Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post Family Cyber Removal
Go to first new post Something is very wrong with pc it takes ...
Go to first new post How did you find PC CLEANER PRO on my c ...
Go to first new post Trojan: Win32/Alureon.FK - hijack this l ...
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Missing Photos/Black Desktop/Phantom Use ...
Go to first new post Network, good; Internet, bad
Go to first new post Need Help
Go to first new post Odd Processes/SCODEF-CREDAT/possible vir ...
Go to first new post Google Hijacker/Google Search Result vir ...
Go to first new post server not found
Go to first new post slow computer, downloads over a few mb f ...
Go to first new post Ramnit virus, nearly cleared
Go to first new post Windows live Messenger Virus
Go to first new post We Got System Checked :-(
Tag Cloud
access acer asus bios bsod computer crash desktop drive driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory missing monitor motherboard network printer problem ram random registry router slow software sound trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Please help with a HJT log (In Progress)

Reply  
Thread Tools
KLSICO78's Avatar
Junior Member with 5 posts.
  
Join Date: Nov 2009
Experience: Einstein
02-Nov-2009, 05:58 PM #1
Please help with a HJT log
Hello,
My computer keeps opening all kinds of windows on its own. Someone said I probably have a Trojan. I did a Hijack this and the results are below.
Thank you for any assistance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:43:48 PM, on 11/2/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\RegCure\RegCure.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\COMMON~1\AOL\125619~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\Crawler\Smileys\CSmileysIM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\REBATE~1\REBATE~1.EXE
C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe
C:\PROGRA~1\COMMON~1\AOL\125619~1\EE\AOLServiceHost.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\rsvp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
C:\PROGRA~1\REBATE~1\REBATE~1.EXE
C:\PROGRA~1\Crawler\Smileys\CSMILE~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80167
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...s=DTP&M=GT5224
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60179
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_cu...spx?TbId=60179
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...s=DTP&M=GT5224
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.alot.com/sidebar?pr=as...spx?tbid=80167 (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_cu...spx?TbId=60179
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.alot.com/web?q=&pr=aut...sion=2.5.6.471
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O2 - BHO: ALOT Toolbar Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\alot.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\PROGRA~1\REBATE~1\RebateI.dll
O2 - BHO: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1256190800\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe"
O4 - HKLM\..\Run: [CSmileys] "C:\PROGRA~1\Crawler\Smileys\CSmileysIM.exe"
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [RebateInformer] C:\PROGRA~1\REBATE~1\REBATE~1.EXE /STARTUP
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe" -auto
O4 - HKCU\..\Run: [CSmileys] "C:\PROGRA~1\Crawler\Smileys\CSmileysIM.exe"
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\A Fairy Tale\Images\stg_drm.ocx
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Babysitting Mania\Images\armhelper.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\PROGRA~1\REBATE~1\RebateI.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Update Service (gupdate1ca5452c5e04f06) (gupdate1ca5452c5e04f06) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
--
End of file - 13907 bytes
Register for free to hide this ad!
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
05-Nov-2009, 07:42 PM #2
Welcome to TSG

Please download Malwarebytes' Anti-Malware from Here.



Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:



If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.



====================================================

We need to see some additional information about what is happening in your machine.
Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool.
  • When done, DDS will open two (2) logs
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop.
  • The instructions here ask you to attach the Attach.txt.

  • Instead of attaching, please copy/past both logs into your next reply.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE
__________________
Microsoft Valuable Professional Consumer--Security 2007-2010
Please make a donation to keep the site running. All proceeds go directly to the site!!! Donate Here
KLSICO78's Avatar
Junior Member with 5 posts.
  
Join Date: Nov 2009
Experience: Einstein
11-Nov-2009, 04:57 PM #3
Thank you very much for helping and here are the logs in the order that you requested them:

Malwarebytes' Anti-Malware 1.41
Database version: 3149
Windows 5.1.2600 Service Pack 2
11/11/2009 12:42:41 PM
mbam-log-2009-11-11 (12-42-41).txt
Scan type: Quick Scan
Objects scanned: 133166
Time elapsed: 13 minute(s), 1 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100e b1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c542 8486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c542 8486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4a7c 84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3 d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3 d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Owner.YOUR-9C328443BC\Local Settings\Temporary Internet Files\Content.IE5\W5UZ4PYN\setup[1].exe (Adware.Hotbar) -> Quarantined and deleted successfully.
-----------------------------------------------------------------------the DDS.txt log:


DDS (Ver_09-10-26.01) - NTFSx86
Run by Owner at 12:48:33.75 on Wed 11/11/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.485 [GMT -8:00]
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall Plus *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\zHotkey.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\PROGRA~1\COMMON~1\AOL\125619~1\EE\AOLHOS~1.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\COMMON~1\AOL\125619~1\EE\AOLServiceHost.exe
C:\PROGRA~1\Crawler\Smileys\CSmileysIM.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\REBATE~1\REBATE~1.EXE
C:\Program Files\Free Ride Games\GPlayer.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
svchost.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\rsvp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\PROGRA~1\REBATE~1\REBATE~1.EXE
C:\PROGRA~1\Crawler\Smileys\CSMILE~1.EXE
C:\Documents and Settings\Owner.YOUR-9C328443BC\Local Settings\Temporary Internet Files\Content.IE5\7YFQ7BES\dds[1].scr
============== Pseudo HJT Report ===============
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5224
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5224
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://search.alot.com/web?q=&pr=auto&client_id=B3A3336001CA5404001F1546&install_time=23-10-2009:07:17&src_id=11338&camp_id=1003&tb_version=2.5.6.471
mSearchAssistant = hxxp://search.alot.com/sidebar?pr=asst&client_id=B3A3336001CA5404001F1546&install_time=23-10-2009:07:17&src_id=11338&camp_id=1003&tb_version=2.5.6.471&url=http%3A%2F%2F www%2Egoogle%2Ecom%2F
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60179
uURLSearchHooks: N/A: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: ALOT Toolbar Helper: {14ceeaff-96dd-4101-ae37-d5ecdc23c3f6} - c:\program files\alot\bin\alot.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: McAfee Anti-Phishing Filter: {41d68ed8-4cff-4115-88a6-6ebb8af19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll
BHO: : {ccb69577-088b-4004-9ed8-ff5bcc83a039} - c:\progra~1\rebate~1\RebateI.dll
BHO: : {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: McAfee VirusScan: {ba52b914-b692-46c4-b683-905236f6f655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: ALOT Toolbar: {5aa2ba46-9913-4dc7-9620-69ab0fa17ae7} - c:\program files\alot\bin\alot.dll
TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll
TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [Power2GoExpress] NA
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [RebateInformer] c:\progra~1\rebate~1\REBATE~1.EXE /STARTUP
uRun: [CSmileys] "c:\progra~1\crawler\smileys\CSmileysIM.exe"
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [Exetender] "c:\program files\free ride games\GPlayer.exe" /runonstartup
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [readericon] c:\program files\digital media reader\readericon45G.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [CHotkey] zHotkey.exe
mRun: [HostManager] c:\program files\common files\aol\1256190800\ee\AOLHostManager.exe
mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"
mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exe
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [CCUTRAYICON] c:\program files\intel\inteldh\ccu\CCU_TrayIcon.exe
mRun: [NMSSupport] "c:\program files\common files\intel\inteldh\nms\support\IntelHCTAgent.exe" /startup
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [IntelAudioStudio] "c:\program files\intel audio studio\IntelAudioStudio.exe" TRAY
mRun: [VSOCheckTask] "c:\progra~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
mRun: [OASClnt] c:\program files\mcafee.com\vso\oasclnt.exe
mRun: [MCAgentExe] c:\progra~1\mcafee.com\agent\mcagent.exe
mRun: [MCUpdateExe] c:\progra~1\mcafee.com\agent\mcupdate.exe
mRun: [MSKAGENTEXE] c:\progra~1\mcafee\spamki~1\MskAgent.exe
mRun: [MSKDetectorExe] c:\progra~1\mcafee\spamki~1\MSKDetct.exe /startup
mRun: [VirusScan Online] c:\progra~1\mcafee.com\vso\mcvsshld.exe
mRun: [MPFExe] c:\progra~1\mcafee.com\person~1\MpfTray.exe
mRun: [CSmileys] "c:\progra~1\crawler\smileys\CSmileysIM.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [Exetender] "c:\program files\free ride games\GPlayer.exe /runonstartup"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bigfix.lnk - c:\program files\bigfix\bigfix.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - {7DD73374-7187-4103-8F29-622AA25E7C40} - c:\program files\mcafee\spamkiller\mcapfbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file://c:\program files\a fairy tale\images\stg_drm.ocx
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file://c:\program files\babysitting mania\images\armhelper.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll
Handler: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - c:\progra~1\rebate~1\RebateI.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
============= SERVICES / DRIVERS ===============
R2 X4HS32Ex;X4HS32Ex;c:\program files\free ride games\X4HS32Ex.sys [2009-11-5 53280]
S2 gupdate1ca5452c5e04f06;Google Update Service (gupdate1ca5452c5e04f06);c:\program files\google\update\GoogleUpdate.exe [2009-10-23 133104]
S3 getPlusHelper;getPlus(R) Helper;c:\windows\system32\svchost.exe -k getPlusHelper [2008-9-16 14336]
=============== Created Last 30 ================
2009-11-11 20:27:34 0 d-----w- c:\docume~1\owner~1.you\applic~1\Malwarebytes
2009-11-11 20:27:29 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-11 20:27:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-11 20:27:27 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-11 20:27:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-11-10 21:07:02 0 d-----w- c:\windows\system32\appmgmt
2009-11-10 20:50:31 0 d-----w- c:\windows\pss
2009-11-07 16:58:57 0 d-----w- C:\Owner.YOUR-9C328443BC
2009-11-07 16:58:57 0 d-----w- c:\documents and settings\owner.your-9c328443bc\Owner.YOUR-9C328443BC
2009-11-07 16:58:57 0 d-----w- c:\docume~1\owner~1.you\applic~1\cs
2009-11-07 16:58:57 0 d-----w- c:\docume~1\owner~1.you\applic~1\Application Data
2009-11-06 00:55:32 2509124 ----a-w- C:\lma_log.html
2009-11-06 00:53:49 64 ----a-w- c:\windows\GPlrLanc.dat
2009-11-06 00:53:49 37033 ------w- c:\windows\FRGT.ico
2009-11-06 00:53:22 0 d-----w- c:\docume~1\alluse~1\applic~1\Free Ride Games
2009-11-06 00:53:16 53314 ------w- c:\windows\ExentInfo.exe
2009-11-06 00:53:12 475136 ----a-w- c:\windows\Living Marine Aquarium 2 Full.scr
2009-11-06 00:53:11 0 d-----w- c:\program files\Free Ride Games
2009-11-06 00:53:07 0 d-----w- C:\Remote Programs
2009-11-06 00:53:07 0 d-----w- c:\program files\Freeze.com
2009-11-06 00:53:02 0 d-----w- c:\program files\Free Offers from Freeze.com
2009-11-06 00:52:37 0 d-----w- c:\docume~1\owner~1.you\applic~1\WeatherBug
2009-11-06 00:52:27 495616 ----a-w- c:\windows\system32\WINUTIL5.DLL
2009-11-06 00:52:26 835584 ----a-w- c:\windows\system32\WINCTL4.OCX
2009-11-06 00:52:26 393216 ----a-w- c:\windows\system32\WINLCTL5.DLL
2009-11-06 00:52:25 0 d-----w- c:\program files\Winferno
2009-11-06 00:51:11 0 d-----w- c:\program files\My.Freeze.com NetAssistant
2009-11-06 00:51:05 0 d-----w- c:\program files\Yahoo!
2009-11-02 21:43:38 0 d-----w- c:\program files\Trend Micro
2009-10-26 02:33:33 0 d-----w- c:\program files\Crawler
2009-10-26 01:58:12 0 d-----w- c:\docume~1\owner~1.you\applic~1\RebateInformer
2009-10-26 01:57:54 0 d-----w- c:\program files\RebateInformer
2009-10-26 01:57:54 0 d-----w- c:\program files\Inbox.com
2009-10-26 01:56:09 0 d-----w- c:\docume~1\owner~1.you\applic~1\Inbox Toolbar
2009-10-26 01:56:08 0 d-----w- c:\program files\Inbox Toolbar
2009-10-25 03:42:40 0 d-----w- c:\docume~1\owner~1.you\applic~1\FairyTale
2009-10-25 03:21:39 0 d-----w- c:\docume~1\alluse~1\applic~1\Gogii
2009-10-25 03:21:07 0 d-----w- c:\docume~1\owner~1.you\applic~1\SpinTop
2009-10-25 03:13:47 19 ----a-w- c:\windows\popcinfo.dat
2009-10-25 02:51:53 0 d-----w- c:\program files\Shockwave.com
2009-10-24 23:28:06 0 ----a-w- c:\docume~1\owner~1.you\applic~1\wklnhst.dat
2009-10-24 17:17:20 0 d-----w- c:\docume~1\owner~1.you\applic~1\GOL_byHasbro
2009-10-24 02:44:07 0 d-----w- c:\documents and settings\owner.your-9c328443bc\Saved Games
2009-10-24 02:44:07 0 d-----w- c:\docume~1\owner~1.you\applic~1\Flood Light Games
2009-10-24 02:44:07 0 d-----w- c:\docume~1\alluse~1\applic~1\Flood Light Games
2009-10-24 02:37:37 0 d-----w- c:\docume~1\owner~1.you\applic~1\gamehouse
2009-10-24 02:37:37 0 d-----w- c:\docume~1\alluse~1\applic~1\gamehouse
2009-10-24 02:37:33 0 d-----w- c:\docume~1\alluse~1\applic~1\Trymedia
2009-10-24 02:36:43 0 d-----w- C:\GameHouse Games
2009-10-24 02:36:42 0 d-----w- c:\program files\Zylom Games
2009-10-24 02:36:42 0 d-----w- c:\docume~1\alluse~1\applic~1\Zylom
2009-10-24 02:35:53 0 d-----w- c:\program files\RealArcade
2009-10-23 23:54:10 1089601 -c----w- c:\windows\system32\dllcache\ntprint.cat
2009-10-23 17:17:29 0 d-----w- c:\program files\alot
2009-10-23 17:17:29 0 d-----w- c:\docume~1\owner~1.you\applic~1\alot
2009-10-23 08:07:26 0 d-----w- c:\windows\system32\XPSViewer
2009-10-23 08:07:02 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-10-23 08:07:02 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-10-23 08:07:02 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-10-23 08:07:02 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-10-23 08:07:02 117760 ------w- c:\windows\system32\prntvpt.dll
2009-10-23 08:07:01 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-10-23 08:07:01 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-10-23 08:07:01 0 d-----w- C:\cc33cc24d64248787a2267fdef
2009-10-23 08:04:44 0 d-----w- c:\program files\MSXML 6.0
2009-10-23 03:33:11 0 d-----w- C:\Microgaming
2009-10-23 03:27:14 0 d-----w- c:\docume~1\owner~1.you\applic~1\VTExtra
2009-10-22 19:07:07 0 d-s---w- c:\documents and settings\owner.your-9c328443bc\UserData
2009-10-22 19:03:46 0 d-----w- c:\docume~1\owner~1.you\applic~1\McAfee.com Personal Firewall
2009-10-22 18:44:29 0 d-----w- c:\windows\ServicePackFiles
2009-10-22 18:42:23 0 d-----w- c:\program files\MSXML 4.0
2009-10-22 10:11:12 0 d-----w- c:\windows\system32\CatRoot_bak
2009-10-22 10:05:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-10-22 10:05:07 128512 -c----w- c:\windows\system32\dllcache\dhtmled.ocx
2009-10-22 10:04:28 202752 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-10-22 10:04:26 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-10-22 10:04:20 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-10-22 10:04:19 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-10-22 10:03:02 683520 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-10-22 10:02:15 2142720 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-10-22 10:02:14 2185984 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-10-22 10:02:13 2062976 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-10-22 10:02:13 2020864 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-10-22 10:02:06 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll
2009-10-22 10:01:54 332800 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-10-22 10:01:52 1106944 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-10-22 10:01:20 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-10-22 10:01:20 1193414 -c----w- c:\windows\system32\dllcache\sysmain.sdb
2009-10-22 10:00:26 0 d-----w- c:\windows\system32\PreInstall
2009-10-22 06:43:17 0 d-----w- c:\docume~1\owner~1.you\applic~1\WildTangent
2009-10-22 06:32:03 0 d-----w- c:\program files\McAfee Security Scan
2009-10-22 06:32:03 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2009-10-22 06:27:08 0 d-----w- c:\docume~1\owner~1.you\applic~1\You've Got Pictures Screensaver
2009-10-22 06:25:25 0 d-----w- c:\windows\system32\SoftwareDistribution
2009-10-22 06:22:14 8192 ----a-w- c:\windows\REGLOCS.OLD
2009-10-22 06:14:06 0 ----a-w- c:\windows\system32\GATEWA_GT5224__CCZ6AF1002899.MRK
2009-10-22 06:13:59 333 ----a-w- c:\windows\system32\$ncsp$.inf
2009-10-22 06:12:29 139264 ----a-w- c:\windows\system32\igfxres.dll
2009-10-22 06:10:58 94944 ----a-w- c:\windows\system32\Status.MPF
2009-10-22 06:06:01 0 d-----w- c:\program files\McAfee
2009-10-22 06:05:57 9216 ----a-w- c:\windows\system32\MpfApi.dll
2009-10-22 06:05:57 80640 ----a-w- c:\windows\system32\drivers\MpFirewall.sys
2009-10-22 06:05:53 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee.com Personal Firewall
2009-10-22 06:05:43 114464 ----a-w- c:\windows\system32\drivers\naiavf5x.sys
2009-10-22 06:05:32 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee.com
2009-10-22 06:04:59 349760 ----a-w- c:\windows\system32\mcinsctl.dll
2009-10-22 06:04:59 288320 ----a-w- c:\windows\system32\mcgdmgr.dll
2009-10-22 06:04:59 0 d-----w- c:\program files\McAfee.com
2009-10-22 06:03:36 23552 ----a-w- c:\windows\system32\jesterss.dll
2009-10-22 06:03:36 1239209 ----a-w- c:\windows\system32\gtw_logo.scr
2009-10-22 06:03:36 1150 ----a-w- c:\windows\system32\gtw.ico
2009-10-22 06:03:36 0 d-----w- c:\program files\gtw_logo
2009-10-22 06:03:32 741376 ----a-w- c:\windows\system32\BigFixSuppress.exe
2009-10-22 06:03:32 741376 ----a-w- c:\windows\system32\BigFixShortcutInStartup.exe
2009-10-22 06:03:30 67072 ----a-w- c:\windows\POWERCFG.EXE
2009-10-22 06:03:03 0 d-----w- c:\program files\Microsoft Money 2006
2009-10-22 06:02:39 0 d-----w- c:\program files\Intel Audio Studio
2009-10-22 06:01:57 0 d-----w- c:\program files\SigmaTel
2009-10-22 06:01:54 126976 ----a-w- c:\windows\system32\Imsmudlg.exe
2009-10-22 05:57:42 0 d-----w- c:\program files\common files\Intel
2009-10-22 05:54:32 0 d-----w- c:\program files\MSN Encarta Plus
2009-10-22 05:54:20 173184 ----a-w- c:\windows\system32\ygpss.scr
2009-10-22 05:54:20 0 d-----w- c:\program files\common files\Nullsoft
2009-10-22 05:54:08 86016 ----a-w- c:\windows\unvise32qt.exe
2009-10-22 05:54:04 0 d-----w- c:\windows\system32\QuickTime
2009-10-22 05:54:00 8552 ----a-w- c:\windows\system32\drivers\asctrm.sys
2009-10-22 05:54:00 0 d-----w- C:\My Music
2009-10-22 05:53:56 0 d-----w- c:\program files\common files\Real
2009-10-22 05:53:46 0 d-----w- c:\docume~1\alluse~1\applic~1\Viewpoint
2009-10-22 05:53:45 0 d-----w- c:\program files\Viewpoint
2009-10-22 05:53:45 0 d-----w- c:\docume~1\alluse~1\applic~1\Pure Networks
2009-10-22 05:53:42 0 d-----w- c:\program files\Pure Networks
2009-10-22 05:53:35 0 d-----w- c:\program files\common files\AolCoach
2009-10-22 05:53:19 0 d-----w- c:\program files\common files\aolshare
2009-10-22 05:53:19 0 d-----w- c:\program files\America Online 9.0
2009-10-22 05:53:13 0 d-----w- c:\program files\common files\AOL
2009-10-22 05:53:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Napster
2009-10-22 05:53:00 0 d-----w- c:\program files\Napster
2009-10-22 05:52:41 550912 ----a-w- c:\windows\zHotkey.exe
2009-10-22 05:52:41 532544 ----a-w- c:\windows\PIC.dll
2009-10-22 05:52:41 5280 ----a-w- c:\windows\hotbtnv.vxd
2009-10-22 05:52:41 4223 ----a-w- c:\windows\mHotkey.reg
2009-10-22 05:52:41 42040 ----a-w- c:\windows\PatchWnd.exe
2009-10-22 05:52:41 36864 ----a-w- c:\windows\ShowWnd.exe
2009-10-22 05:52:41 24576 ----a-w- c:\windows\HKNTDLL.dll
2009-10-22 05:52:41 11776 ----a-w- c:\windows\HIDMNT.dll
2009-10-22 05:52:23 4 ----a-w- c:\windows\Pix11.dat
2009-10-22 05:51:50 0 d-----w- c:\program files\Microsoft Digital Image 2006
2009-10-22 05:51:45 89088 ----a-r- c:\windows\system32\atl71.dll
2009-10-22 05:49:56 0 d-----w- c:\docume~1\alluse~1\applic~1\WildTangent
2009-10-22 05:49:52 0 d-----w- c:\windows\wt
2009-10-22 05:49:52 0 d-----w- c:\program files\WildTangent
2009-10-22 05:49:47 0 d-----w- c:\program files\Gateway Games
2009-10-22 05:49:35 20480 ----a-w- c:\windows\system32\Marker32.exe
2009-10-22 05:49:25 49265 ----a-w- c:\windows\system32\jpicpl32.cpl
2009-10-22 05:48:59 2238 ----a-w- c:\windows\system32\32-aol.ico
2009-10-22 05:48:59 1406 ----a-w- c:\windows\system32\16-aol.ico
2009-10-22 05:48:58 94208 ----a-w- c:\windows\system32\bae.dll
2009-10-22 05:48:41 13352 ----a-w- c:\windows\BigFixClientOverride.dll
2009-10-22 05:48:40 0 d-----w- c:\program files\BigFix
2009-10-22 05:47:47 0 d-----w- c:\program files\Digital Media Reader
2009-10-22 05:47:43 0 d-----w- c:\windows\Downloaded Installations
2009-10-22 05:46:49 376 ----a-w- c:\windows\ODBC.INI
2009-10-22 05:46:44 24816 ----a-w- c:\windows\system32\mdimon.dll
2009-10-22 05:46:15 0 d-----w- c:\program files\Microsoft ActiveSync
2009-10-22 05:45:58 0 d-----w- c:\windows\SHELLNEW
2009-10-22 05:44:32 51656 ----a-w- c:\windows\system32\OEMLOGO.bmp
2009-10-22 05:44:17 2 ----a-w- C:\AUDIT_INSTALL_IN_PROGRESS
2009-10-22 05:36:42 0 d-----w- c:\windows\system32\ReinstallBackups
2009-10-22 05:30:14 2 --sh--r- C:\USER
2009-10-22 05:30:14 0 ----a-w- C:\REQUEST_OEMRESET_ENDUSER
2009-10-22 05:29:28 0 d-----w- c:\program files\CONEXANT
2009-10-22 05:15:47 0 d-----w- c:\windows\creator
2009-10-22 05:13:51 13824 ----a-w- c:\windows\system32\wowfaxui.dll
2009-10-22 05:12:57 77890 ----a-w- c:\windows\system32\usrdpa.dll
2009-10-22 05:11:55 147968 ----a-w- c:\windows\system32\mdwmdmsp.dll
2009-10-22 05:10:59 42240 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS
2009-10-22 05:10:58 41088 ----a-w- c:\windows\system32\drivers\SISAGP.SYS
2009-10-22 05:10:58 14080 ----a-w- c:\windows\system32\drivers\CmBatt.sys
2009-10-22 05:10:57 43008 ----a-w- c:\windows\system32\drivers\AMDAGP.SYS
2009-10-22 05:10:57 42752 ----a-w- c:\windows\system32\drivers\ALIM1541.SYS
2009-10-22 05:10:56 44928 ----a-w- c:\windows\system32\drivers\AGPCPQ.SYS
2009-10-22 05:10:56 42368 ----a-w- c:\windows\system32\drivers\AGP440.SYS
2009-10-22 05:10:55 52224 ----a-w- c:\windows\system32\dmutil.dll
2009-10-22 05:10:49 47104 ----a-w- c:\windows\system32\cnbjmon.dll
2009-10-22 05:05:25 0 d-----w- C:\My Backup -- 09-10-21 1005PM
==================== Find3M ====================
2009-10-22 06:00:57 29184 ----a-w- c:\windows\system32\drivers\goprot51.sys
2009-09-25 05:49:02 668672 ----a-w- c:\windows\system32\wininet.dll
2009-09-25 05:48:59 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-11 14:33:52 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 20:45:26 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:16:37 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-14 12:19:41 1850112 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 12:49:12.45 ===============
----------------------------------------------------------------
KLSICO78's Avatar
Junior Member with 5 posts.
  
Join Date: Nov 2009
Experience: Einstein
11-Nov-2009, 04:59 PM #4
Here is the 3rd file (the Attach.txt):


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-10-26.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/21/2009 11:26:43 PM
System Uptime: 11/11/2009 12:44:46 PM (0 hours ago)
Motherboard: Intel Corporation | | D945GCZ
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | J3E1 | 2799/200mhz
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | J3E1 | 2799/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 228 GiB total, 176.14 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 2.118 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP1: 10/21/2009 11:26:46 PM - System Checkpoint
RP2: 10/22/2009 3:00:14 AM - Software Distribution Service 3.0
RP3: 10/22/2009 11:39:51 AM - Software Distribution Service 3.0
RP4: 10/22/2009 8:24:44 PM - Installed Online Vegas Casino
RP5: 10/22/2009 8:36:28 PM - Removed Online Vegas Casino
RP6: 10/23/2009 1:03:31 AM - Software Distribution Service 3.0
RP7: 10/24/2009 1:55:47 AM - System Checkpoint
RP8: 10/24/2009 3:00:15 AM - Software Distribution Service 3.0
RP9: 10/25/2009 1:53:23 PM - System Checkpoint
RP10: 10/26/2009 2:05:27 PM - System Checkpoint
RP11: 10/27/2009 5:23:58 PM - System Checkpoint
RP12: 10/28/2009 5:24:32 PM - System Checkpoint
RP13: 10/29/2009 5:38:20 PM - System Checkpoint
RP14: 10/30/2009 6:00:23 PM - System Checkpoint
RP15: 10/31/2009 6:57:36 PM - System Checkpoint
RP16: 11/1/2009 7:44:45 PM - System Checkpoint
RP17: 11/2/2009 8:44:18 PM - System Checkpoint
RP18: 11/3/2009 9:05:41 PM - System Checkpoint
RP19: 11/4/2009 4:00:13 AM - Software Distribution Service 3.0
RP20: 11/5/2009 4:13:59 AM - System Checkpoint
RP21: 11/5/2009 5:53:07 PM - Installed Free Ride Games Player
RP22: 11/6/2009 7:57:04 PM - System Checkpoint
RP23: 11/7/2009 9:40:32 PM - System Checkpoint
RP24: 11/8/2009 10:00:53 PM - System Checkpoint
RP25: 11/9/2009 10:41:10 PM - System Checkpoint
RP26: 11/10/2009 1:07:00 PM - Removed WeatherBug
RP27: 11/11/2009 3:00:13 AM - Software Distribution Service 3.0
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0
ALOT Toolbar
America Online (Choose which version to remove)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection
AOL You've Got Pictures Screensaver
BigFix
Browser Address Error Redirector
Crawler Smileys
Crawler Toolbar
Digital Media Reader
DVD Solution
FATE
Free Ride Games Player
Gateway Game Console
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
gtw_logo
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB895953)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB914906)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Inbox Toolbar
Insaniquarium® Deluxe
Intel Audio Studio 2.0
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections Drivers
Intel(R) Quick Resume Technology Drivers
Intel® Viiv™ Software
J2SE Runtime Environment 5.0 Update 2
Living Marine Aquarium 2 Full Screen Saver
Magic Encyclopedia
Malwarebytes' Anti-Malware
McAfee Security Scan
McAfee Uninstall Wizard
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft Money 2006
Microsoft Office Standard Edition 2003
Microsoft Works
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Multimedia Keyboard Driver
Napster
Napster Burn Engine
Power2Go 4.0
PowerDVD
QuickTime
RealPlayer Basic
RebateInformer
Recovery Software Suite Gateway
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SigmaTel Audio
Soft Data Fax Modem with SmartCP
Sonic Encoders
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB925720)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
Web Games Player Plugin
WebFldrs XP
WildTangent Web Driver
Windows Genuine Advantage Validation Tool
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Media Center Edition 2005 KB914548
Windows XP Media Center Edition 2005 KB973768
Winferno Registry Power Cleaner
Yahoo! Toolbar
==== End Of File ===========================
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
12-Nov-2009, 04:26 PM #5
how is everything running?
KLSICO78's Avatar
Junior Member with 5 posts.
  
Join Date: Nov 2009
Experience: Einstein
12-Nov-2009, 07:42 PM #6
Well, I certainly do not see those ugly windows popping up. I think what you have helped with must have done the trick. I also did a defrag ( I DO know how to do some things )
I would like to go into 'msconfig' then to the 'startup tab' and uncheck some checked items. Wouldn't that stop many of the icons in the system tray that I rarely use ? Maybe I should make a new post in a different forum before tinkering, yes ? Not sure which one though.
I want to thank you very much and I will be going to the Donate link so I can send you folks something.
Any advice on the above msconfig thing ?

KLSICO78
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
12-Nov-2009, 08:33 PM #7
Instead of using msconfig, its better to just delete these from the registry.

Open Notepad, copy and paste the following into Notepad
Code:
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"=-
"readericon"=-
"HostManager"=-
"Recguard"=-
"CSmileys"=-
"Exetender"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
"RebateInformer"=-
"CSmileys"=-
"Weather"=-
"Exetender"=-
Save it to your desktop as fix.reg, Save File type as All.

Double-Click on fix.reg and allow it to be merged into Windows Registry. Reboot your computer. That shall speed it up some.
__________________
Microsoft Valuable Professional Consumer--Security 2007-2010
Please make a donation to keep the site running. All proceeds go directly to the site!!! Donate Here
Last edited by sjpritch25; 15-Nov-2009 at 09:35 PM..
KLSICO78's Avatar
Junior Member with 5 posts.
  
Join Date: Nov 2009
Experience: Einstein
13-Nov-2009, 08:14 PM #8
Before I perform this task...a couple quick questions:

By performing this step, this will stop these things from starting up when I boot by removing them from the system tray, but not delete them from the computer, right ?

2nd question:
Please don't take this as questioning your expertise, but by including
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
it's ok to include this because this is a Microsoft thingie ) ?

Just a little paranoia from a computer newbie LOL

KLSICO
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
15-Nov-2009, 09:36 PM #9
that is just a registry key.

We are just deleting these values under that key,etc

"RebateInformer"

That is a value that will be removed from startup.
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 03:22 AM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.