I did as you said and I removed the files you listed as you can see below...and hey...my google seems to be working fine nowI'm super impressed and thank you! If there is anything else please let me know but I will post tomorrow to let know how I am getting on.
[==========] AnalyzerXP 3.6 by TL - forum.networktechs.com (www.IamNotaGeek.com) [==========]
17/06/2007
20:40
Some of the files listed could be safe and valid, so before you do anything, research further.
You could also submit this log on forum.networktechs.com - Spyware Central for help.
Volume in drive C has no label.
Volume Serial Number is 1CEC-78DA
Directory of C:\WINDOWS\Tasks
07/06/2007 01:22 268 Uniblue SpyEraser Nag.job
07/06/2007 01:21 342 Uniblue SpyEraser.job
2 File(s) 610 bytes
0 Dir(s) 63,765,659,648 bytes free
TaskName Next Run Time Status
==================================== ======================== ===============
MP Scheduled Scan 02:12:00, 18/06/2007
Uniblue SpyEraser Nag 15:14:00, 21/06/2007
Uniblue SpyEraser Never
=====] Looking for suspicious file types in WINDOWS folder:
W32i - - - - 37,027 03-25-2007 c:\windows\atmoun.exe
W32i - - - - 49,152 11-29-2005 c:\windows\setpwrcg.exe
Volume in drive C has no label.
Volume Serial Number is 1CEC-78DA
Directory of C:\WINDOWS
W32i - - - - 24,576 09-18-2003 c:\windows\system32\cpl_moh.cpl
W32i - - - - 32,768 04-20-2005 c:\windows\system32\instlsp.exe
W32i - - - - 40,960 01-19-2001 c:\windows\system32\instmon.exe
W32i - - - - 145,408 11-06-2005 c:\windows\system32\lame.exe
W32i - - - - 237,568 08-07-2003 c:\windows\system32\lame_enc.dll
W32i - - - - 86,016 08-18-2003 c:\windows\system32\lxbkih.exe
W32i - - - - 77,824 08-18-2003 c:\windows\system32\lxbklcnp.dll
W32i - - - - 40,960 11-13-2002 c:\windows\system32\lxbkvs.dll
W32i - - - - 258,560 11-17-2005 c:\windows\system32\musictagsax.dll
W32i - - - - 65,536 01-25-2007 c:\windows\system32\nmsaccess.exe
W32i - - - - 157,696 07-19-2002 c:\windows\system32\oggenc.exe
DOS - - - - 38,567 03-14-2002 c:\windows\system32\pcpbios.exe
W32i - - - - 4,103,032 03-26-2007 c:\windows\system32\spoonuninstall.exe
W32i - - - - 4,096 08-16-1998 c:\windows\system32\sysres.dll
W32i - - - - 73,728 04-20-2003 c:\windows\system32\vumeter.ax
W32i - - - - 40,960 06-25-2002 c:\windows\system32\wavdest.ax
05/09/2006 23:01 2,455,488 ieapfltr.dat
22/11/2006 20:50 778,240 asrecmms.ocx
25/06/2006 20:56 176,128 dvdauthor.ocx
=====] Looking for suspicious file types in Current User profile:
W32i APP ENU 1.20.100.1203 shp 24,576 07-25-2002 c:\windows\downloaded program files\dwusplay.dll
W32i APP ENU 1.20.100.1203 shp 196,608 07-25-2002 c:\windows\downloaded program files\dwusplay.exe
W32i APP ENU 3.10.100.1155 shp 323,584 07-27-2004 c:\windows\downloaded program files\isusweb.dll
=====] List of files located at the root of the C Drive:
Volume in drive C has no label.
Volume Serial Number is 1CEC-78DA
Directory of C:\
04/12/2005 01:16 735 892.cin
03/03/2006 19:31 12,284,879 AVG7QT.DAT
29/11/2005 14:52 4,098 dell.sdr
04/12/2005 16:52 4,128 INFCACHE.1
10/08/2004 14:04 0 IO.SYS
10/08/2004 14:04 0 MSDOS.SYS
15/12/2005 18:40 168 setupfax.log
31/10/2005 16:56 700,416 StubInstaller.exe
21 File(s) 12,997,217 bytes
0 Dir(s) 63,765,250,048 bytes free
=====] Directory Analysis - PROGRAM FILES:
01/04/2006 14:42 <DIR> Ahead
13/03/2006 22:11 <DIR> OLYMPUS
03/03/2006 19:29 <DIR> Grisoft
17/01/2006 23:55 <DIR> McAfee
(Ignore the ones you know of)
=====] Directory Analysis - COMMON FILES (subfolder of Program Files folder):
=====] Directory Analysis - WINDOWS folder:
Volume Serial Number is 1CEC-78DA
Directory of C:\WINDOWS
05/06/2007 17:18 <DIR> ie7updates
04/06/2007 17:29 <DIR> WBEM
04/06/2007 17:28 <DIR> ie7
04/06/2007 17:25 <DIR> network diagnostic
27/01/2006 13:16 <DIR> Minidump
0 File(s) 0 bytes
157 Dir(s) 63,765,270,528 bytes free
=====] Process Analysis - User-based processes with their Services:
Image Name PID Services
========================= ====== =============================================
ctfmon.exe 1872 N/A
lxbkbmgr.exe 1564 N/A
tfswctrl.exe 1820 N/A
lxbkbmon.exe 1828 N/A
igfxpers.exe 204 N/A
realsched.exe 236 N/A
MSASCui.exe 380 N/A
avgcc.exe 468 N/A
qttask.exe 340 N/A
GoogleToolbarNotifier.exe 604 N/A
msmsgs.exe 712 N/A
alg.exe 3188 ALG
=====] Process Analysis - Currently running Service based Processes:
Image Name PID Session Name Session# Mem Usage
========================= ====== ================ ======== ============
MsMpEng.exe 1224 Console 0 18,536 K
LEXBCES.EXE 1864 Console 0 3,444 K
ctfmon.exe 1872 Console 0 4,032 K
LEXPPS.EXE 1904 Console 0 3,304 K
guard.exe 416 Console 0 1,404 K
avgamsvr.exe 500 Console 0 748 K
avgupsvc.exe 640 Console 0 664 K
avgemc.exe 676 Console 0 1,872 K
lxbkbmgr.exe 1564 Console 0 3,672 K
tfswctrl.exe 1820 Console 0 4,484 K
lxbkbmon.exe 1828 Console 0 3,428 K
igfxpers.exe 204 Console 0 3,832 K
realsched.exe 236 Console 0 180 K
MSASCui.exe 380 Console 0 7,472 K
avgcc.exe 468 Console 0 860 K
qttask.exe 340 Console 0 4,696 K
GoogleToolbarNotifier.exe 604 Console 0 2,112 K
msmsgs.exe 712 Console 0 6,644 K
alg.exe 3188 Console 0 3,472 K
=====] System Variables:
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Gerry B\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=GERRY
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Gerry B
LOGONSERVER=\\GERRY
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\GERRYB~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\GERRYB~1\LOCALS~1\Temp
USERDOMAIN=GERRY
USERNAME=Gerry B
USERPROFILE=C:\Documents and Settings\Gerry B
windir=C:\WINDOWS
[====================] End of Log [====================]
Reply With Quote