Ok, here is the details:
I have Microsoft Security Essentials - This was downloaded after the attack when I dumped Windows Defender. I now have Online Armor. Concerns noted:
Start Menu:
AGEIA PHYS X System Tray Icon
Auto Runs:
ANIWZCSdS.exe
LSSrvc.exe (I think this is part of the Light Scribe burner I have?)
NWIZ.exe
In the Add/Remove programs, half of that is unknown but mostly looks like hardware updates . If I had to list anything that looks suspicious it would be What is Adobe Air?
After I finished the SuperAntiSpyware scan, Online Armor made me accept the following before it would give me the log report:
UIREPAIR.DLL
SD10005.dll
SD10006.dll
SD10007.dll
_____________________________
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 05/23/2011 at 05:09 PM
Application Version : 4.53.1000
Core Rules Database Version : 7119
Trace Rules Database Version: 4931
Scan type : Complete Scan
Total Scan Time : 03:07:03
Memory items scanned : 492
Memory threats detected : 0
Registry items scanned : 7734
Registry threats detected : 0
File items scanned : 134939
File threats detected : 132
Rogue.AntiMalwareDoctor
C:\Documents and Settings\HP_Administrator\Application Data\A0E290C2CE1C803ADACAA27E7A9AA375
Adware.Tracking Cookie
media.scanscout.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\VU34MZ2N ]
secure-us.imrworldwide.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\VU34MZ2N ]
vitamine.networldmedia.net [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\VU34MZ2N ]
akamai.smartadserver.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\AWU5D4D4 ]
ictv-ic-ec.indieclicktv.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\AWU5D4D4 ]
media.heavy.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\AWU5D4D4 ]
media.scanscout.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\AWU5D4D4 ]
media.wholesite.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\AWU5D4D4 ]
secure-us.imrworldwide.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\AWU5D4D4 ]
vitamine.networldmedia.net [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\AWU5D4D4 ]
C:\Documents and Settings\NetworkService\Cookies\system@247realmedia[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@2o7[2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@adbrite[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@adcentriconline[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@adform[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][3].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@adtrackrs[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@adultfriendfinder[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertise[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertnation[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@adxpose[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@bizzclick[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@clicksor[2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][3].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@eclickz[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@entrepreneur[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@findology[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@friendfinder[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@indieclick[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@insightexpressai[2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@interclick[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@internettrafficbuilder[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@kontera[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@liveperson[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@liveperson[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@liveperson[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@liveperson[5].txt
C:\Documents and Settings\NetworkService\Cookies\system@lucidmedia[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@mediabrandsww[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@mediaquantics[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@mediatraffic[2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@myroitracking[2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@networldmedia[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@nextag[2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@pointroll[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@pro-market[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@questionmarket[2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@realmedia[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@revsci[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@ru4[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@serving-sys[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@smartadserver[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@specificclick[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@specificmedia[2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@trafficengine[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@tribalfusion[1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\
[email protected][2].txt
_________________________________
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.orgDatabase version: 6658
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
23/05/2011 6:00:08 PM
mbam-log-2011-05-23 (18-00-08).txt
Scan type: Quick scan
Objects scanned: 188576
Time elapsed: 24 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
__________________________
I updated Java but it didn't ask me about removing the old version? I had Version 6, Update 22
____________________________
I hope I did the renaming of HJT properly. The sniper link from the desktop still took me to the folder that was named HJT. If I have to redo that one again, let me know.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:43:42 PM, on 23/05/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Online Armor\OAcat.exe
C:\Program Files\Online Armor\oasrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Online Armor\OAui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Online Armor\OAhlp.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\Sniper.exe\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=63&bd=PAVILION&pf=desktopR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://sympatico.msn.ca/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=63&bd=PAVILION&pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=63&bd=PAVILION&pf=desktopR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Online Armor\OAui.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100458 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cabO16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -
http://www.geni.com/ImageUploader5.cabO16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cabO16 - DPF: {6A615BCC-676D-41AA-AB4E-C1860690FFB4} (CFXEngine Object) -
http://www.blacksmemorables.com/RocketLife.cabO16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabO16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) -
http://data6.archives.ca/mrsidi_cab/MrSIDI.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: rlfile - {F541A92B-CDC2-4B7C-BEF1-C7443070F3D8} - C:\WINDOWS\Downloaded Program Files\RocketEngine.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Online Armor\OAcat.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Online Armor\oasrv.exe
--
End of file - 9565 bytes
___________________
Thank you so much for your assistance. I really appreciate it.