Technology Forum

Good Morning,I clicked on a link the other day and since then, my IE does what it wants. If I do an internet search and click on the link, it goes to a different search engine or to a spyware download page. Also while I am on the computer I get these pop ups about purchasing spyware.I ran the Norton AntiVirus but it couldn't delete the files system32/appcert/wsil32.dll and system32/appcert/snl32.dll. And AdAware couldn't remove the trojan Horse virus. I uninstalled the Ad Aware and the Norton and downloaded what was instructed in Step 3.I did the "slow PC" thread and the first five steps. I had difficulty figuring out the IE-spyad :4-dontkno. The Panda Scan and extra.txt are attached. Below is the info from the DSS main.txt results.Any help you can provide is greatly appreciated.Thanks!AmberDeckard's System Scanner v20071014.68Run by Little Scholars on 2008-06-11 08:55:43Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 2 Restore Point(s) --2: 2008-06-11 12:55:50 UTC - RP31 - Deckard's System Scanner Restore Point1: 2008-06-11 12:55:18 UTC - RP30 - System CheckpointBacked up registry hives.Performed disk cleanup.-- HijackThis Clone ------------------------------------------------------------Emulating logfile of Trend Micro HijackThis v2.0.2Scan saved at 2008-06-11 09:00:09Platform: windows xp Service Pack 2 (5.01.2600)MSIE: Internet Explorer (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\system32\smss.exeC:\WINDOWS\s ystem32\winlogon.exeC:\WINDOWS\system32\services.e xeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32 \ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WIN DOWS\system32\svchost.exeC:\WINDOWS\system32\WLTRY SVC.EXEC:\WINDOWS\system32\BCMWLTRY.EXEC:\WINDOWS\ system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exeC:\WI NDOWS\system32\Brmfrmps.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exeC:\W INDOWS\system32\svchost.exeC:\WINDOWS\system32\svc host.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\ati2evxx.exeC:\ WINDOWS\explorer.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Java\jre1.6.0_04\bin\jusched.exeC:\WINDOWS\s tsystra.exeC:\Program Files\ScanSoft\PaperPort\pptd40nt.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Prog ram Files\HP\HP Software Update\hpwuSchd2.exeC:\WINDOWS\system32\dla\tfswct rl.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\WINDOWS\system3 2\WLTRAY.EXEC:\Program Files\ATI Technologies\ATI.ACE\CLI.exeC:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.exeC:\WINDOWS\system32\ctfmo n.exeC:\WINDOWS\system32\DrvMon.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\0og0 nm.exeC:\Program Files\Digital Line Detect\DLG.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exeC:\Pr ogram Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeC:\Program Files\ATI Technologies\ATI.ACE\CLI.exeC:\Program Files\HP\Digital Imaging\bin\hpqste08.exeC:\WINDOWS\system32\svchos t.exeC:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exeC:\Documents and Settings\Little Scholars\Local Settings\Temporary Internet Files\Content.IE5\KTEZ4D6F\dss[1].exeC:\Program Files\Java\jre1.6.0_04\bin\jucheck.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...&ibd=6070111R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?id=2...033&_lang=ENR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ieR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%sR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexploreR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.comR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ieR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...&ibd=6070111O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dllO2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dllO2 - BHO: (no name) - {B83F46B4-0BD2-4FC9-B707-0646CAAC2360} - C:\WINDOWS\system32\bootvidk.dllO2 - BHO: (no name) - {C3213B75-AB28-4428-8691-03A5DA85AF02} - C:\WINDOWS\system32\iobbgwd.dllO2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dllO3 - Toolbar: (no name) - ID - (no file)O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -bootO4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exeO4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupO4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exeO4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exeO4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exeO4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exeO4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -DelayO4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"O4 - HKLM\..\Run: [0og0nm] C:\WINDOWS\system32\0og0nm.exeO4 - HKLM\..\Run: [ccApp] -O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exeO4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exeO4 - HKCU\..\Run: [0og0nm] C:\WINDOWS\system32\0og0nm.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exeO4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeO8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlO8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlO8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...loader5.cabO16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives...2stubie.cabO16 - DPF: {31435657-9980-0010-8000-00AA00389B71} () - http://download.microsoft.com/downlo...wvc1dmo.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pu...swflash.cabO18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dllO18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLLO18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLLO20 - Winlogon Notify: gcfzozwn - C:\WINDOWS\system32\iobbgwd.dllO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exeO23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXEO23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS. exeO23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\system32\WLTRYSVC.EXEO24 - Desktop Component 0: - http://l.yimg.com/us.js.yimg.com/lib...ommonlib.jsO24 - Desktop Component 1: - file:///C:/DOCUME~1/LITTLE~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif--End of file - 11505 bytes-- File Associations -----------------------------------------------------------All associations okay.-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------R0 kjzwcyuc - c:\windows\system32\drivers\kjzwcyuc.sys R1 APPDRV - c:\windows\system32\drivers\appdrv.sys R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys S3 DSproct - c:\program files\dell support\gtaction\triggers\dsproct.sys (file missing)S3 SMNDIS5 (SMNDIS5 NDIS Protocol Driver) - c:\program files\verizon wireless\vzaccess manager\smndis5.sys S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------All services whitelisted.-- Device Manager: Disabled ----------------------------------------------------No disabled devices found.-- Files created between 2008-05-11 and 2008-06-11 -----------------------------2008-06-11 08:42:25 0 d-------- C:\ie-spyad_zo2008-06-11 08:36:34 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP2008-06-11 08:36:29 0 d-------- C:\Program Files\SpywareBlaster2008-06-11 06:41:03 0 d-------- C:\Program Files\Panda Security2008-06-10 20:27:31 0 d-------- C:\Program Files\Lavasoft2008-06-10 20:27:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft2008-06-10 18:56:38 0 d-------- C:\Documents and Settings\Little Scholars\Application Data\Symantec2008-06-10 16:44:11 0 d-------- C:\Documents and Settings\Little Scholars\Application Data\teuwffaf2008-06-10 16:44:11 0 d-------- C:\Documents and Settings\Little Scholars\Application Data\Mozilla2008-06-10 16:18:28 0 d-------- C:\Program Files\Common Files\Mozilla Shared2008-06-09 15:32:37 0 d-------- C:\WINDOWS\system32\AppCert2008-06-09 15:32:09 15872 --a------ C:\WINDOWS\system32\0og0nm.exe2008-06-09 15:31:35 128000 --a------ C:\WINDOWS\system32\catsrvpsv.dll 2008-06-09 15:31:21 88064 --a------ C:\WINDOWS\system32\bootvidk.dll2008-05-12 15:52:28 0 d-------- C:\Documents and Settings\Little Scholars\Application Data\Redemption-- Find3M Report ---------------------------------------------------------------2008-06-11 06:50:53 0 d-------- C:\Program Files\Common Files2008-06-11 05:31:05 0 d-------- C:\Program Files\Common Files\Symantec Shared2008-06-10 20:26:07 0 d-------- C:\Program Files\Symantec2008-06-09 21:28:58 0 d-------- C:\Documents and Settings\Little Scholars\Application Data\LimeWire2008-05-15 17:35:45 0 d-------- C:\Documents and Settings\Little Scholars\Application Data\vusbsp2008-05-13 16:44:46 0 d-------- C:\Documents and Settings\Little Scholars\Application Data\Image Zone Express2008-04-25 16:08:33 652 --a------ C:\Documents and Settings\Little Scholars\Application Data\Hewlett-PackardHP PSC 1500 series1170070991_UI.log2008-04-25 16:08:27 316 --a------ C:\Documents and Settings\Little Scholars\Application Data\Hewlett-PackardHP PSC 1500 series1170070991_PROTOCOL.log2008-04-25 16:08:24 0 d-------- C:\Documents and Settings\Little Scholars\Application Data\HP2008-04-25 16:08:24 0 --a------ C:\Documents and Settings\Little Scholars\Application Data\Hewlett-PackardHP PSC 1500 series1170070991_API.log-- Registry Dump ---------------------------------------------------------------*Note* empty entries & legit default entries are not shown[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B83F46B4-0BD2-4FC9-B707-0646CAAC2360}][HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C3213B75-AB28-4428-8691-03A5DA85AF02}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [07/23/2007 12:41 PM]"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/08/2006 08:48 PM]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [12/14/2007 03:42 AM]"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [10/14/2003 10:22 AM]"SigmatelSysTrayApp"="stsystra.exe" [03/25/2006 01:30 AM C:\WINDOWS\stsystra.exe]"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/12/2007 12:35 AM]"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [04/14/2004 02:46 PM]"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 06:50 PM]"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [07/27/2004 06:50 PM]"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [04/14/2004 03:04 PM]"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [05/12/2005 12:12 AM]"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [12/06/2004 03:05 AM]"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [08/03/2006 08:51 PM]"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [11/23/2006 02:35 AM]"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [01/02/2006 07:41 PM]"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [12/14/2004 02:12 AM]"0og0nm"="C:\WINDOWS\system32\0og0nm.exe" [10/13/2006 04:21 PM]"ccApp"="-" [][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]"DrvMon.exe"="C:\WINDOWS\system32\DrvMon.exe" [06/15/2006 12:11 AM]"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" []"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]"ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" []"0og0nm"="C:\WINDOWS\system32\0og0nm.exe" [10/13/2006 04:21 PM]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 07:00 AM]C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [9/7/2007 8:06:47 PM]Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/16/2005 7:16:50 PM]Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/24/2005 12:05:26 AM]Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [1/12/2007 12:30:14 AM]HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/12/2005 12:23:26 AM]Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 4:05:56 PM]QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [10/17/2006 2:43:22 AM]Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [5/4/2005 12:07:32 AM][HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]"NoViewOnDrive"=0 (0x0)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gcfzozwn] iobbgwd.dll 08/04/2004 07:00 AM 84480 C:\WINDOWS\system32\iobbgwd.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 Pml Driver HPZ12 Net Driver HPZ12HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsgcemkvro[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{0769fec9-e50f-11db-8186-00038a000015}]AutoRun\command- E:\LaunchU3.exe[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{0d13daee-1531-11dd-8302-0019b94e74a3}]AutoRun\command- E:\Loaderw.exe[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{4f6bb0ec-39e0-11dc-81ea-0019b94e74a3}]AutoRun\command- E:\LaunchU3.exe -a[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6f2f3bd1-b68e-11dc-8279-0019b94e74a3}]AutoRun\command- E:\LaunchU3.exe -a[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{9251c1b7-1f7d-11dd-830c-0019b94e74a3}]AutoRun\command- E:\ONSPCLCK.exe-- End of Deckard's System Scanner: finished at 2008-06-11 09:01:20 ------------