Have tried several attempts to remove these two. Not sure if successful. Below is Log from HijackThis. Thank you.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:08:05 PM, on 2/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
F:\WINDOWS\system32\brsvc01a.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\brss01a.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
F:\Program Files\Canon\VDC\AuVdc.exe
F:\Program Files\Cepstral\bin\CepstralLicSrv.exe
F:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
F:\Program Files\LogMeIn\x86\RaMaint.exe
F:\Program Files\LogMeIn\x86\LogMeIn.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
F:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
F:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe
F:\Program Files\LogMeIn\x86\LogMeInSystray.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\WINDOWS\system32\WDBtnMgr.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\My Book\WD Backup\uBBMonitor.exe
F:\Program Files\Memturbo 4\MemTurbo.exe
F:\Program Files\WallpaperToy\Wallpapertoy.Exe
F:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
F:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [UIUCU] F:\DOCUME~1\Admin\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [vptray] F:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
O4 - HKLM\..\Run: [QuickBooksDB] F:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe -n QB_XP-THAI_16 -qs -gd ALL -gk all -gp 4096 -gu all -ch 64M -c 32M -x tcpip(BroadcastListener=NO;port=10160) -ti 0 -ec simple -ct- -qi -qw -oe DBStartup.log -tl 120 -u -y
O4 - HKLM\..\Run: [eFax 4.3] "F:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [LogMeIn GUI] "F:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [8c32d5a2] rundll32.exe "F:\WINDOWS\system32\vnqycbdf.dll",b
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA4915] command /c del "F:\WINDOWS\system32\awvvs.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5047] cmd /c del "F:\WINDOWS\system32\awvvs.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2461] command /c del "F:\WINDOWS\system32\miebqzlg.dllbox"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5614] cmd /c del "F:\WINDOWS\system32\miebqzlg.dllbox"
O4 - HKLM\..\RunOnce: [SpybotDeletingA418] command /c del "F:\WINDOWS\system32\miebqzlg.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9882] cmd /c del "F:\WINDOWS\system32\miebqzlg.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6654] command /c del "F:\WINDOWS\system32\miebqzlg.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4217] cmd /c del "F:\WINDOWS\system32\miebqzlg.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1165] command /c del "F:\WINDOWS\system32\ilrqbpmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8050] cmd /c del "F:\WINDOWS\system32\ilrqbpmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6686] command /c del "F:\WINDOWS\system32\ilrqbpmk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1284] cmd /c del "F:\WINDOWS\system32\ilrqbpmk.dll"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [smartwallpaper] F:\Program Files\Ectosoft\Smart Wallpaper Lite\smartwallpaper.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - S-1-5-18 Startup: Adobe Acrobat Speed Launcher.lnk = ? (User 'SYSTEM')
O4 - S-1-5-18 Startup: WD Backup Monitor.lnk = F:\Program Files\My Book\WD Backup\uBBMonitor.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Adobe Acrobat Speed Launcher.lnk = ? (User 'Default user')
O4 - .DEFAULT Startup: WD Backup Monitor.lnk = F:\Program Files\My Book\WD Backup\uBBMonitor.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: MemTurbo.lnk = F:\Program Files\Memturbo 4\MemTurbo.exe
O4 - Startup: Wallpaper Changer.lnk = F:\Program Files\WallpaperToy\Wallpapertoy.Exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: WD Backup Monitor.lnk = F:\Program Files\My Book\WD Backup\uBBMonitor.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n042p/EN/install/gtdownlr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179079948331
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1179427753913
O16 - DPF: {944713E8-1F29-42D9-ABD5-557728B9AC97} (PtClickLoanWF Control) - https://ilnet.wellsfargo.com/ilonline/clickloan/ptclickloanwf.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://upload.mediamax.com/Upload/XUpload.ocx
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F302553B-48CC-471A-9419-B5F578BAACCC}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Brother BRAdminPro Scheduler (BRA_Scheduler) - Unknown owner - F:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - F:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Canon NetSpot Suite Service - CANON INC. - F:\Program Files\Canon\VDC\AuVdc.exe
O23 - Service: Cepstral License Server - Cepstral, LLC - F:\Program Files\Cepstral\bin\CepstralLicSrv.exe
O23 - Service: DefWatch - Symantec Corporation - F:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - F:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - F:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - F:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
--
End of file - 11289 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:08:05 PM, on 2/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
F:\WINDOWS\system32\brsvc01a.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\brss01a.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
F:\Program Files\Canon\VDC\AuVdc.exe
F:\Program Files\Cepstral\bin\CepstralLicSrv.exe
F:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
F:\Program Files\LogMeIn\x86\RaMaint.exe
F:\Program Files\LogMeIn\x86\LogMeIn.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
F:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
F:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe
F:\Program Files\LogMeIn\x86\LogMeInSystray.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\WINDOWS\system32\WDBtnMgr.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\My Book\WD Backup\uBBMonitor.exe
F:\Program Files\Memturbo 4\MemTurbo.exe
F:\Program Files\WallpaperToy\Wallpapertoy.Exe
F:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
F:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [UIUCU] F:\DOCUME~1\Admin\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [vptray] F:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
O4 - HKLM\..\Run: [QuickBooksDB] F:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe -n QB_XP-THAI_16 -qs -gd ALL -gk all -gp 4096 -gu all -ch 64M -c 32M -x tcpip(BroadcastListener=NO;port=10160) -ti 0 -ec simple -ct- -qi -qw -oe DBStartup.log -tl 120 -u -y
O4 - HKLM\..\Run: [eFax 4.3] "F:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [LogMeIn GUI] "F:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [8c32d5a2] rundll32.exe "F:\WINDOWS\system32\vnqycbdf.dll",b
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA4915] command /c del "F:\WINDOWS\system32\awvvs.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5047] cmd /c del "F:\WINDOWS\system32\awvvs.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2461] command /c del "F:\WINDOWS\system32\miebqzlg.dllbox"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5614] cmd /c del "F:\WINDOWS\system32\miebqzlg.dllbox"
O4 - HKLM\..\RunOnce: [SpybotDeletingA418] command /c del "F:\WINDOWS\system32\miebqzlg.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9882] cmd /c del "F:\WINDOWS\system32\miebqzlg.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6654] command /c del "F:\WINDOWS\system32\miebqzlg.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4217] cmd /c del "F:\WINDOWS\system32\miebqzlg.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1165] command /c del "F:\WINDOWS\system32\ilrqbpmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8050] cmd /c del "F:\WINDOWS\system32\ilrqbpmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6686] command /c del "F:\WINDOWS\system32\ilrqbpmk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1284] cmd /c del "F:\WINDOWS\system32\ilrqbpmk.dll"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [smartwallpaper] F:\Program Files\Ectosoft\Smart Wallpaper Lite\smartwallpaper.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - S-1-5-18 Startup: Adobe Acrobat Speed Launcher.lnk = ? (User 'SYSTEM')
O4 - S-1-5-18 Startup: WD Backup Monitor.lnk = F:\Program Files\My Book\WD Backup\uBBMonitor.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Adobe Acrobat Speed Launcher.lnk = ? (User 'Default user')
O4 - .DEFAULT Startup: WD Backup Monitor.lnk = F:\Program Files\My Book\WD Backup\uBBMonitor.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: MemTurbo.lnk = F:\Program Files\Memturbo 4\MemTurbo.exe
O4 - Startup: Wallpaper Changer.lnk = F:\Program Files\WallpaperToy\Wallpapertoy.Exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: WD Backup Monitor.lnk = F:\Program Files\My Book\WD Backup\uBBMonitor.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n042p/EN/install/gtdownlr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179079948331
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1179427753913
O16 - DPF: {944713E8-1F29-42D9-ABD5-557728B9AC97} (PtClickLoanWF Control) - https://ilnet.wellsfargo.com/ilonline/clickloan/ptclickloanwf.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://upload.mediamax.com/Upload/XUpload.ocx
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F302553B-48CC-471A-9419-B5F578BAACCC}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Brother BRAdminPro Scheduler (BRA_Scheduler) - Unknown owner - F:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - F:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Canon NetSpot Suite Service - CANON INC. - F:\Program Files\Canon\VDC\AuVdc.exe
O23 - Service: Cepstral License Server - Cepstral, LLC - F:\Program Files\Cepstral\bin\CepstralLicSrv.exe
O23 - Service: DefWatch - Symantec Corporation - F:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - F:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - F:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - F:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
--
End of file - 11289 bytes