Security Center Popup

Hi, I am new and infected with the security center popup. I was able to do all the instructions but run the JavaRA. I could not unzip it. I will paste the HIJACK THIS results here now. Thanks so much! Terri

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:14:29 PM, on 26/10/09
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Baby\Local Settings\Temporary Internet Files\Content.IE5\ZEBMVJ6K\winlogon[1].scr
C:\WINDOWS\SYSTEM32\notepad.exe
C:\Documents and Settings\Baby\Local Settings\Temporary Internet Files\Content.IE5\Q9GTQ9GX\winlogon[1].scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by CenturyTel
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F3 - REG:win.ini: load=???????????????????????
F3 - REG:win.ini: run=???????????????????????
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MediLexicon - {12C1127D-DFDD-4BD9-B5E3-39E31BA3D415} - C:\Program Files\MediLexicon Toolbar\MediLexicon.dll (file missing)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *."scribe.com"
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {DACA760D-419F-459D-996F-F9B957DF5757} (WebXSetup Control) - http://66.76.94.87/winscribe/setup/includes/WebXSetup.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WMP54GSSVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
O24 - Desktop Component 0: (no name) - http://www.goldtone.com/img/btn_download.gif

--
End of file - 10080 bytes

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

I finally was able to run the tool noted above. Here are the results. Can you suggest an antivirus, preferably a free one that would work. Again, than you guys so much! Terri

Malwarebytes' Anti-Malware 1.41
Database version: 3042
Windows 5.1.2600 Service Pack 3

27/10/09 12:21:28 PM
mbam-log-2009-10-27 (12-21-28).txt

Scan type: Quick Scan
Objects scanned: 130801
Time elapsed: 25 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Trojan.Buzus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\safetycenter (Trojan.SafetyCenter) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SafetyCenter (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\SafetyCenter (Trojan.SafetyCenter) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Documents and Settings\Baby\Desktop\setup.exe (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-3511826559-1175266532-2676154294-1007\Dc113.exe (Rogue.SafetyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Baby\Local Settings\Temp\n.exn (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Program Files\SafetyCenter\main.ico (Trojan.SafetyCenter) -> Quarantined and deleted successfully.
C:\Program Files\SafetyCenter\new.exe (Trojan.SafetyCenter) -> Quarantined and deleted successfully.
C:\Program Files\SafetyCenter\protector.exe (Trojan.SafetyCenter) -> Quarantined and deleted successfully.
C:\Program Files\SafetyCenter\sound.wav (Trojan.SafetyCenter) -> Quarantined and deleted successfully.
C:\Program Files\SafetyCenter\start.exe (Trojan.SafetyCenter) -> Quarantined and deleted successfully.
C:\Program Files\SafetyCenter\tst.exe (Trojan.SafetyCenter) -> Quarantined and deleted successfully.
C:\Program Files\SafetyCenter\uninstall.exe (Trojan.SafetyCenter) -> Quarantined and deleted successfully.

Hello.
Good work, lets keep going.

• Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
  Link 1
  Link 2
  
• Double click DDS.scr to run.
  
• When complete, two logs will open. Save both of the report to your Desktop.
  
• Copy and paste BOTH LOGS back here, use more than one post if needed.
  

Thanks!


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-26.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 25/11/03 6:13:11 PM
System Uptime: 27/10/09 12:25:50 PM (3 hours ago)

Motherboard: Dell Computer Corp. | | 0G1548
Processor: Intel(R) Pentium(R) 4 CPU 2.20GHz | Microprocessor | 2192/400mhz

==== Disk Partitions =========================

A: is Removable
C: is fȋxed (NTFS) - 37 GiB total, 15.538 GiB free.
D: is CDROM ()
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1498: 09/09/09 1:40:57 AM - System Checkpoint
RP1499: 09/09/09 3:00:23 AM - Software Distribution Service 3.0
RP1500: 10/09/09 3:41:57 AM - System Checkpoint
RP1501: 10/09/09 11:33:43 AM - Software Distribution Service 3.0
RP1502: 11/09/09 12:28:29 PM - System Checkpoint
RP1503: 12/09/09 12:41:57 PM - System Checkpoint
RP1504: 13/09/09 2:37:05 PM - System Checkpoint
RP1505: 14/09/09 2:45:02 PM - System Checkpoint
RP1506: 14/09/09 3:55:45 PM - Software Distribution Service 3.0
RP1507: 15/09/09 6:34:45 PM - System Checkpoint
RP1508: 17/09/09 6:25:38 AM - System Checkpoint
RP1509: 17/09/09 7:26:03 PM - Software Distribution Service 3.0
RP1510: 19/09/09 7:40:11 AM - System Checkpoint
RP1511: 20/09/09 7:42:02 AM - System Checkpoint
RP1512: 21/09/09 1:19:56 PM - System Checkpoint
RP1513: 21/09/09 4:05:47 PM - Software Distribution Service 3.0
RP1514: 23/09/09 7:11:41 AM - System Checkpoint
RP1515: 24/09/09 11:07:49 AM - System Checkpoint
RP1516: 24/09/09 10:03:21 PM - Software Distribution Service 3.0
RP1517: 25/09/09 10:41:59 PM - System Checkpoint
RP1518: 27/09/09 5:47:02 AM - System Checkpoint
RP1519: 28/09/09 6:12:48 AM - System Checkpoint
RP1520: 29/09/09 1:50:44 AM - Software Distribution Service 3.0
RP1521: 30/09/09 4:09:52 AM - System Checkpoint
RP1522: 01/10/09 6:33:06 AM - System Checkpoint
RP1523: 02/10/09 10:28:52 AM - System Checkpoint
RP1524: 03/10/09 1:50:55 AM - Software Distribution Service 3.0
RP1525: 04/10/09 2:42:12 AM - System Checkpoint
RP1526: 05/10/09 5:57:32 AM - System Checkpoint
RP1527: 05/10/09 5:25:53 PM - Software Distribution Service 3.0
RP1528: 07/10/09 6:19:32 AM - System Checkpoint
RP1529: 08/10/09 8:03:14 AM - System Checkpoint
RP1530: 08/10/09 9:55:33 PM - Software Distribution Service 3.0
RP1531: 11/10/09 9:38:10 AM - System Checkpoint
RP1532: 12/10/09 1:08:14 PM - System Checkpoint
RP1533: 13/10/09 12:37:47 AM - Software Distribution Service 3.0
RP1534: 14/10/09 12:42:14 AM - System Checkpoint
RP1535: 15/10/09 1:42:14 AM - System Checkpoint
RP1536: 15/10/09 3:00:41 AM - Software Distribution Service 3.0
RP1537: 15/10/09 10:02:06 AM - Software Distribution Service 3.0
RP1538: 16/10/09 12:31:09 PM - System Checkpoint
RP1539: 17/10/09 1:18:21 PM - System Checkpoint
RP1540: 18/10/09 4:11:27 PM - System Checkpoint
RP1541: 19/10/09 11:33:12 AM - Software Distribution Service 3.0
RP1542: 20/10/09 11:41:11 AM - System Checkpoint
RP1543: 21/10/09 12:32:49 PM - System Checkpoint
RP1544: 22/10/09 1:29:20 PM - System Checkpoint
RP1545: 22/10/09 7:20:27 PM - Software Distribution Service 3.0
RP1546: 23/10/09 8:09:17 PM - System Checkpoint
RP1547: 24/10/09 9:08:10 PM - System Checkpoint
RP1548: 25/10/09 10:08:09 PM - System Checkpoint
RP1549: 26/10/09 4:02:24 PM - Removed Java(TM) 6 Update 11
RP1550: 26/10/09 4:03:16 PM - Installed Java(TM) 6 Update 16
RP1551: 26/10/09 4:49:01 PM - Removed Adobe Reader 7.0
RP1552: 26/10/09 4:49:12 PM - Removed Adobe Reader 7.0
RP1553: 26/10/09 4:53:28 PM - Installed Adobe Reader 9.2.
RP1554: 26/10/09 5:07:07 PM - Software Distribution Service 3.0

==== Installed Programs ======================

2003 Quick Look Drug Reference
2350
2350_Help
2350Trb
Acrobat.com
Adobe AIR
Adobe Flash Player 9 ActiveX
Adobe Photoshop 6.0
Adobe Reader 9.2
Adobe SVG Viewer
AiO_Scan
AiOSoftware
Alchemy 1.2
AOL Instant Messenger
AOL Toolbar 2.0
Banctec Service Agreement
BCM V.92 56K Modem
Bejeweled 2 Deluxe 1.0
Bejeweled Deluxe 1.862
Belarc Advisor 7.0
BingoMaker 2.3
Browser Defender 2.0.6.10
BufferChm
CardRd81
CCScore
Citrix ICA Client
Copy
Core FTP LE 2.1
CR2
CreativeProjects
CreativeProjectsTemplates
CueTour
Dell Networking Guide
Dell Picture Studio - Dell Image Expert
Dell Solution Center
DellSupport
Destinations
Director
DocProc
DocumentViewer
DS21Patch
DVD Decrypter (Remove Only)
Easy Chef 1,000,000 Recipes
Efficient Networks SpeedStream DSL
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
Express Scribe Uninstall
Fax
fflink
FileZilla (remove only)
Glass Eye 2000
Google Earth
Help and Support Customization
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
HP Diagnostic Assistant
HP Image Zone 4.2
HP PSC & OfficeJet 4.2
HP Software Update
HPSystemDiagnostics
InstantShare
Intel(R) Extreme Graphics Driver
ItsDeductible Express
Java 2 Runtime Environment, SE v1.4.2
Java(TM) 6 Update 16
Java(TM) 6 Update 2
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
Linksys Wireless-G PCI Network Adapter with SpeedBooster
Malwarebytes' Anti-Malware
MediaFACE 4.2
MediaFACE 4.2 Image Library
MediLexicon - Toolbar
MediLexicon Toolbar v.1.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Data Access Components KB870669
Microsoft Encarta Encyclopedia Standard 2003
Microsoft IntelliType Pro 5.0
Microsoft Money 2003
Microsoft Money 2003 System Pack
Microsoft Office Excel Viewer 2003
Microsoft Office Sounds
Microsoft Picture It! Photo 7.0
Microsoft Streets and Trips 2002
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Word 2002
Microsoft Works 2003 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Modem Helper
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
My Wal-Mart Digital Photo Center
netbrdg
OfotoXMI
Overland
Paint Shop Pro 7
PhotoGallery
Print Workshop 2004 LE
PrintScreen
ProductContext
QFolder
QuickProjects
QuickTime
Readme
RealPlayer
SANYO LD-ADPCM Audio CODEC uninstall
Scan
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SFR
SFR2
SHASTA
skin0001
SkinsHP1
SKINXSDK
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Spybot - Search & Destroy 1.3
Spyware Doctor 7.0
staticcr
Stedman's Abbreviations, Acronyms & Symbols 3E 1.0
Stedman's Electronic Medical Dictionary 6.0
Stedman's Neurology & Neurosurgery Words 3E 1.0
Stedman's Radiology & Oncology Words 1.0
Symantec KB-DocID:2003093015493306
tooltips
TrayApp
TurboTax Deluxe 2004
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
VPRINTOL
WebFldrs XP
WebReg
WexTech AnswerWorks
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Service Pack 3
WinZip 11.1
WIRELESS
Works Suite OS Pack

==== Event Viewer Messages From Past Week ========

26/10/09 5:08:06 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP.
26/10/09 4:01:48 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
22/10/09 2:04:43 PM, error: Service Control Manager [7000] - The Automatic LiveUpdate Scheduler service failed to start due to the following error: The system cannot find the path specified.

==== End Of File ===========================

DDS (Ver_09-10-26.01) - NTFSx86
Run by Baby at 15:16:38.23 on 27/10/09
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_02
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.638.256 [GMT -5:00]

FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Outlook Express\MSIMN.EXE
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Baby\Desktop\dds.pif
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page =
uDefault_Page_URL = hxxp://www.dell.com
uWindow Title = Microsoft Internet Explorer provided by CenturyTel
mSearch Page =
mStart Page = hxxp://www.google.com/
mWindow Title = Microsoft Internet Explorer provided by CenturyTel
uURLSearchHooks: AOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
uWindows: load=???????????????????????
uWindows: run=???????????????????????
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {243b17de-77c7-46bf-b94b-0b5f309a0e64} - c:\program files\microsoft money\system\mnyside.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: AOL Toolbar Launcher: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: MediLexicon: {12c1127d-dfdd-4bd9-b5e3-39e31ba3d415} - c:\program files\medilexicon toolbar\MediLexicon.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
EB: MediLexicon: {12c1127d-dfdd-4bd9-b5e3-39e31ba3d415} - c:\program files\medilexicon toolbar\MediLexicon.dll
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Sonic RecordNow!]
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [ViewMgr] c:\program files\viewpoint\viewpoint manager\ViewMgr.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [PrinTray] c:\windows\system32\spool\drivers\w32x86\2\printray.exe
mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
mRun: [MediaFace Integration] c:\program files\fellowes\mediaface 4.2\SetHook.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-us\local\search.html
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {DD6687B5-CB43-4211-BFC9-2942CCBDCB3E} - c:\program files\microsoft money\system\mnyside.dll
Trusted Zone: "scribe.com"
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37965.121712963
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DACA760D-419F-459D-996F-F9B957DF5757} - hxxp://66.76.94.87/winscribe/setup/includes/WebXSetup.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: igfxcui - igfxsrvc.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-10-26 207280]
R0 ppa;Iomega Parallel Port Filter Driver;c:\windows\system32\drivers\ppa.sys [2003-11-29 17792]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2009-10-26 112592]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-10-26 358600]

=============== Created Last 30 ================

2009-10-27 16:51:45 0 d-----w- c:\docume~1\baby\applic~1\Malwarebytes
2009-10-27 16:51:29 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-27 16:51:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-27 16:51:27 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-27 16:51:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-10-26 16:34:41 883 ----a-w- c:\windows\RegSDImport.xml
2009-10-26 16:34:41 880 ----a-w- c:\windows\RegISSImport.xml
2009-10-26 16:34:41 767952 ----a-w- c:\windows\BDTSupport.dll
2009-10-26 16:34:40 165840 ----a-w- c:\windows\PCTBDRes.dll
2009-10-26 16:34:40 1636304 ----a-w- c:\windows\PCTBDCore.dll
2009-10-26 16:34:40 149456 ----a-w- c:\windows\SGDetectionTool.dll
2009-10-26 16:34:40 131 ----a-w- c:\windows\IDB.zip
2009-10-26 16:34:40 1152470 ----a-w- c:\windows\UDB.zip
2009-10-26 16:25:02 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
2009-10-26 16:25:02 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-10-26 16:24:48 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-10-26 16:24:48 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
2009-10-26 16:24:48 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-10-26 16:24:48 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-10-26 16:24:38 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
2009-10-26 16:24:38 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-10-26 16:24:28 0 d-----w- c:\program files\Spyware Doctor
2009-10-26 16:24:28 0 d-----w- c:\program files\common files\PC Tools
2009-10-26 16:24:28 0 d-----w- c:\docume~1\baby\applic~1\PC Tools
2009-10-26 16:24:28 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2009-10-26 14:49:50 3890176 ----a-w- c:\windows\2saSddPYaWAasRsE-thief.jpg
2009-10-26 13:57:52 2198 ----a-w- C:\eT9.bat
2009-10-03 06:51:00 195440 ------w- c:\windows\system32\MpSigStub.exe

==================== Find3M ====================

2009-10-26 21:03:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-25 05:37:11 667136 ----a-w- c:\windows\system32\wininet.dll
2009-09-25 05:37:11 667136 ------w- c:\windows\system32\dllcache\wininet.dll
2009-09-25 05:37:11 627712 ------w- c:\windows\system32\dllcache\urlmon.dll
2009-09-25 05:37:10 3070976 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-09-25 05:37:10 1509888 ------w- c:\windows\system32\dllcache\shdocvw.dll
2009-09-25 05:37:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-09-25 05:37:09 81920 ------w- c:\windows\system32\dllcache\ieencode.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00:21 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2009-08-24 14:21:33 150120 ----a-w- c:\docume~1\baby\applic~1\GDIPFONTCACHEV1.DAT
2009-08-20 20:09:06 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-13 15:16:05 512000 ------w- c:\windows\system32\dllcache\jscript.dll
2009-08-07 00:24:18 327896 ----a-w- c:\windows\system32\dllcache\wucltui.dll
2009-08-07 00:24:18 209632 ----a-w- c:\windows\system32\dllcache\wuweb.dll
2009-08-07 00:24:10 35552 ----a-w- c:\windows\system32\dllcache\wups.dll
2009-08-07 00:24:06 53472 ----a-w- c:\windows\system32\dllcache\wuauclt.exe
2009-08-07 00:24:04 96480 ----a-w- c:\windows\system32\dllcache\cdm.dll
2009-08-07 00:23:54 575704 ----a-w- c:\windows\system32\dllcache\wuapi.dll
2009-08-07 00:23:46 1929952 ----a-w- c:\windows\system32\dllcache\wuaueng.dll
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 09:01:48 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-05 01:44:46 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-05 01:44:46 2189184 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-04 15:13:08 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-04 14:20:09 2023936 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-04 14:20:08 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-04 14:20:08 2066048 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe

============= FINISH: 15:18:29.00 ===============

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

Java(TM) 6 Update 2

How is the machine running now?

Hi there,

I removed the Java as above. I am running fine now with no pop-ups at all. Lovely... Thanks!

Hello.
Remove this too; missed it earlier.

Java 2 Runtime Environment, SE v1.4.2

That should do it now.

Hi there,

I finished the remove as above. I cannot thank you guys enough. I will definitely be making a donation to help keep you guys alive. Can you suggest a good antivirus or should my Windows Defender be enough? You are the best!

Terri

Please install Avira antivirus otherwise you won't be protected.

1) Antivir PersonalEditionClassic
-Free anti-virus software for Windows.
-Detects and removes more than 50,000 viruses. Free support.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts.