TheTechGuide Forum

General Category => Software => Topic started by: yadnar on December 30, 2005, 08:03:40 AM

Title: trying to fix inlaws com
Post by: yadnar on December 30, 2005, 08:03:40 AM

there is something wrong with this comp. i need some help and some suggestions. i would like to make it so the sister inlaw cant mess the comp up without her knowing that i am doing it. please help!!!!!!



sorry forgot to say what it is doing. well were to begin??

first the cpu speed is jumping like crazy, besides having 93 proceses running when i logged in, it was going from 8-12% to 30 - 75%.

long load times form user login to windows

and some other smaller things that i am taking care of right now

please help

Title: trying to fix inlaws com
Post by: yadnar on December 30, 2005, 08:37:30 AM

here is the hijack readout

Logfile of HijackThis v1.99.1
Scan saved at 7:45:00 AM, on 12/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panicware\Pop-Up Stopper Anti-Spyware\PWISVC.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\AOL\1124473693\ee\aolsoftware.exe
C:\Program Files\PC Tools AntiVirus\PCTAV.exe
C:\Program Files\Zinio\ZinioDeliveryManager.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\My On Target Forecast - Desktop\liveonline_1912818.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\AutoCAD\MicroBrew2.exe
C:\Program Files\PC Tools AntiVirus\ScanningProcess.exe
C:\Program Files\PC Tools AntiVirus\ScanningProcess.exe
C:\WINDOWS\explorer.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AIM\AIM95_c1\aim.exe
C:\Program Files\SlimBrowser\sbrowser.exe
C:\randyscomhelpdontdelet\randyscomhelpfilesdontdelet.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ksckiaxftwowsptoooajldv.com/mfA...v8PwCe8tcV.html (http://\"http://www.ksckiaxftwowsptoooajldv.com/mfA6bfLab1t9WR7WIpKKwvUHHzOMlb_JCDnV48UXN_/qrrrQ/OZ_dWv8PwCe8tcV.html\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: (no name) - {9DDBFD68-7477-222B-2F9C-BB4401B84CC0} - C:\DOCUME~1\HJB\Application Data\Atom Eq\Idle Bat.exe
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_0_0.dll
O3 - Toolbar: Pop-Up Stopper Anti-Spyware Toolbar - {E4CAA75E-9B5F-45EB-8E4E-8B743B44F171} - C:\Program Files\Panicware\Pop-Up Stopper Anti-Spyware\PWITB.DLL
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [zzzHPSETUP] F:\Setup.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRA~1\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [CleanPimp DoggIndex.dat] "C:\Program Files\JSSoftware\PrivacyHistoryEraser\CleanPimp Dogg.bat"
O4 - HKLM\..\Run: [CleanMomIndex.dat] "C:\Program Files\JSSoftware\PrivacyHistoryEraser\CleanMom.bat"
O4 - HKLM\..\Run: [CleanHJBIndex.dat] "C:\Program Files\JSSoftware\PrivacyHistoryEraser\CleanHJB.bat"
O4 - HKLM\..\Run: [MBRun] C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\MBrun.exe
O4 - HKLM\..\Run: [PbAdminACAD] C:\Program Files\Bluebeam Software\Pushbutton PDF\AutoCAD\PbMngr5.exe /install_user
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1124473693\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [CleanMestIndex.dat] "C:\Program Files\JSSoftware\PrivacyHistoryEraser\CleanMest.bat"
O4 - HKLM\..\Run: [Spyware Nuker] C:\Program Files\Spyware Nuker 2004\swn2.exe /h
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Disc Creator TBYB\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [1ClickSweep] C:\Program Files\Secure PC Solutions\1ClickSweep\1ClickSweep.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [ms-update] scvhost.exe
O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKLM\..\Run: [Privacy Inspector] C:\Program Files\PrivacyIns\privacy.exe -min
O4 - HKLM\..\Run: [for four ford grim] C:\Documents and Settings\All Users\Application Data\Proxy Meta For Four\Proxy Knob.exe
O4 - HKLM\..\RunServices: [ms-update] scvhost.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\AIM95_c1\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [PrivacyHistoryEraser] "C:\Program Files\JSSoftware\PrivacyHistoryEraser\Privacy History Eraser.exe" auto
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZinioDeliveryManager.exe /autostart
O4 - HKCU\..\Run: [Chin ante] C:\DOCUME~1\HJB\Application Data\greyonecity\bold pure show.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: My On Target Forecast - Desktop.lnk = C:\Program Files\My On Target Forecast - Desktop\liveonline_1912818.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\AIM95_c1\aim.exe
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.4.2.30/aces...s-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/aces/aces-ob-assets.cab\")
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.4.2.30/jigs...w-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/jigsaw/jigsaw-ob-assets.cab\")
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.4.2.30/lott...o-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/lottso/lottso-ob-assets.cab\")
O16 - DPF: Pirate's Gold by pogo - http://game1.pogo.com/applet-6.4.2.30/pira...d-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/piratesgold/piratesgold-ob-assets.cab\")
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.2.30/popf...u-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/popfu/popfu-ob-assets.cab\")
O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.4.2.30/popp...a-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/poppazoppa/poppazoppa-ob-assets.cab\")
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.4.2.30/popp...2-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/poppit2/poppit2-ob-assets.cab\")
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab (http://\"http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab\")
O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.4.2.30/hots...k-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/hotstreak/hotstreak-ob-assets.cab\")
O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.4.2.30/spid...r-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/spider/spider-ob-assets.cab\")
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.4.2.30/stax...x-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/stax/stax-ob-assets.cab\")
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.3.3.38/peak...s-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.3.3.38/peaks/peaks-ob-assets.cab\")
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.2.30/worl...s-ob-assets.cab (http://\"http://game1.pogo.com/applet-6.4.2.30/worldclass/worldclass-ob-assets.cab\")
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab (http://\"http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab\")
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab (http://\"http://download.games.yahoo.com/games/clients/y/pote_x.cab\")
O16 - DPF: YExplorer1_8US.CAB - http://photos.groups.yahoo.com/ocx/us/yexplorer1_8us.cab (http://\"http://photos.groups.yahoo.com/ocx/us/yexplorer1_8us.cab\")
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab\")
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab (http://\"http://housecall60.trendmicro.com/housecall/xscan60.cab\")
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab (http://\"http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab\")
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB (http://\"http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB\")
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409 (http://\"http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409\")
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} - http://www.pcpitstop.com/internet/pcpConnCheck.cab (http://\"http://www.pcpitstop.com/internet/pcpConnCheck.cab\")
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} - http://www.rovion.com/Controls/Rovion.cab?affiliate=BRANDY (http://\"http://www.rovion.com/Controls/Rovion.cab?affiliate=BRANDY\")
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} - http://www.windowsecurity.com/trojanscan/TDECntrl.CAB (http://\"http://www.windowsecurity.com/trojanscan/TDECntrl.CAB\")
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab (http://\"http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab\")
O16 - DPF: {2DAE59A1-B355-4653-8D33-33A3A8F8C078} - http://thesims.ea.com/teleport/vacation/Ma...cationTeleX.cab (http://\"http://thesims.ea.com/teleport/vacation/MaxisVacationTeleX.cab\")
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab (http://\"http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab\")
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab (http://\"http://www.snapfish.com/SnapfishActivia.cab\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab (http://\"http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab\")
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe (http://\"http://www.xblock.com/download/xclean_micro.exe\")
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab (http://\"http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab\")
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab (http://\"http://www.bitdefender.com/scan8/oscan8.cab\")
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (http://\"http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab\")
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab (http://\"http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab\")
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.bitdefender.com/scan/Msie/bitdefender.cab (http://\"http://www.bitdefender.com/scan/Msie/bitdefender.cab\")
O16 - DPF: {8629CFEB-C31A-4429-9BB0-8765A8A24FDA} - http://thesims.ea.com/teleport/unleashed/L...hedLotTeleX.cab (http://\"http://thesims.ea.com/teleport/unleashed/LOT/MaxisUnleashedLotTeleX.cab\")
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab (http://\"http://support.f-secure.com/ols/fscax.cab\")
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab (http://\"http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab\")
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} - http://community.webshots.com/html/WSPhotoUploader.CAB (http://\"http://community.webshots.com/html/WSPhotoUploader.CAB\")
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} - http://www.ravantivirus.com/scan/ravonline.cab (http://\"http://www.ravantivirus.com/scan/ravonline.cab\")
O16 - DPF: {AB1AB4F8-C30F-4FB4-A030-1C9F5513831F} (LREGameLoaderCtrl Class) - http://media.grab.com/media/6364d3/games/f...gameloader6.cab (http://\"http://media.grab.com/media/6364d3/games/files/669/lregameloader6.cab\")
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - http://www.superadblocker.com/activex/sabspx.cab (http://\"http://www.superadblocker.com/activex/sabspx.cab\")
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (http://\"http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab\")
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_6us.cab (http://\"http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6us.cab\")
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab (http://\"http://www.windowsecurity.com/trojanscan/axscan.cab\")
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab (http://\"http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab\")
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.freedom.net/viruscenter/onlinev...cabs/cssweb.cab (http://\"http://www.freedom.net/viruscenter/onlineviruscheck/cabs/cssweb.cab\")
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab36107.cab (http://\"http://zone.msn.com/bingame/zpagames/zpa_pool.cab36107.cab\")
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} -http://download.games.yahoo.com/games/web_games/gamehouse/frenzy/SproutLauncher.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab (http://\"http://zone.msn.com/binframework/v10/StProxy.cab35645.cab\")
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://i.grab.com/media/6512bd/games/files...aploader_v6.cab (http://\"http://i.grab.com/media/6512bd/games/files/1115/popcaploader_v6.cab\")
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab (http://\"http://www.pcpitstop.com/antivirus/PitPav.cab\")
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pop-Up Stopper Anti-Spyware Service (PWISVC) - Panicware, Inc. - C:\Program Files\Panicware\Pop-Up Stopper Anti-Spyware\PWISVC.EXE

Title: trying to fix inlaws com
Post by: YYZ361 on January 01, 2006, 02:50:24 PM

93 processes running????? Holy crap!
I think I'd just reinstall Windows and lock the computer in a room away from your sis-in-law...



Seriously though, I hope someone can help you. I'm not attempting this one...

Title: trying to fix inlaws com
Post by: i_and_identity on January 01, 2006, 07:34:13 PM

maybe a virus or some spyware. i would go here http://www.grisoft.com (http://\"http://www.grisoft.com\") and download AVG Antivirus to check for viruses. Then go to http://www.lavasoft.de (http://\"http://www.lavasoft.de\") and download Ad-aware SE Personal. This process C:\randyscomhelpdontdelet\randyscomhelpfilesdontdelet.exeseems a little suspect 2 me. You might also try taking some of those processes, i.e. Yahoo messenger, AIM, all unessential stuff out of the windoze boot sequence which may speed it up a bit. Just leave the essential stuff, like your anti-virus and firewall, like i said ESSENTIAL, if the computer is safe without it, TAKE IT OFF.
 Can we plz have more info on the puter, i.e. what version of Windoze is it running, basic specs, what software is on the machine etc.