Thank you for your help! This forum is fantastic.
Yesterday before you posted I went ahead and ran VirtumondoBeGone and it seemed to fix the problem. I am no longer getting popups but internet doesn't seem quite as fast as normal. I ran a Spybot check this morning and several basic adware / spyware programs showed up again (DoubleClick, etc.), but no Virtumonde. But, I want to make sure I clear everything out so I followed your instructions. See log files below:
ComboFix.txt:ComboFix 07-08-14.4 - "Owner" 2007-08-17 9:55:03.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.246 [GMT -4:00]
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Owner\APPLIC~1.\ystem3~1
C:\DOCUME~1\Owner\STARTM~1\Programs\Startup.\TA_Start.lnk
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\fse
C:\Temp\fse\tmpZTF.log
C:\WINDOWS\system32\f02WtR
C:\WINDOWS\system32\H1
C:\WINDOWS\system32\H1\dl22011.exe
C:\WINDOWS\system32\ihkmp.bak1
C:\WINDOWS\system32\ihkmp.ini
C:\WINDOWS\system32\kwinsmdt.exe
C:\WINDOWS\system32\qnilqpkr.dll
C:\WINDOWS\system32\rvyjbvdt.dll
C:\WINDOWS\system32\ulerjcxx.dll
C:\WINDOWS\system32\V1
C:\WINDOWS\system32\xpvvfhlq.dll
D:\Autorun.inf
K:\Autorun.inf
((((((((((((((((((((((((( Files Created from 2007-07-17 to 2007-08-17 )))))))))))))))))))))))))))))))
2007-08-17 09:52 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-17 09:45 <DIR> d-------- C:\Program Files\Trend Micro
2007-08-16 09:53 266,336 --a------ C:\WINDOWS\system32\pmkhi.dll.vir
2007-08-16 05:53 <DIR> d-------- C:\VundoFix Backups
2007-08-15 14:26 43,542 --a------ C:\WINDOWS\system32\hggddbc.dll.vir
2007-08-15 14:26 <DIR> d-------- C:\WINDOWS\system32\tmps9
2007-08-15 14:26 <DIR> d-------- C:\WINDOWS\system32\chkconfig
2007-08-15 14:25 <DIR> d-------- C:\Temp
2007-08-07 16:30 163,840 --a------ C:\Program Files\TTX.exe
2007-07-25 08:39 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Historical Stats
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-17 04:21 --------- d-------- C:\Program Files\LogMeIn
2007-08-15 17:47 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-08-15 17:44 --------- d-------- C:\Program Files\Symantec
2007-08-15 17:44 --------- d-------- C:\Program Files\Norton AntiVirus
2007-08-09 14:29 --------- d--h----- C:\Program Files\Misc
2007-08-09 10:25 --------- d-------- C:\DOCUME~1\Owner\APPLIC~1\AdobeUM
2007-07-19 02:59 3583488 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-12 19:31 765952 --a--c--- C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-12 16:33 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-06-27 10:34 823808 --a--c--- C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 10:34 671232 --a--c--- C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 10:34 6058496 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 10:34 52224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 10:34 477696 --a--c--- C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 10:34 459264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 10:34 44544 --a--c--- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 10:34 384512 -----c--- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 10:34 383488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 10:34 27648 --a--c--- C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 10:34 267776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 10:34 232960 -----c--- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 10:34 230400 -----c--- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 10:34 193024 --a--c--- C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 10:34 153088 --a--c--- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 10:34 132608 --a--c--- C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 10:34 124928 -----c--- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:34 1152000 --a--c--- C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 10:34 105984 -----c--- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 10:34 102400 -----c--- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 04:27 63488 -----c--- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 04:27 625152 -----c--- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 04:27 13824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 03:00 161792 --a--c--- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 02:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 02:08 1104896 -----c--- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 09:59 --------- d-------- C:\Program Files\Citrix
2007-06-19 09:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 09:31 282112 -----c--- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 06:23 1033216 --a------ C:\WINDOWS\explorer.exe
2007-06-13 06:23 1033216 -----c--- C:\WINDOWS\system32\dllcache\explorer.exe
2007-05-25 15:22 83552 --a------ C:\WINDOWS\system32\LMIRfsClientNP.dll
2007-05-25 15:22 63040 --a------ C:\WINDOWS\system32\LMIinit.dll
2007-05-25 15:22 26176 --a------ C:\WINDOWS\system32\LMIport.dll
2007-05-25 15:22 24000 --a------ C:\WINDOWS\system32\LMImirr.dll
2007-05-25 15:22 10304 --a------ C:\WINDOWS\system32\LMImirr2.dll
2007-05-17 07:28 549376 --a------ C:\WINDOWS\system32\oleaut32.dll
2007-05-17 07:28 549376 -----c--- C:\WINDOWS\system32\dllcache\oleaut32.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{736B4B07-D5CB-4EB5-B0DA-716BEB0D746F}]
C:\WINDOWS\system32\jkhhf.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8F4B8997-E78C-421C-8B59-F5C2518AA613}]
C:\WINDOWS\system32\ddaba.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CB02D986-2A35-436A-9527-79F040BD1576}]
C:\WINDOWS\system32\mllmj.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 06:43]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 14:47 C:\WINDOWS\ALCXMNTR.EXE]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 17:32]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-08-15 17:43]
"IndexTray"="C:\Program Files\Sharp\Sharpdesk\IndexTray.exe" [2005-11-05 20:32]
"Indexer"="C:\Program Files\Sharp\Sharpdesk\Indexer.exe" [2005-11-05 20:34]
"SharpTray"="C:\Program Files\Sharp\Sharpdesk\SharpTray.exe" [2005-11-05 20:47]
"TypeRegChecker"="C:\Program Files\Sharp\Sharpdesk\TypeRegChecker.exe" [2005-11-05 20:35]
"FtpServer.exe"="C:\Program Files\Sharp\Sharpdesk\FtpServer.exe" [2005-11-05 20:04]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 14:03]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-03-27 15:22]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 22:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 13:39]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
spamsubtract.lnk - C:\Program Files\interMute\SpamSubtract\SpamSub.exe [2003-10-14 01:24:52]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 00:37:56]
PowerReg Scheduler.exe [2004-03-17 15:07:39]
Updates from HP.lnk - C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe [2003-10-11 01:26:40]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-05-25 15:22 63040 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MsnFixer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MsnFixer.lnk
backup=C:\WINDOWS\pss\MsnFixer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
ALCXMNTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoTKit]
C:\hp\bin\AUTOTKIT.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor]
c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
C:\WINDOWS\System32\hphmon05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IcoSet]
c:\hp\bin\cloaker.exe c:\hp\bin\IcoSet\adjust.bat seticon
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTMSG]
LTMSG.exe 7
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
c:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]
rundll32.exe nview.dll,nViewLoadHook
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecordNow!]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
"C:\Windows\Creator\Remind_XP.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k]
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe
R2 LMIInfo;LogMeIn Kernel Information Provider;\??\C:\Program Files\LogMeIn\x86\RaInfo.sys
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
R3 LMImirr;LMImirr;C:\WINDOWS\system32\DRIVERS\LMImirr.sys
S2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys
S2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys
S3 SQLAgent$MICROSOFTBCM;SQLAgent$MICROSOFTBCM;C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -i MICROSOFTBCM
Contents of the 'Scheduled Tasks' folder
2007-08-12 01:52:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
2004-05-15 17:25:00 C:\WINDOWS\Tasks\Easy Internet Sign-up.job
2007-08-04 00:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Owner.job - C:\PROGRA~1\NORTON~1\Navw32.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2007-08-17 10:00:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-17 10:04:03 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-17 10:03
--- E O F ---
HJT Log:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:05:54 AM, on 8/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Sharp\Sharpdesk\IndexTray.exe
C:\Program Files\Sharp\Sharpdesk\Indexer.exe
C:\Program Files\Sharp\Sharpdesk\SharpTray.exe
C:\Program Files\Sharp\Sharpdesk\FtpServer.exe
C:\PROGRA~1\Sharp\SHARPD~1\Indexer.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Sharp\Sharpdesk\nsapp.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
C:\Program Files\interMute\SpamSubtract\SpamSub.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us10.hpwis.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.rbsgc.com...nnect/home.aspxR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us10.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://us10.hpwis.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;192.168.10.*;169.254.2.*
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {736B4B07-D5CB-4EB5-B0DA-716BEB0D746F} - C:\WINDOWS\system32\jkhhf.dll (file missing)
O2 - BHO: (no name) - {8F4B8997-E78C-421C-8B59-F5C2518AA613} - C:\WINDOWS\system32\ddaba.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {CB02D986-2A35-436A-9527-79F040BD1576} - C:\WINDOWS\system32\mllmj.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [IndexTray] "C:\Program Files\Sharp\Sharpdesk\IndexTray.exe"
O4 - HKLM\..\Run: [Indexer] "C:\Program Files\Sharp\Sharpdesk\Indexer.exe"
O4 - HKLM\..\Run: [SharpTray] "C:\Program Files\Sharp\Sharpdesk\SharpTray.exe"
O4 - HKLM\..\Run: [TypeRegChecker] "C:\Program Files\Sharp\Sharpdesk\TypeRegChecker.exe"
O4 - HKLM\..\Run: [FtpServer.exe] "C:\Program Files\Sharp\Sharpdesk\FtpServer.exe" -usedefault
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: PowerReg Scheduler.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search on TER - file:///C:\Program Files\Search On TER/search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://www.freewebs.comO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photos.walmar...martActivia.cabO16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akama...meInstaller.exeO16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) -
http://imlive.com/ch...urce/ImlCID.cabO16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) -
http://carpoint.msn....id/MSSurVid.cabO16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) -
http://upload-v5.str...oad/XUpload.ocxO16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) -
http://entimg.msn.co...snmusax2729.cabO16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) -
https://secure.logme...trl.cab?lmi=100O17 - HKLM\System\CCS\Services\Tcpip\..\{93AED18D-1C4B-496F-A784-D77C78629CE7}: NameServer = 192.168.10.1,216.134.205.134
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 12134 bytes
Uninstall_list.txt: ABBYY FineReader 5.0 Sprint
Ad-aware 6 Personal
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 6.0.1 Standard
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player ActiveX
Adobe Reader 6.0
Apple Software Update
ArcSoft ShowBiz 2
BlackBerry Desktop Manager 3.6
Blackhawk Striker from Hewlett-Packard Desktops (remove only)
Blasterball 2 from Hewlett-Packard Desktops (remove only)
Bounce Symphony from Hewlett-Packard Desktops (remove only)
Business Contact Manager for Outlook 2003
ccCommon
DESI Labeling System
DivX Player
Documents To Go
Easy Internet Sign-up
Excavation from Hewlett-Packard Desktops (remove only)
FaxTools
Five Card Frenzy from Hewlett-Packard Desktops (remove only)
Google Toolbar for Internet Explorer
HandiTV
HijackThis 2.0.2
Historical Stats
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
HP Deskjet Preloaded Printer Drivers
HP Instant Support
HP Organize
HP Photo & Imaging 3.1
HP Photo and Imaging 2.0 - Photosmart Cameras
HP PSC & OfficeJet 3.0
HP Software Update
HPIZ311
Intel® Extreme Graphics Driver
IntelliMover Data Transfer Demo
Internet Worm Protection
InterVideo WinDVD Player
iPod for Windows 2005-09-23
iTunes
Java 2 Runtime Environment, SE v1.4.2
Jfuse
KBD
KeySuite ™ (Trial)
LEAD H.264 Standard Video Encoder
Lexmark X1100 Series
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
LogMeIn
LogMeIn
MediaJoin
Memories Disc Creator 2.0
Microsoft .NET Framework 1.1
Microsoft ActiveSync
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Plus! Digital Media Edition
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works 7.0
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Multimedia Card Reader
Norton AntiVirus 2005
Norton AntiVirus 2005 (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SCSSDist MSI
Norton AntiVirus SYMLT MSI
Norton WMI Update
Norton WMI Update
NVIDIA GART Driver
Orbital from Hewlett-Packard Desktops (remove only)
Otto from Hewlett-Packard Desktops (remove only)
Overball from Hewlett-Packard Desktops (remove only)
PC-Doctor for Windows
Photosmart 140,240,7200,7600,7700,7900 Series
Polar Bowler from Hewlett-Packard Desktops (remove only)
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
RecordNow!
RegBlock
Search On TER 0.1
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
SHARP PS Display Font
Sharpdesk
Slyder from Hewlett-Packard Desktops (remove only)
Snood for Windows version 3.52-W
Sonic Update Manager
SpamBayes 1.0.4
SpamSubtract
SPBBC
Spybot - Search & Destroy 1.3
Symantec
Symantec Script Blocking Installer
SymNet
Time Zone Data Update Tool for Microsoft Office Outlook
toolkit
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Updates from HP
Viewpoint Manager (Remove Only)
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Mobile Daylight Saving Time 2007 Updates
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885626
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WinZip
Yahoo! Address AutoComplete
Yahoo! Install Manager
Yahoo! Messenger
Zone Deluxe Games
Lastly, I just ran another SpyBot check and only 2 showed up - DoubleClick and Advertising.com. They don't seem to be causing any noticeable problems but why do they keep showing up? Thanks again.
Sign In
Create Account
