Author Topic: questolo...please help (Read 3397 times)

StormieK · « **on:** May 06, 2007, 08:35:19 AM »

My HJT log is below...

Hope you're doing well, it's been awhile since I was here:)

My computer has run nearly non stop since right after the last time I was here. I've run every program to rid the computer of junk you've told me about and still... the modem runs almost constantly. When I use the 'clean up' tool it shows things like 'spacer 1 2 or 3', click count (which I can't get rid of and that's never been a problem before), adtargetingparams, showgutsads, adtablastviewed, cplparamlist, and paramlist. I don't know how to post an attachment or I'd copy it and show you. Anyway, I restart the computer and they're gone...until I open my outlook express or ANY website.......grrrrrrrrrrrr!!!

Enough talk....my HJT below and THANK YOU! Stormie

Logfile of HijackThis v1.99.1
Scan saved at 7:22:09 AM, on 5/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TrueAssistant\TrueAssistant.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: TrueAssistant.lnk = C:\Program Files\TrueAssistant\TrueAssistant.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

guestolo · « **Reply #1 on:** May 06, 2007, 10:35:37 AM »

Quote

When I use the 'clean up' tool it shows things like 'spacer 1 2 or 3', click count (which I can't get rid of and that's never been a problem before), adtargetingparams, showgutsads, adtablastviewed, cplparamlist, and paramlist. I don't know how to post an attachment or I'd copy it and show you.

They sound like cookie issues, I see you never did my recommendation earlier and remove all of Symantec's

Can you try the following
Open CleanUp! again, Click on OPTIONS>>Put a tick in "Write a log file">>OK it and run CleanUP!

The log by default I believe saves to your user profile app. data folder

Set Windows To Show Hidden Files and Folders
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Uncheck the Hide Extensions for known file types
* Click Yes to confirm.
* Click OK.

Navigate to the following folder
C:\Documents and Settings\<User name>\Application Data
find the CleanUp! log and post the contents

StormieK · « **Reply #2 on:** May 06, 2007, 11:23:37 AM »

Thanks for writing back. I'm sorry, I don't remember not doing what you asked:( I will this time!

I can't tick "Write a log file" as I don't have any options that say that...under any of the tabs.

Stormie

guestolo · « **Reply #3 on:** May 06, 2007, 11:30:47 AM »

It's probably because your running an older version of CleanUp!
Can you access your add/remove programs and remove your version

Then you can grab a copy of the newest version from here
http://www.stevengould.org/downloads/cleanup/CleanUp452.exe

Install it then follow the instructions
Be sure to just use the Standard cleanup

StormieK · « **Reply #4 on:** May 06, 2007, 11:46:40 AM »

My Clean Up Log;

CleanUp! started on 05/06/07 10:40:56.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\adtablastviewed[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\showgutsads[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[3].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\adtargetingparams[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\cplparamlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\ClickCount[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\paramlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\adtablastviewed[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\showgutsads[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[3].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\adtargetingparams[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\cplparamlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\ClickCount[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\paramlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\adtablastviewed[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\showgutsads[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[3].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\adtargetingparams[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\cplparamlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\ClickCount[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\paramlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\adtablastviewed[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\showgutsads[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[3].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\adtargetingparams[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\cplparamlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\ClickCount[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\paramlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\MSHist012007050620070507\index.dat
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\MSHist012007050620070507\C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
'Typed URLs' (Internet Explorer) - removed from the registry.
C:\Documents and Settings\Compaq_Owner\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\IadHide5.dll currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~DFD626.tmp currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\IadHide5.dll currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~DFD626.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer\QuickTime\QTPlayerSession.xml.old
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5123M56P\adtablastviewed[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5123M56P\showgutsads[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5123M56P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5123M56P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5123M56P\spacer[3].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5\6SE6AW0P\adtargetingparams[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5\6SE6AW0P\cplparamlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5\6SE6AW0P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5\6SE6AW0P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5\7WC1ZRJW\ClickCount[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5\7WC1ZRJW\paramlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5\7WC1ZRJW\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\locals~1\tempor~1\Content.IE5\7WC1ZRJW\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\IadHide5.dll currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DFD626.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\adtablastviewed[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\showgutsads[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5123M56P\spacer[3].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\adtargetingparams[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\cplparamlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\6SE6AW0P\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\ClickCount[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\paramlist[1].htm currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[1].gif currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7WC1ZRJW\spacer[2].gif currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\Prefetch\CLEANUP.EXE-0ACAE2A3.pf
'Run MRU' list - removed from the registry.
Search Assistant MRU list - removed from the registry.
Explorer Open/Save MRU list - removed from the registry.
Explorer Last Visited MRU list - removed from the registry.
WordPad Recent File List - removed from the registry.
Telnet's MRU list - removed from the registry.
WinZip Extract MRU list - removed from the registry.
WinZip File MRU list - removed from the registry.
CleanUp! 4.5.2 recovered 64.5 KB of disk space from 3 files.
CleanUp! finished on 05/06/07 10:40:57.

guestolo · « **Reply #5 on:** May 06, 2007, 11:53:36 AM »

They appear to be Temp files
I'm unsure if this is because of programs such as Weatherbug?
Can you do the following

supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

StormieK · « **Reply #6 on:** May 06, 2007, 12:02:32 PM »

I'm sorry, I just don't have all those 'things' you mentioned. I do however have a file in HJT that says Uninstalled Programs. Is this what you're needing? If Weatherbug is causing these problems I'll just delete it. I've had it a long time and never had trouble with it before but things change I know.

Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 7.0.5
Agere Systems PCI Soft Modem
Alien Skin Eye Candy 5 Impact
Alien Skin Xenofex 2.0
CC_ccProxyExt
ccCommon
ccPxyCore
CleanUp!
Color Cop v5.3
Compaq Connections
Compaq Organize
Easy Internet Sign-up
ewido anti-malware
Eye Candy 4000
Filters Unlimited 2.0.3
Google Toolbar for Internet Explorer
Help and Support Additions
HijackThis 1.99.1
Homestead SiteBuilder LPX
HP Deskjet 3740
HP Software Update
Intel® Extreme Graphics Driver
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
Jasc Paint Shop Pro 9
Jasc Paint Shop Pro 9.01 - (9.0.1.1)
Java 2 Runtime Environment, SE v1.4.2_03
LimeWire 4.9.37
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft Works
MSN
MSRedist
namesuppressed Plaid Lite
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton Security Center
Norton WMI Update
Norton WMI Update
Paint Shop Pro 7
PC-Doctor for Windows
picture-shark 1.0
Plugin Galaxy 1.0
PS2
QuickTime
RealPlayer
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Sonic Express Labeler
Sonic RecordNow!
SPBBC
SpySubtract
SpywareBlaster v3.4
SymNet
The Font Thing
Ulead ArtTexture.Plugin 1.0
Ulead FantasyWarp.Plugin 1.0
Ulead Particle.Plugin 1.0
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB910437)
Vizros Plug-ins 4.1
WeatherBug
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
WinRAR archiver
WinZip
Xenofex 1.0
Yaldex Colored ScrollBars 1.2

guestolo · « **Reply #7 on:** May 06, 2007, 12:16:37 PM »

I think what we need to do is get some of your programs updated and remove some others
How attached are you to Weatherbug?
Please see this link
http://fravia.com/weatherbug.htm

I would opt to uninstall it, up to you, but if you do, close All browser windows ahead of time and then uninstall it

I'm a bit confused by the uninstall list, I see Symantec's installed on your computer
But McAfee's in your hijackthis log, did you just uninstall McAfee's?

If so, post a fresh hijackthis log

StormieK · « **Reply #8 on:** May 06, 2007, 12:30:10 PM »

Grrrrrrrrrrrrrrrr....those no good rotten Weatherbug people.....lol I loved that little program:( I uninstalled it, did a 'Clean Up' and guess what...that 'stuff' is gone. Of course my computer is stilling running a marathon!

I can't remember exactly what you said in your last post but no, I didn't uninstall anything but Weatherbug just now. As far as I know I still have McAfee.

guestolo · « **Reply #9 on:** May 06, 2007, 12:34:50 PM »

Your uninstall list shows Symantec's installed and NO McAfee's
I think there may be a problem with these 2 and that would definitely cause system slowdowns and conflicts
Which antivirus do you see if your system tray>>by the clock?

Can you post a fresh hijackthis log please, I just want a double check

Also, can you do the following
Download and unzip to your desktop InstalledPrograms.zip
Double click on InstalledPrograms.vbs

Click OK at the IP prompt and click YES to view the results now
A text file will open, can you copy and paste back here the whole contents

ALLOW this script to run if prompted by your AntiVirus

StormieK · « **Reply #10 on:** May 06, 2007, 12:48:54 PM »

This is where we left off, I remember now and I was having trouble posting. Sorry!

I have a little M in the tray that say McAfee Security Center.

Installed Programs Report;

INSTALLED SOFTWARE (238) - STORMIE - 5/6/2007 11:40:50 AM

Ad-Aware SE Personal   Ver: 1.06
Adobe Flash Player 9 ActiveX   Ver: 9
Adobe Photoshop Album 2.0 Starter Edition   Ver: 2.00.100   Installed: 9/3/2005
Adobe Reader 7.0.9   Ver: 7.0.9   Installed: 1/15/2007
Agere Systems PCI Soft Modem
Alien Skin Eye Candy 5 Impact
Alien Skin Xenofex 2.0
AVG Anti-Spyware 7.5
BufferChm   Ver: 60.0.155.000   Installed: 3/19/2007
CameraDrivers   Ver: 6.0.0.204   Installed: 3/19/2007
CameraUserGuides   Ver: 6.0.0.204   Installed: 3/19/2007
CleanUp!
Color Cop v5.3
Compaq Connections
Compaq Organize
CP_AtenaShokunin1Config   Ver: 60.0.155.000   Installed: 3/19/2007
CP_CalendarTemplates1   Ver: 60.0.155.000   Installed: 3/19/2007
cp_OnlineProjectsConfig   Ver: 60.0.155.000   Installed: 3/19/2007
CP_Package_Basic1   Ver: 60.0.155.000   Installed: 3/19/2007
CP_Panorama1Config   Ver: 60.0.155.000   Installed: 3/19/2007
cp_PosterPrintConfig   Ver: 60.0.155.000   Installed: 3/19/2007
CueTour   Ver: 60.0.155.000   Installed: 3/19/2007
Destinations   Ver: 60.0.155.000   Installed: 3/19/2007
DeviceFunctionQFolder   Ver: 1.00.0000   Installed: 3/19/2007
DeviceManagementQFolder   Ver: 1.00.0000   Installed: 3/19/2007
Easy Internet Sign-up   Ver: FE UI-3.1.0.1288   Installed: 1/28/2005
Easy Internet Sign-up   Ver: FE UI-3.1.0.1288   Installed: 1/28/2005
eSupportQFolder   Ver: 1.00.0000   Installed: 3/19/2007
Eye Candy 4000
Filters Unlimited 2.0.3
FullDPAppQFolder   Ver: 1.00.0000   Installed: 3/19/2007
Google Toolbar for Internet Explorer
Help and Support Additions
HijackThis 1.99.1   Ver: 1.99.1
Homestead SiteBuilder LPX
Hotfix for Windows Media Format 11 SDK (KB929399)      Installed: 3/15/2007
Hotfix for Windows XP (KB914440)   Ver: 12   Installed: 12/7/2006
Hotfix for Windows XP (KB915865)   Ver: 10   Installed: 12/7/2006
Hotfix for Windows XP (KB918766)   Ver: 2   Installed: 11/16/2006
Hotfix for Windows XP (KB926239)   Ver: 2   Installed: 12/15/2006
HP Deskjet 3740   Ver: 1.00.0000   Installed: 5/7/2005
HP Imaging Device Functions 6.0   Ver: 6.0
HP Photosmart Cameras 6.0   Ver: 6.0
HP Photosmart Premier Software 6.0   Ver: 6.0
HP Software Update   Ver: 3.0.6.003   Installed: 3/19/2007
HP Solution Center and Imaging Support Tools 6.0   Ver: 6.0
hpiCamDrvQFolder   Ver: 6.0.0   Installed: 3/19/2007
HPProductAssistant   Ver: 60.0.155.000   Installed: 3/19/2007
HpSdpAppCoreApp   Ver: 3.00.0000   Installed: 1/28/2005
InstantShareDevices   Ver: 60.0.155.000   Installed: 3/19/2007
Intel® Extreme Graphics Driver
InterVideo WinDVD Player   Ver: 5.0-B11.668
iTunes   Ver: 6.0.4.2   Installed: 4/14/2006
iTunes   Ver: 6.0.4.2   Installed: 4/14/2006
J2SE Runtime Environment 5.0 Update 10   Ver: 1.5.0.100   Installed: 12/28/2006
J2SE Runtime Environment 5.0 Update 11   Ver: 1.5.0.110   Installed: 3/1/2007
J2SE Runtime Environment 5.0 Update 2   Ver: 1.5.0.20   Installed: 4/25/2005
J2SE Runtime Environment 5.0 Update 4   Ver: 1.5.0.40   Installed: 7/29/2005
J2SE Runtime Environment 5.0 Update 6   Ver: 1.5.0.60   Installed: 12/29/2005
J2SE Runtime Environment 5.0 Update 9   Ver: 1.5.0.90   Installed: 10/29/2006
Jasc Animation Shop 3   Ver: 3.11   Installed: 8/3/2006
Jasc Paint Shop Pro 9   Ver: 9.01.0000   Installed: 7/5/2006
Jasc Paint Shop Pro 9.01 - (9.0.1.1)
Java 2 Runtime Environment, SE v1.4.2_03   Ver: 1.4.2_03   Installed: 1/28/2005
Java(tm) SE Runtime Environment 6 Update 1   Ver: 1.6.0.10   Installed: 5/3/2007
LimeWire 4.12.6   Ver: 4.12.6
LiveUpdate 2.6 (Symantec Corporation)   Ver: 2.6.14.0
McAfee SecurityCenter
McAfee VirusScan
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1   Ver: 1.1.4322   Installed: 4/28/2005
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Compression Client Pack 1.0 for Windows XP   Ver: 1   Installed: 12/15/2006
Microsoft Internationalized Domain Names Mitigation APIs      Installed: 12/7/2006
Microsoft National Language Support Downlevel APIs      Installed: 12/7/2006
Microsoft Office Standard Edition 2003   Ver: 11.0.7969.0   Installed: 4/11/2007
Microsoft Plus! Digital Media Edition Installer   Ver: 1.1.0.3500   Installed: 1/28/2005
Microsoft Plus! Photo Story 2 LE   Ver: 1.1.0.3463   Installed: 1/28/2005
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)   Ver: 8.00.761   Installed: 11/26/2005
Microsoft User-Mode Driver Framework Feature Pack 1.0      Installed: 12/15/2006
Microsoft Works   Ver: 08.04.0623   Installed: 1/28/2005
MSN
MSN Messenger 7.5   Ver: 7.5.0324.0   Installed: 3/10/2006
MSXML 4.0 SP2 (KB925672)   Ver: 4.20.9839.0   Installed: 10/14/2006
MSXML 4.0 SP2 (KB927978)   Ver: 4.20.9841.0   Installed: 11/17/2006
namesuppressed Plaid Lite      Installed: 8/24/2005
Norton Security Center   Ver: 2005.1.0.111   Installed: 1/28/2005
PanoStandAlone   Ver: 60.0.155.000   Installed: 3/19/2007
PC-Doctor for Windows   Ver: 1.06.002   Installed: 1/28/2005
PC-Doctor for Windows   Ver: 1.06.002   Installed: 1/28/2005
PhotoGallery   Ver: 60.0.155.000   Installed: 3/19/2007
picture-shark 1.0
Plugin Galaxy 1.0
PS2
QuickTime   Ver: 7.0.4   Installed: 4/14/2006
QuickTime   Ver: 7.0.4   Installed: 4/14/2006
RandMap   Ver: 60.0.155.000   Installed: 3/19/2007
RealPlayer
Security Update for Step By Step Interactive Training (KB898458)   Ver: 20050502.101010   Installed: 6/15/2005
Security Update for Step By Step Interactive Training (KB923723)   Ver: 20050502.101010   Installed: 2/16/2007
Security Update for Windows Media Player (KB911564)      Installed: 2/15/2006
Security Update for Windows Media Player 10 (KB911565)      Installed: 2/15/2006
Security Update for Windows Media Player 10 (KB917734)      Installed: 6/14/2006
Security Update for Windows Media Player 6.4 (KB925398)      Installed: 12/16/2006
Security Update for Windows XP (KB883939)   Ver: 1   Installed: 6/15/2005
Security Update for Windows XP (KB890046)   Ver: 1   Installed: 6/15/2005
Security Update for Windows XP (KB893756)   Ver: 1   Installed: 8/10/2005
Security Update for Windows XP (KB896358)   Ver: 1   Installed: 6/15/2005
Security Update for Windows XP (KB896422)   Ver: 1   Installed: 6/15/2005
Security Update for Windows XP (KB896423)   Ver: 1   Installed: 8/10/2005
Security Update for Windows XP (KB896424)   Ver: 1   Installed: 11/8/2005
Security Update for Windows XP (KB896428)   Ver: 1   Installed: 6/15/2005
Security Update for Windows XP (KB896688)   Ver: 1   Installed: 10/13/2005
Security Update for Windows XP (KB899587)   Ver: 1   Installed: 8/10/2005
Security Update for Windows XP (KB899588)   Ver: 1   Installed: 8/10/2005
Security Update for Windows XP (KB899591)   Ver: 1   Installed: 8/10/2005
Security Update for Windows XP (KB900725)   Ver: 1   Installed: 10/13/2005
Security Update for Windows XP (KB901017)   Ver: 1   Installed: 10/13/2005
Security Update for Windows XP (KB901214)   Ver: 1   Installed: 7/14/2005
Security Update for Windows XP (KB902400)   Ver: 1   Installed: 10/13/2005
Security Update for Windows XP (KB903235)   Ver: 1   Installed: 7/14/2005
Security Update for Windows XP (KB904706)   Ver: 1   Installed: 10/13/2005
Security Update for Windows XP (KB905414)   Ver: 1   Installed: 10/13/2005
Security Update for Windows XP (KB905749)   Ver: 1   Installed: 10/13/2005
Security Update for Windows XP (KB905915)   Ver: 1   Installed: 12/15/2005
Security Update for Windows XP (KB908519)   Ver: 1   Installed: 1/11/2006
Security Update for Windows XP (KB908531)   Ver: 1   Installed: 4/20/2006
Security Update for Windows XP (KB911280)   Ver: 1   Installed: 6/14/2006
Security Update for Windows XP (KB911562)   Ver: 1   Installed: 4/20/2006
Security Update for Windows XP (KB911567)   Ver: 1   Installed: 4/20/2006
Security Update for Windows XP (KB911927)   Ver: 1   Installed: 2/15/2006
Security Update for Windows XP (KB912812)   Ver: 1   Installed: 4/20/2006
Security Update for Windows XP (KB912919)   Ver: 1   Installed: 1/6/2006
Security Update for Windows XP (KB913446)   Ver: 1   Installed: 2/16/2006
Security Update for Windows XP (KB913580)   Ver: 1   Installed: 5/11/2006
Security Update for Windows XP (KB914388)   Ver: 1   Installed: 7/13/2006
Security Update for Windows XP (KB914389)   Ver: 1   Installed: 6/14/2006
Security Update for Windows XP (KB916281)   Ver: 1   Installed: 6/14/2006
Security Update for Windows XP (KB917159)   Ver: 1   Installed: 7/13/2006
Security Update for Windows XP (KB917344)   Ver: 1   Installed: 6/14/2006
Security Update for Windows XP (KB917422)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB917953)   Ver: 1   Installed: 6/14/2006
Security Update for Windows XP (KB918118)   Ver: 1   Installed: 2/16/2007
Security Update for Windows XP (KB918439)   Ver: 1   Installed: 6/14/2006
Security Update for Windows XP (KB918899)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB919007)   Ver: 1   Installed: 9/14/2006
Security Update for Windows XP (KB920213)   Ver: 1   Installed: 12/7/2006
Security Update for Windows XP (KB920214)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB920670)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB920683)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB920685)   Ver: 1   Installed: 9/14/2006
Security Update for Windows XP (KB921398)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB921883)   Ver: 1   Installed: 8/9/2006
Security Update for Windows XP (KB922616)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB922760)   Ver: 1   Installed: 11/17/2006
Security Update for Windows XP (KB922819)   Ver: 1   Installed: 10/12/2006
Security Update for Windows XP (KB923191)   Ver: 1   Installed: 10/12/2006
Security Update for Windows XP (KB923414)   Ver: 1   Installed: 10/12/2006
Security Update for Windows XP (KB923694)   Ver: 1   Installed: 12/16/2006
Security Update for Windows XP (KB923980)   Ver: 1   Installed: 11/17/2006
Security Update for Windows XP (KB924191)   Ver: 1   Installed: 10/12/2006
Security Update for Windows XP (KB924270)   Ver: 1   Installed: 11/17/2006
Security Update for Windows XP (KB924496)   Ver: 1   Installed: 10/12/2006
Security Update for Windows XP (KB924667)   Ver: 1   Installed: 2/16/2007
Security Update for Windows XP (KB925454)   Ver: 1   Installed: 12/16/2006
Security Update for Windows XP (KB925486)   Ver: 1   Installed: 9/28/2006
Security Update for Windows XP (KB925902)   Ver: 1   Installed: 4/5/2007
Security Update for Windows XP (KB926255)   Ver: 1   Installed: 12/16/2006
Security Update for Windows XP (KB926436)   Ver: 1   Installed: 2/16/2007
Security Update for Windows XP (KB927779)   Ver: 1   Installed: 2/16/2007
Security Update for Windows XP (KB927802)   Ver: 1   Installed: 2/16/2007
Security Update for Windows XP (KB928090)   Ver: 1   Installed: 2/16/2007
Security Update for Windows XP (KB928255)   Ver: 1   Installed: 2/16/2007
Security Update for Windows XP (KB928843)   Ver: 1   Installed: 2/16/2007
Security Update for Windows XP (KB929969)   Ver: 1   Installed: 1/13/2007
Security Update for Windows XP (KB930178)   Ver: 1   Installed: 4/11/2007
Security Update for Windows XP (KB931261)   Ver: 1   Installed: 4/11/2007
Security Update for Windows XP (KB931784)   Ver: 1   Installed: 4/11/2007
Security Update for Windows XP (KB932168)   Ver: 1   Installed: 4/11/2007
SkinsHP1   Ver: 60.0.155.000   Installed: 3/19/2007
SolutionCenter   Ver: 60.0.155.000   Installed: 3/19/2007
Sonic Express Labeler   Ver: 1.0.0   Installed: 1/28/2005
Sonic RecordNow!   Ver: 7.22   Installed: 1/28/2005
Sonic_PrimoSDK   Ver: 60.0.155.000   Installed: 3/19/2007
Spybot - Search & Destroy 1.4   Ver: 1.4
SpywareBlaster v3.5.1   Ver: 3.5.1
Status   Ver: 60.0.155.000   Installed: 3/19/2007
The Font Thing
TrayApp   Ver: 60.0.155.000   Installed: 3/19/2007
TrueSwitch Wizard Suddenlink
Ulead ArtTexture.Plugin 1.0
Ulead FantasyWarp.Plugin 1.0
Ulead Particle.Plugin 1.0
Unload   Ver: 6.1.0   Installed: 3/19/2007
Update for Windows XP (KB894391)   Ver: 1   Installed: 8/10/2005
Update for Windows XP (KB896727)   Ver: 1   Installed: 8/10/2005
Update for Windows XP (KB898461)   Ver: 1   Installed: 6/29/2005
Update for Windows XP (KB900485)   Ver: 2   Installed: 4/27/2006
Update for Windows XP (KB904942)   Ver: 2   Installed: 12/7/2006
Update for Windows XP (KB910437)   Ver: 1   Installed: 12/15/2005
Update for Windows XP (KB916595)   Ver: 1   Installed: 7/13/2006
Update for Windows XP (KB920872)   Ver: 1   Installed: 9/14/2006
Update for Windows XP (KB922582)   Ver: 1   Installed: 9/14/2006
Update for Windows XP (KB929338)   Ver: 1   Installed: 3/15/2007
Update for Windows XP (KB931836)   Ver: 1   Installed: 2/16/2007
Vizros Plug-ins 4.1
WebFldrs XP   Ver: 9.50.7523   Installed: 10/14/2004
WebReg   Ver: 60.0.155.000   Installed: 3/19/2007
Windows Genuine Advantage Notifications (KB905474)   Ver: 1.7.0018.5   Installed: 7/2/2006
Windows Genuine Advantage v1.3.0254.0   Ver: 1.3.0254.0   Installed: 7/27/2005
Windows Installer 3.1 (KB893803)   Ver: 3.1
Windows Installer 3.1 (KB893803)   Ver: 3.1
Windows Media Format 11 runtime
Windows Media Format 11 runtime      Installed: 12/15/2006
Windows Media Player 11
Windows Media Player 11      Installed: 12/15/2006
Windows XP Hotfix - KB873333   Ver: 20050114.005213
Windows XP Hotfix - KB873339   Ver: 20041117.092459
Windows XP Hotfix - KB883667   Ver: 20040812.104354
Windows XP Hotfix - KB885250   Ver: 20050118.202711
Windows XP Hotfix - KB885835   Ver: 20041027.181713
Windows XP Hotfix - KB885836   Ver: 20041028.173203
Windows XP Hotfix - KB886185   Ver: 20041021.090540
Windows XP Hotfix - KB887472   Ver: 20041014.162858
Windows XP Hotfix - KB887742   Ver: 20041103.095002
Windows XP Hotfix - KB888113   Ver: 20041116.131036
Windows XP Hotfix - KB888239   Ver: 20041124.162528
Windows XP Hotfix - KB888302   Ver: 20041207.111426
Windows XP Hotfix - KB890175   Ver: 20041201.233338
Windows XP Hotfix - KB890859   Ver: 1   Installed: 4/17/2005
Windows XP Hotfix - KB890923   Ver: 1   Installed: 4/17/2005
Windows XP Hotfix - KB891781   Ver: 20050110.165439
Windows XP Hotfix - KB893066   Ver: 1   Installed: 4/17/2005
Windows XP Hotfix - KB893086   Ver: 1   Installed: 4/17/2005
WinRAR archiver
WinZip   Ver: 9.0 SR-1 (6224)
Xara X1   Ver: 1.00.0000
Xenofex 1.0

I don't know what some of these programs are...I didn't install them on purpose!?!?!?

HJT Log;
Logfile of HijackThis v1.99.1
Scan saved at 11:47:02 AM, on 5/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TrueAssistant\TrueAssistant.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: TrueAssistant.lnk = C:\Program Files\TrueAssistant\TrueAssistant.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

guestolo · « **Reply #11 on:** May 06, 2007, 01:04:45 PM »

When I asked you to run Hijackthis>>Uninstall list
Did you actually run it or did you post an old log?
~~It looks like you posted an old log, please just do the instructions I post please~~
I see you mentioned it was an old log

Close down all browser windows before doing the following
Can you access your add/remove programs and remove all older versions of Java
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03

You can leave this one installed
Javaï¿½â€žï¿½ SE Runtime Environment 6 Update 1

I'm concerned that Norton's didn't uninstall properly
In add/remove programs remove
Norton Security Center

Reboot the computer
Back in Windows
Let's make sure Norton's is totally gone
Go to the following link and do Step 2
http://service1.symantec.com/SUPPORT/tsgen...005033108162039?

If the computer doesn't reboot, reboot manually afterwards

Come back here and post a fresh hijackthis log

Also, for the list from InstalledPrograms.vbs
Which programs are you unsure about that you don't recognize?

StormieK · « **Reply #12 on:** May 06, 2007, 01:11:54 PM »

I ran a new hjt log. I'm trying to do what you ask.

guestolo · « **Reply #13 on:** May 06, 2007, 01:13:37 PM »

[quote name=\'StormieK\' post=\'322633\' date=\'May 6 2007, 11:11 AM\']I ran a new hjt log. I'm trying to do what you ask.[/quote]

Just carry on with my last set of instructions please

StormieK · « **Reply #14 on:** May 06, 2007, 01:57:38 PM »

I don't know what CueTour or PanoStandAlone are.

Logfile of HijackThis v1.99.1
Scan saved at 12:50:55 PM, on 5/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: TrueAssistant.lnk = C:\Program Files\TrueAssistant\TrueAssistant.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

guestolo · « **Reply #15 on:** May 06, 2007, 02:07:37 PM »

Quote

I don't know what CueTour or PanoStandAlone are.

I believe they are both related to HP software

In Internet Explorer>>Can you select TOOLS>>Do you see "Uninstall BitDefender"
If so you can remove it
Let me know if it was found

How are things running now?

StormieK · « **Reply #16 on:** May 06, 2007, 02:21:09 PM »

I clicked on Tools and Uninstall BitDefender Online Scanner V8 is there but when I click it a window pops up that says this... WINDOWS.bdoscandel.exe cannot be found.

Thanks for the info on the other...

When I open a window the screen flashes at times. My modem is still running but is does take a break now and then. Seems to be running a little bit faster, not much though.

guestolo · « **Reply #17 on:** May 06, 2007, 03:06:52 PM »

Can you open up your Task manager
Under the process tab, what is using most of CPU

What is System Idle process at?

StormieK · « **Reply #18 on:** May 06, 2007, 05:55:43 PM »

I don't know how to open the Task Manager.

StormieK · « **Reply #19 on:** May 06, 2007, 07:08:47 PM »

I found it...

Right now the modem is running but all CPU's are at 00. The System Idle Process is at 99. When I opened Internet Explorer a pop-up said it wasn't my default browser. That's never happened before. As far as I know it's the only browser I have.

Stormie

News:

Author Topic: questolo...please help (Read 3397 times)