Mourning the loss of our friend, WhitPhil.
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
 
Windows XP
Tag Cloud
access audio black screen blue screen boot bsod connection crash dell desktop driver drivers dvd email error excel firefox hard drive hardware hijackthis internet keyboard laptop malware monitor network networking outlook problem processor recovery registry cleaner router safe mode screen slow sound spyware tdlwsp.dll trojan upgrade video virus vista vundo windows windows 7 windows vista windows xp wireless
Search
Search for:
Tech Support Guy Forums > Operating Systems > Windows XP >
Solved: Need help cleaning my computer in hopes that New Norton will run on my comput

Tip: Click here to scan for System Errors and Optimize PC performance
[ Sponsored Link ]

Page 1 of 3 1 23
 
Thread Tools
ohioscott's Avatar
Junior Member with 17 posts.
  
Join Date: Oct 2009
16-Oct-2009, 12:41 PM #1
Solved: Need help cleaning my computer in hopes that New Norton will run on my comput
I have been runing Norton Antivirus on my computer (XP). I recently renewed my subscription and since I installed the new Antivirus 2010 I have been unable to log onto Internet Explorer.

The Antivirus expert told me I have corrupt files in my computer and I need to clean my computer before Norton would run properly.

I have run some AdwARE Removal programs ad some Registry scans but I still cannot log on the internet when Norton 2010 is running.
Register for free to hide this ad!
flavallee's Avatar
Computer Specs
Trusted Advisor with 23,522 posts.
  
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
16-Oct-2009, 12:49 PM #2
First of all, stay completely away from registry cleaners/boosters/optimizers - no matter what they claim they can do. They do nothing to improve speed and performance. What they do is break certain programs and damage the operating system.

------------------------------------------------------------------

Go here and click the green icon to download HijackThis 2.0.2.

Close all open windows, then install it in its default location.

Run a scan with it - which will take 30 seconds or less.

Save the resulting log in Notepad.

Return here, then copy-and-paste the entire log here.

-----------------------------------------------------------------
ohioscott's Avatar
Junior Member with 17 posts.
  
Join Date: Oct 2009
16-Oct-2009, 01:00 PM #3
Wont be near my computr until later today. I will follow up when I am at my dektop
flavallee's Avatar
Computer Specs
Trusted Advisor with 23,522 posts.
  
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
16-Oct-2009, 01:10 PM #4
No hurry. I'm on and off the computer throughout the day.
ohioscott's Avatar
Junior Member with 17 posts.
  
Join Date: Oct 2009
16-Oct-2009, 05:10 PM #5
In the meantime I have a laptop which runs the Vista OS the printer I used from my last laptop isnt working with this one is Vista causing this problem? How can I troubleshoot effectively to find a solution?
fairnooks's Avatar
Distinguished Member with 3,785 posts.
  
Join Date: Oct 2007
Experience: Advanced
16-Oct-2009, 05:19 PM #6
Did you completely remove the old install of Norton with the Norton Removal Tool before installing 2010? I've heard that is the preferred method by far to get rid of all the old vestiges of pre-Norton 2009 that might stick around otherwise and cause problems.
ohioscott's Avatar
Junior Member with 17 posts.
  
Join Date: Oct 2009
16-Oct-2009, 07:13 PM #7
Let me first apologize, now clarify, the problem I have with the Norton is related to my desktop. It runs on XP.

However

My printer issue is related to my laptop which runs Vista, but Norton is on this one too Do you still think I should perform the command you suggested or no?

TY for responding
flavallee's Avatar
Computer Specs
Trusted Advisor with 23,522 posts.
  
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
16-Oct-2009, 07:42 PM #8
Let's stick with the desktop in this thread and not throw the laptop into the mix, or else things are going to get confusing and complicated.

---------------------------------------------------------------
ohioscott's Avatar
Junior Member with 17 posts.
  
Join Date: Oct 2009
17-Oct-2009, 02:38 PM #9
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:36:23 PM, on 10/17/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Morpheus\Morpheus.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [IPInSightLAN 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Uzoramep] rundll32.exe "C:\WINDOWS\olahobekey.dll",e
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.sbcglobal.net
O15 - Trusted Zone: http://*.sbcglobal.net
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - https://www.cchs.net/onlinelearning/...s7/awswaxd.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{105860B9-D67D-4580-84A3-BB01A61AA92F}: NameServer = 68.94.156.1,68.94.157.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{105860B9-D67D-4580-84A3-BB01A61AA92F}: NameServer = 68.94.156.1,68.94.157.1
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - file:///C:/Documents%20and%20Setting...top/Cancun.jpg
--
End of file - 8359 bytes
flavallee's Avatar
Computer Specs
Trusted Advisor with 23,522 posts.
  
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
17-Oct-2009, 07:00 PM #10
ohioscott:

Follow my instructions carefully and in the order listed.

Go here and here and click the green icon to download Malwarebytes Anti-Malware 1.41 and SUPERAntiSpyware 4.29.0.1004.

Close all open windows, then install them. Make sure to allow them to update their definition files during the install process. After they're both installed, restart your computer.

Start Malwarebytes and run a "quick scan" with it. When the scan is finished, select and allow it to fix EVERYTHING it finds, then restart your computer.

Start SUPERAntiSpyware and run a "quick scan" with it. When the scan is finished, select and allow it to fix EVERYTHING it finds, then restart your computer.

Start Malwarebytes, then click Logs(tab). Click on and highlight the log entry, then click Open. When the scan log appears in Notepad, copy-and-paste it here.

Start SUPERAntiSpyware, then click Preferences - Statistics/Logs(tab). Click on and highlight the scan log, then click View Log. When the scan log appears in Notepad, copy-and-paste it here.

-----------------------------------------------------------------

Quote:
Originally Posted by ohioscott View Post
I have been runing Norton Antivirus on my computer (XP). I recently renewed my subscription and since I installed the new Antivirus 2010 I have been unable to log onto Internet Explorer.

The Antivirus expert told me I have corrupt files in my computer and I need to clean my computer before Norton would run properly.

I have run some AdwARE Removal programs ad some Registry scans but I still cannot log on the internet when Norton 2010 is running.
Your log shows no evidence of Symantec Norton Antivirus 2010 installed and running in your computer.

-----------------------------------------------------------------

I see over 15 startup entries in your log that don't need to automatically load during startup and run in the background, but we'll deal with that later.

----------------------------------------------------------------
Last edited by flavallee : 17-Oct-2009 07:07 PM.
ohioscott's Avatar
Junior Member with 17 posts.
  
Join Date: Oct 2009
18-Oct-2009, 01:02 PM #11
From Malware

Malwarebytes' Anti-Malware 1.41
Database version: 2980
Windows 5.1.2600 Service Pack 2
10/18/2009 12:59:51 PM
mbam-log-2009-10-18 (12-59-51).txt
Scan type: Quick Scan
Objects scanned: 131845
Time elapsed: 13 minute(s), 35 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 10
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 62
Files Infected: 121
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{014da6c4-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{014da6c6-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{014da6cc-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\star ware325 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AccessMV (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\starware325 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Acce ssMV (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uzoramep (Trojan.Agent) -> Delete on reboot.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Documents and Settings\All Users\Application Data\Starware325 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Games (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Movies (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\NewsSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Weather (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Games (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Movies (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\NewsSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Weather (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware325 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware325\icons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Start Menu\Programs\AccessMV (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
Files Infected:
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\Highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\HighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\newssearchicon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\newssearchiconxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\newssearchiconxp_over.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\newssearchicon_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\Reference.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\ReferenceHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\referencehotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\referencexp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\Weather.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\weatherhotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\buttons\weatherxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\images\walertXP.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware325\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\NewsSearch\NewsSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\NewsSearch\NewsSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ScreensaversMarketingSitePager\ScreensaversMarketingSitePa gerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ScreensaversMarketingSitePager\ScreensaversMarketingSitePa gerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ScreensaversMarketingSitePager\images\active\ScreensaversM arketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hurlene\Application Data\Starware325\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\NewsSearch\NewsSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\NewsSearch\NewsSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ScreensaversMarketingSitePager\ScreensaversMarketingSitePa gerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ScreensaversMarketingSitePager\ScreensaversMarketingSitePa gerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ScreensaversMarketingSitePager\images\active\ScreensaversM arketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Starware325\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware325\brand.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware325\Starware325Config.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware325\Starware325Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware325\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Start Menu\Programs\AccessMV\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\125.crack.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\125.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\126.keygen.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\126.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\127.serial.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\127.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\128.setup.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\128.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\129.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\130.music1.mp3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\131.music2.mp3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemService32\132.music.snd.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\olahobekey.dll (Trojan.Agent) -> Delete on reboot.
ohioscott's Avatar
Junior Member with 17 posts.
  
Join Date: Oct 2009
18-Oct-2009, 01:24 PM #12
From SuperAnti Spyware:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/18/2009 at 01:15 PM
Application Version : 4.29.1004
Core Rules Database Version : 4172
Trace Rules Database Version: 2093
Scan type : Quick Scan
Total Scan Time : 00:06:11
Memory items scanned : 445
Memory threats detected : 0
Registry items scanned : 376
Registry threats detected : 0
File items scanned : 4425
File threats detected : 33
Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@content.yieldmanager[2].txt
C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt
C:\Documents and Settings\Owner\Cookies\owner@sales.liveperson[2].txt
C:\Documents and Settings\Owner\Cookies\owner@ads.techguy[1].txt
C:\Documents and Settings\Owner\Cookies\owner@dmtracker[1].txt
C:\Documents and Settings\Owner\Cookies\owner@apmebf[2].txt
C:\Documents and Settings\Owner\Cookies\owner@eyewonder[1].txt
C:\Documents and Settings\Owner\Cookies\owner@revsci[2].txt
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt
C:\Documents and Settings\Owner\Cookies\owner@collective-media[1].txt
C:\Documents and Settings\Owner\Cookies\owner@ak[2].txt
C:\Documents and Settings\Owner\Cookies\owner@50549199[2].txt
C:\Documents and Settings\Owner\Cookies\owner@1053150337[2].txt
C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt
C:\Documents and Settings\Owner\Cookies\owner@1071765850[2].txt
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt
C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt
C:\Documents and Settings\Owner\Cookies\owner@invitemedia[1].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@richmedia.yahoo[1].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@collective-media[1].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@ads.adap[2].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@ads.undertone[2].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@chitika[1].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@interclick[1].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@ad.yieldmanager[2].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@burstnet[2].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@at.atwola[2].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@yieldmanager[2].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@invitemedia[1].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@ecnext.advertserve[1].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@oasn04.247realmedia[2].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@a1.interclick[1].txt
C:\Documents and Settings\Hurlene\Cookies\hurlene@content.yieldmanager[2].txt


How BAD is it?
flavallee's Avatar
Computer Specs
Trusted Advisor with 23,522 posts.
  
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
19-Oct-2009, 09:36 AM #13
Thanks for posting the 2 scan logs. You did good.

Start HijackThis and run a scan, then post that new log here.

---------------------------------------------------------------
ohioscott's Avatar
Junior Member with 17 posts.
  
Join Date: Oct 2009
19-Oct-2009, 02:59 PM #14
From Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:55:41 PM, on 10/19/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Morpheus\Morpheus.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [IPInSightLAN 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.sbcglobal.net
O15 - Trusted Zone: http://*.sbcglobal.net
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - https://www.cchs.net/onlinelearning/...s7/awswaxd.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{105860B9-D67D-4580-84A3-BB01A61AA92F}: NameServer = 68.94.156.1,68.94.157.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{105860B9-D67D-4580-84A3-BB01A61AA92F}: NameServer = 68.94.156.1,68.94.157.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - file:///C:/Documents%20and%20Setting...top/Cancun.jpg
--
End of file - 8711 bytes
flavallee's Avatar
Computer Specs
Trusted Advisor with 23,522 posts.
  
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
19-Oct-2009, 07:19 PM #15
It looks like Malwarebytes and SUPERAntiSpyware got rid of the "nasties", so let's start working on the startup load and get it trimmed down of its unnecessary running programs and services.

Follow my instructions and take your time so you do it right and don't miss anything. It's not difficult at all.

Some of these startup names don't need to load and run at all, and others can manually be started when needed.

Note: Some of the startup names in your computer may not have .exe at the end of the file name, so be aware of that.

Click Start - Run, type in MSCONFIG and then click OK - Startup(tab).

Remove the checkmark in:

IgfxTray C:\WINDOWS\system32\igfxtray.exe

HP Software Update C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

HP Component Manager C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

HotKeysCmds C:\WINDOWS\system32\hkcmd.exe

NeroCheck C:\WINDOWS\System32\NeroCheck.exe

BJCFD C:\Program Files\BroadJump\Client Foundation\CFD.exe

KernelFaultCheck %systemroot%\system32\dumprep 0 -k

QuickTime Task C:\Program Files\QuickTime\qttask.exe

SunJavaUpdateSched C:\Program Files\Java\jre6\bin\jusched.exe

Microsoft Default Manager C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

MSMSGS C:\Program Files\Messenger\msmsgs.exe
(Note: This is the old Windows Messenger chat program that comes as part of Windows and can't be uninstalled and which noone uses anymore. Unless you go into the program's tools/options/preferences settings and disable the command that tells it to load when Windows starts, it'll keep rechecking itself in the startup list.)

swg C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

Morpheus C:\Program Files\Morpheus\Morpheus.exe

HP Image Zone Fast Start C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

Microsoft Office C:\Program Files\Microsoft Office\Office10\OSA.EXE

After you're done, click Apply - OK - Exit Without Restart.

Click Start - Run, type in SERVICES.MSC and then click OK.

Expand the services window so you can see the list clearly.

Highlight and double-click on:

Google Software Updater (gusvc) - Google

Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc.

Change the setting from "Automatic" to "Manual", then click Apply - OK.

After you're done, close the services window and restart your computer.

When the small SCU window(see screenshot) appears during restart, ignore the message. Put a checkmark in that window, then click OK.

Run a HijackThis scan, then post that new updated log here.

---------------------------------------------------------------
Attached Thumbnails
Solved: Need help cleaning my computer in hopes that New Norton will run on my comput-scu.jpg  
Reply Bookmark and Share
Page 1 of 3 1 23

Smart Search

Find your solution!


« Previous Thread | Windows XP | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.

Thread Tools


Twitter Twitter! | Podcast | Mobile | Advertise
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -5. The time now is 02:11 PM.
Copyright © 1996 - 2009 TechGuy, Inc. All rights reserved.
Powered by vBulletin, Copyright © 2000 - 2009, Jelsoft Enterprises Ltd.
 Powered by Cermak Technologies, Inc.