All Run successfully...
The Combofix Log is as follows:
ComboFix 08-02-25.3 - Sam 2008-02-29 10:47:26.2 - NTFSx86
Running from: C:\Documents and Settings\Sam\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Sam\Desktop\CFScript.txt
* Created a new restore point
FILE ::
C:\ WINDOWS \ system32 \ GetHardDiskNo.dll
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar\Cache\
000870A5
C:\Program Files\AskTBar\bar\Cache\
00087FC8.bin
C:\Program Files\AskTBar\bar\Cache\
00088536.bin
C:\Program Files\AskTBar\bar\Cache\
0008891E.bin
C:\Program Files\AskTBar\bar\Cache\
00088C4B.bin
C:\Program Files\AskTBar\bar\Cache\
000890A0.bin
C:\Program Files\AskTBar\bar\Cache\
0008A06F.bin
C:\Program Files\AskTBar\bar\Cache\files.ini
C:\Program Files\AskTBar\bar\History\search2
C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
.
((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-29 )))))))))))))))))))))))))))))))
.
2008-02-26 10:50 . 2008-02-26 10:50 <DIR> d----c--- C:\KAV
2008-02-25 10:14 . 2008-02-25 10:14 100,249,202 --a--c--- C:\registrybackup.reg
2008-02-22 17:31 . 2008-02-22 17:31 <DIR> d----c--- C:\Documents and Settings\Sam\Application Data\ieSpell
2008-02-22 17:29 . 2008-02-22 17:29 <DIR> d----c--- C:\Program Files\ieSpell
2008-02-21 15:31 . 2008-02-22 10:27 <DIR> d----c--- C:\Program Files\SpywareBlaster
2008-02-21 15:10 . 2008-02-22 08:09 <DIR> d----c--- C:\Program Files\Common Files\Panda Software
2008-02-18 18:08 . 2008-02-21 18:55 <DIR> d----c--- C:\Program Files\Join ME
2008-02-13 13:08 . 2008-02-13 13:08 <DIR> d----c--- C:\Documents and Settings\Sam\DoctorWeb
2008-02-06 13:30 . 2008-02-07 18:40 <DIR> d----c--- C:\Program Files\SUPERAntiSpyware
2008-02-05 17:50 . 2008-02-05 17:50 <DIR> d----c--- C:\ie-spyad
2008-02-05 13:36 . 2008-02-05 13:36 80,097 --a--c--- C:\WINDOWS\system32\dcads-remove.exe
2008-02-05 10:38 . 2008-02-05 10:38 <DIR> d----c--- C:\Documents and Settings\Sam\Application Data\Uniblue
2008-01-29 10:43 . 2008-01-29 10:43 <DIR> d----c--- C:\Program Files\Trend Micro
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-29 00:09 --------- dc----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-02-28 21:58 --------- dc----w C:\Program Files\Common Files\Symantec Shared
2008-02-22 08:26 --------- dc----w C:\Program Files\Common Files\Nero
2008-02-22 08:26 --------- dc----w C:\Documents and Settings\All Users\Application Data\Nero
2008-02-20 00:24 --------- dc----w C:\Program Files\LimeWire
2008-02-18 07:38 --------- dc-h--w C:\Program Files\InstallShield Installation Information
2008-02-18 07:36 --------- dc----w C:\Program Files\Common Files\InstallShield
2008-02-07 08:10 --------- dc----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-06 07:50 --------- dc----w C:\Program Files\Windows Defender
2008-02-06 07:50 --------- dc----w C:\Program Files\Norton 360
2008-02-06 07:47 --------- dc----w C:\Program Files\Microsoft ActiveSync
2008-02-06 03:00 --------- dc----w C:\Documents and Settings\Sam\Application Data\SUPERAntiSpyware.com
2008-02-05 05:03 --------- dc----w C:\Documents and Settings\Sam\Application Data\Grisoft
2008-01-26 02:04 --------- dc----w C:\Program Files\QuickTime
2008-01-26 01:21 --------- dc----w C:\Program Files\Microsoft Works
2008-01-25 22:15 --------- dc----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-25 08:35 --------- dc----w C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-25 08:28 --------- dc----w C:\Program Files\Windows Live Toolbar
2008-01-23 04:28 --------- dc----w C:\Program Files\Microsoft Silverlight
2008-01-17 01:31 --------- dc----w C:\Documents and Settings\Sam\Application Data\Nero
2008-01-17 01:21 --------- dc----w C:\Program Files\Canon
2008-01-17 00:29 --------- dc----w C:\Program Files\Ahead
2008-01-14 23:24 10,537 -c--a-w C:\WINDOWS\system32\drivers\COH_Mon.cat
2008-01-14 18:58 706 -c--a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-01-12 08:02 23,904 -c--a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2007-12-07 08:47 60,800 -c--a-w C:\WINDOWS\system32\S32EVNT1.DLL
2007-12-07 02:21 824,832 -c--a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:38 550,912 -c--a-w C:\WINDOWS\system32\oleaut32.dll
2007-01-26 04:39 43,846 -c--a-w C:\WINDOWS\Internet Logs\GLB2B_2nd_2007_01_26_15_05_16_small.dmp.zip
2007-01-26 04:33 43,362 -c--a-w C:\WINDOWS\Internet Logs\GLB12_2nd_2007_01_26_15_00_01_small.dmp.zip
2007-01-26 04:29 46,295 -c--a-w C:\WINDOWS\Internet Logs\GLB6_2nd_2007_01_26_14_58_45_small.dmp.zip
2007-01-26 04:29 11,005,649 -c--a-w C:\WINDOWS\Internet Logs\GLBC_2nd_2007_01_26_14_59_20_full.dmp.zip
2004-10-01 05:30 40,960 -c--a-w C:\Program Files\Uninstall_CDS.exe
2007-11-20 06:37 88 -csh--r C:\WINDOWS\system32\54BABE6937.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [ ]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2005-01-04 12:50 405583]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 22:30 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"ISUSPM Startup"="c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 17:30 249856]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 17:30 81920]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-07-18 12:24 116072]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 11:42 69632]
"PE2CKFNT SE"="C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe" [1998-07-03 12:51 25088]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 10:33 892928]
"SoundMan"="SOUNDMAN.EXE" [2006-03-01 18:52 577536 C:\WINDOWS\SOUNDMAN.EXE]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-30 00:27 77824]
"Logitech Utility"="Logi_MwX.Exe" [2002-11-08 20:20 19968 C:\WINDOWS\LOGI_MWX.EXE]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-11-02 11:33 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-11-02 11:29 126976]
"Corel File Shell Monitor"="C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2007-10-30 19:52 16200]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
"Ashampoo AntiSpyWare2 Guard"="C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe" [ ]
"Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-10-31 11:22 531784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 20:29 39264]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk]
backup=C:\WINDOWS\pss\Microsoft Works Calendar Reminders.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Photo Express Calendar Checker SE.lnk]
backup=C:\WINDOWS\pss\Photo Express Calendar Checker SE.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Sam^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Sam^Start Menu^Programs^Startup^Metacafe Downloader.lnk]
backup=C:\WINDOWS\pss\Metacafe Downloader.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Sam^Start Menu^Programs^Startup^OCRAWARE.lnk]
backup=C:\WINDOWS\pss\OCRAWARE.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\au]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Blubster]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerBar]
--a--c--- 2004-04-21 11:26 86016 C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
S2 PRTGService;PRTG Service;C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe []
S2 prtgwatchservice;PRTG Watchdog;C:\Program Files\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe []
S3 FXDRV;FXDRV;D:\Fxdrv.sys []
S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys []
S3 WFsys;WinFox Control I/O Driver;C:\WINDOWS\system32\DRIVERS\wfsys.sys [2002-04-22 15:15]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a406a56-1d31-11db-a55f-806d6172696f}]
\Shell\AutoRun\command - C:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{67571903-1d54-11db-815b-806d6172696f}]
\shell\PlayWithPowerDVD\Command - "C:\Program Files\CyberLink DVD Solution\PowerDVD\PowerDVD.exe" "%l"
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-02-28 21:37:23 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-29 10:50:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-29 10:50:58
ComboFix-quarantined-files.txt 2008-02-29 00:20:55
ComboFix2.txt 2008-02-07 03:59:25
.
2008-02-28 21:39:24 --- E O F ---
New hijacklog as requested is as follows:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:57:13 AM, on 29/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Sam\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com.au/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://g.ninemsn.com...S01?FORM=TOOLBRR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Ashampoo AntiSpyWare2 Guard] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) -
https://support.micr...veX/MSDcode.cabO16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab31267.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} -
http://www.eset.eu/b...lineScanner.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1170932989406O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab31267.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zon...ro.cab53083.cabO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: PRTG Service (PRTGService) - Unknown owner - C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe (file missing)
O23 - Service: PRTG Watchdog (prtgwatchservice) - Unknown owner - C:\Program Files\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 8834 bytes
Thank You once Again and THANK YOU SO MUCH For Your Valuable Time and effort throughout this whole thread..
Anthony