    Downloading remote file: base004.avc

    Downloading remote file: base005.avc

    Downloading remote file: base006.avc

    Downloading remote file: base007.avc

    Downloading remote file: base008.avc

    Downloading remote file: base009.avc

    Downloading remote file: base010.avc

    Downloading remote file: base011.avc

    Downloading remote file: base012.avc

    Downloading remote file: base013.avc

    Downloading remote file: base014.avc

    Downloading remote file: base015.avc

    Downloading remote file: base016.avc

    Downloading remote file: base017.avc

    Downloading remote file: base018.avc

    Downloading remote file: base019.avc

    Downloading remote file: base020.avc

    Downloading remote file: base021.avc

    Downloading remote file: base022.avc

    Downloading remote file: base023.avc

    Downloading remote file: base024.avc

    Downloading remote file: base025.avc

    Downloading remote file: base026.avc

    Downloading remote file: base027.avc

    Downloading remote file: base028.avc

    Downloading remote file: base029.avc

    Downloading remote file: base030.avc

    Downloading remote file: base031.avc

    Downloading remote file: base032.avc

    Downloading remote file: base033.avc

    Downloading remote file: base034.avc

    Downloading remote file: base035.avc

    Downloading remote file: base036.avc

    Downloading remote file: base037.avc

    Downloading remote file: base038.avc

    Downloading remote file: base039.avc

    Downloading remote file: base040.avc

    Downloading remote file: base041.avc

    Downloading remote file: base042.avc

    Downloading remote file: base043.avc

    Downloading remote file: base044.avc

    Downloading remote file: base045.avc

    Downloading remote file: base046.avc

    Downloading remote file: base047.avc

    Downloading remote file: base048.avc

    Downloading remote file: base049.avc

    Downloading remote file: base050.avc

    Downloading remote file: base051.avc

    Downloading remote file: base052.avc

    Downloading remote file: base053.avc

    Downloading remote file: base054.avc

    Downloading remote file: base055.avc

    Downloading remote file: base056.avc

    Downloading remote file: base057.avc

    Downloading remote file: base058.avc

    Downloading remote file: base059.avc

    Downloading remote file: base060.avc

    Downloading remote file: base061.avc

    Downloading remote file: base062.avc

    Downloading remote file: base063.avc

    Downloading remote file: base064.avc

    Downloading remote file: base065.avc

    Downloading remote file: base066.avc

    Downloading remote file: base067.avc

    Downloading remote file: base068.avc

    Downloading remote file: base069.avc

    Downloading remote file: base070.avc

    Downloading remote file: base071.avc

    Downloading remote file: base072.avc

    Downloading remote file: base073.avc

    Downloading remote file: base074.avc

    Downloading remote file: base075.avc

    Downloading remote file: base076.avc

    Downloading remote file: base077.avc

    Downloading remote file: base078.avc

    Downloading remote file: base079.avc

    Downloading remote file: base080.avc

    Downloading remote file: base081.avc

    Downloading remote file: base082.avc

    Downloading remote file: base083.avc

    Downloading remote file: base084.avc

    Downloading remote file: base085.avc

    Downloading remote file: base086.avc

    Downloading remote file: base087.avc

    Downloading remote file: base088.avc

    Downloading remote file: base089.avc

    Downloading remote file: base090.avc

    Downloading remote file: base091.avc

    Downloading remote file: base092.avc

    Downloading remote file: base093.avc

    Downloading remote file: base094.avc

    Downloading remote file: base095.avc

    Downloading remote file: base096.avc

    Downloading remote file: base097.avc

    Downloading remote file: base098.avc

    Downloading remote file: base099.avc

    Downloading remote file: base100.avc

    Downloading remote file: base101.avc

    Downloading remote file: base102.avc

    Downloading remote file: base103.avc

    Downloading remote file: base104.avc

    Downloading remote file: base105.avc

    Downloading remote file: base106.avc

    Downloading remote file: base107.avc

    Downloading remote file: base108.avc

    Downloading remote file: base109.avc

    Downloading remote file: base110.avc

    Downloading remote file: base111.avc

    Downloading remote file: base112.avc

    Downloading remote file: base113.avc

    Downloading remote file: base114.avc

    Downloading remote file: base115.avc

    Downloading remote file: base116.avc

    Downloading remote file: base117.avc

    Downloading remote file: base118.avc

    Downloading remote file: base119.avc

    Downloading remote file: base120.avc

    Downloading remote file: base121.avc

    Downloading remote file: base122.avc

    Downloading remote file: base123.avc

    Downloading remote file: base124.avc

    Downloading remote file: base125.avc

    Downloading remote file: base126.avc

    Downloading remote file: base127.avc

    Downloading remote file: base128.avc

    Downloading remote file: base129.avc

    Downloading remote file: base130.avc

    Downloading remote file: base131.avc

    Downloading remote file: base132.avc

    Downloading remote file: base133.avc

    Downloading remote file: base134.avc

    Downloading remote file: base135.avc

    Downloading remote file: base136.avc

    Downloading remote file: base137.avc

    Downloading remote file: base138.avc

    Downloading remote file: base139.avc

    Downloading remote file: base140.avc

    Downloading remote file: base141.avc

    Downloading remote file: base142.avc

    Downloading remote file: base143.avc

    Downloading remote file: base144.avc

    Downloading remote file: base145.avc

    Downloading remote file: base146.avc

    Downloading remote file: base147.avc

    Downloading remote file: base148.avc

    Downloading remote file: base149.avc

    Downloading remote file: base150.avc

    Downloading remote file: base151.avc

    Downloading remote file: base152.avc

    Downloading remote file: base153.avc

    Downloading remote file: base154.avc

    Downloading remote file: base155.avc

    Downloading remote file: base156.avc

    Downloading remote file: base157.avc

    Downloading remote file: base158.avc

    Downloading remote file: base159.avc

    Downloading remote file: base160.avc

    Downloading remote file: base161.avc

    Downloading remote file: base162.avc

    Downloading remote file: base163.avc

    Downloading remote file: base999.avc

    Downloading remote file: unp000.avc

    Downloading remote file: unp001.avc

    Downloading remote file: unp002.avc

    Downloading remote file: unp003.avc

    Downloading remote file: unp004.avc

    Downloading remote file: unp005.avc

    Downloading remote file: unp006.avc

    Downloading remote file: unp007.avc

    Downloading remote file: unp008.avc

    Downloading remote file: unp009.avc

    Downloading remote file: unp010.avc

    Downloading remote file: unp011.avc

    Downloading remote file: unp012.avc

    Downloading remote file: unp013.avc

    Downloading remote file: unp014.avc

    Downloading remote file: unp015.avc

    Downloading remote file: unp016.avc

    Downloading remote file: unp017.avc

    Downloading remote file: unp018.avc

    Downloading remote file: unp019.avc

    Downloading remote file: unp020.avc

    Downloading remote file: unp021.avc

    Downloading remote file: unp022.avc

    Downloading remote file: unp023.avc

    Downloading remote file: unp024.avc

    Downloading remote file: unp025.avc

    Downloading remote file: unp026.avc

    Downloading remote file: unp027.avc

    Downloading remote file: unp028.avc

    Downloading remote file: unp029.avc

    Downloading remote file: unp030.avc

    Downloading remote file: unp031.avc

    Downloading remote file: unp032.avc

    Downloading remote file: unp033.avc

    Downloading remote file: unp034.avc

    Downloading remote file: unp035.avc

    Downloading remote file: unp036.avc

    Downloading remote file: unp037.avc

    Downloading remote file: unp038.avc

    Downloading remote file: unp039.avc

    Downloading remote file: daily.avc

    Downloading remote file: daily-ex.avc

    Downloading remote file: urgent.avc

    Downloading remote file: mail.avc

    Downloading remote file: ext001.avc

    Downloading remote file: ext002.avc

    Downloading remote file: ext003.avc

    Downloading remote file: ext004.avc

    Downloading remote file: ext005.avc

    Downloading remote file: ext006.avc

    Downloading remote file: ext007.avc

    Downloading remote file: ext008.avc

    Downloading remote file: ext009.avc

    Downloading remote file: ext999.avc

    Downloading remote file: gen001.avc

    Downloading remote file: gen002.avc

    Downloading remote file: gen003.avc

    Downloading remote file: gen004.avc

    Downloading remote file: gen005.avc

    Downloading remote file: gen999.avc

    Downloading remote file: ca.avc

    Downloading remote file: fa.avc

    Downloading remote file: eicar.avc

    Downloading remote file: verdicts.ini

    Downloading remote file: engine.dt

    Downloading remote file: engine.cfg

    Downloading remote file: avcmhk5.mhk

    Downloading remote file: black.lst

    Downloading remote file: avp.set

    Downloading remote file: avp_ext.set

    Downloading remote file: avp_x.set

    Downloading remote file: avp.vnd

    Downloading remote file: avp.klb

    Downloading remote file: soft.ver

    Update finished. Ready to scan.

    Next

    Please select a target to scan:

    You can configure the scanning process by pressing "Scan Settings" button.

    Critical Areas

    scan critical areas of your hard disks

    specified in %windir% and %tmp% system variables

    Memory

    scan disk modules of running processes

    My Computer

    scan all your hard and mapped disks

    My Email

    scan all your hard and mapped disks only for the following extensions: *.PST; *.MSG; *.OST; *.MDB; *.DBX; *.EML; *.MBS

    Folders...

    scan selected folders

    A File...

    scan a one file

    Warning: The Kaspersky Online Scanner may not run successfully while any other Anti-Virus software is running. If you have Anti-Virus software installed, please disable your AV protection before running the Kaspersky Online Scanner.

    Selected target: My Computer

    Source: C:\; D:\; E:\; F:\;

    Report is empty.

    Please note: The free Kaspersky Online Scanner does not provide comprehensive protection and cannot prevent future infections. It only detects malware that has already penetrated your storage devices. We strongly recommend that you use a fully-functional antivirus solution to protect your computer at all times.

    Please wait, this process may take a long time depending on the selected target. If you want to continue browsing, open a new window.

    Scan Progress [99%]:

    Total number of scanned objects: 87045

    Number of viruses found: 0

    Number of infected objects: 0

    Number of suspicious objects: 0

    Duration of the scan process: 02:39:04

    Stop Scan

    Get a Free Trial

    Buy Kaspersky Anti-Virus

    Help

    Virus Encyclopedia

    Kaspersky Lab

    Product Info

    You have Kaspersky Online Scanner version 5.0.98.0 installed. The current anti-virus database was released on Wednesday, February 06, 2008 and contains 550815 records.

    System Info

    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)Please wait while the Kaspersky Online Scanner is initializing and updating...

    Copyright © Kaspersky Lab 1997 - 2007

    Portions Copyright © Lan Crypto

    Welcome to the Kaspersky Online Scanner! Use it to scan your PC for viruses and other malware for free

    Warning: if you have installed Kaspersky Online Scanner Pro, please manually uninstall it using "Add/Remove Programs" before installing this version! Otherwise this version will not function correctly.

    Benefits:

    Kaspersky Anti-Virus exceptional detection rates and thorough scanning

    Hourly AV database updates available each time the Online Scanner is launched

    Heuristic analysis to detect unknown viruses

    Simple installation (just click on a link)

    Requirements and limitations:

    When using this service for the first time, you have to run with Administrator privileges in order to install the product. Also, you will need to download and install files about 400 KB in size followed by 9 MB of virus definitions.

    However, if you use the Online Scanner again, you will only need to download the files that have been updated since your last scan.

    The Online Scanner service offered by Kaspersky Lab uses Microsoft ActiveX technology. Microsoft ActiveX Technology and the Kaspersky Online Scanner work only with MS Internet Explorer 6.0 or higher.

    We cannot guarantee that the Online Scanner will function correctly if you are using any other browser or any Internet Explorer extensions (such as AvantBrowser). If you use a different browser, you can use the Kaspersky File Scanner to scan individual files.

    The free Kaspersky Online Scanner does not scan boot sectors and MBRs, so it cannot detect malicious code located in these areas.

    Please note: The free Kaspersky Online Scanner does not protect against malicious code, and cannot prevent future infections. It only detects malware that has already penetrated your computer. We strongly recommend that you install a full antivirus solution to protect your system.

    Privacy statement:

    The Kaspersky Online Scanner will collect information about the malicious programs found on your computer during the scanning process. The information will be sent to the Kaspersky Virus Lab for statistical purposes. No personal information about you or specific information about your system will be collected or transmitted to Kaspersky Lab.

    Select: All, None, Suspicious Selected objects: 0

    Scan settings:

    Here you can configure the scanning process.

    Scan using the following antivirus database:

    standard - detect viruses, worms, Trojans, rootkits

    extended - protect your computer from Spyware, adware, dialers and potentially dangerous software such as remote access utilities, prank programs and jokes. We do not recommend this option to beginners or inexperienced users.

    Scan options:

    Scan Archives - scan files inside archives

    Note: affects all targets except 'A File...' scan target.

    Scan Mail Bases - scan e-mails/attachments inside mail base files

    Note: affects all targets except 'My Email' and 'A File...' scan targets.

    Initialize Kaspersky Online Scanner

    (downloading and installing Kaspersky Online Scanner ActiveX from the server into your computer)

    Update Kaspersky Anti-Virus Databases [100%]:

    (downloading and installing the latest Kaspersky Anti-Virus Databases)

    Please wait to update the virus definitions...

    Downloading from url: http://downloads1.kaspersky-labs.com

    Downloading remote file: master.xml

    Downloading remote file: kavset.xml

    Downloading remote file: soft.xml

    Downloading remote file: updcfg.xml

    Downloading remote file: kernel.avc

    Downloading remote file: krnunp.avc

    Downloading remote file: krnexe.avc

    Downloading remote file: krnmacro.avc

    Downloading remote file: krnjava.avc

    Downloading remote file: krndos.avc

    Downloading remote file: krngen.avc

    Downloading remote file: krnexe32.avc

    Downloading from url: ftp://downloads4.kaspersky-labs.com

    Downloading remote file: master.xml

    Downloading remote file: krnexe32.avc

    Downloading remote file: krnengn.avc

    Downloading remote file: krn001.avc

    Downloading remote file: krn002.avc

    Downloading remote file: krn003.avc

    Downloading remote file: krn004.avc

    Downloading remote file: krn005.avc

    Downloading remote file: smart.avc

    Downloading remote file: ocr.avc

    Downloading remote file: chuka.avc

    Downloading remote file: fa001.avc

    Downloading remote file: base001c.avc

    Downloading remote file: base002c.avc

    Downloading remote file: base003c.avc

    Downloading remote file: base004c.avc

    Downloading remote file: base005c.avc

    Downloading remote file: base006c.avc

    Downloading remote file: base007c.avc

    Downloading remote file: base008c.avc

    Downloading remote file: base009c.avc

    Downloading remote file: base010c.avc

    Downloading remote file: base011c.avc

    Downloading remote file: base012c.avc

    Downloading remote file: base013c.avc

    Downloading remote file: base014c.avc

    Downloading remote file: base015c.avc

    Downloading remote file: base016c.avc

    Downloading remote file: base017c.avc

    Downloading remote file: base018c.avc

    Downloading remote file: base019c.avc

    Downloading remote file: base020c.avc

    Downloading remote file: base021c.avc

    Downloading remote file: base022c.avc

    Downloading remote file: base023c.avc

    Downloading remote file: base024c.avc

    Downloading remote file: base025c.avc

    Downloading remote file: base026c.avc

    Downloading remote file: base027c.avc

    Downloading remote file: base028c.avc

    Downloading remote file: base029c.avc

    Downloading remote file: base030c.avc

    Downloading remote file: base031c.avc

    Downloading remote file: base032c.avc

    Downloading remote file: base033c.avc

    Downloading remote file: base034c.avc

    Downloading remote file: base035c.avc

    Downloading remote file: base036c.avc

    Downloading remote file: base037c.avc

    Downloading remote file: base038c.avc

    Downloading remote file: base039c.avc

    Downloading remote file: base040c.avc

    Downloading remote file: base041c.avc

    Downloading remote file: base042c.avc

    Downloading remote file: base043c.avc

    Downloading remote file: base044c.avc

    Downloading remote file: base045c.avc

    Downloading remote file: base046c.avc

    Downloading remote file: base047c.avc

    Downloading remote file: base048c.avc

    Downloading remote file: base049c.avc

    Downloading remote file: base050c.avc

    Downloading remote file: base051c.avc

    Downloading remote file: base052c.avc

    Downloading remote file: base053c.avc

    Downloading remote file: base054c.avc

    Downloading remote file: base055c.avc

    Downloading remote file: base056c.avc

    Downloading remote file: base057c.avc

    Downloading remote file: base058c.avc

    Downloading remote file: base059c.avc

    Downloading remote file: base060c.avc

    Downloading remote file: base061c.avc

    Downloading remote file: base062c.avc

    Downloading remote file: base063c.avc

    Downloading remote file: base064c.avc

    Downloading remote file: base065c.avc

    Downloading remote file: base066c.avc

    Downloading remote file: base067c.avc

    Downloading remote file: base068c.avc

    Downloading remote file: base069c.avc

    Downloading remote file: base070c.avc

    Downloading remote file: base071c.avc

    Downloading remote file: base072c.avc

    Downloading remote file: base073c.avc

    Downloading remote file: base074c.avc

    Downloading remote file: base075c.avc

    Downloading remote file: base076c.avc

    Downloading remote file: base077c.avc

    Downloading remote file: base078c.avc

    Downloading remote file: base079c.avc

    Downloading remote file: base080c.avc

    Downloading remote file: base081c.avc

    Downloading remote file: base082c.avc

    Downloading remote file: base083c.avc

    Downloading remote file: base084c.avc

    Downloading remote file: base085c.avc

    Downloading remote file: base086c.avc

    Downloading remote file: base087c.avc

    Downloading remote file: base088c.avc

    Downloading remote file: base089c.avc

    Downloading remote file: base090c.avc

    Downloading remote file: base091c.avc

    Downloading remote file: base092c.avc

    Downloading remote file: base093c.avc

    Downloading remote file: base094c.avc

    Downloading remote file: base095c.avc

    Downloading remote file: base096c.avc

    Downloading remote file: base097c.avc

    Downloading remote file: base098c.avc

    Downloading remote file: dailyc.avc

    Downloading remote file: ext001c.avc

    Downloading remote file: ext002c.avc

    Downloading remote file: ext003c.avc

    Downloading remote file: ext004c.avc

    Downloading remote file: ext005c.avc

    Downloading remote file: ext006c.avc

    Downloading remote file: ext007c.avc

    Downloading remote file: ext008c.avc

    Downloading remote file: ext009c.avc

    Downloading remote file: ext010c.avc

    Downloading remote file: ext011c.avc

    Downloading remote file: daily-ec.avc

    Downloading remote file: base001.avc

    Downloading remote file: base002.avc

    Downloading remote file: base003.avc

    Downloading remote file: base004.avc

    Downloading remote file: base005.avc

    Downloading remote file: base006.avc

    Downloading remote file: base007.avc

    Downloading remote file: base008.avc

    Downloading remote file: base009.avc

    Downloading remote file: base010.avc

    Downloading remote file: base011.avc

    Downloading remote file: base012.avc

    Downloading remote file: base013.avc

    Downloading remote file: base014.avc

    Downloading remote file: base015.avc

    Downloading remote file: base016.avc

    Downloading remote file: base017.avc

    Downloading remote file: base018.avc

    Downloading remote file: base019.avc

    Downloading remote file: base020.avc

    Downloading remote file: base021.avc

    Downloading remote file: base022.avc

    Downloading remote file: base023.avc

    Downloading remote file: base024.avc

    Downloading remote file: base025.avc

    Downloading remote file: base026.avc

    Downloading remote file: base027.avc

    Downloading remote file: base028.avc

    Downloading remote file: base029.avc

    Downloading remote file: base030.avc

    Downloading remote file: base031.avc

    Downloading remote file: base032.avc

    Downloading remote file: base033.avc

    Downloading remote file: base034.avc

    Downloading remote file: base035.avc

    Downloading remote file: base036.avc

    Downloading remote file: base037.avc

    Downloading remote file: base038.avc

    Downloading remote file: base039.avc

    Downloading remote file: base040.avc

    Downloading remote file: base041.avc

    Downloading remote file: base042.avc

    Downloading remote file: base043.avc

    Downloading remote file: base044.avc

    Downloading remote file: base045.avc

    Downloading remote file: base046.avc

    Downloading remote file: base047.avc

    Downloading remote file: base048.avc

    Downloading remote file: base049.avc

    Downloading remote file: base050.avc

    Downloading remote file: base051.avc

    Downloading remote file: base052.avc

    Downloading remote file: base053.avc

    Downloading remote file: base054.avc

    Downloading remote file: base055.avc

    Downloading remote file: base056.avc

    Downloading remote file: base057.avc

    Downloading remote file: base058.avc

    Downloading remote file: base059.avc

    Downloading remote file: base060.avc

    Downloading remote file: base061.avc

    Downloading remote file: base062.avc

    Downloading remote file: base063.avc

    Downloading remote file: base064.avc

    Downloading remote file: base065.avc

    Downloading remote file: base066.avc

    Downloading remote file: base067.avc

    Downloading remote file: base068.avc

    Downloading remote file: base069.avc

    Downloading remote file: base070.avc

    Downloading remote file: base071.avc

    Downloading remote file: base072.avc

    Downloading remote file: base073.avc

    Downloading remote file: base074.avc

    Downloading remote file: base075.avc

    Downloading remote file: base076.avc

    Downloading remote file: base077.avc

    Downloading remote file: base078.avc

    Downloading remote file: base079.avc

    Downloading remote file: base080.avc

    Downloading remote file: base081.avc

    Downloading remote file: base082.avc

    Downloading remote file: base083.avc

    Downloading remote file: base084.avc

    Downloading remote file: base085.avc

    Downloading remote file: base086.avc

    Downloading remote file: base087.avc

    Downloading remote file: base088.avc

    Downloading remote file: base089.avc

    Downloading remote file: base090.avc

    Downloading remote file: base091.avc

    Downloading remote file: base092.avc

    Downloading remote file: base093.avc

    Downloading remote file: base094.avc

    Downloading remote file: base095.avc

    Downloading remote file: base096.avc

    Downloading remote file: base097.avc

    Downloading remote file: base098.avc

    Downloading remote file: base099.avc

    Downloading remote file: base100.avc

    Downloading remote file: base101.avc

    Downloading remote file: base102.avc

    Downloading remote file: base103.avc

    Downloading remote file: base104.avc

    Downloading remote file: base105.avc

    Downloading remote file: base106.avc

    Downloading remote file: base107.avc

    Downloading remote file: base108.avc

    Downloading remote file: base109.avc

    Downloading remote file: base110.avc

    Downloading remote file: base111.avc

    Downloading remote file: base112.avc

    Downloading remote file: base113.avc

    Downloading remote file: base114.avc

    Downloading remote file: base115.avc

    Downloading remote file: base116.avc

    Downloading remote file: base117.avc

    Downloading remote file: base118.avc

    Downloading remote file: base119.avc

    Downloading remote file: base120.avc

    Downloading remote file: base121.avc

    Downloading remote file: base122.avc

    Downloading remote file: base123.avc

    Downloading remote file: base124.avc

    Downloading remote file: base125.avc

    Downloading remote file: base126.avc

    Downloading remote file: base127.avc

    Downloading remote file: base128.avc

    Downloading remote file: base129.avc

    Downloading remote file: base130.avc

    Downloading remote file: base131.avc

    Downloading remote file: base132.avc

    Downloading remote file: base133.avc

    Downloading remote file: base134.avc

    Downloading remote file: base135.avc

    Downloading remote file: base136.avc

    Downloading remote file: base137.avc

    Downloading remote file: base138.avc

    Downloading remote file: base139.avc

    Downloading remote file: base140.avc

    Downloading remote file: base141.avc

    Downloading remote file: base142.avc

    Downloading remote file: base143.avc

    Downloading remote file: base144.avc

    Downloading remote file: base145.avc

    Downloading remote file: base146.avc

    Downloading remote file: base147.avc

    Downloading remote file: base148.avc

    Downloading remote file: base149.avc

    Downloading remote file: base150.avc

    Downloading remote file: base151.avc

    Downloading remote file: base152.avc

    Downloading remote file: base153.avc

    Downloading remote file: base154.avc

    Downloading remote file: base155.avc

    Downloading remote file: base156.avc

    Downloading remote file: base157.avc

    Downloading remote file: base158.avc

    Downloading remote file: base159.avc

    Downloading remote file: base160.avc

    Downloading remote file: base161.avc

    Downloading remote file: base162.avc

    Downloading remote file: base163.avc

    Downloading remote file: base999.avc

    Downloading remote file: unp000.avc

    Downloading remote file: unp001.avc

    Downloading remote file: unp002.avc

    Downloading remote file: unp003.avc

    Downloading remote file: unp004.avc

    Downloading remote file: unp005.avc

    Downloading remote file: unp006.avc

    Downloading remote file: unp007.avc

    Downloading remote file: unp008.avc

    Downloading remote file: unp009.avc

    Downloading remote file: unp010.avc

    Downloading remote file: unp011.avc

    Downloading remote file: unp012.avc

    Downloading remote file: unp013.avc

    Downloading remote file: unp014.avc

    Downloading remote file: unp015.avc

    Downloading remote file: unp016.avc

    Downloading remote file: unp017.avc

    Downloading remote file: unp018.avc

    Downloading remote file: unp019.avc

    Downloading remote file: unp020.avc

    Downloading remote file: unp021.avc

    Downloading remote file: unp022.avc

    Downloading remote file: unp023.avc

    Downloading remote file: unp024.avc

    Downloading remote file: unp025.avc

    Downloading remote file: unp026.avc

    Downloading remote file: unp027.avc

    Downloading remote file: unp028.avc

    Downloading remote file: unp029.avc

    Downloading remote file: unp030.avc

    Downloading remote file: unp031.avc

    Downloading remote file: unp032.avc

    Downloading remote file: unp033.avc

    Downloading remote file: unp034.avc

    Downloading remote file: unp035.avc

    Downloading remote file: unp036.avc

    Downloading remote file: unp037.avc

    Downloading remote file: unp038.avc

    Downloading remote file: unp039.avc

    Downloading remote file: daily.avc

    Downloading remote file: daily-ex.avc

    Downloading remote file: urgent.avc

    Downloading remote file: mail.avc

    Downloading remote file: ext001.avc

    Downloading remote file: ext002.avc

    Downloading remote file: ext003.avc

    Downloading remote file: ext004.avc

    Downloading remote file: ext005.avc

    Downloading remote file: ext006.avc

    Downloading remote file: ext007.avc

    Downloading remote file: ext008.avc

    Downloading remote file: ext009.avc

    Downloading remote file: ext999.avc

    Downloading remote file: gen001.avc

    Downloading remote file: gen002.avc

    Downloading remote file: gen003.avc

    Downloading remote file: gen004.avc

    Downloading remote file: gen005.avc

    Downloading remote file: gen999.avc

    Downloading remote file: ca.avc

    Downloading remote file: fa.avc

    Downloading remote file: eicar.avc

    Downloading remote file: verdicts.ini

    Downloading remote file: engine.dt

    Downloading remote file: engine.cfg

    Downloading remote file: avcmhk5.mhk

    Downloading remote file: black.lst

    Downloading remote file: avp.set

    Downloading remote file: avp_ext.set

    Downloading remote file: avp_x.set

    Downloading remote file: avp.vnd

    Downloading remote file: avp.klb

    Downloading remote file: soft.ver

    Update finished. Ready to scan.

    Next

    Please select a target to scan:

    You can configure the scanning process by pressing "Scan Settings" button.

    Critical Areas

    scan critical areas of your hard disks

    specified in %windir% and %tmp% system variables

    Memory

    scan disk modules of running processes

    My Computer

    scan all your hard and mapped disks

    My Email

    scan all your hard and mapped disks only for the following extensions: *.PST; *.MSG; *.OST; *.MDB; *.DBX; *.EML; *.MBS

    Folders...

    scan selected folders

    A File...

    scan a one file

    Warning: The Kaspersky Online Scanner may not run successfully while any other Anti-Virus software is running. If you have Anti-Virus software installed, please disable your AV protection before running the Kaspersky Online Scanner.

    Selected target: My Computer

    Source: C:\; D:\; E:\; F:\;

    Report is empty.

    Please note: The free Kaspersky Online Scanner does not provide comprehensive protection and cannot prevent future infections. It only detects malware that has already penetrated your storage devices. We strongly recommend that you use a fully-functional antivirus solution to protect your computer at all times.

    Please wait, this process may take a long time depending on the selected target. If you want to continue browsing, open a new window.

    Scan Progress [99%]:

    Total number of scanned objects: 87045

    Number of viruses found: 0

    Number of infected objects: 0

    Number of suspicious objects: 0

    Duration of the scan process: 02:39:04

    Stop Scan

    Get a Free Trial

    Buy Kaspersky Anti-Virus

    Help

    Virus Encyclopedia

    Kaspersky Lab

    Product Info

    You have Kaspersky Online Scanner version 5.0.98.0 installed. The current anti-virus database was released on Wednesday, February 06, 2008 and contains 550815 records.

    System Info

    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)Please wait while the Kaspersky Online Scanner is initializing and updating...

    Copyright © Kaspersky Lab 1997 - 2007

    Portions Copyright © Lan Crypto

    (UNINSTALL LOG)

    Adobe Acrobat - Reader 6.0.2 Update

    Adobe Acrobat and Reader 6.0.3 Update

    Adobe Acrobat and Reader 6.0.4 Update

    Adobe Acrobat and Reader 6.0.5 Update

    Adobe Acrobat Elements 6.0

    Adobe Atmosphere Player for Acrobat and Adobe Reader

    Adobe Flash Player 9 ActiveX

    Adobe Reader 6.0.1

    Adobe Reader 8

    Adobe Reader 8.1.1

    Adobe Shockwave Player

    AnswerWorks 4.0 Runtime - English

    AOL Uninstaller (Choose which Products to Remove)

    Banctec Service Agreement

    Broadcom Management Programs

    Canon Camera Support Core Library

    Canon Camera Window DS for ZoomBrowser EX

    Canon Camera Window DVC for ZoomBrowser EX

    Canon Camera Window for ZoomBrowser EX

    Canon MovieEdit Task for ZoomBrowser EX

    Canon PhotoRecord

    Canon RAW Image Task for ZoomBrowser EX

    Canon RemoteCapture Task for ZoomBrowser EX

    Canon Utilities PhotoStitch 3.1

    Canon ZoomBrowser EX

    Dell Digital Jukebox Driver

    Dell Driver Reset Tool

    Dell Media Experience

    Dell Media Experience Update

    Dell Photo Printer 720

    Dell Picture Studio v3.0

    Dell Support 5.0.0 (630)

    eBay Toolbar

    Family Origins 10.0 Deluxe

    Family Tree Maker 2005

    Family Tree Maker 2006

    FoneSync

    HijackThis 2.0.2

    Hotfix for Windows XP (KB914440)

    Hotfix for Windows XP (KB915865)

    HP PrecisionScan LTX

    HP Share-to-Web

    Intel® 537EP V9x DF PCI Modem

    Intel® Extreme Graphics Driver

    Internet Explorer Default Page

    J2SE Runtime Environment 5.0 Update 10

    J2SE Runtime Environment 5.0 Update 11

    J2SE Runtime Environment 5.0 Update 9

    Jasc Paint Shop Photo Album 5

    Java 2 Runtime Environment, SE v1.4.2_03

    Kaspersky Online Scanner

    Learn2 Player (Uninstall Only)

    Lexmark 5000 Series

    Lexmark Toolbar

    Linksys Wireless-G PCI Adapter

    Macromedia Flash Player

    McAfee SecurityCenter

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 1.1 Hotfix (KB928366)

    Microsoft .NET Framework 2.0

    Microsoft Encarta Encyclopedia Standard 2004

    Microsoft Internationalized Domain Names Mitigation APIs

    Microsoft Location Finder

    Microsoft National Language Support Downlevel APIs

    Microsoft Office Excel Viewer 2003

    Microsoft Office FrontPage 2003

    Microsoft Office Professional Edition 2003

    Microsoft Picture It! Publishing 2001

    Microsoft Plus! Digital Media Edition Installer

    Microsoft Plus! Photo Story 2 LE

    Microsoft Works 2001 Setup Launcher

    Microsoft Works 6.0

    Microsoft Works Suite Add-in for Microsoft Word

    Modem Event Monitor

    Modem Helper

    Modem On Hold

    MSXML 4.0 SP2 (KB927978)

    Musicmatch® Jukebox

    Personal Historian 1.2.1.16

    Photo Click

    Preclick PhotoMovieMaker

    QuickBooks Simple Start Special Edition

    QuickTime

    RealPlayer

    Reel Deal Slots 1.0

    Reel Deal Slots Nickel Alley

    Reel Deal Slots Vol II

    RootsMagic 3.2.4.0

    Security Update for Step By Step Interactive Training (KB898458)

    Security Update for Step By Step Interactive Training (KB923723)

    Security Update for Windows Internet Explorer 7 (KB928090)

    Security Update for Windows Internet Explorer 7 (KB929969)

    Security Update for Windows Internet Explorer 7 (KB938127)

    Security Update for Windows Internet Explorer 7 (KB942615)

    Security Update for Windows Media Player (KB911564)

    Security Update for Windows Media Player 10 (KB911565)

    Security Update for Windows Media Player 10 (KB917734)

    Security Update for Windows Media Player 10 (KB936782)

    Security Update for Windows Media Player 6.4 (KB925398)

    Security Update for Windows XP (KB883939)

    Security Update for Windows XP (KB890046)

    Security Update for Windows XP (KB893756)

    Security Update for Windows XP (KB896358)

    Security Update for Windows XP (KB896422)

    Security Update for Windows XP (KB896423)

    Security Update for Windows XP (KB896424)

    Security Update for Windows XP (KB896428)

    Security Update for Windows XP (KB896688)

    Security Update for Windows XP (KB899587)

    Security Update for Windows XP (KB899588)

    Security Update for Windows XP (KB899591)

    Security Update for Windows XP (KB900725)

    Security Update for Windows XP (KB901017)

    Security Update for Windows XP (KB901190)

    Security Update for Windows XP (KB901214)

    Security Update for Windows XP (KB902400)

    Security Update for Windows XP (KB903235)

    Security Update for Windows XP (KB904706)

    Security Update for Windows XP (KB905414)

    Security Update for Windows XP (KB905749)

    Security Update for Windows XP (KB905915)

    Security Update for Windows XP (KB908519)

    Security Update for Windows XP (KB908531)

    Security Update for Windows XP (KB911280)

    Security Update for Windows XP (KB911562)

    Security Update for Windows XP (KB911567)

    Security Update for Windows XP (KB911927)

    Security Update for Windows XP (KB912812)

    Security Update for Windows XP (KB912919)

    Security Update for Windows XP (KB913446)

    Security Update for Windows XP (KB913580)

    Security Update for Windows XP (KB914388)

    Security Update for Windows XP (KB914389)

    Security Update for Windows XP (KB916281)

    Security Update for Windows XP (KB917159)

    Security Update for Windows XP (KB917344)

    Security Update for Windows XP (KB917422)

    Security Update for Windows XP (KB917953)

    Security Update for Windows XP (KB918118)

    Security Update for Windows XP (KB918439)

    Security Update for Windows XP (KB918899)

    Security Update for Windows XP (KB919007)

    Security Update for Windows XP (KB920213)

    Security Update for Windows XP (KB920214)

    Security Update for Windows XP (KB920670)

    Security Update for Windows XP (KB920683)

    Security Update for Windows XP (KB920685)

    Security Update for Windows XP (KB921398)

    Security Update for Windows XP (KB921503)

    Security Update for Windows XP (KB921883)

    Security Update for Windows XP (KB922616)

    Security Update for Windows XP (KB922760)

    Security Update for Windows XP (KB922819)

    Security Update for Windows XP (KB923191)

    Security Update for Windows XP (KB923414)

    Security Update for Windows XP (KB923689)

    Security Update for Windows XP (KB923694)

    Security Update for Windows XP (KB923980)

    Security Update for Windows XP (KB924191)

    Security Update for Windows XP (KB924270)

    Security Update for Windows XP (KB924496)

    Security Update for Windows XP (KB924667)

    Security Update for Windows XP (KB925454)

    Security Update for Windows XP (KB925486)

    Security Update for Windows XP (KB925902)

    Security Update for Windows XP (KB926255)

    Security Update for Windows XP (KB926436)

    Security Update for Windows XP (KB927779)

    Security Update for Windows XP (KB927802)

    Security Update for Windows XP (KB928255)

    Security Update for Windows XP (KB928843)

    Security Update for Windows XP (KB929123)

    Security Update for Windows XP (KB930178)

    Security Update for Windows XP (KB931261)

    Security Update for Windows XP (KB931784)

    Security Update for Windows XP (KB932168)

    Security Update for Windows XP (KB933729)

    Security Update for Windows XP (KB935839)

    Security Update for Windows XP (KB935840)

    Security Update for Windows XP (KB936021)

    Security Update for Windows XP (KB938829)

    Security Update for Windows XP (KB941202)

    Security Update for Windows XP (KB941568)

    Security Update for Windows XP (KB941569)

    Security Update for Windows XP (KB941644)

    Security Update for Windows XP (KB943460)

    Security Update for Windows XP (KB943485)

    Security Update for Windows XP (KB944653)

    Shockwave

    Sonic DLA

    Sonic RecordNow!

    Sonic Update Manager

    TurboTax Basic 2005

    TurboTax Deluxe Deduction Maximizer 2006

    TurboTax Home & Business 2007

    TurboTax ItsDeductible 2006

    Update for Windows XP (KB894391)

    Update for Windows XP (KB896727)

    Update for Windows XP (KB898461)

    Update for Windows XP (KB900485)

    Update for Windows XP (KB904942)

    Update for Windows XP (KB910437)

    Update for Windows XP (KB916595)

    Update for Windows XP (KB920872)

    Update for Windows XP (KB922582)

    Update for Windows XP (KB927891)

    Update for Windows XP (KB929338)

    Update for Windows XP (KB930916)

    Update for Windows XP (KB931836)

    Update for Windows XP (KB936357)

    Update for Windows XP (KB938828)

    Update for Windows XP (KB942763)

    Wal-Mart Digital Photo Manager

    WebCyberCoach 3.2 Dell

    Windows Installer 3.1 (KB893803)

    Windows Installer 3.1 (KB893803)

    Windows Internet Explorer 7

    Windows Media Format Runtime

    Windows Media Player 10

    Windows Media Player 10

    Windows XP Hotfix - KB834707

    Windows XP Hotfix - KB867282

    Windows XP Hotfix - KB873333

    Windows XP Hotfix - KB873339

    Windows XP Hotfix - KB885250

    Windows XP Hotfix - KB885835

    Windows XP Hotfix - KB885836

    Windows XP Hotfix - KB886185

    Windows XP Hotfix - KB887472

    Windows XP Hotfix - KB887742

    Windows XP Hotfix - KB888113

    Windows XP Hotfix - KB888302

    Windows XP Hotfix - KB890047

    Windows XP Hotfix - KB890175

    Windows XP Hotfix - KB890859

    Windows XP Hotfix - KB890923

    Windows XP Hotfix - KB891781

    Windows XP Hotfix - KB893066

    Windows XP Hotfix - KB893086

    WordPerfect Office 12

    Cheryl

  3. Let's see what weneed to do with this computer.

    Download ComboFix from one of the locations below, and save it to your Desktop.

    Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.

    When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

    Note: Do not mouseclick combofix's window while its running. That may cause it to stall

    -Ryan

    Ryan, Here is the combo fix and the hijack this logs.

    ComboFix 08-02.05.3 - Cheryl Eckenroth 2008-02-05 17:10:55.1 - NTFSx86

    Running from: C:\Documents and Settings\Cheryl Eckenroth\Desktop\ComboFix.exe

    * Created a new restore point

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    C:\Program Files\FunWebProducts

    C:\Program Files\FunWebProducts\Shared\00B41040.dat

    C:\WINDOWS\system32\bszip.dll

    C:\WINDOWS\system32\drivers\fad.sys

    .

    ((((((((((((((((((((((((( Files Created from 2008-01-05 to 2008-02-05 )))))))))))))))))))))))))))))))

    .

    2008-02-05 10:41 . 2008-02-05 10:41 <DIR> d-------- C:\WINDOWS\LastGood

    2008-01-31 14:23 . 2007-01-08 19:07 991,232 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui

    2008-01-28 14:03 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui

    2008-01-28 14:03 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui

    2008-01-28 14:03 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui

    2008-01-28 14:03 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui

    2008-01-28 14:01 . 2008-01-28 14:01 <DIR> d-------- C:\Documents and Settings\Cheryl Eckenroth\Application Data\Lexmark Productivity Studio

    2008-01-26 13:38 . 2008-01-26 13:38 <DIR> d-------- C:\Documents and Settings\Cheryl Eckenroth\Application Data\5000 Series

    2008-01-24 15:50 . 2008-01-24 15:50 <DIR> d-------- C:\Program Files\Lexmark Toolbar

    2008-01-24 15:48 . 2008-02-05 12:05 <DIR> d-------- C:\Documents and Settings\All Users\lx_cats

    2008-01-24 14:12 . 2008-01-24 14:12 <DIR> d-------- C:\logs

    2008-01-24 14:10 . 2007-05-03 22:50 348,160 --a------ C:\WINDOWS\system32\lxdmcoin.dll

    2008-01-24 14:10 . 2006-08-01 08:53 40,960 --a------ C:\WINDOWS\system32\lxdmvs.dll

    2008-01-24 14:07 . 2001-08-17 22:36 87,040 --a------ C:\WINDOWS\system32\wiafbdrv.dll

    2008-01-24 14:07 . 2001-08-17 22:36 87,040 --a------ C:\WINDOWS\system32\dllcache\wiafbdrv.dll

    2008-01-24 14:06 . 2008-01-24 14:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\5000 Series

    2008-01-24 14:02 . 2006-11-09 10:11 1,645,320 --a------ C:\WINDOWS\system32\gdiplus.dll

    2008-01-24 13:47 . 2008-01-24 14:07 <DIR> d-------- C:\Program Files\Lexmark 5000 Series

    2008-01-24 13:47 . 2008-01-24 14:12 88,332 --a------ C:\WINDOWS\system32\LexFiles.ulf

    2008-01-24 13:47 . 2007-05-04 07:53 77,906 --a------ C:\WINDOWS\system32\lxdmcfg.dll

    2008-01-24 13:47 . 2007-06-08 03:46 1,813 --a------ C:\WINDOWS\system32\lxdm.loc

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2008-02-05 15:41 --------- d-----w C:\Program Files\McAfee

    2008-02-04 23:10 --------- d-----w C:\Program Files\RootsMagic

    2008-01-31 16:43 --------- d-----w C:\Documents and Settings\Cheryl Eckenroth\Application Data\Intuit

    2008-01-31 16:34 --------- d--h--w C:\Program Files\InstallShield Installation Information

    2008-01-31 16:34 --------- d-----w C:\Program Files\Common Files\AnswerWorks 4.0

    2008-01-31 16:28 --------- d-----w C:\Program Files\TurboTax

    2008-01-31 16:11 --------- d-----w C:\Program Files\SiteAdvisor

    2008-01-31 14:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor

    2008-01-03 19:22 --------- d-----w C:\Program Files\Yahoo! Games

    2005-08-13 22:11 774,144 -c--a-w C:\Program Files\RngInterstitial.dll

    2005-03-31 01:42 487,424 -c--a-w C:\Documents and Settings\Cheryl Eckenroth\chatlnk.exe

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]

    "Microsoft Location Finder"="C:\Program Files\Microsoft Location Finder\LocationFinder.exe" [2005-11-05 21:25 101064]

    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 21:42 1404928]

    "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-21 23:48 155648]

    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-21 23:44 126976]

    "IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 21:12 221184]

    "UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 02:01 110592]

    "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-11-16 01:05 127035]

    "eBayToolbar"="C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [2005-05-31 09:43 370288]

    "MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe" [2007-01-17 15:30 152144]

    "SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2006-12-19 21:37 36952]

    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 03:23 75520]

    "AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 07:50 71216]

    "HostManager"="C:\Program Files\Common Files\AOL\1172365522\ee\AOLSoftware.exe" [2006-09-25 19:52 50736]

    "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [ ]

    "lxdmmon.exe"="C:\Program Files\Lexmark 5000 Series\lxdmmon.exe" [2007-07-06 11:53 455344]

    "lxdmamon"="C:\Program Files\Lexmark 5000 Series\lxdmamon.exe" [2007-06-01 15:06 20480]

    "Lexmark 5000 Series Fax Server"="C:\Program Files\Lexmark 5000 Series\fm3032.exe" [2007-07-06 11:54 307888]

    "mmtask"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 13:03 53248]

    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2006-10-23 01:48 40048]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

    Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-07-30 03:52:00 217195]

    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:20 40048]

    Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2007-05-11 00:29:22 738968]

    R2 lxdm_device;lxdm_device;C:\WINDOWS\system32\lxdmcoms.exe [2007-06-08 04:05]

    S2 lxdmCATSCustConnectService;lxdmCATSCustConnectService;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdmserv.exe [2007-06-08 04:05]

    *Newly Created Service* - GTNDIS5

    .

    Contents of the 'Scheduled Tasks' folder

    "2007-01-18 02:57:30 C:\WINDOWS\Tasks\McDefragTask.job"

    - c:\program files\mcafee\mqc\QcConsol.exe'

    "2007-01-18 02:57:20 C:\WINDOWS\Tasks\McQcTask.job"

    - c:\program files\mcafee\mqc\QcConsol.exe

    .

    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2008-02-05 17:21:20

    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully

    hidden files: 0

    **************************************************************************

    .

    Completion time: 2008-02-05 17:26:29

    ComboFix-quarantined-files.txt 2008-02-05 22:26:22

    .

    2008-01-31 22:19:19 --- E O F ---

    (HIJACK THIS LOG)

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 5:31:32 PM, on 2/5/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\LEXBCES.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\system32\LEXPPS.EXE

    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

    C:\Program Files\Analog Devices\Core\smax4pnp.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

    C:\WINDOWS\system32\dla\tfswctrl.exe

    C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

    C:\Program Files\McAfee\MSK\MskAgent.exe

    C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

    C:\Program Files\Common Files\AOL\1172365522\ee\AOLSoftware.exe

    C:\Program Files\Lexmark 5000 Series\lxdmmon.exe

    C:\Program Files\Lexmark 5000 Series\lxdmamon.exe

    C:\WINDOWS\system32\lxdmcoms.exe

    C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

    C:\Program Files\Microsoft Location Finder\LocationFinder.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    c:\program files\common files\mcafee\mna\mcnasvc.exe

    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    C:\Program Files\McAfee\MPF\MPFSrv.exe

    c:\PROGRA~1\mcafee.com\agent\mcagent.exe

    C:\PROGRA~1\McAfee\MPS\mps.exe

    C:\Program Files\McAfee\MSK\MskSrver.exe

    C:\Program Files\SiteAdvisor\6253\SAService.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\wanmpsvc.exe

    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

    C:\Program Files\McAfee\MPS\mpsevh.exe

    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\system32\fxssvc.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\WISPTIS.EXE

    C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\WINDOWS\explorer.exe

    C:\Documents and Settings\Cheryl Eckenroth\Desktop\HJTInstall.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/isapi.dll?c=home&f=default

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

    O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll (file missing)

    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll

    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll (file missing)

    O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

    O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

    O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

    O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

    O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

    O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

    O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe

    O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1172365522\ee\AOLSoftware.exe

    O4 - HKLM\..\Run: [lxdmmon.exe] "C:\Program Files\Lexmark 5000 Series\lxdmmon.exe"

    O4 - HKLM\..\Run: [lxdmamon] "C:\Program Files\Lexmark 5000 Series\lxdmamon.exe"

    O4 - HKLM\..\Run: [Lexmark 5000 Series Fax Server] "C:\Program Files\Lexmark 5000 Series\fm3032.exe" /s

    O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

    O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe

    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxmk762MAUS

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)

    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)

    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)

    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O15 - Trusted Zone: http://www.amazon.com

    O15 - Trusted Zone: http://www.ancestry.com

    O15 - Trusted Zone: http://www.genealogy.com

    O15 - Trusted Zone: http://www.ivwnetwork.com

    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab

    O23 - Service: McAfee Application Installer Cleanup (0306531202226137) (0306531202226137mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP30653~1.EXE (file missing)

    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

    O23 - Service: lxdmCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdmserv.exe

    O23 - Service: lxdm_device - - C:\WINDOWS\system32\lxdmcoms.exe

    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe

    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe

    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe

    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

    O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe

    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

    O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe

    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

    --

    End of file - 11810 bytes

    Cheryl

  4. Ryan,

    My desktop is running really slow opening and running programs, especially on start up. It takes forever to boot up. There may be things running in the back ground that probably shouldn't be there. Also my e-mail is slow on starting up also.

    Attached is the hijackthis log.

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 12:08:31 PM, on 2/4/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\LEXBCES.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\system32\LEXPPS.EXE

    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

    C:\Program Files\Analog Devices\Core\smax4pnp.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

    C:\WINDOWS\system32\lxdmcoms.exe

    C:\WINDOWS\system32\dla\tfswctrl.exe

    C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

    C:\Program Files\McAfee\MSK\MskAgent.exe

    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

    C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

    C:\Program Files\Common Files\AOL\1172365522\ee\AOLSoftware.exe

    C:\Program Files\Lexmark 5000 Series\lxdmmon.exe

    C:\Program Files\Lexmark 5000 Series\lxdmamon.exe

    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

    C:\Program Files\Microsoft Location Finder\LocationFinder.exe

    C:\WINDOWS\system32\ctfmon.exe

    c:\program files\common files\mcafee\mna\mcnasvc.exe

    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    c:\PROGRA~1\mcafee.com\agent\mcagent.exe

    C:\Program Files\McAfee\MPF\MPFSrv.exe

    C:\PROGRA~1\McAfee\MPS\mps.exe

    C:\Program Files\McAfee\MSK\MskSrver.exe

    C:\Program Files\SiteAdvisor\6253\SAService.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\wanmpsvc.exe

    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\McAfee\MPS\mpsevh.exe

    C:\Program Files\Outlook Express\msimn.exe

    C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe

    C:\Program Files\RootsMagic\RootsMagic.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Documents and Settings\Cheryl Eckenroth\Desktop\HJTInstall.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/isapi.dll?c=home&f=default

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

    O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll (file missing)

    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll

    O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll

    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll (file missing)

    O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

    O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

    O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

    O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

    O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

    O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

    O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe

    O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1172365522\ee\AOLSoftware.exe

    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

    O4 - HKLM\..\Run: [lxdmmon.exe] "C:\Program Files\Lexmark 5000 Series\lxdmmon.exe"

    O4 - HKLM\..\Run: [lxdmamon] "C:\Program Files\Lexmark 5000 Series\lxdmamon.exe"

    O4 - HKLM\..\Run: [Lexmark 5000 Series Fax Server] "C:\Program Files\Lexmark 5000 Series\fm3032.exe" /s

    O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

    O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe

    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxmk762MAUS

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)

    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)

    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)

    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O15 - Trusted Zone: http://www.amazon.com

    O15 - Trusted Zone: http://www.ancestry.com

    O15 - Trusted Zone: http://www.genealogy.com

    O15 - Trusted Zone: http://www.ivwnetwork.com

    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab

    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

    O23 - Service: lxdmCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdmserv.exe

    O23 - Service: lxdm_device - - C:\WINDOWS\system32\lxdmcoms.exe

    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe

    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe

    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe

    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

    O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe

    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

    O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe

    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

    --

    End of file - 11818 bytes

  5. Please go to Add/Remove Programs in the Control Panel, and remove the following programs
    • Java 2 Runtime Environment, SE v1.4.2_03

    Delete the folloing folder: C:\Program Files\Video ActiveX Access\

    Open HiJack This and scan. When it finishes, put an X in the box next to these following item

    O3 - Toolbar: (no name) - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - (no file)

    Close all open windows except for HiJack This and click fix checked.

    Reboot your computer.

    Please go to THIS page, and click on the Download link that is in the Java Runtime Environment (JRE) 6 section.

    Click the radio button next to Accept License Agreement after reviewing it. The page will refresh - this is normal.

    Download the Windows Offline Installation, Multi-language. You will want to save this to a location you will remember.

    Once it has finished downloading, double click it, and follow the prompts to install.

    If it asks to reboot, select Yes.

    How is the computer running?

    -Ryan

    It's running a lot faster thank you and no more pop ups. I love it. This is for my laptop.

    However, my main desktop is running really slow on start up and all the time. Would you be able to help me with that too or do I need to start a new topic?

    I haven't really used that one in about 1 year because I haven't had the internet hooked up to that one in my new home, but now I do and would like to get that one running faster also.

    Thanks again.

    Cheryl

  6. Please post a new HiJack This log, as well as an Uninstall List.

    To obtain an Uninstall list.

    • Open HijackThis, click Config, click Misc Tools
      Click "Open Uninstall Manager"
      Click "Save List" (generates uninstall_list.txt)

    -Ryan

    here's the new hijackthis log

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 4:10:40 PM, on 2/2/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

    C:\WINDOWS\system32\dlbccoms.exe

    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    c:\program files\common files\mcafee\mna\mcnasvc.exe

    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    C:\Program Files\McAfee\MPF\MPFSrv.exe

    C:\Program Files\McAfee\MSK\MskSrver.exe

    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe

    C:\WINDOWS\system32\tcpsvcs.exe

    C:\WINDOWS\System32\snmp.exe

    C:\Program Files\Dell Support Center\bin\sprtsvc.exe

    C:\WINDOWS\system32\svchost.exe

    C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\igfxpers.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

    C:\WINDOWS\stsystra.exe

    C:\Program Files\Dell\QuickSet\quickset.exe

    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

    C:\WINDOWS\system32\igfxsrvc.exe

    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

    C:\Program Files\QuickTime\qttask.exe

    C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe

    C:\Program Files\NetWaiting\netWaiting.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\DellSupport\DSAgnt.exe

    C:\Program Files\Dell Support Center\bin\sprtcmd.exe

    C:\Program Files\Digital Line Detect\DLG.exe

    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe

    C:\WINDOWS\System32\svchost.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    C:\Program Files\Outlook Express\msimn.exe

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\Documents and Settings\Cheryl E\Desktop\HJTInstall.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/isapi.dll?c=site&a...in&siteid=*

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll

    O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)

    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

    O3 - Toolbar: (no name) - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - (no file)

    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

    O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

    O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

    O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

    O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"

    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

    O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe

    O4 - Global Startup: Digital Line Detect.lnk = ?

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O15 - Trusted Zone: http://oft.myfamily.com

    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab

    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://playgames.comcast.net/Gameshell/Gam...ronGameHost.cab

    O23 - Service: McAfee Application Installer Cleanup (0017431201966425) (0017431201966425mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP01743~1.EXE

    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

    O23 - Service: dlbc_device - - C:\WINDOWS\system32\dlbccoms.exe

    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe

    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

    O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --

    End of file - 9390 bytes

  7. Please post a new HiJack This log, as well as an Uninstall List.

    To obtain an Uninstall list.

    • Open HijackThis, click Config, click Misc Tools
      Click "Open Uninstall Manager"
      Click "Save List" (generates uninstall_list.txt)

    -Ryan

    Sorry, here it is.

    Adobe Flash Player ActiveX

    Adobe Photoshop Elements 6.0

    Adobe Reader 8.1.1

    Adobe Shockwave Player

    America Online (Choose which version to remove)

    AOL Coach Version 1.0(Build:20040229.1 en)

    AOL Connectivity Services

    AOLIcon

    Broadcom Management Programs

    Canon Camera Support Core Library

    Canon Camera Window DS for ZoomBrowser EX

    Canon Camera Window DVC for ZoomBrowser EX

    Canon Camera Window for ZoomBrowser EX

    Canon MovieEdit Task for ZoomBrowser EX

    Canon PhotoRecord

    Canon RAW Image Task for ZoomBrowser EX

    Canon RemoteCapture Task for ZoomBrowser EX

    Canon Utilities PhotoStitch 3.1

    Canon ZoomBrowser EX

    Charting Companion for Family Tree Maker

    Conexant HDA D110 MDC V.92 Modem

    Corel Photo Album 6

    Dell Digital Jukebox Driver

    Dell Driver Reset Tool

    Dell Game Console

    Dell Support Center

    DellSupport

    Digital Content Portal

    Digital Line Detect

    Documentation & Support Launcher

    Dream Day Wedding

    ELIcon

    Family Origins 10.0 Deluxe

    Family Tree Maker 2006

    Games, Music, & Photos Launcher

    Ghost Town

    Hidden Expedition Everest

    High Definition Audio Driver Package - KB835221

    HijackThis 2.0.2

    Hotfix for Windows Media Format 11 SDK (KB929399)

    Hotfix for Windows Media Player 11 (KB939683)

    Hotfix for Windows XP (KB915865)

    Hotfix for Windows XP (KB926239)

    Intel® Graphics Media Accelerator Driver for Mobile

    Intel® PROSet/Wireless Software

    Java 2 Runtime Environment, SE v1.4.2_03

    Learn2 Player (Uninstall Only)

    Little Shop Of Treasures Free Trial

    Magellan RoadMate POI Manager

    Masque Slots featuring WMS Gaming

    Masque Slots II

    McAfee SecurityCenter

    McAfee Uninstaller

    mCore

    MCU

    mDrWiFi

    mHlpDell

    Microsoft .NET Framework (English) v1.0.3705

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 1.1 Hotfix (KB928366)

    Microsoft Compression Client Pack 1.0 for Windows XP

    Microsoft Digital Image Standard 2006

    Microsoft Encarta Encyclopedia Standard 2006

    Microsoft Internationalized Domain Names Mitigation APIs

    Microsoft Money 2006

    Microsoft National Language Support Downlevel APIs

    Microsoft Office Excel Viewer 2003

    Microsoft Office Professional Edition 2003

    Microsoft Plus! Digital Media Edition Installer

    Microsoft Plus! Photo Story 2 LE

    Microsoft Streets & Trips 2006

    Microsoft User-Mode Driver Framework Feature Pack 1.0

    Microsoft Works

    Microsoft Works Suite 2006 Setup Launcher

    Microsoft Works Suite Add-in for Microsoft Word

    mIWA

    mIWCA

    mLogView

    mMHouse

    Modem Helper

    Monopoly Here & Now Edition Free Trial

    mPfMgr

    mPfWiz

    mProSafe

    mSSO

    MSXML 4.0 SP2 (KB927978)

    MSXML 4.0 SP2 (KB936181)

    mToolkit

    Musicmatch for Windows Media Player

    Musicmatch® Jukebox

    mWlsSafe

    mXML

    Mystery Case Files Prime Suspects Free Trial

    mZConfig

    NetWaiting

    PowerDVD 5.5

    QuickSet

    QuickTime

    RealArcade

    RealPlayer

    Reel Deal Card Games

    Reel Deal Slots Nickel Alley

    RootsMagic 3.2.5.0

    Search Assist

    Security Update for Step By Step Interactive Training (KB898458)

    Security Update for Step By Step Interactive Training (KB923723)

    Security Update for Windows Internet Explorer 7 (KB928090)

    Security Update for Windows Internet Explorer 7 (KB929969)

    Security Update for Windows Internet Explorer 7 (KB931768)

    Security Update for Windows Internet Explorer 7 (KB933566)

    Security Update for Windows Internet Explorer 7 (KB937143)

    Security Update for Windows Internet Explorer 7 (KB938127)

    Security Update for Windows Internet Explorer 7 (KB939653)

    Security Update for Windows Internet Explorer 7 (KB942615)

    Security Update for Windows Media Player (KB911564)

    Security Update for Windows Media Player 10 (KB917734)

    Security Update for Windows Media Player 11 (KB936782)

    Security Update for Windows Media Player 6.4 (KB925398)

    Security Update for Windows XP (KB890046)

    Security Update for Windows XP (KB893756)

    Security Update for Windows XP (KB896428)

    Security Update for Windows XP (KB899587)

    Security Update for Windows XP (KB900725)

    Security Update for Windows XP (KB901017)

    Security Update for Windows XP (KB902400)

    Security Update for Windows XP (KB905414)

    Security Update for Windows XP (KB905749)

    Security Update for Windows XP (KB911567)

    Security Update for Windows XP (KB911927)

    Security Update for Windows XP (KB913580)

    Security Update for Windows XP (KB914388)

    Security Update for Windows XP (KB914389)

    Security Update for Windows XP (KB916281)

    Security Update for Windows XP (KB917159)

    Security Update for Windows XP (KB917422)

    Security Update for Windows XP (KB917953)

    Security Update for Windows XP (KB918118)

    Security Update for Windows XP (KB918899)

    Security Update for Windows XP (KB919007)

    Security Update for Windows XP (KB920213)

    Security Update for Windows XP (KB920214)

    Security Update for Windows XP (KB920670)

    Security Update for Windows XP (KB920683)

    Security Update for Windows XP (KB920685)

    Security Update for Windows XP (KB921398)

    Security Update for Windows XP (KB921503)

    Security Update for Windows XP (KB921883)

    Security Update for Windows XP (KB922616)

    Security Update for Windows XP (KB922760)

    Security Update for Windows XP (KB922819)

    Security Update for Windows XP (KB923191)

    Security Update for Windows XP (KB923414)

    Security Update for Windows XP (KB923689)

    Security Update for Windows XP (KB923694)

    Security Update for Windows XP (KB923980)

    Security Update for Windows XP (KB924191)

    Security Update for Windows XP (KB924270)

    Security Update for Windows XP (KB924496)

    Security Update for Windows XP (KB924667)

    Security Update for Windows XP (KB925486)

    Security Update for Windows XP (KB925902)

    Security Update for Windows XP (KB926247)

    Security Update for Windows XP (KB926255)

    Security Update for Windows XP (KB926436)

    Security Update for Windows XP (KB927779)

    Security Update for Windows XP (KB927802)

    Security Update for Windows XP (KB928255)

    Security Update for Windows XP (KB928843)

    Security Update for Windows XP (KB929123)

    Security Update for Windows XP (KB930178)

    Security Update for Windows XP (KB931261)

    Security Update for Windows XP (KB931784)

    Security Update for Windows XP (KB932168)

    Security Update for Windows XP (KB933729)

    Security Update for Windows XP (KB935839)

    Security Update for Windows XP (KB935840)

    Security Update for Windows XP (KB936021)

    Security Update for Windows XP (KB938829)

    Security Update for Windows XP (KB941202)

    Security Update for Windows XP (KB941568)

    Security Update for Windows XP (KB941569)

    Security Update for Windows XP (KB941644)

    Security Update for Windows XP (KB943460)

    Security Update for Windows XP (KB943485)

    Security Update for Windows XP (KB944653)

    Serif MediaPlus 2.0

    Serif PhotoPlus 9.0

    Serif PhotoPlus Association File Formats

    Spelling Dictionaries Support For Adobe Reader 8

    Synaptics Pointing Device Driver

    Update for Windows XP (KB894391)

    Update for Windows XP (KB898461)

    Update for Windows XP (KB900485)

    Update for Windows XP (KB908531)

    Update for Windows XP (KB910437)

    Update for Windows XP (KB911280)

    Update for Windows XP (KB916595)

    Update for Windows XP (KB920872)

    Update for Windows XP (KB922582)

    Update for Windows XP (KB927891)

    Update for Windows XP (KB929338)

    Update for Windows XP (KB930916)

    Update for Windows XP (KB931836)

    Update for Windows XP (KB933360)

    Update for Windows XP (KB936357)

    Update for Windows XP (KB938828)

    Update for Windows XP (KB942763)

    URL Assistant

    Viewpoint Media Player

    WebCyberCoach 3.2 Dell

    WildTangent Web Driver

    Windows Internet Explorer 7

    Windows Media Format 11 runtime

    Windows Media Format 11 runtime

    Windows Media Player 10

    Windows Media Player 11

    Windows Media Player 11

    Windows XP Hotfix - KB885836

    Windows XP Hotfix - KB885884

    Windows XP Hotfix - KB886185

    Windows XP Hotfix - KB888302

    Windows XP Hotfix - KB890859

    Cheryl

  8. Go to Microsoft's website => http://support.microsoft.com/kb/310994

    Select the download that's appropriate for your Operating System.

    Download the file & save it as it's originally named, next to ComboFix.exe.

    Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console. When complete, a log named CF_RC.txt will open. Please post the contents of that log.

    Please do not reboot your machine until we have reviewed the log.

    -Ryan

    Ryan here is the CF_RC.txt

    WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

    [boot loader]

    timeout=2

    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

    [operating systems]

    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

    C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

    Cheryl

  9. Please download ComboFix from Here

    1. Please open Notepad

    • Click Start , then Run
    • Type notepad .exe in the Run Box.

    2. Now copy/paste the entire content of the codebox below into the Notepad window:

    File::

    C:\WINDOWS\system32\tknxtkyt.dll

    C:\WINDOWS\system32\jvjsbtaa.dll

    C:\WINDOWS\system32\nedhywxp.dll

    C:\WINDOWS\system32\nvrlhtea.dll

    C:\WINDOWS\system32\hadtpgkb.dll

    C:\WINDOWS\system32\yvmofhsr.dll

    C:\WINDOWS\system32\tycwinht.dll

    C:\WINDOWS\system32\kfhkqonl.dll

    C:\WINDOWS\system32\kcqpcjqg.dll

    C:\WINDOWS\system32\cmwvbjst.dll

    C:\WINDOWS\system32\upvjdprl.dll

    C:\WINDOWS\system32\tdfjcvih.dll

    C:\WINDOWS\system32\jebwnrug.dll

    C:\WINDOWS\system32\ocdhdiln.dll

    C:\WINDOWS\system32\wwemtkkn.dll

    C:\WINDOWS\system32\bxrrqulo.dll

    C:\WINDOWS\system32\lfsiywvq.dll

    C:\WINDOWS\system32\ytslmxmx.dll

    C:\WINDOWS\system32\hajiqjyv.dll

    C:\WINDOWS\system32\vlvpmweb.dll

    C:\WINDOWS\system32\crwghygk.dll

    C:\WINDOWS\system32\rylqwaco.dll

    C:\WINDOWS\system32\hedgdemj.dll

    C:\WINDOWS\system32\cwxdqmdm.dll

    C:\WINDOWS\system32\lugqphbc.dll

    C:\WINDOWS\system32\busgbolg.dll

    C:\WINDOWS\system32\rumcundk.dll

    C:\WINDOWS\system32\rtilygud.dll

    C:\WINDOWS\system32\euyeyeje.dll

    C:\WINDOWS\system32\buwfnlwo.dll

    C:\WINDOWS\system32\edseddni.dll

    C:\WINDOWS\system32\wkxotgrq.dll

    C:\WINDOWS\system32\ykhygjcd.dll

    C:\WINDOWS\system32\odllptdf.dll

    C:\WINDOWS\system32\iipptmqp.dll

    C:\WINDOWS\system32\cblecirm.dll

    C:\WINDOWS\system32\kelxnybn.dll

    C:\WINDOWS\system32\nweyfmej.dll

    C:\WINDOWS\system32\huiargcr.dll

    C:\WINDOWS\system32\jsdklrhk.dll

    C:\WINDOWS\system32\fjarcncs.dll

    C:\WINDOWS\system32\dbaojmoq.dll

    C:\WINDOWS\system32\nwerygcr.dll

    C:\WINDOWS\system32\xrlfvwcg.dll

    C:\WINDOWS\system32\sdhbvdvc.dll

    C:\WINDOWS\system32\oooglsoe.dll

    C:\WINDOWS\system32\dyownbbx.dll

    C:\WINDOWS\system32\epwilern.dll

    C:\WINDOWS\system32\qstwa.ini2

    C:\WINDOWS\system32\mipaotxf.dll

    C:\WINDOWS\system32\vvpqrwij.dll

    C:\WINDOWS\system32\dpfhwtge.dll

    C:\WINDOWS\system32\tfmsdqyu.dll

    C:\WINDOWS\system32\qjndhotx.dll

    C:\WINDOWS\system32\hlsjfilx.dll

    C:\WINDOWS\system32\kprrekwj.dll

    C:\WINDOWS\system32\dpaicwaf.dll

    C:\WINDOWS\system32\sjoffkwi.dll

    C:\WINDOWS\system32\deceriyc.dll

    C:\WINDOWS\system32\moisplqx.dll

    C:\WINDOWS\system32\qohrltaf.dll

    C:\WINDOWS\system32\hvnxegpq.dll

    C:\WINDOWS\system32\awtsq.dll

    C:\WINDOWS\system32\xxyyawu.dll

    C:\WINDOWS\system32\jvjsbtaa.dll

    C:\WINDOWS\system32\awtsq.dll

    C:\WINDOWS\system32\xxyyawu.dll

    Folder::

    C:\Program Files\Video ActiveX Access\

    Registry::

    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18680aa7-e6a6-476b-b2d8-7eb7562cb749}]

    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyyawu]

    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8}]

    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{97EA1386-089F-47CF-8A76-5BB39088C26F}]

    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF64059D-4D2A-4D6B-AA0F-2EE4A2FE3856}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "2c02873d"=-

    "BM2f31b4a1"=-

    3. Save the above as CFScript.txt

    4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

    CFScript.gif

    5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

    • Combofix.txt
    • A new HijackThis log.

    -Ryan

    Ryan, Here is the combofix text

    ComboFix 08-02.01.6 - Cheryl E 2008-02-01 16:32:37.1 - NTFSx86

    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.125 [GMT -5:00]

    Running from: C:\Documents and Settings\Cheryl E\Local Settings\Temporary Internet Files\Content.IE5\59JQCWPV\ComboFix[1].exe

    * Created a new restore point

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    C:\WINDOWS\system32\awtsq.dll

    C:\WINDOWS\system32\xxyyawu.dll

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

    C:\Documents and Settings\All Users\Application Data\SystemDoctor Free

    C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\Abbr

    C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ActivationCode

    C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\HOURS

    C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ProductCode

    C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007

    C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\Abbr

    C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\ActivationCode

    C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\ProductCode

    C:\Documents and Settings\Cheryl E\Application Data\DriveCleaner Free

    C:\Documents and Settings\Cheryl E\Application Data\DriveCleaner Free\Logs\update.log

    C:\Documents and Settings\Cheryl E\Application Data\WinAntiVirus Pro 2007

    C:\Documents and Settings\Cheryl E\Application Data\WinAntiVirus Pro 2007\avtasks.dat

    C:\Documents and Settings\Cheryl E\Application Data\WinAntiVirus Pro 2007\CookieList.dat

    C:\Documents and Settings\Cheryl E\Application Data\WinAntiVirus Pro 2007\history.db

    C:\Documents and Settings\Cheryl E\Application Data\WinAntiVirus Pro 2007\Logs\update.log

    C:\Documents and Settings\Cheryl E\Application Data\WinAntiVirus Pro 2007\Logs\wa7Support.log

    C:\Documents and Settings\Cheryl E\Application Data\WinAntiVirus Pro 2007\Logs\winav.log

    C:\Documents and Settings\Cheryl E\Application Data\WinAntiVirus Pro 2007\PGE.dat

    C:\Documents and Settings\Cheryl E\err.log

    C:\Documents and Settings\Cheryl E\ResErrors.log

    C:\Program Files\Common Files\companion wizard

    C:\Program Files\Common Files\Companion Wizard\compwiz.exe

    C:\Program Files\Common Files\Companion Wizard\WapCHK.dll

    C:\Program Files\Common Files\drivecleaner free

    C:\Program Files\Common Files\drivecleaner free\laststat.dat

    C:\Program Files\Common Files\drivecleaner free\udcsdr.exe

    C:\Program Files\Common Files\SystemDoctor

    C:\Program Files\Common Files\SystemDoctor\err.log

    C:\Program Files\Common Files\winantivirus pro 2007

    C:\Program Files\Common Files\WinAntiVirus Pro 2007\err.log

    C:\Program Files\Common Files\WinAntiVirus Pro 2007\mfc71.dll

    C:\Program Files\Common Files\WinAntiVirus Pro 2007\msvcp71.dll

    C:\Program Files\Common Files\winantivirus pro 2007\msvcr71.dll

    C:\Program Files\Common Files\WinAntiVirus Pro 2007\up.dat

    C:\Program Files\video activex access

    C:\UWA7P

    C:\WINDOWS\cookies.ini

    C:\WINDOWS\system32\awtsq.dll

    C:\WINDOWS\system32\bkgsfrgf.ini

    C:\WINDOWS\system32\busgbolg.dll

    C:\WINDOWS\system32\buwfnlwo.dll

    C:\WINDOWS\system32\bxrrqulo.dll

    C:\WINDOWS\system32\cavxdwwo.ini

    C:\WINDOWS\system32\cblecirm.dll

    C:\WINDOWS\system32\clngiulc.ini

    C:\WINDOWS\system32\cmwvbjst.dll

    C:\WINDOWS\system32\crwghygk.dll

    C:\WINDOWS\system32\cudwicdl.ini

    C:\WINDOWS\system32\cvdvbhds.ini

    C:\WINDOWS\system32\cwxdqmdm.dll

    C:\WINDOWS\system32\dbaojmoq.dll

    C:\WINDOWS\system32\dcjgyhky.ini

    C:\WINDOWS\system32\edseddni.dll

    C:\WINDOWS\system32\euyeyeje.dll

    C:\WINDOWS\system32\fatlrhoq.ini

    C:\WINDOWS\system32\fjarcncs.dll

    C:\WINDOWS\system32\gqjcpqck.ini

    C:\WINDOWS\system32\hadtpgkb.dll

    C:\WINDOWS\system32\hajiqjyv.dll

    C:\WINDOWS\system32\hdkcsvcy.ini

    C:\WINDOWS\system32\hedgdemj.dll

    C:\WINDOWS\system32\hivcjfdt.ini

    C:\WINDOWS\system32\huiargcr.dll

    C:\WINDOWS\system32\iipptmqp.dll

    C:\WINDOWS\system32\ineWc01

    C:\WINDOWS\system32\irgdkjnr.ini

    C:\WINDOWS\system32\jebwnrug.dll

    C:\WINDOWS\system32\jiwrqpvv.ini

    C:\WINDOWS\system32\jsdklrhk.dll

    C:\WINDOWS\system32\jvjsbtaa.dll

    C:\WINDOWS\system32\kcqpcjqg.dll

    C:\WINDOWS\system32\kdnucmur.ini

    C:\WINDOWS\system32\kelxnybn.dll

    C:\WINDOWS\system32\kfhkqonl.dll

    C:\WINDOWS\system32\kgyhgwrc.ini

    C:\WINDOWS\system32\khrlkdsj.ini

    C:\WINDOWS\system32\kprrekwj.dll

    C:\WINDOWS\system32\lfsiywvq.dll

    C:\WINDOWS\system32\lugqphbc.dll

    C:\WINDOWS\system32\mdmqdxwc.ini

    C:\WINDOWS\system32\miyromfh.ini

    C:\WINDOWS\system32\nedhywxp.dll

    C:\WINDOWS\system32\nkktmeww.ini

    C:\WINDOWS\system32\nreliwpe.ini

    C:\WINDOWS\system32\nvrlhtea.dll

    C:\WINDOWS\system32\nwerygcr.dll

    C:\WINDOWS\system32\nweyfmej.dll

    C:\WINDOWS\system32\ocdhdiln.dll

    C:\WINDOWS\system32\odllptdf.dll

    C:\WINDOWS\system32\oooglsoe.dll

    C:\WINDOWS\system32\ottcutae.ini

    C:\WINDOWS\system32\owlnfwub.ini

    C:\WINDOWS\system32\pac.txt

    C:\WINDOWS\system32\qpgexnvh.ini

    C:\WINDOWS\system32\qstwa.ini

    C:\WINDOWS\system32\qstwa.ini2

    C:\WINDOWS\system32\rcgyrewn.ini

    C:\WINDOWS\system32\rshfomvy.ini

    C:\WINDOWS\system32\rtilygud.dll

    C:\WINDOWS\system32\rumcundk.dll

    C:\WINDOWS\system32\rylqwaco.dll

    C:\WINDOWS\system32\stera.log

    C:\WINDOWS\system32\tdfjcvih.dll

    C:\WINDOWS\system32\tknxtkyt.dll

    C:\WINDOWS\system32\tycwinht.dll

    C:\WINDOWS\system32\tyktxnkt.ini

    C:\WINDOWS\system32\upvjdprl.dll

    C:\WINDOWS\system32\vlvpmweb.dll

    C:\WINDOWS\system32\vomgrrnw.ini

    C:\WINDOWS\system32\wkxotgrq.dll

    C:\WINDOWS\system32\wwemtkkn.dll

    C:\WINDOWS\system32\xlifjslh.ini

    C:\WINDOWS\system32\xmxmlsty.ini

    C:\WINDOWS\system32\xqlpsiom.ini

    C:\WINDOWS\system32\xrlfvwcg.dll

    C:\WINDOWS\system32\xxyyawu.dll

    C:\WINDOWS\system32\ykhygjcd.dll

    C:\WINDOWS\system32\ytslmxmx.dll

    C:\WINDOWS\system32\yvmofhsr.dll

    ----- BITS: Possible infected sites -----

    hxxp://www.dellsupportcenter.com

    .

    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    -------\LEGACY_DOMAINSERVICE

    -------\LEGACY_FOPN

    -------\DomainService

    -------\nm

    ((((((((((((((((((((((((( Files Created from 2008-01-01 to 2008-02-01 )))))))))))))))))))))))))))))))

    .

    2008-01-24 14:51 . 2008-01-24 14:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SupportSoft

    2008-01-24 14:49 . 2008-01-24 14:50 <DIR> d-------- C:\Program Files\Dell Support Center

    2008-01-24 14:49 . 2008-01-24 14:49 <DIR> d-------- C:\Program Files\Common Files\supportsoft

    2008-01-24 14:30 . 2008-01-24 14:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Dell

    2008-01-17 13:21 . 2008-02-01 16:33 21 --a------ C:\WINDOWS\pskt.ini

    2008-01-17 13:07 . 2008-01-17 13:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PopCap

    2008-01-16 18:21 . 2008-01-17 13:07 <DIR> d-------- C:\Program Files\Performanceoptimizer (Free)

    2008-01-14 21:41 . 2008-01-14 21:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Zylom

    2008-01-12 17:22 . 2008-01-12 17:23 <DIR> d-------- C:\Documents and Settings\Cheryl E\Application Data\Pirateville

    2008-01-10 15:01 . 2008-02-01 15:45 16,511 --a------ C:\WINDOWS\BM2f31b4a1.xml

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2008-02-01 19:09 --------- d-----w C:\Program Files\RootsMagic

    2008-02-01 16:30 21,540 ----a-w C:\Documents and Settings\Cheryl E\Application Data\wklnhst.dat

    2008-02-01 15:04 --------- d-----w C:\Program Files\McAfee

    2008-01-23 01:08 --------- d-----w C:\Program Files\Windows Media Connect 2

    2008-01-19 14:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee

    2008-01-19 14:54 --------- d-----w C:\Documents and Settings\Cheryl E\Application Data\McAfee

    2008-01-17 03:29 --------- d-----w C:\Program Files\BFG

    2008-01-02 22:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\JollyBear

    2007-12-23 06:37 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP

    2007-12-23 04:25 --------- d--h--w C:\Program Files\InstallShield Installation Information

    2007-12-23 04:24 --------- d-----w C:\Documents and Settings\Cheryl E\Application Data\InstallShield

    2007-08-07 18:15 774,144 ----a-w C:\Program Files\RngInterstitial.dll

    2007-06-23 20:40 57,432 ----a-w C:\Documents and Settings\Cheryl E\Application Data\GDIPFONTCACHEV1.DAT

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8}]

    C:\Program Files\Video ActiveX Access\iesplg.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [2003-09-10 02:24 20480]

    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]

    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]

    "DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 10:09 460784]

    "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 09:23 202544]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-14 20:49 94208]

    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-14 20:46 77824]

    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-10-14 20:50 114688]

    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 18:48 761947]

    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 14:59 385024]

    "SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 23:30 282624 C:\WINDOWS\stsystra.exe]

    "Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-04-06 14:58 1032192]

    "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 16:19 53248]

    "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 10:44 249856]

    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44 81920]

    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-07-30 02:55 98304]

    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51 39792]

    "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-04 01:33 582992]

    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-11 00:43 67488]

    "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]

    C:\Documents and Settings\Cheryl E\Start Menu\Programs\Startup\

    wkcalrem.LNK - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [2005-10-07 16:35:12 21504]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-07-30 02:51:37 24576]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]

    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2004-09-07 16:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll

    R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 00:45]

    R2 dlbc_device;dlbc_device;C:\WINDOWS\system32\dlbccoms.exe [2007-02-07 15:26]

    R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service []

    S2 0088431201878290mcinstcleanup;McAfee Application Installer Cleanup (0088431201878290);C:\WINDOWS\TEMP\008843~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog []

    .

    Contents of the 'Scheduled Tasks' folder

    "2008-01-25 23:30:00 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (LAPPY-Cheryl E).job"

    - c:\program files\mcafee.com\vso\mcmnhdlr.exe

    "2007-05-15 05:00:02 C:\WINDOWS\Tasks\McDefragTask.job"

    - c:\program files\mcafee\mqc\QcConsol.exe'

    "2008-02-01 06:00:00 C:\WINDOWS\Tasks\McQcTask.job"

    - c:\program files\mcafee\mqc\QcConsol.exe

    .

    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2008-02-01 16:55:45

    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully

    hidden files: 0

    **************************************************************************

    .

    ------------------------ Other Running Processes ------------------------

    .

    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe

    C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

    C:\WINDOWS\system32\dlbccoms.exe

    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    c:\program files\common files\mcafee\mna\mcnasvc.exe

    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    C:\Program Files\McAfee\MPF\MPFSrv.exe

    C:\Program Files\McAfee\MSK\MskSrver.exe

    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe

    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    C:\WINDOWS\system32\tcpsvcs.exe

    C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

    C:\WINDOWS\System32\snmp.exe

    C:\Program Files\Dell Support Center\bin\sprtsvc.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\igfxpers.exe

    C:\WINDOWS\system32\igfxsrvc.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

    C:\WINDOWS\stsystra.exe

    C:\Program Files\Dell\QuickSet\quickset.exe

    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

    C:\Program Files\QuickTime\qttask.exe

    C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe

    C:\Program Files\NetWaiting\netWaiting.exe

    C:\Program Files\DellSupport\DSAgnt.exe

    C:\Program Files\Dell Support Center\bin\sprtcmd.exe

    C:\Program Files\Digital Line Detect\DLG.exe

    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    C:\WINDOWS\system32\msiexec.exe

    .

    **************************************************************************

    .

    Completion time: 2008-02-01 17:02:26 - machine was rebooted

    ComboFix-quarantined-files.txt 2008-02-01 22:02:21

    .

    2008-01-18 03:31:46 --- E O F ---

  10. Welcome to BestTechie! I'm Ryan, and I'll be helping you clean your computer.

    lease download Deckard's System Scanner (DSS) and save it to your Desktop.

    • Close all other windows before proceeding.
    • Double-click on dss.exe and follow the prompts.
    • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

    -Ryan

    Ryan, Here is the Extra Text. For some reason I hit enter before I could get this added.

    Deckard's System Scanner v20071014.68

    Extra logfile - please post this as an attachment with your post.

    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Home Edition (build 2600) SP 2.0

    Architecture: X86; Language: English

    CPU 0: Intel® Pentium® M processor 1.70GHz

    Percentage of Memory in Use: 77%

    Physical Memory (total/avail): 503.37 MiB / 115.26 MiB

    Pagefile Memory (total/avail): 1228.8 MiB / 781.55 MiB

    Virtual Memory (total/avail): 2047.88 MiB / 1926.63 MiB

    C: is Fixed (NTFS) - 33.52 GiB total, 14.09 GiB free.

    D: is CDROM (No Media)

    \\.\PHYSICALDRIVE0 - WDC WD400VE-75HDT1 - 37.26 GiB - 3 partitions

    \PARTITION0 - Unknown - 47.03 MiB

    \PARTITION1 (bootable) - Installable File System - 33.52 GiB - C:

    \PARTITION2 - Unknown - 3.68 GiB

    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.

    Windows Internal Firewall is enabled.

    AntiVirusDisableNotify is set.

    FirewallDisableNotify is set.

    FW: McAfee Personal Firewall v (McAfee)

    AV: McAfee VirusScan v (McAfee)

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"

    "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"

    "C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"

    "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"

    "C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"

    "C:\\WINDOWS\\system32\\dlbccoms.exe"="C:\\WINDOWS\\system32\\dlbccoms.exe:*:Enabled:Photo Printer 720 Server"

    "C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"

    "C:\\WINDOWS\\system32\\nritipkq.exe"="C:\\WINDOWS\\system32\\nri"

    "C:\\Users\\Public\\Phantom EFX\\OnlineCasino\\Bin\\Prelauncher.exe"="C:\\Users\\Public\\Phantom EFX\\OnlineCasino\\Bin\\Prelauncher.exe:*:Enabled:Prelauncher"

    "C:\\Users\\Public\\Phantom EFX\\OnlineCasino\\Launcher\\OLCLauncher.exe"="C:\\Users\\Public\\Phantom EFX\\OnlineCasino\\Launcher\\OLCLauncher.exe:*:Enabled:OLCLauncher"

    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users

    APPDATA=C:\Documents and Settings\Cheryl E\Application Data

    CLIENTNAME=Console

    CommonProgramFiles=C:\Program Files\Common Files

    COMPUTERNAME=MEDTRAN

    ComSpec=C:\WINDOWS\system32\cmd.exe

    FP_NO_HOST_CHECK=NO

    HOMEDRIVE=C:

    HOMEPATH=\Documents and Settings\Cheryl E

    LOGONSERVER=\\MEDTRAN

    NUMBER_OF_PROCESSORS=1

    OS=Windows_NT

    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem

    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

    PROCESSOR_ARCHITECTURE=x86

    PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel

    PROCESSOR_LEVEL=6

    PROCESSOR_REVISION=0d08

    ProgramFiles=C:\Program Files

    PROMPT=$P$G

    SESSIONNAME=Console

    SystemDrive=C:

    SystemRoot=C:\WINDOWS

    TEMP=C:\DOCUME~1\CHERYL~1\LOCALS~1\Temp

    TMP=C:\DOCUME~1\CHERYL~1\LOCALS~1\Temp

    USERDOMAIN=MEDTRAN

    USERNAME=Cheryl E

    USERPROFILE=C:\Documents and Settings\Cheryl E

    windir=C:\WINDOWS

    __COMPAT_LAYER=EnableNXShowUI

    -- User Profiles ---------------------------------------------------------------

    Cheryl E (admin)

    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

    --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

    Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

    Adobe Photoshop Elements 6.0 --> msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}

    Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}

    Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

    America Online (Choose which version to remove) --> C:\Program Files\Common Files\aolshare\Aolunins_us.exe

    AOL Coach Version 1.0(Build:20040229.1 en) --> C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe

    AOL Connectivity Services --> C:\PROGRA~1\COMMON~1\AOL\ACS\AcsUninstall.exe /c

    AOLIcon --> MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}

    Broadcom Management Programs --> MsiExec.exe /I{26E1BFB0-E87E-4696-9F89-B467F01F81E5}

    Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91F1A0D6-23AD-49FE-8D4E-379485652214} /l1033

    Canon Camera Window DS for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}

    Canon Camera Window DVC for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4C96958A-6562-4143-B820-FF4890D3B734}

    Canon Camera Window for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{C7281207-4AA4-425E-B57A-0E9EF8445635}

    Canon MovieEdit Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}

    Canon PhotoRecord --> MsiExec.exe /X{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}

    Canon RAW Image Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{45EF4EE3-F591-4B74-A477-0CAE12934CE7}

    Canon RemoteCapture Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA}

    Canon Utilities PhotoStitch 3.1 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}

    Canon ZoomBrowser EX --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}

    Charting Companion for Family Tree Maker --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Charting Companion for FTM\Uninst.isu" -c"C:\Program Files\Charting Companion for FTM\Uninst_PDF.dll"

    Conexant HDA D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028k.inf

    Corel Photo Album 6 --> MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}

    Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s

    Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}

    Dell Game Console --> "C:\Program Files\WildTangent\Apps\Dell Game Console\Uninstall.exe"

    Dell Support Center --> MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}

    DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}

    Digital Content Portal --> MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}

    Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel

    Documentation & Support Launcher --> MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}

    Dream Day Wedding --> "C:\Program Files\Dream Day Wedding\ReflexiveArcade\unins000.exe"

    ELIcon --> MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}

    Family Origins 10.0 Deluxe --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Family Origins\DeIsL1.isu" -c"C:\Program Files\Family Origins\_ISREG32.DLL"

    Family Tree Maker 2006 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2F4C144-7D1A-47C4-9D53-395A57B0CD64}\setup.exe" -l0x9

    Games, Music, & Photos Launcher --> MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}

    Ghost Town --> C:\Program Files\InstallShield Installation Information\{361CB304-295C-4502-86D3-BBFB014C8E5D}\setup.exe -runfromtemp -l0x0009 -removeonly

    Hidden Expedition Everest --> "C:\Program Files\Hidden Expedition Everest\ReflexiveArcade\unins000.exe"

    High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe

    HijackThis 2.0.2 --> "C:\Documents and Settings\Cheryl E\Local Settings\Temporary Internet Files\Content.IE5\8WAU5IFC\HijackThis.exe" /uninstall

    Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

    Intel® Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592

    Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe

    Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}

    Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe

    Little Shop Of Treasures Free Trial --> "C:\Program Files\LittleShopOfTreasures_at\unins000.exe"

    Magellan RoadMate POI Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C7C9A07F-EC37-40C8-B6C2-5BAC806FD668}\Setup.exe" -l0x9

    Masque Slots featuring WMS Gaming --> MsiExec.exe /I{CFF7B8DA-6CB6-4E09-B802-EA955B88C51F}

    Masque Slots II --> C:\PROGRA~1\Masque\UNWISE.EXE C:\PROGRA~1\Masque\INSTALL.LOG

    McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe

    McAfee Uninstaller --> C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\comrem.dll::uninstall.htm

    mCore --> MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}

    MCU --> MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}

    mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}

    mHlpDell --> MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}

    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

    Microsoft Digital Image Standard 2006 --> "C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM VERSION=11

    Microsoft Encarta Encyclopedia Standard 2006 --> MsiExec.exe /I{06040048-3E21-46D6-9A91-D927BA08F41D}

    Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120

    Microsoft Office Excel Viewer 2003 --> MsiExec.exe /I{90840409-6000-11D3-8CFE-0150048383C9}

    Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}

    Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}

    Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}

    Microsoft Streets & Trips 2006 --> MsiExec.exe /I{83ED1E80-A1B7-4226-BCF1-AC4A88151A6B}

    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

    Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}

    Microsoft Works Suite 2006 Setup Launcher --> C:\Program Files\Microsoft Works Suite 2006\Setup\Launcher.exe /ARP D:\

    Microsoft Works Suite Add-in for Microsoft Word --> MsiExec.exe /I{17E3A651-12B9-4149-BAE8-E6FB9A5ADC4F}

    mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}

    mIWCA --> MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}

    mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}

    mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}

    Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel

    Monopoly Here & Now Edition Free Trial --> "C:\Program Files\MonopolyHereNowEdition_at\unins000.exe"

    mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}

    mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}

    mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}

    mSSO --> MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}

    mToolkit --> MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}

    Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst

    mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}

    mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}

    Mystery Case Files Prime Suspects Free Trial --> "C:\Program Files\MysteryCaseFilesPrimeSuspects_at\unins000.exe"

    mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}

    NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel

    PowerDVD 5.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall

    QuickSet --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 APPDRVNT4

    QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log

    RealArcade --> C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2

    RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

    Reel Deal Card Games --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10D8B7C9-FC34-424F-AE73-F5ABC2FAB05E}\setup.exe" -l0x9 -removeonly

    Reel Deal Slots Nickel Alley --> "c:\Program Files\Phantom\Reel Deal Slots Nickel Alley\unins000.exe"

    RootsMagic 3.2.5.0 --> "C:\Program Files\RootsMagic\unins000.exe"

    Search Assist --> MsiExec.exe /X{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}

    Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"

    Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"

    Serif MediaPlus 2.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C7A5956-FE23-41C7-B0FA-F9877244CA83}\Setup.exe" -l0x9

    Serif PhotoPlus 9.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7399656A-A683-41F9-8B81-B49A5138B76C}\Setup.exe" -l0x9

    Serif PhotoPlus Association File Formats --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8650CB3-89F1-4AE0-81AC-917423C58DB8}\Setup.exe" -l0x9

    Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}

    Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

    URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"

    Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

    WebCyberCoach 3.2 Dell --> "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"

    WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe

    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

    -- Application Event Log -------------------------------------------------------

    Event Record #/Type5415 / Error

    Event Submitted/Written: 02/01/2008 10:02:55 AM

    Event ID/Source: 1002 / MsiInstaller

    Event Description:

    Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\B97CF7F995034624490593BE63E82352\SourceList'

    Event Record #/Type5414 / Error

    Event Submitted/Written: 02/01/2008 10:01:53 AM

    Event ID/Source: 1002 / MsiInstaller

    Event Description:

    Unexpected or missing value (name: 'PackageName', value: '') in key 'HKU\S-1-5-18\Software\Microsoft\Installer\Products\B97CF7F995034624490593BE63E82352\SourceList'

    Event Record #/Type5411 / Warning

    Event Submitted/Written: 02/01/2008 09:56:20 AM

    Event ID/Source: 1015 / EvntAgnt

    Event Description:

    TraceLevel parameter not located in registry;

    Default trace level used is 32.

    Event Record #/Type5410 / Warning

    Event Submitted/Written: 02/01/2008 09:56:20 AM

    Event ID/Source: 1003 / EvntAgnt

    Event Description:

    TraceFileName parameter not located in registry;

    Default trace file used is .

    Event Record #/Type5407 / Success

    Event Submitted/Written: 02/01/2008 09:55:16 AM

    Event ID/Source: 2570 / Adobe Active File Monitor 6.0

    Event Description:

    Adobe Active File Monitor Service has Started.

    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.

    -- System Event Log ------------------------------------------------------------

    Event Record #/Type26596 / Warning

    Event Submitted/Written: 01/31/2008 08:04:27 PM

    Event ID/Source: 8021 / BROWSER

    Event Description:

    The browser was unable to retrieve a list of servers from the browser master \\CHERYL on the network \Device\NetBT_Tcpip_{9EEFE03E-B9E7-4183-A1D5-7411A15787DF}.

    The data is the error code.

    Event Record #/Type26579 / Warning

    Event Submitted/Written: 01/31/2008 11:24:53 AM

    Event ID/Source: 8021 / BROWSER

    Event Description:

    The browser was unable to retrieve a list of servers from the browser master \\CHERYL on the network \Device\NetBT_Tcpip_{9EEFE03E-B9E7-4183-A1D5-7411A15787DF}.

    The data is the error code.

    Event Record #/Type26393 / Error

    Event Submitted/Written: 01/28/2008 03:35:11 PM

    Event ID/Source: 7011 / Service Control Manager

    Event Description:

    Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.

    Event Record #/Type26392 / Warning

    Event Submitted/Written: 01/28/2008 03:34:56 PM

    Event ID/Source: 20169 / RemoteAccess

    Event Description:

    Unable to contact a DHCP server. The Automatic Private IP Address 169.254.28.125 will be

    assigned to dial-in clients. Clients may be unable to access resources on

    the network.

    Event Record #/Type26375 / Warning

    Event Submitted/Written: 01/28/2008 03:33:02 PM

    Event ID/Source: 1007 / Dhcp

    Event Description:

    Your computer has automatically configured the IP address for the Network

    Card with network address 00166F854438. The IP address being used is 169.254.160.120.

    -- End of Deckard's System Scanner: finished at 2008-02-01 10:35:11 ------------

  11. Welcome to BestTechie! I'm Ryan, and I'll be helping you clean your computer.

    lease download Deckard's System Scanner (DSS) and save it to your Desktop.

    • Close all other windows before proceeding.
    • Double-click on dss.exe and follow the prompts.
    • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

    -Ryan

    Ryan, Here are the two texts you wanted.

    Main Text

    Deckard's System Scanner v20071014.68

    Run by Cheryl E on 2008-02-01 10:29:19

    Computer is in Normal Mode.

    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.

    -- Last 5 Restore Point(s) --

    80: 2008-02-01 15:29:38 UTC - RP218 - Deckard's System Scanner Restore Point

    79: 2008-01-30 21:45:10 UTC - RP217 - System Checkpoint

    78: 2008-01-27 02:07:01 UTC - RP216 - System Checkpoint

    77: 2008-01-24 19:47:24 UTC - RP215 - Installed Dell Support Center.

    76: 2008-01-23 22:14:53 UTC - RP214 - System Checkpoint

    -- First Restore Point --

    1: 2007-12-17 02:54:45 UTC - RP139 - System Checkpoint

    Backed up registry hives.

    Performed disk cleanup.

    Total Physical Memory: 504 MiB (512 MiB recommended).

    -- HijackThis Clone ------------------------------------------------------------

    Emulating logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 2008-02-01 10:32:25

    Platform: Windows XP Service Pack 2 (5.01.2600)

    MSIE: Internet Explorer (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\system32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe

    C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe

    C:\WINDOWS\explorer.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\Intel\Wireless\Bin\1XConfig.exe

    C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

    C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe

    C:\WINDOWS\system32\dlbccoms.exe

    C:\Program Files\McAfee\MSC\mcmscsvc.exe

    C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe

    C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe

    C:\Program Files\McAfee\VirusScan\Mcshield.exe

    C:\Program Files\McAfee\MPF\MpfSrv.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\igfxsrvc.exe

    C:\WINDOWS\system32\igfxpers.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe

    C:\Program Files\McAfee\MSK\msksrver.exe

    C:\WINDOWS\stsystra.exe

    C:\Program Files\Dell\QuickSet\NicConfigSvc.exe

    C:\Program Files\Dell\QuickSet\quickset.exe

    C:\Program Files\McAfee.com\Agent\mcagent.exe

    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    C:\WINDOWS\system32\tcpsvcs.exe

    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

    C:\WINDOWS\system32\snmp.exe

    C:\Program Files\Common Files\DriveCleaner Free\udcsdr.exe

    C:\Program Files\Dell Support Center\bin\sprtsvc.exe

    C:\Program Files\QuickTime\qttask.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe

    C:\WINDOWS\system32\fxssvc.exe

    C:\WINDOWS\system32\rundll32.exe

    C:\Program Files\NetWaiting\netwaiting.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\DellSupport\DSAgnt.exe

    C:\Program Files\Dell Support Center\bin\sprtcmd.exe

    C:\Program Files\Digital Line Detect\DLG.exe

    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe

    C:\Program Files\McAfee\VirusScan\mcsysmon.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Documents and Settings\Cheryl E\Desktop\dss.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/isapi.dll?c=site&a...in&siteid=*

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: {947bc265-7be7-8d2b-b674-6a6e7aa08681} - {18680aa7-e6a6-476b-b2d8-7eb7562cb749} - C:\WINDOWS\system32\jvjsbtaa.dll

    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll

    O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)

    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

    O2 - BHO: (no name) - {97EA1386-089F-47CF-8A76-5BB39088C26F} - C:\WINDOWS\system32\awtsq.dll

    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

    O2 - BHO: (no name) - {FF64059D-4D2A-4D6B-AA0F-2EE4A2FE3856} - C:\WINDOWS\system32\xxyyawu.dll

    O3 - Toolbar: (no name) - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - (no file)

    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

    O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

    O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

    O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

    O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

    O4 - HKLM\..\Run: [sDR6_Check] "C:\Program Files\Common Files\DriveCleaner Free\udcsdr.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"

    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

    O4 - HKLM\..\Run: [2c02873d] rundll32.exe "C:\WINDOWS\system32\tknxtkyt.dll",b

    O4 - HKLM\..\Run: [bM2f31b4a1] Rundll32.exe "C:\WINDOWS\system32\nedhywxp.dll",s

    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

    O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe

    O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)

    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - (file missing)

    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O15 - Trusted Zone: https://online.musicmatch.com (HKLM)

    O15 - Trusted Zone: https://ancestry.com (HKCU)

    O15 - Trusted Zone: https://myfamily.com (HKCU)

    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab

    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://playgames.comcast.net/Gameshell/Gam...ronGameHost.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

    O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

    O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL

    O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL

    O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

    O20 - Winlogon Notify: xxyyawu - C:\WINDOWS\system32\xxyyawu.dll

    O23 - Service: McAfee Application Installer Cleanup (0088431201878290) (0088431201878290mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP08843~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service

    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe

    O23 - Service: dlbc_device - Unknown owner - C:\WINDOWS\system32\dlbccoms.exe

    O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\nritipkq.exe /service

    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe

    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe

    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe

    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe

    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe

    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MpfSrv.exe

    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\msksrver.exe

    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe

    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell

    O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe

    --

    End of file - 11165 bytes

    -- File Associations -----------------------------------------------------------

    All associations okay.

    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver>

    R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.1.0.1) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.1.0.1>

    R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>

    R3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>

    S3 bvrp_pci - c:\windows\system32\drivers\bvrp_pci.sys

    S3 UIUSys (Conexant Setup API) - c:\windows\system32\drivers\uiusys.sys (file missing)

    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 NICCONFIGSVC - c:\program files\dell\quickset\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc>

    R2 RegSrvc - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module>

    R2 sprtsvc_dellsupportcenter (SupportSoft Sprocket Service (dellsupportcenter)) - c:\program files\dell support center\bin\sprtsvc.exe /service /p dellsupportcenter

    R2 WLANKEEPER - c:\program files\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSOFSet Service>

    S2 0088431201878290mcinstcleanup (McAfee Application Installer Cleanup (0088431201878290)) - c:\windows\temp08843~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing)

    S2 DomainService - c:\windows\system32\nritipkq.exe /service (file missing)

    S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>

    -- Device Manager: Disabled ----------------------------------------------------

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

    Description: Broadcom 440x 10/100 Integrated Controller

    Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01C91028&REV_02\4&2FA23535&0&00F0

    Manufacturer: Broadcom

    Name: Broadcom 440x 10/100 Integrated Controller

    PNP Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01C91028&REV_02\4&2FA23535&0&00F0

    Service: bcm4sbxp

    -- Scheduled Tasks -------------------------------------------------------------

    2008-02-01 01:00:00 358 --a------ C:\WINDOWS\Tasks\McQcTask.job

    2008-01-25 18:30:00 356 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (LAPPY-Cheryl E).job

    2007-05-15 00:00:02 356 --a------ C:\WINDOWS\Tasks\McDefragTask.job

    -- Files created between 2008-01-01 and 2008-02-01 -----------------------------

    2008-02-01 10:04:43 0 d-------- C:\WINDOWS\LastGood

    2008-01-31 20:31:32 90688 --a------ C:\WINDOWS\system32\tknxtkyt.dll

    2008-01-31 20:28:43 94784 --a------ C:\WINDOWS\system32\jvjsbtaa.dll

    2008-01-31 20:28:32 72256 --a------ C:\WINDOWS\system32\nedhywxp.dll

    2008-01-30 20:35:52 92736 --a------ C:\WINDOWS\system32\nvrlhtea.dll

    2008-01-30 20:29:53 68672 --a------ C:\WINDOWS\system32\hadtpgkb.dll

    2008-01-29 20:29:58 88640 --a------ C:\WINDOWS\system32\yvmofhsr.dll

    2008-01-29 20:27:39 78912 --a------ C:\WINDOWS\system32\tycwinht.dll

    2008-01-29 20:27:29 71232 --a------ C:\WINDOWS\system32\kfhkqonl.dll

    2008-01-28 17:34:40 88640 -----n--- C:\WINDOWS\system32\kcqpcjqg.dll

    2008-01-28 17:31:38 79936 --a------ C:\WINDOWS\system32\cmwvbjst.dll

    2008-01-28 17:28:38 71232 --a------ C:\WINDOWS\system32\upvjdprl.dll

    2008-01-27 17:33:26 89152 --a------ C:\WINDOWS\system32\tdfjcvih.dll

    2008-01-27 17:27:26 78912 --a------ C:\WINDOWS\system32\jebwnrug.dll

    2008-01-27 17:24:26 70720 --a------ C:\WINDOWS\system32\ocdhdiln.dll

    2008-01-26 17:29:12 89152 --a------ C:\WINDOWS\system32\wwemtkkn.dll

    2008-01-26 17:29:02 68160 --a------ C:\WINDOWS\system32\bxrrqulo.dll

    2008-01-26 17:26:03 78912 --a------ C:\WINDOWS\system32\lfsiywvq.dll

    2008-01-25 17:32:52 87104 --a------ C:\WINDOWS\system32\ytslmxmx.dll

    2008-01-25 17:26:52 70720 --a------ C:\WINDOWS\system32\hajiqjyv.dll

    2008-01-25 17:23:52 81472 --a------ C:\WINDOWS\system32\vlvpmweb.dll

    2008-01-24 17:28:15 87616 --a------ C:\WINDOWS\system32\crwghygk.dll

    2008-01-24 17:28:06 72768 --a------ C:\WINDOWS\system32\rylqwaco.dll

    2008-01-24 17:25:08 80448 --a------ C:\WINDOWS\system32\hedgdemj.dll

    2008-01-24 14:51:19 0 d-------- C:\Documents and Settings\All Users\Application Data\SupportSoft

    2008-01-24 14:49:38 0 d-------- C:\Program Files\Dell Support Center

    2008-01-24 14:49:32 0 d-------- C:\Program Files\Common Files\supportsoft

    2008-01-24 14:30:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Dell

    2008-01-23 17:26:29 87616 --a------ C:\WINDOWS\system32\cwxdqmdm.dll

    2008-01-23 17:26:19 68672 --a------ C:\WINDOWS\system32\lugqphbc.dll

    2008-01-23 17:23:23 80960 --a------ C:\WINDOWS\system32\busgbolg.dll

    2008-01-22 17:30:36 89664 -----n--- C:\WINDOWS\system32\rumcundk.dll

    2008-01-22 17:27:35 70720 --a------ C:\WINDOWS\system32\rtilygud.dll

    2008-01-22 17:24:34 77376 --a------ C:\WINDOWS\system32\euyeyeje.dll

    2008-01-21 16:26:13 88640 --a------ C:\WINDOWS\system32\buwfnlwo.dll

    2008-01-21 16:23:10 78912 --a------ C:\WINDOWS\system32\edseddni.dll

    2008-01-21 16:20:10 70208 --a------ C:\WINDOWS\system32\wkxotgrq.dll

    2008-01-20 16:20:26 85568 --a------ C:\WINDOWS\system32\ykhygjcd.dll

    2008-01-20 16:17:27 71744 --a------ C:\WINDOWS\system32\odllptdf.dll

    2008-01-20 16:17:23 79424 --a------ C:\WINDOWS\system32\iipptmqp.dll

    2008-01-19 14:48:34 69696 --a------ C:\WINDOWS\system32\cblecirm.dll

    2008-01-19 14:48:28 78400 --a------ C:\WINDOWS\system32\kelxnybn.dll

    2008-01-18 14:49:32 81984 --a------ C:\WINDOWS\system32\nweyfmej.dll

    2008-01-18 14:47:01 69696 --a------ C:\WINDOWS\system32\huiargcr.dll

    2008-01-17 13:21:49 86592 -----n--- C:\WINDOWS\system32\jsdklrhk.dll

    2008-01-17 13:21:31 70208 --a------ C:\WINDOWS\system32\fjarcncs.dll

    2008-01-17 13:15:33 77376 --a------ C:\WINDOWS\system32\dbaojmoq.dll

    2008-01-17 13:07:47 0 d-------- C:\Documents and Settings\All Users\Application Data\PopCap

    2008-01-16 18:21:54 0 d-------- C:\Program Files\Performanceoptimizer (Free)

    2008-01-15 10:42:26 0 d-------- C:\WINDOWS\network diagnostic

    2008-01-14 21:41:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Zylom

    2008-01-12 17:22:35 0 d-------- C:\Documents and Settings\Cheryl E\Application Data\Pirateville

    2008-01-03 14:52:07 87104 --a------ C:\WINDOWS\system32\nwerygcr.dll

    2008-01-03 14:49:30 78400 --a------ C:\WINDOWS\system32\xrlfvwcg.dll

    2008-01-02 13:19:48 0 --a------ C:\WINDOWS\system32\sdhbvdvc.dll

    2008-01-02 13:16:47 78400 --a------ C:\WINDOWS\system32\oooglsoe.dll

    2008-01-01 11:59:48 0 --a------ C:\WINDOWS\system32\dyownbbx.dll

    2008-01-01 11:56:40 0 -----n--- C:\WINDOWS\system32\epwilern.dll

    -- Find3M Report ---------------------------------------------------------------

    2008-02-01 10:31:38 330712 --ahs---- C:\WINDOWS\system32\qstwa.ini2

    2008-02-01 10:04:42 0 d-------- C:\Program Files\McAfee

    2008-02-01 01:31:07 0 d-------- C:\Program Files\RootsMagic

    2008-01-31 20:14:46 21540 --a------ C:\Documents and Settings\Cheryl E\Application Data\wklnhst.dat

    2008-01-28 12:25:58 2519 --a------ C:\WINDOWS\checkip.dat

    2008-01-26 17:25:44 3558 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys

    2008-01-26 17:25:37 88 -r-hs---- C:\WINDOWS\system32D2E5E6ECF.sys

    2008-01-24 14:49:32 0 d-------- C:\Program Files\Common Files

    2008-01-23 08:09:09 1087 --a------ C:\Documents and Settings\Cheryl E\Application Data\update.log

    2008-01-22 20:08:03 0 d-------- C:\Program Files\Windows Media Connect 2

    2008-01-19 09:54:20 0 d-------- C:\Documents and Settings\Cheryl E\Application Data\McAfee

    2008-01-16 22:29:52 0 d-------- C:\Program Files\BFG

    2008-01-04 17:27:34 0 d-------- C:\Documents and Settings\Cheryl E\Application Data\Adobe

    2007-12-30 20:07:12 0 --------- C:\WINDOWS\system32\mipaotxf.dll

    2007-12-30 20:04:09 0 --------- C:\WINDOWS\system32\vvpqrwij.dll

    2007-12-29 20:06:03 0 --------- C:\WINDOWS\system32\dpfhwtge.dll

    2007-12-28 20:03:08 0 --------- C:\WINDOWS\system32\tfmsdqyu.dll

    2007-12-27 20:05:00 0 --------- C:\WINDOWS\system32\qjndhotx.dll

    2007-12-27 20:02:00 0 --------- C:\WINDOWS\system32\hlsjfilx.dll

    2007-12-26 20:04:29 80448 --a------ C:\WINDOWS\system32\kprrekwj.dll

    2007-12-25 20:03:01 0 --------- C:\WINDOWS\system32\dpaicwaf.dll

    2007-12-24 16:13:24 0 --------- C:\WINDOWS\system32\sjoffkwi.dll

    2007-12-23 08:22:56 0 --------- C:\WINDOWS\system32\deceriyc.dll

    2007-12-22 23:25:29 0 d--h----- C:\Program Files\InstallShield Installation Information

    2007-12-22 23:24:32 0 d-------- C:\Documents and Settings\Cheryl E\Application Data\InstallShield

    2007-12-22 08:04:46 0 --------- C:\WINDOWS\system32\moisplqx.dll

    2007-12-19 22:36:24 0 --------- C:\WINDOWS\system32\qohrltaf.dll

    2007-12-18 19:25:38 0 --------- C:\WINDOWS\system32\hvnxegpq.dll

    2007-12-16 21:54:27 324608 --a------ C:\WINDOWS\system32\awtsq.dll

    2007-12-16 21:49:17 40448 --a------ C:\WINDOWS\system32\xxyyawu.dll

    2007-12-08 19:29:58 278528 --a------ C:\WINDOWS\system32\livesnth.dll <Not Verified; LiveUpdate; LiveSynth>

    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18680aa7-e6a6-476b-b2d8-7eb7562cb749}]

    01/31/2008 08:28 PM 94784 --a------ C:\WINDOWS\system32\jvjsbtaa.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]

    09/19/2007 05:15 AM 329032 --a------ C:\Program Files\McAfee\MSK\mcapbho.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8}]

    C:\Program Files\Video ActiveX Access\iesplg.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{97EA1386-089F-47CF-8A76-5BB39088C26F}]

    12/16/2007 09:54 PM 324608 --a------ C:\WINDOWS\system32\awtsq.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF64059D-4D2A-4D6B-AA0F-2EE4A2FE3856}]

    12/16/2007 09:49 PM 40448 --a------ C:\WINDOWS\system32\xxyyawu.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [10/14/2005 08:49 PM]

    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [10/14/2005 08:46 PM]

    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [10/14/2005 08:50 PM]

    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/08/2006 06:48 PM]

    "@"="" []

    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [10/30/2004 02:59 PM]

    "SigmatelSysTrayApp"="stsystra.exe" [03/24/2006 11:30 PM C:\WINDOWS\stsystra.exe]

    "Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [04/06/2006 02:58 PM]

    "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [02/23/2005 04:19 PM]

    "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [06/10/2005 10:44 AM]

    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [06/10/2005 10:44 AM]

    "SDR6_Check"="C:\Program Files\Common Files\DriveCleaner Free\udcsdr.exe" [09/27/2006 12:56 PM]

    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [07/30/2006 02:55 AM]

    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 06:51 PM]

    "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [08/04/2007 01:33 AM]

    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [09/11/2007 12:43 AM]

    "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [11/15/2007 09:24 AM]

    "2c02873d"="C:\WINDOWS\system32\tknxtkyt.dll" [01/31/2008 08:31 PM]

    "BM2f31b4a1"="C:\WINDOWS\system32\nedhywxp.dll" [01/31/2008 08:28 PM]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [09/10/2003 02:24 AM]

    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]

    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]

    "DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 10:09 AM]

    "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [11/15/2007 09:23 AM]

    C:\Documents and Settings\Cheryl E\Start Menu\Programs\Startup\

    wkcalrem.LNK - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [10/7/2005 4:35:12 PM]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [7/30/2006 2:51:37 AM]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

    "{FF64059D-4D2A-4D6B-AA0F-2EE4A2FE3856}"= C:\WINDOWS\system32\xxyyawu.dll [12/16/2007 09:49 PM 40448]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]

    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 09/07/2004 04:08 PM 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyyawu]

    xxyyawu.dll 12/16/2007 09:49 PM 40448 C:\WINDOWS\system32\xxyyawu.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

    "Authentication Packages"= msv1_0 C:\WINDOWS\system32\awtsq.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

    @=""

    -- End of Deckard's System Scanner: finished at 2008-02-01 10:35:11 ------------

    AND EXTRA Text

  12. Forgot to copy over my scan.

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 11:15:48 AM, on 1/28/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe

    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\igfxpers.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

    C:\WINDOWS\stsystra.exe

    C:\Program Files\Dell\QuickSet\quickset.exe

    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

    C:\WINDOWS\system32\igfxsrvc.exe

    C:\Program Files\Common Files\DriveCleaner Free\udcsdr.exe

    C:\Program Files\QuickTime\qttask.exe

    C:\Program Files\McAfee.com\Agent\mcagent.exe

    C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe

    C:\WINDOWS\system32\Rundll32.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\DellSupport\DSAgnt.exe

    C:\Program Files\Dell Support Center\bin\sprtcmd.exe

    C:\Program Files\Digital Line Detect\DLG.exe

    C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe

    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

    C:\WINDOWS\system32\dlbccoms.exe

    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    c:\program files\common files\mcafee\mna\mcnasvc.exe

    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    C:\Program Files\McAfee\MPF\MPFSrv.exe

    C:\Program Files\McAfee\MSK\MskSrver.exe

    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    C:\WINDOWS\system32\tcpsvcs.exe

    C:\WINDOWS\System32\snmp.exe

    C:\Program Files\Dell Support Center\bin\sprtsvc.exe

    C:\WINDOWS\system32\svchost.exe

    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\WINDOWS\system32\taskmgr.exe

    C:\Documents and Settings\Cheryl E\Local Settings\Temporary Internet Files\Content.IE5\8WAU5IFC\HJTInstall[1].exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/isapi.dll?c=site&a...in&siteid=*

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll

    O2 - BHO: (no name) - {58A92E23-81B8-47AC-9D38-587A885DEC97} - C:\WINDOWS\system32\awtsq.dll

    O2 - BHO: {ff09cead-e7fb-f1db-4f14-08b3edc50d46} - {64d05cde-3b80-41f4-bd1f-bf7edaec90ff} - C:\WINDOWS\system32\jebwnrug.dll

    O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)

    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

    O2 - BHO: (no name) - {FF64059D-4D2A-4D6B-AA0F-2EE4A2FE3856} - C:\WINDOWS\system32\xxyyawu.dll

    O3 - Toolbar: (no name) - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - (no file)

    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

    O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

    O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

    O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

    O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

    O4 - HKLM\..\Run: [sDR6_Check] "C:\Program Files\Common Files\DriveCleaner Free\udcsdr.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"

    O4 - HKLM\..\Run: [2c02873d] rundll32.exe "C:\WINDOWS\system32\tdfjcvih.dll",b

    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

    O4 - HKLM\..\Run: [bM2f31b4a1] Rundll32.exe "C:\WINDOWS\system32\ocdhdiln.dll",s

    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

    O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe

    O4 - Global Startup: Digital Line Detect.lnk = ?

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O15 - Trusted Zone: http://oft.myfamily.com

    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab

    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://playgames.comcast.net/Gameshell/Gam...ronGameHost.cab

    O20 - Winlogon Notify: xxyyawu - C:\WINDOWS\SYSTEM32\xxyyawu.dll

    O23 - Service: McAfee Application Installer Cleanup (0254341201532168) (0254341201532168mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP25434~1.EXE

    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

    O23 - Service: dlbc_device - - C:\WINDOWS\system32\dlbccoms.exe

    O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\nritipkq.exe (file missing)

    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe

    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

    O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --

    End of file - 10251 bytes

    Cheryl

  13. I am not sure what I opened up to start receiving pop ups. I know I did Advance Cleaner, but I was receiving pop ups a while before that. Some of the popups I am getting are coming from Advance Cleaner, Ad2Network, SST, among others. I also noticed that once in a while when a pop up comes up and I close out of it, it cleans off my desktop and I can only open program's through Windows Task Manager. The only way to get my desktop icons back is to reboot my computer. This gets very frustrating.

    I am sick of this adware junk. It should be outlawed. I have McAfee. I have also noticed that it has been running a little slow. Escpecially getting into websites that I visit frequently. All this is on my laptop.

    On my regular computer, it has been running slow for sometime and right now is not even hooked up to the internet. It takes forever to boot up and get into programs. It's possible that something was downloaded before I took it off the internet, but I am not sure what. It has been almost a year since it's been online.

    I am hoping someone can help me with these problems. :wacko:

    Thank you.

    Cheryl