1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Please double check my work...

Discussion in 'Virus & Other Malware Removal' started by skydixon, Jul 18, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    Hi,

    First: I don't get on here much, because I'm just enough of a nerd/geek to learn what to do by just reading the security threads when I have an issue. I have also successfully made use of the >regedit< feature to remove trace/remnant files of certain programs and not crashed my machine. Recently I acquired something called>pools.exe<. I've done all the stuff one of the Sr. Members told 'hepher' to do and some other person as well. I ran the Vundo Fix and it came up totally clean, so you won't find a log file from that. You also won't find the >pools.exe< in the hjt log because I checked it and fixed it. The hjt log below is from after making the hjt uninstall list. My NOD32 would not allow >smitfraud< to download...but I'm not so sure I'm going to need it, so I left off trying to get it by turning off NOD32. I am posting all other scan logs below so you can tell me if I cleaned my machine adequately or not. I believe I have. (y)

    Secondly: In my hijack this uninstall list you will find an absence of windows updates. The reason is that every time I get those they jam up my machine.:confused: I have lock-ups and all kinds of annoying anomalies...so I did a fresh OS reload approx. a month ago, after installing a new motherboard into my PC case.

    So that makes my second question thus...if you can tell me how to have XP SP2 and IE 7
    and the updates without them locking up my system that would be a wonderful thing!? :rolleyes:

    [[The big thing is that I use myspace to stay in touch with family and friends and share photos, and with all the updates, IE7 and SP2 the site ALWAYS locks up and the quicktime videos never play and some pictures never display. I'm sure it's all the windows security updates and root certificate updates. :) For now, everything seems to be clean working, with the exception of having gotten the >pools.exe< which I'd like to avoid in the future. Plz tell me how.]]

    Peace ya'll,
    ~sKy~

    "Dee" - 2007-07-18 14:58:34 - ComboFix 07-07-14.6 - Service Pack 1 NTFS


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\poolsv.exe


    ((((((((((((((((((((((((( Files Created from 2007-06-18 to 2007-07-18 )))))))))))))))))))))))))))))))


    2007-07-18 14:58 51,200 --a------ C:\WINDOWS\nircmd.exe
    2007-07-18 14:57 1,175,043 --a------ C:\Program Files\ComboFix.exe
    2007-07-18 14:07 <DIR> d-------- C:\VundoFix Backups
    2007-07-18 13:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
    2007-07-18 13:23 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
    2007-07-18 13:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2007-07-18 13:23 <DIR> d-------- C:\DOCUME~1\Dee\APPLIC~1\SUPERAntiSpyware.com
    2007-07-18 13:20 109,056 --a------ C:\Program Files\VundoFix.exe
    2007-07-12 18:19 <DIR> d-------- C:\Program Files\Lavasoft
    2007-07-12 18:12 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
    2007-07-09 21:25 <DIR> d-------- C:\Program Files\MP3 Audio Converter
    2007-07-09 20:39 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll
    2007-07-07 20:26 <DIR> d-------- C:\Program Files\QuickTime
    2007-07-07 20:25 <DIR> d-------- C:\DOCUME~1\Dee\APPLIC~1\Apple Computer
    2007-07-01 12:55 <DIR> d-------- C:\WINDOWS\DCI
    2007-07-01 12:53 54,784 --a------ C:\WINDOWS\system32\Inetwh32.dll
    2007-07-01 12:53 47,104 --a------ C:\WINDOWS\system32\Wh2Robo.dll
    2007-07-01 12:53 317,952 --a------ C:\WINDOWS\system32\Roboex32.dll
    2007-07-01 12:53 <DIR> d-------- C:\Program Files\Paint Shop Pro 6
    2007-06-29 14:15 110,592 --a------ C:\WINDOWS\system32\ccrpbds6.dll
    2007-06-29 14:15 1,706,800 --a------ C:\WINDOWS\system32\gdiplus.dll
    2007-06-29 14:15 <DIR> d-------- C:\Program Files\PIXresizer
    2007-06-29 13:55 <DIR> d-------- C:\Program Files\2nd Story Software
    2007-06-26 13:15 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
    2007-06-26 13:14 <DIR> d-------- C:\Program Files\Snapshot Viewer
    2007-06-26 13:05 <DIR> d-------- C:\WINDOWS\ShellNew
    2007-06-26 13:03 <DIR> d-------- C:\DOCUME~1\Dee\APPLIC~1\Microsoft Web Folders
    2007-06-25 10:34 <DIR> d-------- C:\DOCUME~1\Dee\APPLIC~1\MSN6
    2007-06-25 09:20 2,359,296 --a------ C:\DOCUME~1\Dee\ntuser.dat
    2007-06-24 22:16 <DIR> d-------- C:\Program Files\MRU-Blaster
    2007-06-24 10:22 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
    2007-06-24 10:22 298,104 --a------ C:\WINDOWS\system32\imon.dll
    2007-06-24 10:22 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
    2007-06-22 17:05 82,380 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS
    2007-06-22 17:03 <DIR> d-------- C:\Program Files\Hewlett-Packard
    2007-06-21 14:01 <DIR> d-------- C:\Program Files\Apple Software Update
    2007-06-21 14:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    2007-06-21 13:22 <DIR> d-------- C:\WINDOWS\RegisteredPackages
    2007-06-21 13:21 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll
    2007-06-21 13:21 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe
    2007-06-21 13:21 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
    2007-06-21 13:21 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe
    2007-06-21 13:21 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll
    2007-06-21 13:21 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll
    2007-06-21 13:21 76,800 --a------ C:\WINDOWS\system32\dmscript.dll
    2007-06-21 13:21 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll
    2007-06-21 13:21 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
    2007-06-21 13:21 68,096 --a------ C:\WINDOWS\system32\dsdmoprp.dll
    2007-06-21 13:21 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll
    2007-06-21 13:21 64,512 --a------ C:\WINDOWS\system32\amstream.dll
    2007-06-21 13:21 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll
    2007-06-21 13:21 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll
    2007-06-21 13:21 57,856 --a------ C:\WINDOWS\system32\dpwsockx.dll
    2007-06-21 13:21 53,248 --a------ C:\WINDOWS\system32\devenum.dll
    2007-06-21 13:21 524,800 --a------ C:\WINDOWS\system32\qedit.dll
    2007-06-21 13:21 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys
    2007-06-21 13:21 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
    2007-06-21 13:21 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
    2007-06-21 13:21 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys
    2007-06-21 13:21 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll
    2007-06-21 13:21 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe
    2007-06-21 13:21 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
    2007-06-21 13:21 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
    2007-06-21 13:21 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys
    2007-06-21 13:21 382,976 --a------ C:\WINDOWS\system32\qdvd.dll
    2007-06-21 13:21 377,856 --a------ C:\WINDOWS\system32\dpnet.dll
    2007-06-21 13:21 363,520 --a------ C:\WINDOWS\system32\dsound.dll
    2007-06-21 13:21 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll
    2007-06-21 13:21 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll
    2007-06-21 13:21 33,280 --a------ C:\WINDOWS\system32\dmloader.dll
    2007-06-21 13:21 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll
    2007-06-21 13:21 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll
    2007-06-21 13:21 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll
    2007-06-21 13:21 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe
    2007-06-21 13:21 276,480 --a------ C:\WINDOWS\system32\qdv.dll
    2007-06-21 13:21 27,136 --a------ C:\WINDOWS\system32\dmband.dll
    2007-06-21 13:21 265,728 --a------ C:\WINDOWS\system32\ddraw.dll
    2007-06-21 13:21 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll
    2007-06-21 13:21 230,400 --a------ C:\WINDOWS\system32\dplayx.dll
    2007-06-21 13:21 22,016 --a------ C:\WINDOWS\system32\dpmodemx.dll
    2007-06-21 13:21 203,264 --a------ C:\WINDOWS\system32\dpvoice.dll
    2007-06-21 13:21 194,560 --a------ C:\WINDOWS\system32\mswebdvd.dll
    2007-06-21 13:21 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll
    2007-06-21 13:21 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll
    2007-06-21 13:21 181,248 --a------ C:\WINDOWS\system32\dmime.dll
    2007-06-21 13:21 18,944 --a------ C:\WINDOWS\system32\encapi.dll
    2007-06-21 13:21 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
    2007-06-21 13:21 18,432 --a------ C:\WINDOWS\system32\dswave.dll
    2007-06-21 13:21 177,152 --a------ C:\WINDOWS\system32\qcap.dll
    2007-06-21 13:21 16,896 --a------ C:\WINDOWS\system32\msyuv.dll
    2007-06-21 13:21 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe
    2007-06-21 13:21 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
    2007-06-21 13:21 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys
    2007-06-21 13:21 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys
    2007-06-21 13:21 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys
    2007-06-21 13:21 13,312 --a------ C:\WINDOWS\system32\msdmo.dll
    2007-06-21 13:21 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll
    2007-06-21 13:21 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
    2007-06-21 13:21 104,448 --a------ C:\WINDOWS\system32\dmusic.dll
    2007-06-21 13:21 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-07-18 18:57:21 -------- d-----w C:\Program Files\microsoft frontpage
    2007-07-18 18:40:09 4,778 ----a-w C:\Program Files\hijackthis.log
    2007-06-19 19:12:26 -------- d-----w C:\Program Files\Common Files\InstallShield
    2007-06-18 03:46:25 -------- d-----w C:\DOCUME~1\Dee\APPLIC~1\ATI
    2007-06-18 03:42:45 -------- d-----w C:\Program Files\ATI Technologies
    2007-06-18 03:29:55 -------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-06-18 02:44:26 -------- d-----w C:\Program Files\Realtek Sound Manager
    2007-06-18 02:44:26 -------- d-----w C:\Program Files\AvRack
    2007-06-18 02:43:42 -------- d-----w C:\Program Files\AMD
    2007-06-18 02:43:40 -------- d-----w C:\Program Files\ULI5289
    2007-06-18 02:08:59 0 --sha-r C:\MSDOS.SYS
    2007-06-18 02:08:59 0 --sha-r C:\IO.SYS
    2007-06-18 02:08:59 0 ----a-w C:\CONFIG.SYS
    2007-06-18 02:08:59 0 ----a-w C:\AUTOEXEC.BAT
    2007-06-18 02:07:12 -------- d-----w C:\Program Files\Movie Maker
    2007-06-18 02:06:22 -------- d-----w C:\Program Files\Common Files\MSSoap
    2007-06-18 02:05:28 21,640 ----a-w C:\WINDOWS\system32\emptyregdb.dat
    2007-06-18 02:05:03 -------- d--h--w C:\Program Files\WindowsUpdate
    2007-06-18 02:05:02 -------- d-----w C:\Program Files\Online Services
    2007-06-18 02:04:57 -------- d-----w C:\Program Files\Messenger
    2007-06-18 02:04:47 -------- d-----w C:\Program Files\MSN Gaming Zone
    2007-06-18 02:04:44 -------- d-----w C:\Program Files\Windows NT
    2007-06-17 21:51:20 -------- d-----w C:\Program Files\Common Files\ODBC
    2007-06-17 21:51:15 -------- d-----w C:\Program Files\Common Files\SpeechEngines
    2007-05-18 03:57:33 43,136 ----a-w C:\WINDOWS\system32\drivers\ativvpxx.vp
    2007-05-18 01:58:58 339,968 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
    2007-05-18 01:58:04 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
    2007-05-18 01:57:53 268,288 ----a-w C:\WINDOWS\system32\ati2dvag.dll
    2007-05-18 01:57:34 2,164,736 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
    2007-05-18 01:51:01 139,264 ----a-w C:\WINDOWS\system32\atipdlxx.dll
    2007-05-18 01:50:52 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
    2007-05-18 01:50:46 42,496 ----a-w C:\WINDOWS\system32\ati2edxx.dll
    2007-05-18 01:50:34 118,784 ----a-w C:\WINDOWS\system32\ati2evxx.dll
    2007-05-18 01:49:14 479,232 ----a-w C:\WINDOWS\system32\ati2evxx.exe
    2007-05-18 01:48:26 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
    2007-05-18 01:41:03 2,922,144 ----a-w C:\WINDOWS\system32\ati3duag.dll
    2007-05-18 01:39:54 7,610,368 ----a-w C:\WINDOWS\system32\atioglx2.dll
    2007-05-18 01:30:58 1,512,960 ----a-w C:\WINDOWS\system32\ativvaxx.dll
    2007-05-18 01:30:41 972,072 ----a-w C:\WINDOWS\system32\ativva6x.dat
    2007-05-18 01:30:41 3,107,788 ----a-w C:\WINDOWS\system32\ativva5x.dat
    2007-05-18 01:30:40 3,107,788 ----a-w C:\WINDOWS\system32\ativvaxx.dat
    2007-05-18 01:19:50 5,431,296 ----a-w C:\WINDOWS\system32\atioglxx.dll
    2007-05-18 01:17:27 262,144 ----a-w C:\WINDOWS\system32\atikvmag.dll
    2007-05-18 01:16:04 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
    2007-05-18 01:15:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
    2007-05-18 01:14:21 46,592 ----a-w C:\WINDOWS\system32\atiok3x2.dll
    2007-05-18 01:10:21 368,640 ----a-w C:\WINDOWS\system32\ati2cqag.dll
    2007-05-18 01:05:00 520,192 ------w C:\WINDOWS\system32\ati2sgag.exe
    2005-02-16 15:06:16 218,112 ----a-w C:\Program Files\HijackThis.exe


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    2007-01-19 23:55 2403392 -ra------ c:\program files\google\googletoolbar2.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    2007-07-05 13:14 325048 --a------ C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ALi5289"="C:\Program Files\ULI5289\ALi5289.exe" [2005-03-10 02:56]
    "SoundMan"="SOUNDMAN.EXE" [2004-12-22 05:09 C:\WINDOWS\SOUNDMAN.EXE]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]
    "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-06-24 10:22]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
    "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 11:40]
    "DeviceDiscovery"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2002-12-02 20:56]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
    "Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2004-09-22 20:22]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-05 13:14]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 13:55]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll --a------ 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    *Newly Created Service* - SASDIFSV
    *Newly Created Service* - SASENUM
    *Newly Created Service* - SASKUTIL

    Contents of the 'Scheduled Tasks' folder
    2007-07-18 18:38:01 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    **************************************************************************

    catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-07-18 14:59:01
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-07-18 14:59:21
    C:\ComboFix-quarantined-files.txt ... 2007-07-18 14:59

    --- E O F ---
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Ad-Aware SE Personal
    Adobe Flash Player 9 ActiveX
    Adobe Flash Player 9 ActiveX
    Adobe Reader 8.1.0
    Adobe Shockwave Player
    Apple Software Update
    Athlon 64 Processor Driver
    ATI - Software Uninstall Utility
    ATI Catalyst Control Center
    ATI Display Driver
    Google Toolbar for Internet Explorer
    HijackThis 1.99.1
    hp deskjet 3600
    hp deskjet 3600 series
    HP Memories Disc
    HP Photo and Imaging 2.0 - Deskjet Series
    hp print screen utility
    Jasc Digital Camera Support Release 4.1
    Java(TM) SE Runtime Environment 6 Update 1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 2.0
    Microsoft Office 2000 SR-1 Disc 2
    Microsoft Office 2000 SR-1 Premium
    MRU-Blaster v1.5 (Database 3/28/2004)
    NOD32 Antivirus System
    Paint Shop Pro 6.02 CD
    PIXresizer 1.0.9
    QuickTime
    Realtek AC'97 Audio
    REALTEK Gigabit and Fast Ethernet NIC Driver
    Security Update for Windows XP (KB904706)
    SUPERAntiSpyware Free Edition
    ULi M5289 SATA Controller Driver
    ULi PCI to AGP Controller Driver
    Update for Windows XP (KB898461)
    Windows Installer 3.0 (KB884016)
    Windows Installer 3.1 (KB893803)
    Windows Media Format Runtime
    Windows Media Player 10
    Windows XP Hotfix - KB842773
    ZoneAlarm

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Logfile of HijackThis v1.99.1
    Scan saved at 2:49:39 PM, on 7/18/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ULI5289\ALi5289.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\HijackThis.exe

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
    O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1182446315421
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1183926908437
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\Dee\LOCALS~1\Temp\hpdj.exe (file missing)
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
  2. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Looks fine. Any problems?
     
  3. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    None...other than some funny stuff with connecting online. Seems that when I boot my computer it doesn't want to connect to the web very smoothly. My settings are all good, it just likes to hick-up before it will make the connection. It wasn't doing that until I got the >pools.exe<....but I am NOT saying they are related, because I just don't know that.

    The other thing is...who can answer this other question I mentioned before;

    >>>So that makes my second question thus...if you can tell me how to have XP SP2 and IE 7 and the updates without them locking up my system that would be a wonderful thing!?

    [[The big thing is that I use myspace to stay in touch with family and friends and share photos, and with all the updates, IE7 and SP2 the site ALWAYS locks up and the quicktime videos never play and some pictures never display. I'm sure it's all the windows security updates and root certificate updates. For now, everything seems to be clean working, with the exception of having gotten the >pools.exe< which I'd like to avoid in the future. Plz tell me how.]]<<<
     
  4. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    I'm not a big fan of myspace and I would tell you to stay out of there but I understand you wanting to keep up with family and friends. My ISP provides space to post things I want to share. Have you checked to see if your ISP does?

    I also don't like toolbars and even though Google toolbar is legit I would suggest removing it just to see if that is causing a problem.

    Do your SUPERAntiSpyware scans come back clean?
     
  5. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    Yeah...it only comes up with the same 8 or 9 tracking cookies I always get when I go to myspace. :rolleyes: If I didn't know how to keep my PC clean (with the occasional exceptions) I likely would not go on it.

    While my ISP does give me a free webpage, no one would go to it, so I use myspace. :eek: My NOD32 is the best antivirus I've ever used and the least conflicting with my software programs, so it catches all the trojans that have tried to get into my system.(y)

    The only reason I have the google toolbar is because I like it's free (and very good) pop-up blocker. So...if you know of another FREE pop-up blocker I can use that is good and trouble free, I will get rid of the google tool bar, as I don't like them either. :cool: But the google bar has been pretty good for what it is. I NEVER use any other toolbar. Too much trouble waiting to happen.

    Do you have an answer to my, previously posted, second question about the windows updates and so on?:confused:

    ~sKy~
     
  6. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Do you use auto update or go to the website to get them?
     
  7. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    Hi again,

    Here is my routine...when I am done browsing the internet this is what I do;

    I go to internet options and clean out all cookies and offline content and history.
    Then I do a disk clean up.
    Then I run my MRU blaster.
    Then I run the anti spyware program...I check for the updates as soon as I open
    it once a day. I don't like auto updates, because they interfere when I am working.
    I especially don't allow windows automatic updating as it has been really bad in the past.
    If I've done a lot with graphics on a given day, I'll defrag before I shut down.

    If my machine is still acting funny, I'll scan with HJT and fix anything I know is
    not supposed to be there. When I don't recognize something then I contact
    Tech Support Guy forum. This usually does not happen though.

    Is there another free pop-up blocker I can use besides the google toolbar version?

    ~sKy~
     
  8. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    In the last few months my updates were not working properly either, manual updates. I went into add/remove programs and removed a few of them then turned on automatic updates and they have been working fine since then. I always select custom so I can decide which one(s) I want or don't want.

    The pop-up blocker I have is very old but I like it and it's not available any more. You could start a new thread in All Other Software and I'm sure you'll get lots of suggestions.
     
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/597421

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice