1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

win32/bettlenet.be virus

Discussion in 'Virus & Other Malware Removal' started by mesmrize76, Jul 11, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. mesmrize76

    mesmrize76 Thread Starter

    Joined:
    Jul 11, 2007
    Messages:
    9
    I am writing because my moms computer has been infected with this virus..upon running virus scan 63 files were infected and purged. The virus was win32/bettlnet.be I have not found anything yet to rectify problems created. Many programs are not working on her computer now and it will not connect to the internet. Dell and comcast spent several hours trying to help and nothing. Upon start up she gets an error message....(all RUNDELL
    error loading c:\program files\ wild tangent\apps\cda
    cda engine 0400.Dll
    The specified module cannot be found )
    Any help would be greatly appreciated. I know she is limited because she cant connect to the internet, but I can so maybe I can download something for her to possibly repair things. In some of the reading I have done it looks like maybe the answer might be registry repair?? I dont know.
    Thanks for help
    Tria
     
  2. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Hi, Welcome to TSG!!


    Click here to download HJTInstall.exe
    • Save HJTInstall.exe to your desktop.
    • Doubleclick on the HJTInstall.exe icon on your desktop.
    • By default it will install to C:\Program Files\Trend Micro\HijackThis .
    • Click on Install.
    • It will create a HijackThis icon on the desktop.
    • Once installed, it will launch Hijackthis.
    • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
     
  3. mesmrize76

    mesmrize76 Thread Starter

    Joined:
    Jul 11, 2007
    Messages:
    9
    This problem is on my moms computer and she has NO access to internet right now, because of the virus. Is there something I can download and somehow put on a disc for her to help?? Would you be willing to help her over the phone?
    Thank you
     
  4. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    You can download hijackthis to a floppy, cd or thumb drive (what ever you have). It's a small program. I won't know what else to have you use until I can see the log.

    Sorry.... no phone support.
     
  5. mesmrize76

    mesmrize76 Thread Starter

    Joined:
    Jul 11, 2007
    Messages:
    9
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:04:28 PM, on 7/16/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\Program Files\Common Files\AOL\1103096110\ee\services\safetyCore\ver210_5_2_1\aolavupd.exe
    C:\WINDOWS\SYSTEM32\Brmfrmps.exe
    C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
    C:\Program Files\mcafee.com\personal firewall\MPFService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\AOL\1103096110\ee\aolsoftware.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\AOL\1103096110\ee\aolsoftware.exe
    C:\Program Files\mcafee.com\antivirus\oasclnt.exe
    C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXE
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
    C:\Program Files\Common Files\AOL\1103096110\ee\SSCEvtHdlr.exe
    C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
    C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
    C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe
    C:\Program Files\Common Files\AOL\1103096110\ee\services\safetyCore\ver210_5_2_1\AOLSP Scheduler.exe
    C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\MySpace\IM\MySpaceIM.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\CASIO\Photo Loader\Plauto.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: (no name) - {78B99003-748F-4167-A5AD-634E4278AF6D} - (no file)
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Seekmo Toolbar - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\SkHostIE.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: Seekmo Toolbar - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\SkHostIE.dll
    O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
    O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1103096110\ee\SSCRun.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
    O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [KEMailKb] C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXE
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1103096110\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
    O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
    O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe"
    O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1103096110\ee\services\safetyCore\ver210_5_2_1\AOLSP Scheduler.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Long First] C:\DOCUME~1\Doug\APPLIC~1\LOUDMO~1\Bold army.exe
    O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Felix2.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1 (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [Long First] C:\DOCUME~1\Doug\APPLIC~1\LOUDMO~1\Bold army.exe (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Felix2.exe (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
    O4 - S-1-5-21-3104627792-2314056518-1482336913-1010 Startup: Easy CD Creator.lnk = ? (User '?')
    O4 - S-1-5-21-3104627792-2314056518-1482336913-1010 Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE (User '?')
    O4 - Startup: Easy CD Creator.lnk = ?
    O4 - Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: CreataCard Plus 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Plus\fmrmd32.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Photo Loader supervisory.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omaha/omaha-ob-assets.cab
    O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.9.1.32/aces/aces-en_US.cab
    O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.8.4.51/blackjack/blackjack-en_US.cab
    O16 - DPF: Blooop by pogo - http://game1.pogo.com/applet-6.8.0.32/cascade/cascade-en_US.cab
    O16 - DPF: Bowling by pogo - http://game1.pogo.com/applet-6.8.2.23/bowling/bowling-en_US.cab
    O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.9.0.61/canasta/canasta-en_US.cab
    O16 - DPF: Chess by pogo - http://game1.pogo.com/applet-6.8.0.32/chess2/chess2-en_US.cab
    O16 - DPF: Command and Conquer Comanche by pogo - http://ccstrike.pogo.com/applet-5.8.2.19/ccstrike/ccstrike-ob-assets.cab
    O16 - DPF: Dice City Roller by pogo - http://game1.pogo.com/applet-6.9.0.43/ytz/ytz-en_US.cab
    O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.8.1.30/firstclass2/firstclass2-en_US.cab
    O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.9.0.43/superbingo/superbingo-en_US.cab
    O16 - DPF: Hangman Hijinks by pogo - http://game1.pogo.com/applet-6.9.2.22/hangman/hangman-en_US.cab
    O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.8.2.23/harvest/harvest-en_US.cab
    O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.8.4.51/drawpoker/drawpoker-en_US.cab
    O16 - DPF: Hog Heaven Slots by pogo - http://game1.pogo.com/applet-6.9.1.38/fancy/fancy-en_US.cab
    O16 - DPF: Its Outta Here 2 by pogo - http://itsout.pogo.com/applet/itsoutofhere/itsoutofhere-ob-assets.cab
    O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.8.4.51/jigsaw/jigsaw-en_US.cab
    O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.7.5.28/gin2/gin2-en_US.cab
    O16 - DPF: Lost Temple Poker by pogo - http://game1.pogo.com/applet-6.7.5.28/mhpoker/mhpoker-en_US.cab
    O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.8.4.51/lottso/lottso-en_US.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.9.1.32/mahjong/mahjong-en_US.cab
    O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.7.1.33/mlslots/mlslots-en_US.cab
    O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.9.0.43/paigow/paigow-en_US.cab
    O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.9.0.43/freecell/freecell-en_US.cab
    O16 - DPF: Payday Freecell Solitaire by pogo - http://game1.pogo.com/applet-6.9.2.22/freecell2/freecell2-en_US.cab
    O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.9.2.22/waterwheel/waterwheel-en_US.cab
    O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.8.3.22/flinger/flinger-en_US.cab
    O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.6.5.22/popfu/popfu-en_US.cab
    O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.9.1.32/poppazoppa/poppazoppa-en_US.cab
    O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.9.0.43/poppit2/poppit2-en_US.cab
    O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.7.4.35/hotstreak/hotstreak-en_US.cab
    O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.9.2.33/squares/squares-en_US.cab
    O16 - DPF: Shuffle Bump by pogo - http://game1.pogo.com/applet-6.8.3.22/puck/puck-en_US.cab
    O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.2.1.41/spades/spades-ob-assets.cab
    O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.8.0.32/spider/spider-en_US.cab
    O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.8.4.51/squelchies/squelchies-en_US.cab
    O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.9.2.33/stax/stax-en_US.cab
    O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.8.2.23/sweeper/sweeper-en_US.cab
    O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.8.3.35/sweettooth/sweettooth-en_US.cab
    O16 - DPF: Top Down Baseball by pogo - http://topdown02.pogo.com/applet/topdown/topdown-ob-assets.cab
    O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.8.4.51/peaks/peaks-en_US.cab
    O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.3.1.26/jumbee/jumbee-ob-assets.cab
    O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.2.3.36/turbo21/turbo21-ob-assets.cab
    O16 - DPF: Turbo 21 v2 by pogo - http://game1.pogo.com/applet-6.8.4.51/turbo22/turbo22-en_US.cab
    O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/applet-6.7.2.24/memories/memories-en_US.cab
    O16 - DPF: Word Craft by pogo - http://game1.pogo.com/applet-6.8.3.35/babble/babble-en_US.cab
    O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.7.0.32/wordwhomp2/whomp2-en_US.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.8.4.51/whackdown/whackdown-en_US.cab
    O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.7.0.40/wordjong/wordjong-en_US.cab
    O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.7.1.33/worldclass/worldclass-en_US.cab
    O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://courses.mindleaders.com/dpec/shared/cabs/awswaxf.cab
    O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://ezgreets.aavalue.com/EZG/Toolbar/ezg-toolbar.cab
    O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldwinner.com/games/shared/dephlp.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132259816843
    O16 - DPF: {75565ED2-1560-4F15-B841-20358DE6A0D1} (ImageControl Class) - http://content.ancestry.families.aol.com/asfiles/files/install/MFImgVwr.cab
    O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/ghtumblebugs/axhost.cab
    O16 - DPF: {A221AC20-294F-11D5-890B-0090278F1040} (ygsm Class) - http://phone.yahoo.com/plugin/ygsmcom7.cab
    O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cab
    O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://www.imgag.com/cp/install/Crusher.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://playweb13.pogo.com/game/deluxe/insaniquarium/popcaploader_v6.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O20 - Winlogon Notify: compv2 - C:\WINDOWS\SYSTEM32\compv2.dll
    O22 - SharedTaskScheduler: (no name) - {C569B8DA-D929-4c57-9ADD-C071C13C1FAD} - (no file)
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: AOL Antivirus Update Service (aolavupd) - AOL LLC - C:\Program Files\Common Files\AOL\1103096110\ee\services\safetyCore\ver210_5_2_1\aolavupd.exe
    O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\SYSTEM32\Brmfrmps.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
    O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe

    --
    End of file - 20553 bytes

    I hope all of this means something to you. :)
     
  6. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Yes it does. :)

    Run HJT again and put a check in the following:

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R3 - URLSearchHook: (no name) - {78B99003-748F-4167-A5AD-634E4278AF6D} - (no file)
    O2 - BHO: Seekmo Toolbar - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\SkHostIE.dll
    O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
    O4 - HKCU\..\Run: [Long First] C:\DOCUME~1\Doug\APPLIC~1\LOUDMO~1\Bold army.exe
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1 (User '?')
    O4 - HKUS\S-1-5-21-3104627792-2314056518-1482336913-1010\..\Run: [Long First] C:\DOCUME~1\Doug\APPLIC~1\LOUDMO~1\Bold army.exe (User '?')
    O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
    O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://ezgreets.aavalue.com/EZG/Toolbar/ezg-toolbar.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://playweb13.pogo.com/game/deluxe/insaniquarium/popcaploader_v6.cab
    O20 - Winlogon Notify: compv2 - C:\WINDOWS\SYSTEM32\compv2.dll
    O22 - SharedTaskScheduler: (no name) - {C569B8DA-D929-4c57-9ADD-C071C13C1FAD} - (no file)

    Close all applications and browser windows before you click "fix checked".

    Run HijackThis and click Open the Misc Tools section
    • Click Open Uninstall Manager
    • Clcik the "Save list..." button
    • click on the Desktop icon or select to save the list on the desktop
    • then click save.

    Open the file and copy/paste the contents back here in your next reply.

    You have multiple anti-virus programs running, which will cause trouble. Uninstall two fo them so you only have one running. I see AOL Antivirus, CA and McAfee.
     
  7. mesmrize76

    mesmrize76 Thread Starter

    Joined:
    Jul 11, 2007
    Messages:
    9
    Adobe Acrobat 5.0
    Adobe Flash Player 9 ActiveX
    Adobe Photoshop 7.0
    Adobe Shockwave Player
    AIM 6
    AOL Coach Version 1.0(Build:20040229.1 en)
    AOL Coach Version 2.0(Build:20041026.5 en)
    AOL Connectivity Services
    AOL Deskbar
    AOL Instant Messenger
    AOL Toolbar
    AOL Uninstaller (Choose which Products to Remove)
    AOL You've Got Pictures Screensaver
    ArcSoft PhotoFantasy
    ArcSoft PhotoImpression
    ArcSoft VideoImpression 2
    Belles Beauty Boutique
    Broadcom Advanced Control Suite
    Brother MFL-Pro Suite
    CA eTrust EZ Antivirus
    Camfrog Video Chat 3.92 (remove only)
    Compaq Monitor Driver (INF) Software 3.00
    Conexant D850 56K V.9x DFVc Modem
    Conexant SmartHSFi V92 56K DF PCI Modem
    CreataCard Plus 2
    DAO
    Dell Picture Studio - Dell Image Expert
    Dell ResourceCD
    Dell Solution Center
    DellSupport
    Digital Line Detect
    Diner Dash Flo on the Go
    Easy CD Creator 5 Basic
    EPSON Printer Software
    Fairy Godmother Tycoon
    Film Factory
    FriendFinder Messenger v3.0
    Google Desktop Search
    Google Earth
    Google Toolbar for Internet Explorer
    Greeting Card Factory 2
    Greeting Card Factory Express
    HijackThis 2.0.2
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    HP Deskjet 3740
    HP Photo Printing Software
    HP Precisionscan Pro 3.1
    HP Share-to-Web
    HP Software Update
    Intel(R) Extreme Graphics Driver
    Internet Explorer Q903235
    J2SE Runtime Environment 5.0 Update 11
    J2SE Runtime Environment 5.0 Update 8
    Java(TM) SE Runtime Environment 6 Update 1
    LimeWire 4.12.11
    LiveUpdate 1.7 (Symantec Corporation)
    Logitech MouseWare 9.76
    Mattie's Math Games
    MGI PhotoSuite 4 (Remove Only)
    Micro Innovations Internet Access Elite Keyboard
    Microsoft .NET Framework (English)
    Microsoft .NET Framework (English) v1.0.3705
    Microsoft .NET Framework 1.0 Hotfix (KB886906)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB886903)
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Data Access Components KB870669
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Professional with FrontPage
    Microsoft Publisher 2002
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Windows Journal Viewer
    Modem Helper
    MSN Music Assistant
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    MySpaceIM
    Norton Spyware Scan provided by Yahoo!
    Paint Shop Pro 7
    Pando
    PC VGA Camera
    Photo Loader 2.1E
    Photohands 1.0E
    PrintMaster Gold 4.00
    Pure Networks Port Magic
    Quicken 2002 New User Edition
    QuickTime
    RealArcade
    RealPlayer Basic
    RTC Client API v1.2
    Safety and Security Center Uninstaller
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911280)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922760)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925454)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Seekmo Toolbar
    Shockwave
    Spybot - Search & Destroy 1.2
    Ten Thumbs 4.0
    The Print Shop® 6.0 Deluxe
    The Weather Channel Desktop
    Trellix Web Express Site Building
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Viewpoint Media Player
    Weather Services
    Windows Genuine Advantage v1.3.0254.0
    Windows Installer 3.1 (KB893803)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows Media Player 9 Hotfix [See KB885492 for more information]
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890047
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893086
    Windows XP Service Pack 2
    WinZip
    WordPerfect Office 2002
    WordPerfect Office 2002
    Yahoo Password
    Yahoo! Install Manager
    Yahoo! Internet Mail
    Yahoo! Messenger
    Yahoo! Toolbar



    Can I ask....what is it that we are doing? are u seeing the problems and having us remove them? Thank you
     
  8. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Yes, I see things that should be removed and I'm suggesting you remove them. :)

    Go to Add/Remove Programs and remove these:
    J2SE Runtime Environment 5.0 Update 11
    J2SE Runtime Environment 5.0 Update 8
    LimeWire 4.12.11
    Seekmo Toolbar
    Spybot - Search & Destroy 1.2
    Viewpoint Media Player



    Reboot and post another HJT log.
     
  9. mesmrize76

    mesmrize76 Thread Starter

    Joined:
    Jul 11, 2007
    Messages:
    9
    Upon trying to un install the j2se runtime enviroment programs It says....."The windows installer service could not be accessed. This can occur if you are running windows in safe mode, or if the windows installer is not correctly installed. "

    What to do now? :confused:
     
  10. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
  11. mesmrize76

    mesmrize76 Thread Starter

    Joined:
    Jul 11, 2007
    Messages:
    9
    I cant figure out what to download or where it is on the link you sent, that I can click to download the installer. sorry
     
  12. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
  13. mesmrize76

    mesmrize76 Thread Starter

    Joined:
    Jul 11, 2007
    Messages:
    9
    This download is for my moms computer, not my own. It seems from the site, that they want to verify my windows is genuine and it is an immediate download to my computer, when I need it for my moms. Can this still be done? I am sorry I feel so ignorant
    Thank you
     
  14. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Can you not access the site from "mom's" computer?
     
  15. mesmrize76

    mesmrize76 Thread Starter

    Joined:
    Jul 11, 2007
    Messages:
    9
    The whole problem with her computer is mainly it will not connect to internet or acknowledge internet connection. She has had dell and comcast help her and no one was able, so I came here.
    I did actually download this ...I think. I put it on a disk and she was unable to download it, recieved an error message. I am begining to think this is hopeless. Thank you for your help
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - win32 bettlenet virus
  1. Sumfeg
    Replies:
    0
    Views:
    1,106
  2. dreamy.dancer
    Replies:
    6
    Views:
    2,138
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/594351

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice