1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Viruses and infected objects

Discussion in 'Virus & Other Malware Removal' started by fleur711, Nov 9, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. fleur711

    fleur711 Thread Starter

    Joined:
    Dec 28, 2003
    Messages:
    28
    I need help in removing some viruses and infected objects. I did a Kaspersky scan and it told me that I have 4 viruses and 11 infected objects. My system is running slow when opening IE home page, plus when switching to other websites.

    My Hijackthis log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:31:19 PM, on 11/9/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE
    C:\Program Files\Qurb\QSP-3.0.311.7\QOELoader.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TM1184\ControlUtility\ControlUtility.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
    C:\Program Files\Common Files\MySoftware\Newsflsh.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
    C:\WINDOWS\system32\hpoipm07.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.marketwatch.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
    O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
    O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\Qurb\QSP-3.0.311.7\QOELoader.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
    O4 - Global Startup: CreataCard Plus 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Plus\FMRMD32.EXE
    O4 - Global Startup: Dell Control Utility.lnk = ?
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: HPAiODevice(hp officejet v series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: MySoftware NewsFlash.lnk = C:\Program Files\Common Files\MySoftware\Newsflsh.exe
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166721038187
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O24 - Desktop Component 0: (no name) - http://p.webshots.com/ProThumbs/10/34610_wallpaper280.jpg
    O24 - Desktop Component 2: Intelligent Explorer[ieplugin.com] OnScreen Portal - http://active.ieplugin.com/active/?16939276

    --
    End of file - 10158 bytes

    My Kaspersky scan:

    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Thursday, November 08, 2007 9:28:55 PM
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 9/11/2007
    Kaspersky Anti-Virus database records: 454877
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    A:\
    C:\
    D:\

    Scan Statistics:
    Total number of scanned objects: 89673
    Number of viruses found: 4
    Number of infected objects: 11
    Number of suspicious objects: 0
    Duration of the scan process: 01:55:23

    Infected Object Name / Virus Name / Last Action
    C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Logs\TaskScheduler\McTskshd000.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\SupportSoft\ddoctorv2\SYSTEM\state\logs\sprtcmd.log Object is locked skipped
    C:\Documents and Settings\Gregoire\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped
    C:\Documents and Settings\Gregoire\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log Object is locked skipped
    C:\Documents and Settings\Gregoire\Application Data\GTek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAgnt.log Object is locked skipped
    C:\Documents and Settings\Gregoire\Application Data\GTek\GTUpdate\AUpdate\DellSupport\glog.log Object is locked skipped
    C:\Documents and Settings\Gregoire\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Adobe\Acrobat\8.0\Updater\updater.log Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Adobe\Updater5\aumLib.log Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Identities\{8D32DF8B-D3B8-4783-A0C5-FE37E2FC8659}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Identities\{8D32DF8B-D3B8-4783-A0C5-FE37E2FC8659}\Microsoft\Outlook Express\Inbox.dbx Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Identities\{8D32DF8B-D3B8-4783-A0C5-FE37E2FC8659}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Identities\{8D32DF8B-D3B8-4783-A0C5-FE37E2FC8659}\Microsoft\Outlook Express\Pop3uidl.dbx Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Qurb3\Express\MsgInfo.dat Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\Qurb3\Express\Qurb.qdb Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Application Data\SupportSoft\ddoctorv2\Gregoire\state\logs\sprtcmd.log Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\History\History.IE5\MSHist012007110820071109\index.dat Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Temp\AcrBC3C.tmp Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Temp\~DFA5B2.tmp Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Temp\~DFA5D6.tmp Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Temp\~DFCBA2.tmp Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Temp\~DFCBCE.tmp Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
    C:\Documents and Settings\Gregoire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Gregoire\ntuser.dat Object is locked skipped
    C:\Documents and Settings\Gregoire\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
    C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
    C:\System Volume Information\catalog.wci\00010003.ci Object is locked skipped
    C:\System Volume Information\catalog.wci\00010003.dir Object is locked skipped
    C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
    C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
    C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
    C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1472\change.log Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\extract.exe/systb.dll Infected: not-a-virus:AdWare.Win32.ImiBar.f skipped
    C:\WINDOWS\extract.exe CAB: infected - 1 skipped
    C:\WINDOWS\extract.exe MimarSinan: infected - 1 skipped
    C:\WINDOWS\extract.exe UPX: infected - 1 skipped
    C:\WINDOWS\launcher.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.ac skipped
    C:\WINDOWS\msbbi.exe/msbb.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
    C:\WINDOWS\msbbi.exe CAB: infected - 1 skipped
    C:\WINDOWS\msbbi.exe MimarSinan: infected - 1 skipped
    C:\WINDOWS\msbbi.exe UPX: infected - 1 skipped
    C:\WINDOWS\onemx.exe/data0002 Infected: not-a-virus:AdWare.Win32.BookedSpace.b skipped
    C:\WINDOWS\onemx.exe NSIS: infected - 1 skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
    C:\WINDOWS\WIASERVC.LOG Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.

    Thank you in advance for your help.
     
  2. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Run HJT again and put a check in the following:

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)

    Close all applications and browser windows before you click "fix checked".



    Please download the OTMoveIt by OldTimer.
    • Save it to your desktop.
    • Please double-click OTMoveIt.exe to run it.
    • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

      C:\WINDOWS\extract.exe
      C:\WINDOWS\launcher.exe
      C:\WINDOWS\msbbi.exe
      C:\WINDOWS\onemx.exe


    • Return to OTMoveIt, right click on the "Paste List of Files/Folders to be moved" window and choose Paste.
    • Click the red Moveit! button.
    • Close OTMoveIt
    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


    Download and scan with SUPERAntiSypware Free for Home Users
    • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
    • Under "Configuration and Preferences", click the Preferences button.
    • Click the Scanning Control tab.
    • Under Scanner Options make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Scan for tracking cookies.
      • Terminate memory threats before quarantining.
    • Click the "Close" button to leave the control center screen.
    • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan.
    • Click "Next" to start the scan. Please be patient while it scans your computer.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes".
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click Preferences, then click the Statistics/Logs tab.
      • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
      • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
      • Please copy and paste the Scan Log results in your next reply.
    • Click Close to exit the program.
     
  3. fleur711

    fleur711 Thread Starter

    Joined:
    Dec 28, 2003
    Messages:
    28
    SuperAntiSpyware log:

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 11/09/2007 at 10:01 PM

    Application Version : 3.9.1008

    Core Rules Database Version : 3341
    Trace Rules Database Version: 1342

    Scan type : Complete Scan
    Total Scan Time : 03:29:09

    Memory items scanned : 470
    Memory threats detected : 0
    Registry items scanned : 6450
    Registry threats detected : 19
    File items scanned : 84473
    File threats detected : 152

    Unclassified.Unknown Origin
    HKU\S-1-5-21-431365155-1793449621-4194602888-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{FE6BC4EF-5676-484B-88AE-883323913256}

    Adware.Tracking Cookie
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][9].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][3].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][8].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected]ads.as4x.tmcs[1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][3].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][7].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected]omniture[2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected]
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][4].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][10].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][5].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected]
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][11].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected]
    C:\Documents and Settings\Gregoire\Cookies\[email protected][6].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][2].txt
    C:\Documents and Settings\Gregoire\Cookies\[email protected][1].txt

    Adware.WebNexus
    HKU\S-1-5-21-431365155-1793449621-4194602888-1006\Software\intexp

    Adware.BookedSpace
    C:\WINDOWS\bsx32\WSMSI2.bsx
    C:\WINDOWS\bsx32\XTFL2.bsx
    C:\WINDOWS\bsx32
    HKCR\TypeLib\{0DC5CD7C-F653-4417-AA43-D457BE3A9622}
    HKCR\TypeLib\{0DC5CD7C-F653-4417-AA43-D457BE3A9622}\1.0
    HKCR\TypeLib\{0DC5CD7C-F653-4417-AA43-D457BE3A9622}\1.0\0
    HKCR\TypeLib\{0DC5CD7C-F653-4417-AA43-D457BE3A9622}\1.0\0\win32
    HKCR\TypeLib\{0DC5CD7C-F653-4417-AA43-D457BE3A9622}\1.0\FLAGS
    HKCR\TypeLib\{0DC5CD7C-F653-4417-AA43-D457BE3A9622}\1.0\HELPDIR
    HKCR\Interface\{05080E6B-A88A-4CFD-8C3D-9B2557670B6E}
    HKCR\Interface\{05080E6B-A88A-4CFD-8C3D-9B2557670B6E}\ProxyStubClsid
    HKCR\Interface\{05080E6B-A88A-4CFD-8C3D-9B2557670B6E}\ProxyStubClsid32
    HKCR\Interface\{05080E6B-A88A-4CFD-8C3D-9B2557670B6E}\TypeLib
    HKCR\Interface\{05080E6B-A88A-4CFD-8C3D-9B2557670B6E}\TypeLib#Version
    HKCR\AppId\{0DC5CD7C-F653-4417-AA43-D457BE3A9622}

    Adware.IEPlugin
    HKCR\Interface\{E4458B4A-6149-4450-84F2-864ADB7E8C52}
    HKCR\Interface\{E4458B4A-6149-4450-84F2-864ADB7E8C52}\ProxyStubClsid
    HKCR\Interface\{E4458B4A-6149-4450-84F2-864ADB7E8C52}\ProxyStubClsid32
    HKCR\Interface\{E4458B4A-6149-4450-84F2-864ADB7E8C52}\TypeLib
    HKCR\Interface\{E4458B4A-6149-4450-84F2-864ADB7E8C52}\TypeLib#Version

    Adware.eXactAdvertising-Installer
    C:\_OTMOVEIT\MOVEDFILES\WINDOWS\EXTRACT.EXE
    C:\_OTMOVEIT\MOVEDFILES\WINDOWS\MSBBI.EXE
     
  4. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Please post your hijackthis log again.


    How is it running now? Any problems?
     
  5. fleur711

    fleur711 Thread Starter

    Joined:
    Dec 28, 2003
    Messages:
    28
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:48:44 PM, on 11/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE
    C:\Program Files\Qurb\QSP-3.0.311.7\QOELoader.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\TM1184\ControlUtility\ControlUtility.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
    C:\Program Files\Common Files\MySoftware\Newsflsh.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
    C:\WINDOWS\system32\hpoipm07.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Intuit\QuickBooks 2006\qbw32.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\axlbridge.exe
    C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgr.exe
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    C:\Program Files\Microsoft Works\MSWorks.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.marketwatch.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
    O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
    O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\Qurb\QSP-3.0.311.7\QOELoader.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
    O4 - Global Startup: CreataCard Plus 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Plus\FMRMD32.EXE
    O4 - Global Startup: Dell Control Utility.lnk = ?
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: HPAiODevice(hp officejet v series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: MySoftware NewsFlash.lnk = C:\Program Files\Common Files\MySoftware\Newsflsh.exe
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166721038187
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O24 - Desktop Component 0: (no name) - http://p.webshots.com/ProThumbs/10/34610_wallpaper280.jpg
    O24 - Desktop Component 2: Intelligent Explorer[ieplugin.com] OnScreen Portal - http://active.ieplugin.com/active/?16939276

    --
    End of file - 10341 bytes

    My system is still not up to full speed, the IE homepage takes about 10 seconds to fully open. Could the pop-up blocker have anything to do with the slowdown? Or the McAfee program? The M icon in the lower right corner is Black and says virusscan is disabled.
     
  6. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    What version of McAfee do you have? Is it an off the shelf version?

    Right click on the McAfee icon and go to About... tell me what you see on the about screen.


    Go to add/remove programs and remove these if you did not install them:
    ViewpointService
    Viewpoint Manager
     
  7. fleur711

    fleur711 Thread Starter

    Joined:
    Dec 28, 2003
    Messages:
    28
    About screen:
    For Virusscan:
    Build: 10.0.27
    Engine version: 5100
    DAT Version: 5160
    DAT file created: 11/9/2007

    For Firewall:
    Build: 7.1.113

    My Hijackthis file:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:40:23 PM, on 11/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE
    C:\Program Files\Qurb\QSP-3.0.311.7\QOELoader.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\TM1184\ControlUtility\ControlUtility.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
    C:\Program Files\Common Files\MySoftware\Newsflsh.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
    C:\WINDOWS\system32\hpoipm07.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    C:\Program Files\Microsoft Works\MSWorks.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.marketwatch.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
    O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
    O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\Qurb\QSP-3.0.311.7\QOELoader.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: CreataCard Plus 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Plus\FMRMD32.EXE
    O4 - Global Startup: Dell Control Utility.lnk = ?
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: HPAiODevice(hp officejet v series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: MySoftware NewsFlash.lnk = C:\Program Files\Common Files\MySoftware\Newsflsh.exe
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166721038187
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    O24 - Desktop Component 0: (no name) - http://p.webshots.com/ProThumbs/10/34610_wallpaper280.jpg
    O24 - Desktop Component 2: Intelligent Explorer[ieplugin.com] OnScreen Portal - http://active.ieplugin.com/active/?16939276

    --
    End of file - 9862 bytes
     
  8. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Right click on the McAfee icon in the system tray again, Enable on Access Scan. Does that get it working again?
     
  9. fleur711

    fleur711 Thread Starter

    Joined:
    Dec 28, 2003
    Messages:
    28
    No, it stays on disable for virusscan, personal firewall is enabled.
     
  10. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    I would remove and reinstall it. Make sure you restart the machine after the removal.
     
  11. fleur711

    fleur711 Thread Starter

    Joined:
    Dec 28, 2003
    Messages:
    28
    I have removed McAfee entirely and did not re-install, re-started computer and it is still as slow as ever. Could it possibly be something with my Comcast digital modem? Or just not emough memory on my computer? Local disk used space 21.4GB, free space 34.4GB.
     
  12. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
  13. fleur711

    fleur711 Thread Starter

    Joined:
    Dec 28, 2003
    Messages:
    28
    I just reset the modem.
    I do have a router but I do not use it, it is not currentlyplugged in to the computer but the software is still loaded: Dell TM1184 Wireless router control utility & Dell Trumobile wireless USB. Should I remove one or both of these programs?
    Speedtest results:

    City Down Up
    Seattle 5970 1576
    San Francisco 5702 1541
    Los Angeles 5503 1570
    Dallas 7775 1578
    Chicago 11801 1513
    Atlanta 11373 1587
    NY City 11822 1340
    Wash DC 13247 1593
     
  14. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    I don't think uninstalling the software will make any difference.

    Your upload speed looks pretty slow. I think I would give your ISP a call and see what they think.
     
  15. fleur711

    fleur711 Thread Starter

    Joined:
    Dec 28, 2003
    Messages:
    28
    I asked my ISP (Comcast) about my upload speed and they said it was fine.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/649855

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice