Strange Happenings [Archive] - Safer-Networking Forums

jive4u

2009-08-03, 20:25

For the last couple of weeks my computer has been acting weird. It won't Restart. It gets about half way there and then locks up on the logging out screen. Icons on some internet pages are turned into text until I run my mouse over them and then they transform into the icon. Videos are choppy.

Everything is updated and scans are finding anything except for a ton of viruses from a week back in my AVG vault. I'll post those down below.

Here's the HijackThis log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:12:43 PM, on 8/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.coastercommunity.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ResumeFinder Toolbar Helper - {21276F44-27FC-440E-A99E-A72324740419} - C:\Program Files\eGrabber\eGrabber ResumeFinder\RFToolbarHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ResumeFinder - {8A2B3DEC-D8A5-4199-BB0F-1180993826FF} - C:\Program Files\eGrabber\eGrabber ResumeFinder\ResumeFinder.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172871504281
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c9ee204c76075c) (gupdate1c9ee204c76075c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe

--
End of file - 10456 bytes

AVG Virus Vault
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084724.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084723.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084722.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084721.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084720.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084719.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084718.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084717.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084716.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084715.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084714.dll";"";"7/25/2009, 1:10:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084713.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084712.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084711.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084710.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084709.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084708.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084707.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084706.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084705.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084704.dll";"";"7/25/2009, 1:10:52 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084703.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084702.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084701.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084700.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084699.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084698.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084697.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084696.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084695.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084694.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084693.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084692.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084691.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084690.dll";"";"7/25/2009, 1:10:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084689.dll";"";"7/25/2009, 1:10:50 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084688.dll";"";"7/25/2009, 1:10:50 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084687.dll";"";"7/25/2009, 1:10:50 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084686.dll";"";"7/25/2009, 1:10:50 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084685.dll";"";"7/25/2009, 1:10:50 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084684.dll";"";"7/25/2009, 1:10:50 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084683.dll";"";"7/25/2009, 1:10:50 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084682.dll";"";"7/25/2009, 1:10:50 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084681.dll";"";"7/25/2009, 1:10:50 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084680.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084679.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084678.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084677.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084676.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084675.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084674.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084673.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084672.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084671.dll";"";"7/25/2009, 1:10:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084670.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084669.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084668.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084667.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084666.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084665.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084664.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084663.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084662.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084661.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084660.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084659.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084658.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084657.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084656.dll";"";"7/25/2009, 1:10:48 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084655.dll";"";"7/25/2009, 1:10:47 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084654.dll";"";"7/25/2009, 1:10:47 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084653.dll";"";"7/25/2009, 1:10:47 AM"
"Infection";"Trojan horse Small.BOG";"C:\System Volume Information\_restore{D00B44FD-708F-4643-8818-BDECC346DE48}\RP786\A0084652.dll";"";"7/25/2009, 1:10:46 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\zh_TW.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:59 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\zh_CN.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:59 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\sv.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:59 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\ru.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:59 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\pt_PT.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:59 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\pt.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:59 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\pl.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:59 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\nl.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:59 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\nb.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:59 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\ko.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\ja.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\it.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\fi.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\es.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\de.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesMiniPlayer.Resources\da.lproj\iTunesMiniPlayerLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\zh_TW.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\zh_CN.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\sv.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:58 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\ru.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\pt_PT.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\pt.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\pl.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\nl.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\nb.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\ko.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\ja.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\it.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\fi.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\es.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:57 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:56 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\de.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:56 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\da.lproj\iTunesHelperLocalized.dll";"";"7/25/2009, 12:45:56 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\zh_TW.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:56 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\zh_TW.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:56 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\zh_CN.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\zh_CN.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:53 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\sv.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\sv.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:51 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\ru.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\ru.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:49 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\pt_PT.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:47 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\pt_PT.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:47 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\pt.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:44 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\pt.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:44 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\pl.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:42 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\pl.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:42 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\nl.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:39 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\nl.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:39 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\nb.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:37 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\nb.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:37 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\ko.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:35 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\ko.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:35 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\ja.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:33 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\ja.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:33 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\iTunesRegistry.dll";"";"7/25/2009, 12:45:31 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\iTunes.qtr";"";"7/25/2009, 12:45:30 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\iTunes.dll";"";"7/25/2009, 12:45:30 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\it.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:30 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\it.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:30 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\fr.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:27 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\fr.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:27 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\fi.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:24 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\fi.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:24 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\es.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:22 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\es.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:22 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\en.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:20 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\en.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:20 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\de.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:18 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\de.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:18 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\da.lproj\iTunesLocalized.qtr";"";"7/25/2009, 12:45:16 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunes.Resources\da.lproj\iTunesLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\zh_TW.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\zh_CN.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\sv.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\ru.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\pt_PT.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\pt.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\pl.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\nl.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\nb.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\ko.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\ja.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\it.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:15 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll";"";"7/25/2009, 12:45:14 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:14 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\fi.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:14 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\es.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:14 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:14 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\de.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:14 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\da.lproj\iPodServiceLocalized.dll";"";"7/25/2009, 12:45:13 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL";"";"7/25/2009, 12:00:38 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL";"";"7/25/2009, 12:00:38 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL";"";"7/25/2009, 12:00:34 AM"
"Infection";"Trojan horse Small.BOG";"C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL";"";"7/25/2009, 12:00:34 AM"

Blade81

2009-08-05, 20:31

Hi,

Download DDS and save it to your desktop from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

jive4u

2009-08-05, 22:15

DDS (Ver_09-07-30.01) - NTFSx86
Run by #1 at 15:10:17.18 on Wed 08/05/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.980 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\MsPMSPSv.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\#1\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.coastercommunity.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: IE7pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - c:\program files\ie7pro\IE7pro.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\adobe acrobat 7.0\activex\AcroIEHelper.dll
BHO: ResumeFinder Toolbar Helper: {21276f44-27fc-440e-a99e-a72324740419} - c:\program files\egrabber\egrabber resumefinder\RFToolbarHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: ResumeFinder: {8a2b3dec-d8a5-4199-bb0f-1180993826ff} - c:\program files\egrabber\egrabber resumefinder\ResumeFinder.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
mRun: [SkyTel] SkyTel.EXE
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [nwiz] nwiz.exe /install
mRun: [NVRaidService] c:\windows\system32\nvraidservice.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\docume~1\#1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\#1\startm~1\programs\startup\pmbmed~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
DPF: {32505657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172871504281
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: LMIinit - LMIinit.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\#1\applic~1\mozilla\firefox\profiles\vdof4jmf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.kansascity.com/mld/kansascity/
FF - component: c:\documents and settings\#1\application data\mozilla\firefox\profiles\vdof4jmf.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\adobe\adobe acrobat 7.0\acrobat\browser\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-3 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-24 335752]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-3-2 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-24 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-24 298776]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-4-17 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-6-27 47640]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S2 gupdate1c9ee204c76075c;Google Update Service (gupdate1c9ee204c76075c);c:\program files\google\update\GoogleUpdate.exe [2009-6-15 133104]
S3 kbeepm;kbeepm;\??\c:\docume~1\#1\locals~1\temp\kbeepm.sys --> c:\docume~1\#1\locals~1\temp\kbeepm.sys [?]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]

=============== Created Last 30 ================

2009-08-05 15:08 <DIR> --d-hr-- c:\documents and settings\#1\Recent
2009-08-04 05:22 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat
2009-08-03 13:11 <DIR> --d----- c:\program files\Trend Micro
2009-08-03 12:56 <DIR> --d-h--- c:\windows\PIF
2009-08-03 12:47 4,984 a------- c:\windows\system32\drivers\nvphy.bin
2009-08-03 12:44 <DIR> --d----- c:\docume~1\#1\applic~1\Windows Desktop Search
2009-08-03 12:43 <DIR> --d----- c:\windows\system32\GroupPolicy
2009-08-03 12:43 <DIR> --d----- c:\program files\Windows Desktop Search
2009-08-03 12:42 98,304 -c------ c:\windows\system32\dllcache\nlhtml.dll
2009-08-03 12:42 29,696 -c------ c:\windows\system32\dllcache\mimefilt.dll
2009-08-03 12:42 192,000 -c------ c:\windows\system32\dllcache\offfilt.dll

==================== Find3M ====================

2009-07-11 08:29 335,752 a------- c:\windows\system32\drivers\avgldx86.sys
2009-07-03 12:09 915,456 a------- c:\windows\system32\wininet.dll
2009-06-25 08:45 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-06-16 09:36 119,808 -------- c:\windows\system32\t2embed.dll
2009-06-16 09:36 81,920 -------- c:\windows\system32\fontsub.dll
2009-06-03 14:09 1,291,264 -------- c:\windows\system32\quartz.dll
2009-06-03 11:16 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-26 10:47 15,688 a------- c:\windows\system32\lsdelete.exe
2009-05-25 00:24 350,208 a------- c:\windows\system32\mssph.dll
2009-05-12 15:12 26,144 a------- c:\windows\system32\spupdsvc.exe
2007-03-05 12:44 514 a------- c:\program files\sview.lnk
2008-09-02 09:10 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090220080903\index.dat

============= FINISH: 15:11:03.21 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft Windows XP Professional
Boot Device: \Device\Harddisk0\DP(1)0x7e00-0x3a380d0200+1
Install Date: 3/2/2007 3:25:42 PM
System Uptime: 8/5/2009 11:00:37 AM (4 hours ago)

Motherboard: | | NF570_SLIT-A
Processor: Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz | Socket 775 | 2133/266mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 47.201 GiB free.
D: is CDROM ()
E: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP677: 5/7/2009 3:25:45 PM - System Checkpoint
RP678: 5/7/2009 10:01:27 PM - Software Distribution Service 3.0
RP679: 5/8/2009 10:25:45 PM - System Checkpoint
RP680: 5/9/2009 11:28:40 PM - System Checkpoint
RP681: 5/11/2009 1:51:50 AM - System Checkpoint
RP682: 5/11/2009 11:00:44 PM - Software Distribution Service 3.0
RP683: 5/12/2009 11:35:22 PM - System Checkpoint
RP684: 5/13/2009 3:00:25 AM - Software Distribution Service 3.0
RP685: 5/14/2009 3:30:16 AM - System Checkpoint
RP686: 5/14/2009 11:00:24 PM - Software Distribution Service 3.0
RP687: 5/15/2009 9:45:36 AM - Avg8 Update
RP688: 5/15/2009 12:47:27 PM - Removed Adobe Reader 8.1.2
RP689: 5/15/2009 12:48:25 PM - Removed Ad-Aware SE Personal
RP690: 5/15/2009 12:49:33 PM - Removed Citrix Presentation Server Client
RP691: 5/15/2009 12:51:56 PM - Removed MyFax SendFax Outlook Plug-In
RP692: 5/16/2009 1:30:16 PM - System Checkpoint
RP693: 5/17/2009 2:30:16 PM - System Checkpoint
RP694: 5/18/2009 10:46:44 AM - Software Distribution Service 3.0
RP695: 5/19/2009 9:45:19 AM - Avg8 Update
RP696: 5/19/2009 9:46:04 AM - Avg8 Update
RP697: 5/20/2009 11:29:24 AM - System Checkpoint
RP698: 5/21/2009 11:57:53 AM - System Checkpoint
RP699: 5/21/2009 3:46:43 PM - Software Distribution Service 3.0
RP700: 5/22/2009 3:57:24 PM - System Checkpoint
RP701: 5/23/2009 4:12:45 PM - System Checkpoint
RP702: 5/24/2009 4:57:48 PM - System Checkpoint
RP703: 5/25/2009 6:10:07 PM - System Checkpoint
RP704: 5/25/2009 11:00:40 PM - Software Distribution Service 3.0
RP705: 5/26/2009 11:57:49 PM - System Checkpoint
RP706: 5/28/2009 1:52:48 AM - System Checkpoint
RP707: 5/28/2009 12:59:39 PM - Software Distribution Service 3.0
RP708: 5/29/2009 1:57:07 PM - System Checkpoint
RP709: 5/30/2009 2:48:02 PM - System Checkpoint
RP710: 5/31/2009 3:46:54 PM - System Checkpoint
RP711: 6/1/2009 1:45:39 PM - Software Distribution Service 3.0
RP712: 6/2/2009 3:46:05 PM - System Checkpoint
RP713: 6/3/2009 11:15:40 AM - Removed Java(TM) 6 Update 12
RP714: 6/3/2009 11:15:55 AM - Installed Java(TM) 6 Update 13
RP715: 6/3/2009 11:16:27 AM - Removed OpenOffice.org Installer 1.0
RP716: 6/3/2009 11:16:32 AM - Installed OpenOffice.org 3.1
RP717: 6/4/2009 2:57:36 PM - System Checkpoint
RP718: 6/4/2009 11:00:32 PM - Software Distribution Service 3.0
RP719: 6/5/2009 11:28:50 PM - System Checkpoint
RP720: 6/7/2009 1:51:48 AM - System Checkpoint
RP721: 6/8/2009 2:27:32 AM - System Checkpoint
RP722: 6/8/2009 8:41:46 AM - Software Distribution Service 3.0
RP723: 6/9/2009 10:02:20 AM - System Checkpoint
RP724: 6/10/2009 3:01:01 AM - Software Distribution Service 3.0
RP725: 6/11/2009 3:24:47 AM - System Checkpoint
RP726: 6/12/2009 4:24:47 AM - System Checkpoint
RP727: 6/12/2009 11:00:13 PM - Software Distribution Service 3.0
RP728: 6/13/2009 11:24:52 PM - System Checkpoint
RP729: 6/15/2009 12:24:55 AM - System Checkpoint
RP730: 6/15/2009 5:12:50 PM - Software Distribution Service 3.0
RP731: 6/16/2009 5:21:52 PM - System Checkpoint
RP732: 6/17/2009 5:43:29 PM - System Checkpoint
RP733: 6/18/2009 5:39:34 PM - Software Distribution Service 3.0
RP734: 6/18/2009 11:00:29 PM - Software Distribution Service 3.0
RP735: 6/19/2009 3:59:25 PM - Installed Setup
RP736: 6/19/2009 4:00:01 PM - Installed eGrabber ResumeFinder
RP737: 6/20/2009 4:04:37 PM - System Checkpoint
RP738: 6/21/2009 4:54:10 PM - System Checkpoint
RP739: 6/22/2009 2:53:45 PM - Software Distribution Service 3.0
RP740: 6/23/2009 3:48:30 PM - System Checkpoint
RP741: 6/24/2009 5:06:12 PM - System Checkpoint
RP742: 6/25/2009 8:44:36 AM - Avg8 Update
RP743: 6/25/2009 8:45:49 AM - Avg8 Update
RP744: 6/25/2009 9:15:04 PM - Software Distribution Service 3.0
RP745: 6/26/2009 9:54:56 PM - System Checkpoint
RP746: 6/27/2009 10:54:56 PM - System Checkpoint
RP747: 6/28/2009 11:54:57 PM - System Checkpoint
RP748: 6/30/2009 1:07:01 AM - System Checkpoint
RP749: 6/30/2009 4:24:48 AM - Software Distribution Service 3.0
RP750: 7/1/2009 4:54:56 AM - System Checkpoint
RP751: 7/1/2009 12:42:57 PM - Installed Compatibility Pack for the 2007 Office system
RP752: 7/2/2009 1:00:25 PM - System Checkpoint
RP753: 7/2/2009 5:52:00 PM - Software Distribution Service 3.0
RP754: 7/3/2009 1:00:31 PM - Installed Setup
RP755: 7/3/2009 1:01:33 PM - Installed Setup
RP756: 7/3/2009 1:01:57 PM - Removed eGrabber ResumeFinder
RP757: 7/3/2009 1:04:12 PM - Installed Setup
RP758: 7/3/2009 1:04:36 PM - Installed eGrabber ResumeFinder
RP759: 7/4/2009 1:47:44 PM - System Checkpoint
RP760: 7/5/2009 2:47:44 PM - System Checkpoint
RP761: 7/6/2009 4:24:47 PM - System Checkpoint
RP762: 7/6/2009 8:47:28 PM - Software Distribution Service 3.0
RP763: 7/7/2009 9:13:41 PM - System Checkpoint
RP764: 7/8/2009 10:10:35 PM - System Checkpoint
RP765: 7/9/2009 10:13:00 PM - System Checkpoint
RP766: 7/9/2009 10:49:44 PM - Software Distribution Service 3.0
RP767: 7/10/2009 11:14:04 PM - System Checkpoint
RP768: 7/11/2009 8:29:39 AM - Avg8 Update
RP769: 7/11/2009 8:30:14 AM - Avg8 Update
RP770: 7/12/2009 9:12:59 AM - System Checkpoint
RP771: 7/13/2009 10:12:59 AM - System Checkpoint
RP772: 7/13/2009 7:01:51 PM - Software Distribution Service 3.0
RP773: 7/14/2009 7:16:14 PM - System Checkpoint
RP774: 7/15/2009 3:00:24 AM - Software Distribution Service 3.0
RP775: 7/16/2009 3:13:00 AM - System Checkpoint
RP776: 7/16/2009 11:00:37 PM - Software Distribution Service 3.0
RP777: 7/17/2009 11:32:53 PM - System Checkpoint
RP778: 7/18/2009 9:15:46 AM - Avg8 Update
RP779: 7/19/2009 10:11:38 AM - System Checkpoint
RP780: 7/20/2009 11:11:39 AM - System Checkpoint
RP781: 7/20/2009 11:00:39 PM - Software Distribution Service 3.0
RP782: 7/21/2009 11:13:10 PM - System Checkpoint
RP783: 7/22/2009 3:00:18 AM - Software Distribution Service 3.0
RP784: 7/22/2009 2:29:06 PM - Software Distribution Service 3.0
RP785: 7/23/2009 12:21:49 PM - Software Distribution Service 3.0
RP786: 7/24/2009 3:03:48 PM - System Checkpoint
RP787: 7/25/2009 3:13:50 PM - System Checkpoint
RP788: 7/26/2009 4:12:43 PM - System Checkpoint
RP789: 7/27/2009 4:36:37 PM - Software Distribution Service 3.0
RP790: 7/28/2009 5:20:56 PM - System Checkpoint
RP791: 7/29/2009 3:00:17 AM - Software Distribution Service 3.0
RP792: 7/30/2009 3:04:30 AM - System Checkpoint
RP793: 7/31/2009 3:00:18 AM - Software Distribution Service 3.0
RP794: 7/31/2009 8:36:13 PM - Software Distribution Service 3.0
RP795: 8/1/2009 11:21:13 PM - System Checkpoint
RP796: 8/2/2009 11:29:35 PM - System Checkpoint
RP797: 8/3/2009 11:19:08 AM - Software Distribution Service 3.0
RP798: 8/3/2009 12:41:06 PM - Software Distribution Service 3.0
RP799: 8/4/2009 1:31:56 PM - System Checkpoint
RP800: 8/5/2009 9:18:07 AM - Software Distribution Service 3.0

==== Installed Programs ======================

Ad-Aware
Adobe Acrobat 7.0 Professional
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Creative Suite 2
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Help Center 2.1
Adobe Illustrator CS2
Adobe Photoshop CS2
Adobe Premiere Elements 3.0 Templates
Adobe Premiere Elements 3.0.2
Adobe Premiere Elements Updater 3.0.2
Adobe Shockwave Player
Adobe Stock Photos 1.0
Adobe SVG Viewer 3.0
Advanced SystemCare 3
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.6
AVG 8.5
Bonjour
Bulk Rename Utility 2.7.1.1
CCleaner (remove only)
Compatibility Pack for the 2007 Office system
Easy CD & DVD Creator 6
eGrabber ResumeFinder
ERUNT 1.1j
Exult
Foxit Reader
Google Earth
Google Update Helper
GoToMeeting 4.0.0.320
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP LaserJet P1000 series
HP Photo and Imaging 1.0 - HP Photosmart Printer Series
HPCarePackCore
HPCarePackProducts
HPSSupply
IE7pro
Image Data Converter SR
iTunes
J2SE Runtime Environment 5.0 Update 1
J2SE Runtime Environment 5.0 Update 11
Java(TM) 6 Update 13
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Lexmark X6100 Series
Logitech Harmony Remote Software 7
LogMeIn
Magellan POI File Editor
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mobile Broadband Drivers
Mozilla Firefox (3.0.13)
MrvlUsgTracking
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
MuvAudio2
Neat Image v5.9 Home+
NVIDIA Drivers
OpenOffice.org 3.1
Photosmart 130,230,7150,7345,7350,7550 (Remove only)
Picasa 3
PowerArchiver
Primo
PS3 Media Center X 0.92
QuickTime
Realtek High Definition Audio Driver
Remote Control USB Driver
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Time Twister
RollerCoaster Tycoon 2: Wacky Worlds
RollerCoaster Tycoon® 3
Roxio DVDMAX Player
Runtime
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB973346)
SmartFTP Client
SmartFTP Client 3.0 Setup Files (remove only)
Sonic UDF Reader
Sony Picture Utility
Sony USB Driver
Spybot - Search & Destroy
SpywareBlaster 4.2
Suite Specific
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Virtual Earth 3D (Beta)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VZAccess Manager
WebEx
WebFldrs XP
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows PowerShell(TM) 1.0
Windows Presentation Foundation
Windows Search 4.0
Windows XP Service Pack 3
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

8/3/2009 8:12:07 AM, error: VolSnap [5] - The shadow copy of volume C: could not be created due to insufficient non-paged memory pool for a bitmap structure.
8/3/2009 12:41:50 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Media Player 11.

==== End Of File ===========================

Blade81

2009-08-06, 07:32

Hi,

Is Adobe Acrobat used for any other things than converting files to pdf format?

Uninstall vulnerable Flash versions by following instructions here (http://kb2.adobe.com/cps/141/tn_14157.html). Fresh version can be obtained here (http://get.adobe.com/flashplayer/).

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:

Download the latest version of Java Runtime Environment (JRE) 6 Update 15 (http://java.sun.com/javase/downloads/index.jsp).
Click the
Download
button to the right.
Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue.

The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u15-windows-i586-p.exe to install the newest version. Uncheck MSN toolbar if it's offered there.

Download ATF (Atribune Temp File) Cleaner© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.

Check disk condition by following instructions here (http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/kbtip.mspx). Then defrag the hard drive.

Any improvements after these operations?

jive4u

2009-08-07, 00:43

Still the same. All of the original issues continue.

Blade81

2009-08-07, 17:49

Hi,

Did you run disk check too? Try to shut the system down and note down the time. Then take a look in the event viewer (http://support.microsoft.com/default.aspx/kb/308427) to see if there're any error entries that correspondent the shutdown timestamp.

jive4u

2009-08-07, 19:03

I ran the disk check and it didn't find anything. I then defragged.

I tried to shut down and didn't find anything error related in the logs.

Blade81

2009-08-08, 07:56

Hi,

Do you recall if the problem started after AVG had removed those items? I'm asking cos those iTunes related removals look false positives to me.

Nothing in logs looks like malware.

jive4u

2009-08-08, 17:06

The internet icon and restart issues likely started around the time of the iPod virus issue.

Blade81

2009-08-08, 17:09

In that case, please uninstall iTunes (it can be reinstalled later if still needed). Reboot and see how it goes.

jive4u

2009-08-09, 18:31

What happens to my music and playlists if I uninstall? I guess that I'm not that worried about the music since it's stored but the playlists will be a pain to rebuild. But if that's what I've got to do then that's what I've got to do.

Blade81

2009-08-09, 18:47

Hi,

Would this (http://support.apple.com/kb/TA47831) be any help with backuping the playlists?

jive4u

2009-08-10, 21:10

Uninstalling iTunes had no affect on the issue.

Blade81

2009-08-10, 22:10

Hi,

Could you create a new user account to test if the issue occurs with it too?

jive4u

2009-08-11, 16:51

I did some quick testing with a new user account and I didn't experience any issues. What does that mean?

Blade81

2009-08-11, 17:42

Seems that issue is related to your account then. Let's see if MBAM can detect any issues there.

Please download Malwarebytes' Anti-Malware (http://www.besttechie.net/tools/mbam-setup.exe) to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Please post contents of that file in your next reply.

jive4u

2009-08-11, 21:55

It looks like I can up clean again. Here's the results.

Malwarebytes' Anti-Malware 1.40
Database version: 2605
Windows 5.1.2600 Service Pack 3

8/11/2009 2:54:53 PM
mbam-log-2009-08-11 (14-54-53).txt

Scan type: Full Scan (C:\|)
Objects scanned: 196140
Time elapsed: 1 hour(s), 5 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Blade81

2009-08-12, 06:33

Hi,

Would it be too big task if you switched to use this new user account? It looks like old profile has some non-malware related issues.

jive4u

2009-08-12, 20:16

If that's the case I'll probably just backup all of my stuff and wipe the hard drive. A fresh OS install might be just what the doctor ordered.

Thanks for all of your help.

Blade81

2009-08-13, 06:45

You're welcome.