here are both logs
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, June 18, 2007 12:39:05 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 18/06/2007
Kaspersky Anti-Virus database records: 348026
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
Scan Statistics:
Total number of scanned objects: 108065
Number of viruses found: 22
Number of infected objects: 56
Number of suspicious objects: 0
Duration of the scan process: 02:04:14
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\Lily\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\cert8.db Object is locked skipped
C:\Documents and Settings\Lily\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\history.dat Object is locked skipped
C:\Documents and Settings\Lily\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\key3.db Object is locked skipped
C:\Documents and Settings\Lily\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\parent.lock Object is locked skipped
C:\Documents and Settings\Lily\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Lily\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Lily\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0057.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0058.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0059.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0060.BIN/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0060.BIN/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0060.BIN/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0060.BIN/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.370 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0060.BIN/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0060.BIN/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0060.BIN Infected: not-a-virus:AdWare.Win32.WebHancer skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0061.BIN Infected: not-a-virus:Server-Proxy.Win32.MarketScore.k skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe/WISE0062.BIN Infected: not-a-virus:AdWare.Win32.Relevant.a skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe WiseSFX: infected - 12 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\ezcardsbdayfree.exe WiseSFX Dropper: infected - 12 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\iMeshV7.exe/WISE0101.BIN/stream/data0005 Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\iMeshV7.exe/WISE0101.BIN/stream Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\iMeshV7.exe/WISE0101.BIN Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\iMeshV7.exe WiseSFX: infected - 3 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\iMeshV7.exe WiseSFX Dropper: infected - 3 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\Zeus-install.1.exe/data0025 Infected: not-a-virus:Porn-Tool.Win32.Porn2Peer.a skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\Zeus-install.1.exe NSIS: infected - 1 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\Zeus-install.exe/data0025 Infected: not-a-virus:Porn-Tool.Win32.Porn2Peer.a skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\Zeus-install.exe NSIS: infected - 1 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe/irsetup.dat Infected: P2P-Worm.Win32.Insta.a skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe/upd.exe Infected: not-a-virus:RiskTool.Win32.PsKill.1101 skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe/cmdo.exe Infected: not-a-virus:RiskTool.Win32.HideWindows skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe/username.exe Infected: not-a-virus:AdWare.Win32.EliteBar.ba skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe/smmss.exe Infected: not-a-virus:AdWare.Win32.EZula.bg skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe/cheat_plugin.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.ja skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe/cheat_plugin.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.ny skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe/cheat_plugin.exe Infected: Trojan-Downloader.Win32.IstBar.ny skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe/expIorer.exe Infected: Trojan-Dropper.Win32.Pakes skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip/install.exe Infected: Trojan-Dropper.Win32.Pakes skipped
C:\Documents and Settings\Lily\Desktop\DLS\INSTALLS\[PC GAME] Civilisation 4 no cd crack.zip ZIP: infected - 10 skipped
C:\Documents and Settings\Lily\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Lily\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Lily\Local Settings\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Lily\Local Settings\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Lily\Local Settings\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Lily\Local Settings\Application Data\Mozilla\Firefox\Profiles\wwckxemq.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Lily\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Lily\Local Settings\History\History.IE5\MSHist012007061820070619\index.dat Object is locked skipped
C:\Documents and Settings\Lily\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Lily\My Documents\My Games\bolt\ccfSetup-dm.exe Infected: not-a-virus:AdWare.Win32.Trymedia.b skipped
C:\Documents and Settings\Lily\My Documents\My Games\TRYGAMES\WinZumaSetup-dm.exe Infected: not-a-virus:AdWare.Win32.Trymedia.b skipped
C:\Documents and Settings\Lily\My Documents\My Games\TRYGAMES\WordCraft_1.0.4-dm.exe Infected: not-a-virus:AdWare.Win32.Trymedia.b skipped
C:\Documents and Settings\Lily\My Documents\My Games\ZEUS\zply\spnsrzeus\sinstaller.exe/data0002 Infected: not-a-virus:AdWare.Win32.Comet.c skipped
C:\Documents and Settings\Lily\My Documents\My Games\ZEUS\zply\spnsrzeus\sinstaller.exe NSIS: infected - 1 skipped
C:\Documents and Settings\Lily\My Documents\My Games\ZEUS\zply\Zeus.exe/data0025 Infected: not-a-virus:Porn-Tool.Win32.Porn2Peer.a skipped
C:\Documents and Settings\Lily\My Documents\My Games\ZEUS\zply\Zeus.exe NSIS: infected - 1 skipped
C:\Documents and Settings\Lily\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Lily\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Microsoft Visual Studio\VB98\vs6.exe/vs6.chm/vc/sdk_SdkTools.exe/sdk_SdkTools/spy/dll/hook.dll Infected: not-a-virus:Monitor.Win32.KeyLogger.30 skipped
C:\Program Files\Microsoft Visual Studio\VB98\vs6.exe/vs6.chm/vc/sdk_SdkTools.exe Infected: not-a-virus:Monitor.Win32.KeyLogger.30 skipped
C:\Program Files\Microsoft Visual Studio\VB98\vs6.exe/vs6.chm/vc/sdk_SdkTools_spy.exe/sdk_SdkTools_spy/sdk_SdkTools_spy_dll/hook.dll Infected: not-a-virus:Monitor.Win32.KeyLogger.30 skipped
C:\Program Files\Microsoft Visual Studio\VB98\vs6.exe/vs6.chm/vc/sdk_SdkTools_spy.exe Infected: not-a-virus:Monitor.Win32.KeyLogger.30 skipped
C:\Program Files\Microsoft Visual Studio\VB98\vs6.exe/vs6.chm/vc/sdk_SdkTools_spy_dll.exe/sdk_SdkTools_spy_dll/hook.dll Infected: not-a-virus:Monitor.Win32.KeyLogger.30 skipped
C:\Program Files\Microsoft Visual Studio\VB98\vs6.exe/vs6.chm/vc/sdk_SdkTools_spy_dll.exe Infected: not-a-virus:Monitor.Win32.KeyLogger.30 skipped
C:\Program Files\Microsoft Visual Studio\VB98\vs6.exe/vs6.chm Infected: not-a-virus:Monitor.Win32.KeyLogger.30 skipped
C:\Program Files\Microsoft Visual Studio\VB98\vs6.exe ZIP: infected - 7 skipped
C:\Program Files\zeus\giFT\giFT.dll Infected: not-a-virus:Porn-Tool.Win32.Porn2Peer.a skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{F6AA46B5-C78E-436F-9A36-2A917A69B5F3}\RP321\A0044168.exe/data0025 Infected: not-a-virus:Porn-Tool.Win32.Porn2Peer.a skipped
C:\System Volume Information\_restore{F6AA46B5-C78E-436F-9A36-2A917A69B5F3}\RP321\A0044168.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{F6AA46B5-C78E-436F-9A36-2A917A69B5F3}\RP321\A0044170.exe/data0025 Infected: not-a-virus:Porn-Tool.Win32.Porn2Peer.a skipped
C:\System Volume Information\_restore{F6AA46B5-C78E-436F-9A36-2A917A69B5F3}\RP321\A0044170.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{F6AA46B5-C78E-436F-9A36-2A917A69B5F3}\RP333\A0047715.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e skipped
C:\System Volume Information\_restore{F6AA46B5-C78E-436F-9A36-2A917A69B5F3}\RP385\A0053895.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e skipped
C:\System Volume Information\_restore{F6AA46B5-C78E-436F-9A36-2A917A69B5F3}\RP391\change.log Object is locked skipped
C:\WINDOWS\CSC�000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\pfirewall.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_430.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Logfile of HijackThis v1.99.1
Scan saved at 12:44:27 PM, on 6/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\cba\pds.exe
C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\ams_ii\iao.exe
C:\WINDOWS\system32\cba\xfr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\HIJACKTHIS\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.rr.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [MEDIC] "C:\Program Files\MEDIC\bin\sprtcmd.exe" /P MEDIC
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) -
http://supportcenter...oad/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel Alert Handler - Intel® Corporation - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
O23 - Service: Intel Alert Originator - Intel® Corporation - C:\WINDOWS\system32\ams_ii\iao.exe
O23 - Service: Intel File Transfer - Intel® Corporation - C:\WINDOWS\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel® Corporation - C:\WINDOWS\system32\cba\pds.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: Symantec System Center Discovery Service (NSCTOP) - Symantec Corporation - C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
thank you
i have deleted so much already....unfortunately i let my computers ( i used to have 4 set up at home) for some people who liked games and i just gave free reign of everything. fortunately they are no longer in my life. i am trying to get all this cleaned up and out as best as i can.
