Hi Sam,
I followed your instructions. I ensured I had view hidden files selected. Then ran hijack this, checked the items you listed and clicked the fix button.
I then re-booted in safe mode and attempted to delete the files you listed with the following results:1) c:\winnt\help\sbsi\docanti.dll= I recieved the following error message: "Cannot delete docanti: it is being used by another person or program"
2) c:\winnt\system32\st3.dll= I recieved the following error message: "cannot delete st3: access is denied. make sure disk is not full and that file is not currently in use"
3) c:\winnt\system32\oektcbby.exe= "file not found"
4) c:\winnt\adsldpbd.dll= "cannot access adsldpbd: make sure disk is not full or write protected and tha file is not currently in use."
5) c:\winnt\mpatrol.dll= File successfully deleted
I then ran the Panda online scan Here are the results:Incident Status Location
Spyware:Spyware/Virtumonde No disinfected C:\WINNT\Help\SBSI\docanti.dll
Virus:Trj/Stwoyle.A Disinfected Operating system
Adware:adware/apropos No disinfected C:\WINNT\SYSTEM32\auto_update_uninstall.log
Adware:adware/miamore No disinfected C:\WINNT\SYSTEM32\st3.dll
Adware:adware/portalscan No disinfected C:\WINNT\SYSTEM32\winupdt.008
Spyware:spyware/search3 No disinfected C:\PROGRAM FILES\SEARCH3 TOOLBAR
Adware:adware/elitebar No disinfected C:\WINNT\EliteToolBar
Spyware:spyware/searchcentrix No disinfected Windows Registry
Virus:Trj/Downloader.AEE Disinfected C:\counter.cab
Virus:Trj/Subsearch.G Disinfected C:\Documents and Settings\All Users\Application Data\IEService\v28.exe
Adware:Adware/IST.ISTBar No disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-3c936701-1e6c33ba.zip[InstallerApplet.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv799.jar-b5b39d3-244669f8.zip[Matrix.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv799.jar-b5b39d3-244669f8.zip[Counter.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv799.jar-b5b39d3-244669f8.zip[Dummy.class]
Virus:Trj/Stwoyle.A Disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20051117-234152-700.dll
Adware:Adware/SearchNo No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20051117-234152-813.dll
Adware:Adware/SearchNo No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\CP0DUBC5\prflbmsgp32[1].dll
Virus:Trj/Stwoyle.A Disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\RDUXQ9CR\st3[1].dll
Adware:Adware/EShopper No disinfected C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
Adware:Adware/EShopper No disinfected C:\Program Files\Microsoft Games\Flight Simulator 9\UnKLM_A332.exe
Adware:Adware/EShopper No disinfected C:\Program Files\Microsoft Games\Flight Simulator 9\UnUTUSA.exe
Adware:Adware/SearchNo No disinfected C:\RECYCLER\S-1-5-21-856008069-3909228380-3275963947-1003\Dc45.dll
Virus:Trj/Downloader.FPD Disinfected C:\RECYCLER\S-1-5-21-856008069-3909228380-3275963947-1003\Dc46.dll
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1013\A0025835.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1030\A0026205.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1031\A0026216.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1031\A0026226.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1031\A0026233.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1032\A0026275.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1035\A0026336.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1035\A0026344.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1035\A0026352.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1037\A0026370.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1043\A0026400.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1044\A0026453.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1045\A0026519.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1047\A0026658.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1048\A0026679.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1049\A0026838.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1050\A0027838.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1051\A0028009.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1053\A0028282.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1057\A0028615.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1057\A0029621.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1058\A0032489.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1058\A0032538.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1058\A0033748.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1058\A0034323.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1058\A0034448.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1060\A0034655.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1060\A0036666.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1063\A0037278.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1063\A0037284.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1063\A0038285.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1064\A0038605.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1064\A0038738.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1066\A0039376.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1066\A0039383.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1068\A0039421.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1068\A0039428.exe
Adware:Adware/EShopper No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1069\A0039543.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1069\A0039716.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1069\A0039821.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1069\A0039882.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1070\A0040882.exe
Adware:Adware/EShopper No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1071\A0041036.exe
Adware:Adware/EShopper No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1079\A0044671.exe
Adware:Adware/FastFind No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1079\A0044758.exe
Adware:Adware/CWS No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1081\A0044866.dll
Virus:Trj/VBStat.A Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1081\A0044867.exe.tcf
Virus:Trj/Downloader.ATK Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1081\A0044868.exe
Virus:Trj/Downloader.ATD Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1081\A0044870.exe
Virus:W32/Sdbot.BEL.worm Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1081\A0044871.exe.tcf
Virus:Trj/Pakes.S Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1081\A0044885.dll
Virus:Trj/Pakes.S Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1081\A0044886.dll
Adware:Adware/SearchNo No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1085\A0047027.dll
Virus:Trj/Stwoyle.A Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1086\A0049400.dll
Adware:Adware/EShopper No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1087\A0049516.exe
Virus:Trj/Subsearch.G Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1089\A0049737.exe
Virus:Trj/Stwoyle.A Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1089\A0049738.dll
Virus:Trj/Downloader.FPD Disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP1089\A0049739.dll
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP979\A0025487.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP980\A0025494.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP981\A0025501.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP985\A0025547.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP985\A0025569.exe
Possible Virus. No disinfected C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP998\A0025731.exe
Adware:Adware/Miamore No disinfected C:\WINNT\adsldpbd.dll
Adware:Adware/Exact.BargainBuddyNo disinfected C:\WINNT\EliteToolBar\xml\images\casino-ico.bmp
Adware:Adware/Exact.BargainBuddyNo disinfected C:\WINNT\EliteToolBar\xml\images\casino.bmp
Adware:Adware/Exact.BargainBuddyNo disinfected C:\WINNT\EliteToolBar\xml\images\dating-ico.bmp
Adware:Adware/Exact.BargainBuddyNo disinfected C:\WINNT\EliteToolBar\xml\images\dating.bmp
Adware:Adware/Exact.BargainBuddyNo disinfected C:\WINNT\EliteToolBar\xml\images\drugs-ico.bmp
Adware:Adware/Exact.BargainBuddyNo disinfected C:\WINNT\EliteToolBar\xml\images\drugs.bmp
Adware:Adware/Exact.BargainBuddyNo disinfected C:\WINNT\EliteToolBar\xml\images\fav-ico.bmp
Adware:Adware/Exact.BargainBuddyNo disinfected C:\WINNT\EliteToolBar\xml\images\fav.bmp
Adware:Adware/Exact.BargainBuddyNo disinfected C:\WINNT\EliteToolBar\xml\images\virus.bmp
Spyware:Spyware/Virtumonde No disinfected C:\WINNT\Help\SBSI\docanti.dll
Virus:Trj/Pakes.S Disinfected C:\WINNT\Help\__delete_on_reboot__logap.dll.tcf
Possible Virus. No disinfected C:\WINNT\Microsoft.NET\DirectX for Managed Code\faxbas.exe
Virus:Trj/Pakes.S Disinfected C:\WINNT\security\logs\__delete_on_reboot__docinfo.dll.tcf
Virus:Trj/Stwoyle.A Disinfected C:\WINNT\system32\st3.dll
I then rebooted and ran hijack this. Here is that log:
Logfile of HijackThis v1.99.1
Scan saved at 2:43:01 AM, on 11/18/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\STOPzilla!\SZServer.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINNT\System32\NMSSvc.exe
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\WINNT\Explorer.EXE
C:\WINNT\System32\UAService7.exe
C:\WINNT\System32\SK9910DM.EXE
C:\WINNT\GWMDMMSG.exe
C:\WINNT\System32\CTHELPER.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINNT\System32\lxamsp32.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\System32\wbem\wmiapsrv.exe
C:\WINNT\System32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.militaryspot.com/O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:"Keyboard Preload Check"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [lxamsp32.exe] lxamsp32.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINNT\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [STOPzilla] C:\Program Files\STOPzilla!\STOPzilla.exe /autostart
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - Global Startup: AcBtnMgr_X63.exe.lnk = C:\Program Files\LexmarkX63\AcBtnMgr_X63.exe
O4 - Global Startup: ACMonitor_X63.exe.lnk = C:\Program Files\LexmarkX63\ACMonitor_X63.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.coolwebsearch.com
O15 - Trusted Zone: *.searchmeup.com
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akama...meInstaller.exeO16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO20 - Winlogon Notify: docanti - C:\WINNT\Help\SBSI\docanti.dll
O20 - Winlogon Notify: gg - C:\WINNT\adsldpbd.dll
O20 - Winlogon Notify: STOPzilla - C:\WINNT\SYSTEM32\IS3WLHandler.dll
O21 - SSODL: Tmpagdde - {AE763407-03FD-4EE3-A4A6-DCB2B7AFA77A} - C:\WINNT\System32\cfgucdos.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: STOPzilla Service (szserver) - Unknown owner - C:\Program Files\Common Files\STOPzilla!\SZServer.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINNT\System32\UAService7.exe
I hope I followed your directions correctly. Just looking at these logs gives me a headache. I don't know how you manage to decipher it.
If you need anything else just say the word!
Thank you for all your time!, I'd be lost without you,
Darryl