Here are my logs



DDS (Ver_10-11-01.01) - NTFSx86
Run by Janice at 1:28:31.59 on Tue 11/02/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.116 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CSHelper.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\SoftActivity\SKL\alsvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gamesbar\SearchEngineProtection.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Common Files\Oberon Media\Parts\1.0.0.14\OberonParts.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Janice\Local Settings\Temporary Internet Files\Content.IE5\MIEOGKWN\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>;*.local
uURLSearchHooks: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\tbOnl1.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
BHO: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\tbOnl1.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: IEHlprObj Class: {8ca5ed52-f3fb-4414-a105-2e3491156990} - c:\program files\iwin games\iWinGamesHookIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: GamesBarBHO Class: {cb0d163c-e9f4-4236-9496-0597e24b23a5} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: GamesBar: {6f282b65-56bf-4bd1-a8b2-a4449a05863d} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
TB: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\tbOnl1.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
uRun: [SRS iWOW] "c:\program files\srs labs\srs iwow for pc\SRS_iWOW_PC.exe" /hideme
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SearchEngineProtection] c:\program files\gamesbar\SearchEngineProtection.exe
mRun: [CTHelper] CTHELPER.EXE
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [PRONoMgrWired] c:\program files\intel\prosetwired\ncs\proset\PRONoMgr.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [Qwest Personal Digital Vault] "c:\program files\qwest personal digital vault\QwestPersonalDigitalVault.exe" /m
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
dRunOnce: [SetDefaultMidi] MIDIDEF.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventr~1.lnk - c:\program files\the print shop 23\Remind.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\forget~1.lnk - c:\program files\broderbund\ag creatacard\agremind.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: &Search - http://tbedits.iwon.com/one-toolbaredits/menusearch.jhtml?s=100000393&p=ZLxdm248YYUS&si=gem3564&a=714087EF-B94D-4540-B9EA-72CE21B23BFC&n=2010083117
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1A93C934-025B-4c3a-B38E-9654A7003239} - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {1D082E71-DF20-4AAF-863B-596428C49874} - hxxp://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264563696578
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264570521593
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://clubgames.pogo.com/online2/pogop/zuma/popcaploader_v5.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/RACtrl.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\janice\applic~1\mozilla\firefox\profiles\jueippcj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2642697&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2642697&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2642697&q=
FF - component: c:\documents and settings\janice\application data\mozilla\firefox\profiles\jueippcj.default\extensions\{343db173-0e5a-4f2a-b7bb-71a49085d70e}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\janice\application data\mozilla\firefox\profiles\jueippcj.default\extensions\{343db173-0e5a-4f2a-b7bb-71a49085d70e}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\janice\application data\mozilla\firefox\profiles\jueippcj.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtension.dll
FF - component: c:\documents and settings\janice\application data\mozilla\firefox\profiles\jueippcj.default\extensions\engine@conduit.com\components\FFExternalAlert.dll
FF - component: c:\documents and settings\janice\application data\mozilla\firefox\profiles\jueippcj.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
FF - plugin: c:\documents and settings\all users\application data\realarcade\npraclient.dll
FF - plugin: c:\documents and settings\janice\application data\mozilla\firefox\profiles\jueippcj.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\documents and settings\janice\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.7\npapicomadapter.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npArtistScope.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [2010-7-6 266240]
R2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2010-9-27 176408]
R2 Salsvc;Salsvc;c:\program files\softactivity\skl\alsvc.exe [2010-6-22 38840]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-4 135664]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-21 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-21 8320]
S3 SAgentDriver;SAgent Driver;c:\program files\softactivity\skl\sagendrv.sys [2010-6-22 31160]
S3 SRS_iWowPC_Service;SRS Labs iWow PC;c:\windows\system32\drivers\SRS_iWowPC_i386.sys [2010-2-19 37888]

=============== Created Last 30 ================

2010-11-02 05:25:59 -------- d-----w- c:\program files\FamilySearch Indexing
2010-10-30 04:25:16 -------- d-----w- C:\WebCamSetup
2010-10-30 04:25:05 -------- d-----w- c:\program files\SharewareBoss
2010-10-30 04:24:17 -------- d-----w- C:\SWBWebcamSetup
2010-10-18 22:48:49 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-10-18 22:48:49 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-18 22:47:42 -------- d-s---w- C:\ComboFix
2010-10-18 22:47:08 -------- d-----w- c:\program files\SRS Labs
2010-10-17 05:14:43 -------- d-----w- C:\ComboFix(2)
2010-10-17 04:30:46 -------- d-----w- c:\program files\BitComet
2010-10-16 06:24:28 -------- d-----w- C:\RECYCLER(2)
2010-10-14 08:25:47 -------- d-sh--w- C:\found.001
2010-10-13 21:37:40 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 21:37:39 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 21:37:03 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-10-11 20:43:12 -------- d-----w- c:\program files\Conduit
2010-10-11 20:43:12 -------- d-----w- c:\docume~1\janice\locals~1\applic~1\Online_Radio_1.1
2010-10-11 20:43:12 -------- d-----w- c:\docume~1\janice\locals~1\applic~1\Conduit
2010-10-11 20:43:02 -------- d-----w- c:\program files\ConduitEngine
2010-10-11 20:43:02 -------- d-----w- c:\docume~1\janice\locals~1\applic~1\ConduitEngine
2010-10-11 20:42:59 -------- d-----w- c:\program files\Online_Radio_1.1
2010-10-09 21:58:26 -------- d-----w- c:\windows\ArtistScope Plugin FX
2010-10-03 21:08:41 -------- d-----w- c:\docume~1\alluse~1\applic~1\MainType
2010-10-03 20:17:47 -------- d-----w- c:\docume~1\janice\applic~1\MainType
2010-10-03 20:17:46 -------- d-----w- c:\program files\High-Logic MainType

==================== Find3M ====================

2010-09-18 17:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll

============= FINISH: 1:29:25.93 ===============

Hello and welcome to the forum.
My name is Airscape and I'll be helping you with your malware issues.
The logs can take a while to research. Please be patient with me.

Take note of the following before we begin
Post to this thread only and please stick to it until I say your pc is clean.
The instructions I give are for This computer only and should not be used on any other pc.
Do NOT run any tools/scans unless I instruct you to.
Try not to install/uninstall any programs while we work. This will add extra time researching your logs.
If you have found assistance elsewhere and no longer require our help, please say so, and this topic will be closed.
If you have any problems, please stop and ask before proceeding with any fixes.
Make sure you read This (http://forums.spybot.info/showthread.php?t=288) topic, especially parts for backing up the Registry
Note: As I'm still in training, everything I post must be checked by a teacher first. So there may be a slight delay in between posts.

2010-10-18 22:47:42 -------- d-s---w- C:\ComboFix
2010-10-17 05:14:43 -------- d-----w- C:\ComboFix(2)

You should not be running ComboFix unless instructed, as explained here. (http://forums.spybot.info/showthread.php?t=16806)
Unless CF removed anything you may have done more damage than good i'm afraid.

From right-clicking on the Start button and selecting Explore find this file below:

C:\Combofix.txt

Or it may be similar to this:

C:\Qoobox\Combofix.txt

Please post the log in your next reply along with this log:

C:\Qoobox\ComboFix-quarantined-files.txt

Do you need help?

serbiangirl99 this thread has been archived due to inactivity.

As it has been four days or more since your last post, and the helper assisting you posted a response to which you did not reply, your topic will not be re-opened. If you still require help, please start a new topic and include a DDS log with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.

Thank you airscape. :)