TheTechGuide Forum
General Category => Tech Clinic => Topic started by: Enid on January 12, 2009, 01:17:53 AM
-
hey quest, im bacq again.
the most recent activity...
i downloaded through azureus... nothing happened
i went to cineplayer to watch dvd... windows intaller/ sonic updater came up. yada yada yada. then came the force of pop-ups.
where should i start again?
>>sigh<< was it the download or was it cineplayer???
-
Hi again Enid, can you start by posting a Hijackthis log please
Here's the instructions
http://www.thetechguide.com/forum/index.php?showtopic=22942 (http://\"http://www.thetechguide.com/forum/index.php?showtopic=22942\")
In addition, can you also post an Uninstall list from Hijackthis
After you post the Hijackthis log
Close Hijackthis then reopen it
Click on the "Misc tools Section"
Open "Uninstall Manager"
Click the "Save list' button
Save the list to your desktop, then copy/paste back here the contents please
-
[quote name=\'guestolo\' post=\'455825\' date=\'Jan 12 2009, 01:21 AM\']Hi again Enid, can you start by posting a Hijackthis log please
Here's the instructions
http://www.thetechguide.com/forum/index.php?showtopic=22942 (http://\"http://www.thetechguide.com/forum/index.php?showtopic=22942\")
In addition, can you also post an Uninstall list from Hijackthis
After you post the Hijackthis log
Close Hijackthis then reopen it
Click on the "Misc tools Section"
Open "Uninstall Manager"
Click the "Save list' button
Save the list to your desktop, then copy/paste back here the contents please[/quote]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:34:42 AM, on 1/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Lexmark 7300 Series\ezprint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\GetModule\GetModule33.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Palm\Hotsync.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
O3 - Toolbar: Merriam-Webster Online - {B7B76DD6-B6F0-4443-AF81-6A3ECF12A57D} - C:\WINDOWS\_MWOLTB.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [c0882aba] rundll32.exe "C:\WINDOWS\system32\vflliyxu.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [GetModule33] C:\Program Files\GetModule\GetModule33.exe
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: E-mail.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MWOL &Dictionary - res://C:\WINDOWS\_MWOLTB.DLL/23/219
O8 - Extra context menu item: MWOL &Thesaurus - res://C:\WINDOWS\_MWOLTB.DLL/23/220
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab53083.cab (http://\"http://zone.msn.com/binFrameWork/v10/StagingUI.cab53083.cab\")
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab (http://\"http://www.musicnotes.com/download/mnviewer.cab\")
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.87.cab (http://\"http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.87.cab\")
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab53083.cab (http://\"http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab53083.cab\")
O16 - DPF: {3CF32649-D1C0-4F42-AB44-ED284748920B} (Merriam-Webster Online Toolbar) - http://www.m-w.com/downloads/toolbar/webinstall.cab (http://\"http://www.m-w.com/downloads/toolbar/webinstall.cab\")
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab (http://\"http://www.srtest.com/srl_bin/sysreqlab_ind.cab\")
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab53083.cab (http://\"http://zone.msn.com/binframework/v10/ZPAChat.cab53083.cab\")
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148173090023 (http://\"http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148173090023\")
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab (http://\"http://zone.msn.com/bingame/amun/default/mjolauncher.cab\")
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (http://\"http://www.sibelius.com/download/software/win/ActiveXPlugin.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (http://\"http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab\")
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab (http://\"http://zone.msn.com/bingame/feed/default/SproutLauncher.cab\")
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab (http://\"http://zone.msn.com/bingame/cnma/default/ct.cab\")
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab53852.cab (http://\"http://zone.msn.com/binframework/v10/StProxy.cab53852.cab\")
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.89.cab (http://\"http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.89.cab\")
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.scn-chat.com/includes/MSNChat45.cab (http://\"http://www.scn-chat.com/includes/MSNChat45.cab\")
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/CheckersZPA.cab53083.cab (http://\"http://zone.msn.com/bingame/zpagames/CheckersZPA.cab53083.cab\")
O20 - AppInit_DLLs: mrgxoc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 9295 bytes
SAVE LIST WILL NOT WORQ. HIGHJACQ SEEMS TO CLOSE AS SOON AS I HIT SAVE.
-
Download and unzip to your desktop InstalledPrograms.zip (http://\"http://www.billsway.com/vbspage/vbsfiles/InstalledPrograms.zip\")
Double click on InstalledPrograms.vbs
Click OK at the IP prompt and click YES to view the results now
A text file will open, can you copy and paste back here the whole contents
-
[quote name=\'guestolo\' post=\'455828\' date=\'Jan 12 2009, 01:55 AM\']Download and unzip to your desktop InstalledPrograms.zip (http://\"http://www.billsway.com/vbspage/vbsfiles/InstalledPrograms.zip\")
Double click on InstalledPrograms.vbs
Click OK at the IP prompt and click YES to view the results now
A text file will open, can you copy and paste back here the whole contents[/quote]
INSTALLED SOFTWARE (202) - ENUNEZ4 - 1/12/2009 2:03:15 AM
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
A4 Tech USB2.0 PC Camera F Ver: 1.00.000
ABBYY FineReader 6.0 Sprint Ver: 6.00.1395.41612 Installed: 12/25/2006
Adobe Flash Player ActiveX Ver: 9.0.115.0
Adobe Illustrator 7.0
Adobe Photoshop 7.0 Ver: 7.0
Adobe Reader 7.0.9 Ver: 7.0.9 Installed: 3/12/2007
Adobe Shockwave Player 11 Ver: 11
AIM 6
AIMTunes
AOLIcon Ver: 1.00.0000 Installed: 5/10/2006
Audacity 1.2.6
AutoUpdate Ver: 1.1
AVG 7.5
Azureus Ver: 2.5.0.4
Broadcom Management Programs Ver: 8.65.05 Installed: 5/10/2006
capella-scan 6.1
CCleaner (remove only)
Conexant HDA D110 MDC V.92 Modem
CutePDF Writer 2.7
Dell CinePlayer Ver: 3.0 Installed: 5/10/2006
Dell Digital Jukebox Driver
Dell Driver Reset Tool Ver: 1.02.0000 Installed: 5/10/2006
Dell Game Console
Dell Support Center (Support Software) Ver: 2.2.08100 Installed: 10/1/2008
Dell System Restore Ver: 2.00.0000 Installed: 5/10/2006
Dell Wireless WLAN Card Ver: 4.10.47.3
DellSupport Ver: 6.0.3062 Installed: 4/8/2007
Digital Content Portal Ver: 1.00.0000 Installed: 5/10/2006
Digital Line Detect Ver: 1.15
DivX Codec Ver: 6.6.1
DivX Content Uploader Ver: 1.2.1
DivX Converter Ver: 6.2.1
DivX Player Ver: 6.4.3
DivX Web Player Ver: 1.3.1
Documentation & Support Launcher Ver: 1.00.0000 Installed: 5/10/2006
Documents To Go Ver: 7.006.940 Installed: 12/25/2007
Download Accelerator Plus (DAP) Ver: 8138 (Build 214)
DVD Solution
EducateU Ver: 1.00.0000 Installed: 5/10/2006
ELIcon Ver: 1.00.0000 Installed: 5/10/2006
EPSON TWAIN 5
ESPNMotion Ver: 2.1.6.0011
FLV Player 2.0 (build 25) Ver: 2.0 (build 25)
foobar2000 v0.9.4.3 Ver: 0.9.4.3
Games, Music, & Photos Launcher Ver: 1.00.0000 Installed: 5/10/2006
Get High Speed Internet! Ver: 1.00.0000 Installed: 5/10/2006
HijackThis 2.0.2 Ver: 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864) Ver: 1 Installed: 4/9/2008
Intel® Graphics Media Accelerator Driver
InterActual Player
Internal Network Card Power Management Ver: 1.7.2
Internet Service Offers Launcher Ver: 1.00.0000 Installed: 5/10/2006
Internet Speed Monitor
Java(tm) 6 Update 11 Ver: 6.0.110 Installed: 12/12/2008
K-Lite Codec Pack 4.1.6 (Full) Ver: 4.1.6 Installed: 12/5/2008
KWorld ATSC 310U BDA Drivers
Learn2 Player (Uninstall Only)
Lexmark 7300 Series
LG ODD Auto Firmware Update Ver: 1.01.0412.01
LightScribe 1.4.31.1 Ver: 1.4.31.1 Installed: 1/7/2007
LimeWire 4.10.9 Ver: 4.10.9
Macromedia Dreamweaver MX Ver: 6.0
Macromedia Extension Manager Ver: 1.5
Macromedia Fireworks MX Ver: 6
Macromedia Flash MX Ver: 6
Macromedia FreeHand 10 Ver: 10
Magic ISO Maker v5.4 (build 0251)
Malwarebytes' Anti-Malware Installed: 12/11/2008
Malwarebytes' RogueRemover Installed: 10/20/2008
Merriam-Webster Online Toolbar
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Ver: 1.1.4322 Installed: 7/11/2007
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP Ver: 1 Installed: 1/30/2007
Microsoft Internationalized Domain Names Mitigation APIs Installed: 1/17/2007
Microsoft National Language Support Downlevel APIs Installed: 1/17/2007
Microsoft Office Excel MUI (English) 2007 Ver: 12.0.6215.1000 Installed: 12/19/2008
Microsoft Office Outlook MUI (English) 2007 Ver: 12.0.6215.1000 Installed: 12/19/2008
Microsoft Office PowerPoint MUI (English) 2007 Ver: 12.0.6215.1000 Installed: 12/19/2008
Microsoft Office Professional Edition 2003 Ver: 11.0.8173.0 Installed: 12/12/2008
Microsoft Office Proof (English) 2007 Ver: 12.0.6213.1000 Installed: 12/19/2008
Microsoft Office Proof (French) 2007 Ver: 12.0.6213.1000 Installed: 12/19/2008
Microsoft Office Proof (Spanish) 2007 Ver: 12.0.6213.1000 Installed: 12/19/2008
Microsoft Office Proofing (English) 2007 Ver: 12.0.4518.1014 Installed: 12/12/2008
Microsoft Office Shared MUI (English) 2007 Ver: 12.0.6215.1000 Installed: 12/19/2008
Microsoft Office Shared Setup Metadata MUI (English) 2007 Ver: 12.0.6215.1000 Installed: 12/19/2008
Microsoft Office Standard 2007 Ver: 12.0.6215.1000
Microsoft Office Standard 2007 Ver: 12.0.6215.1000 Installed: 12/19/2008
Microsoft Office Word MUI (English) 2007 Ver: 12.0.6215.1000 Installed: 12/19/2008
Microsoft Plus! Digital Media Edition Installer Ver: 1.1.0.3514 Installed: 5/10/2006
Microsoft Plus! Photo Story 2 LE Ver: 1.1.0.3463 Installed: 5/10/2006
Microsoft Reader
Microsoft Software Update for Web Folders (English) 12 Ver: 12.0.6215.1000 Installed: 12/19/2008
Microsoft User-Mode Driver Framework Feature Pack 1.0 Installed: 1/30/2007
Microsoft Windows XP Video Decoder Checkup Utility
Mixer
Modem Helper Ver: 3.01
MSXML 4.0 SP2 (KB925672) Ver: 4.20.9839.0 Installed: 10/15/2006
MSXML 4.0 SP2 (KB927978) Ver: 4.20.9841.0 Installed: 11/19/2006
MSXML 4.0 SP2 (KB936181) Ver: 4.20.9848.0 Installed: 8/16/2007
MSXML 4.0 SP2 (KB954430) Ver: 4.20.9870.0 Installed: 11/30/2008
Multimedia Launcher
Musicmatch for Windows Media Player Ver: 0.00.000
MySpaceIM Ver: 1.0.0.0
Nero OEM
Netflix Movie Viewer Ver: 1.2.211 Installed: 7/16/2008
NetWaiting Ver: 2.5.23
NetZeroInstallers Ver: 1.0.0 Installed: 5/10/2006
Olympus Digital Wave Player
OMeR
Otto
Palm Ver: 4.1.0420 Installed: 12/25/2007
PCDJ Blue Ver: 5.1.0.1010
PDF reDirect (remove only) Ver: v2.2.5
Peachtree Complete Accounting Educational Version 2005 Ver: 12.00.00 Installed: 8/22/2006
Peachtree Complete Accounting Educational Version 2005 Ver: 12.00.00 Installed: 8/22/2006
PowerISO
Presto! Forms 3.50.01
Presto! PageManager 7.12.02
QuickSet Ver: 7.0.10
QuickTime Ver: 7.1 Installed: 11/4/2006
QuickTime Ver: 7.1 Installed: 11/4/2006
Roxio DLA Ver: 5.2.0 Installed: 5/10/2006
Roxio RecordNow Audio Ver: 2.0.4 Installed: 5/10/2006
Roxio RecordNow Copy Ver: 2.0.4 Installed: 5/10/2006
Roxio RecordNow Data Ver: 2.0.4 Installed: 5/10/2006
SAGE-Online Ver: 5.00.0000 Installed: 11/5/2008
Sandlot Games Client Services
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Windows Internet Explorer 7 (KB928090) Ver: 20070117.120000 Installed: 2/15/2007
Security Update for Windows Internet Explorer 7 (KB929969) Ver: 20061222.120000 Installed: 1/18/2007
Security Update for Windows Internet Explorer 7 (KB931768) Ver: 1 Installed: 5/9/2007
Security Update for Windows Internet Explorer 7 (KB933566) Ver: 1 Installed: 6/13/2007
Security Update for Windows Internet Explorer 7 (KB937143) Ver: 1 Installed: 8/17/2007
Security Update for Windows Internet Explorer 7 (KB938127) Ver: 1 Installed: 8/17/2007
Security Update for Windows Internet Explorer 7 (KB939653) Ver: 1 Installed: 10/12/2007
Security Update for Windows Internet Explorer 7 (KB942615) Ver: 1 Installed: 12/14/2007
Security Update for Windows Internet Explorer 7 (KB944533) Ver: 1 Installed: 2/20/2008
Security Update for Windows Internet Explorer 7 (KB950759) Ver: 1 Installed: 6/12/2008
Security Update for Windows Internet Explorer 7 (KB953838) Ver: 1 Installed: 8/14/2008
Security Update for Windows Internet Explorer 7 (KB956390) Ver: 1 Installed: 10/19/2008
Security Update for Windows Internet Explorer 7 (KB958215) Ver: 1 Installed: 12/12/2008
Security Update for Windows Internet Explorer 7 (KB960714) Ver: 1 Installed: 12/19/2008
Security Update for Windows Media Player (KB952069) Installed: 12/12/2008
Security Update for Windows XP (KB954600) Ver: 1 Installed: 12/12/2008
Security Update for Windows XP (KB956802) Ver: 1 Installed: 12/12/2008
Shockwave Director 11.0
Sonic Activation Module Ver: 1.0 Installed: 5/10/2006
Sonic Encoders Ver: 1.00 Installed: 8/16/2005
Sonic Update Manager Ver: 3.0.0 Installed: 5/10/2006
Sound Blaster Audigy ADVANCED MB Demo
Spybot - Search & Destroy Ver: 1.6.0 Installed: 10/11/2008
Synaptics Pointing Device Driver Ver: 8.2.4.6
System Requirements Lab
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb958619)
Update for Windows Media Player 10 (KB910393) Installed: 5/10/2006
Update for Windows XP (KB955839) Ver: 1 Installed: 12/12/2008
Viewpoint Media Player
Vivaldi Plus Via Web (English Version) Ver: 2003 a
Vivaldi Scan Via Web (English Version) Ver: 2003 a
WebCyberCoach 3.2 Dell
WebFldrs XP Ver: 9.50.7523 Installed: 8/16/2005
Winamp Ver: 5.5
Windows Genuine Advantage Notifications (KB905474) Ver: 1.7.0018.5 Installed: 4/2/2007
Windows Genuine Advantage Validation Tool Installed: 5/21/2006
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7 Ver: 20061107.210142 Installed: 1/17/2007
Windows Live installer Ver: 12.0.1471.1025 Installed: 6/15/2008
Windows Live Messenger Ver: 8.5.1302.1018 Installed: 12/5/2008
Windows Live Sign-in Assistant Ver: 4.200.520.1 Installed: 6/15/2008
Windows Media Format 11 runtime
Windows Media Format 11 runtime Installed: 1/30/2007
Windows Media Player 10 Ver: 9.00.3636 Installed: 5/10/2006
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows Media Player 11 Installed: 1/30/2007
Windows XP Service Pack 3 Ver: 20080414.031525 Installed: 12/6/2008
WinRAR archiver
WordPerfect Office 12 Ver: 12.01 Installed: 5/10/2006
Yahoo! Messenger
Yahoo! Toolbar
Yahoo! Toolbar
YAMAHA Digital Music Notebook Ver: 2.5.10.2 Installed: 8/24/2008
-
Do a System Scan Only with Hijackthis and put a tick next to the following entries:
O4 - HKLM\..\Run: [c0882aba] rundll32.exe "C:\WINDOWS\system32\vflliyxu.dll",b
O4 - HKCU\..\Run: [GetModule33] C:\Program Files\GetModule\GetModule33.exe
O20 - AppInit_DLLs: mrgxoc.dll
Close down all other open windows
Including this one
Then click on FIX CHECKED
OK any prompts then exit Hijackthis
Access your Add and remove programs and remove the following if possible
Internet Speed Monitor
Viewpoint Media Player
Reboot your comptuer
Back in Windows
Open Malwarebytes' Anti-Malware
- Click on the Update tab and Check for updates
- If an update is found, it will download and install the latest version.
- After updating, Select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
With that log from MBAM
Can you also do the following
Download [color=\"blue\"]random's system information tool (RSIT)[/color] by [color=\"#6600cc\"]random/random[/color] from >>[color=\"red\"]here[/color]<< (http://\"http://images.malwareremoval.com/random/RSIT.exe\") and save it to your desktop.
- Double click on RSIT.exe to launch program.
- Click Continue at the disclaimer screen.
- Your firewall may alert you that RSIT is requesting Internet access. Please allow it.
- Once it has finished, two logs will open: log.txt[color=\"red\"]<-- this will be maximized[/color] and info.txt[color=\"red\"]<-- this will be minimized[/color].
I only need to see the whole contents of log.txt
NOTE: You may get an error message posting back log.txt
If you do, can you upload it please, if you need instructions to upload, let me know
-
Malwarebytes' Anti-Malware 1.32
Database version: 1647
Windows 5.1.2600 Service Pack 3
1/12/2009 7:58:45 PM
mbam-log-2009-01-12 (19-58-45).txt
Scan type: Quick Scan
Objects scanned: 65091
Time elapsed: 7 minute(s), 2 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 6
Registry Keys Infected: 17
Registry Values Infected: 2
Registry Data Items Infected: 3
Folders Infected: 1
Files Infected: 19
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\bYOGwTNG.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qftbujke.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mlJArono.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\urctsdcs.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\mrgxoc.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\xlbmpz.dll (Trojan.Vundo) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18a179a8-4e72-438f-82e1-8a2b743f6a27} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{18a179a8-4e72-438f-82e1-8a2b743f6a27} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljarono (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aad0cf62-fe0d-4c33-8de8-3676accd7b6f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aad0cf62-fe0d-4c33-8de8-3676accd7b6f} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18a179a8-4e72-438f-82e1-8a2b743f6a27} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{aad0cf62-fe0d-4c33-8de8-3676accd7b6f} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c0882aba (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\byogwtng -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\byogwtng -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Trojan.Agent) -> Data: digeste.dll -> Quarantined and deleted successfully.
Folders Infected:
C:\Documents and Settings\Enid\Application Data\GetModule (Trojan.Agent) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\bYOGwTNG.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\GNTwGOYb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GNTwGOYb.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJArono.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mrgxoc.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qftbujke.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ekjubtfq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vflliyxu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uxyillfv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urctsdcs.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\xlbmpz.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\bqlqdkxw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Enid\Local Settings\Temporary Internet Files\Content.IE5\VQRWV0PB\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Enid\Local Settings\Temporary Internet Files\Content.IE5\VQRWV0PB\upd105320[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Enid\Application Data\GetModule\dicik.gz (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Enid\Application Data\GetModule\kwdik.gz (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Enid\Application Data\GetModule\ofadik.gz (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wpv901231601797.cpx (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\digeste.dll (Trojan.Agent) -> Quarantined and deleted successfully.
-
Sorry for the delay
Can you post a fresh hijackthis log and let me know how things are now running
-
[quote name=\'guestolo\' post=\'456029\' date=\'Jan 14 2009, 02:15 PM\']Sorry for the delay
Can you post a fresh hijackthis log and let me know how things are now running[/quote]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:16:35 AM, on 1/22/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Lexmark 7300 Series\ezprint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Palm\Hotsync.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\PROGRA~1\MICROS~4\Office12\OUTLOOK.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Merriam-Webster Online - {B7B76DD6-B6F0-4443-AF81-6A3ECF12A57D} - C:\WINDOWS\_MWOLTB.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: E-mail.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MWOL &Dictionary - res://C:\WINDOWS\_MWOLTB.DLL/23/219
O8 - Extra context menu item: MWOL &Thesaurus - res://C:\WINDOWS\_MWOLTB.DLL/23/220
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab53083.cab (http://\"http://zone.msn.com/binFrameWork/v10/StagingUI.cab53083.cab\")
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab (http://\"http://www.musicnotes.com/download/mnviewer.cab\")
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (http://\"http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab\")
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/T...nx.1.0.0.87.cab (http://\"http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.87.cab\")
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab53083.cab (http://\"http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab53083.cab\")
O16 - DPF: {3CF32649-D1C0-4F42-AB44-ED284748920B} (Merriam-Webster Online Toolbar) - http://www.m-w.com/downloads/toolbar/webinstall.cab (http://\"http://www.m-w.com/downloads/toolbar/webinstall.cab\")
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab (http://\"http://www.srtest.com/srl_bin/sysreqlab_ind.cab\")
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab53083.cab (http://\"http://zone.msn.com/binframework/v10/ZPAChat.cab53083.cab\")
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1148173090023 (http://\"http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148173090023\")
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab (http://\"http://zone.msn.com/bingame/amun/default/mjolauncher.cab\")
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab (http://\"http://www.sibelius.com/download/software/win/ActiveXPlugin.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab (http://\"http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab\")
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab (http://\"http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab\")
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (http://\"http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab\")
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab (http://\"http://zone.msn.com/bingame/feed/default/SproutLauncher.cab\")
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab (http://\"http://zone.msn.com/bingame/cnma/default/ct.cab\")
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab53852.cab (http://\"http://zone.msn.com/binframework/v10/StProxy.cab53852.cab\")
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.89.cab (http://\"http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.89.cab\")
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab (http://\"http://messenger.zone.msn.com/binary/Chess.cab57176.cab\")
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.scn-chat.com/includes/MSNChat45.cab (http://\"http://www.scn-chat.com/includes/MSNChat45.cab\")
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/Check...PA.cab53083.cab (http://\"http://zone.msn.com/bingame/zpagames/CheckersZPA.cab53083.cab\")
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 9766 bytes
THINGS SEEM TO BE RUNNING OQ. THANQS AGAIN