Unsolved
This post is more than 5 years old
67 Posts
0
2544
PLEASE HELP....browser hijacked! Freezing! HJT log included
Hi! I am hoping someone could help me please? I would really appreciate it!
I have a dell dimension desktop 3100 pc and am running Windows SP2 with Internet Explorer 7. It appears my browser has been hijacked. This is what happens when I turn on my pc or restart it, the homepage (which I had set to comcast) changes itself to Awesome Funnies Homepage.
I then go to tools & change it back to comcast but, everytime I restart, it changes again. I have trouble with my explorer freezing up and the page "Sorry, Dell cannot find this" page keeps popping up as well.
I downloaded some Windows updates awhile back & when I restarted my pc, the icon for my Explorer that i had on my desktop just disappeared & the explorer toolbar was gone. I recently tried upgrading to explorer 7 and now, i do have the explorer bar back but, when i tried to use any shortcuts that i had previously had on the desktop, none of them worked. I made new shortcuts & then, when i restarted my pc, again, my homepage was back to awesome funnies & none of the new shortcuts worked the first time I tried them and the screen froze. I closed them out & then, the next time they worked but, it appears EVERYTIME I have to restart or turn my pc off & then on again, these problems occur!
I have downloaded Hijackthis & done a scan & the results are as follows:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:56:59 PM, on 12/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\WinUpdater\update.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Elf Bowling Holiday Pack\Images\stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Little Shop of Treasures\Images\armhelper.ocx
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://chill.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 9326 bytes
Thanks SO much for any help! It is MUCH appreciated!
bamajim
10.4K Posts
1
December 12th, 2008 14:00
1. Go HERE and download WormFix
Save it to your Desktop. But do not run it yet.
2. Reboot into Safe Mode
This can be done by
Begin tapping the F8 key twice a second untill you reach another menu screen (black background with white menu choices)
Use your arrow keys and select Safe Mode and then Enter
3. Close all Internet Explorer Windows and Run WormFix
Open the WormFix Folder
Double Click WormFix.vbe to run the program
Then Select O.K. at the prompt
Allow the program to run (Your desktop will disappear, then re-appear. This is normal)
When it is finished it wil produce a log C:\WormFix.txt
Copy and paste the results of that log in your reply
4. Then reboot your PC into Normal Windows Mode->> Rerun Hijackthis and post a fresh Hiajckthis log.
As well as the C:\WormFix.txt log
Note: you may have to post the results in more than one reply
ladyblue777
67 Posts
0
December 12th, 2008 15:00
Hi bamajim...thanks for the quick response. I'll try to execute the steps indicated and post them. I can't do it right now but I will a little later on tonight. If I get stuck I'll let you know. Thanks again.
Ladyblue777
ladyblue777
67 Posts
0
December 12th, 2008 17:00
Hi again.....I followed your instructions and when I ran wormfix it just pops up with a blank notepad with your name on it? I tried it twice and nothing? By the way, on the top of my screen it said Service Pack 3 not 2, sorry. Am I doing something wrong? Thanks.
Ladyblue777
bamajim
10.4K Posts
0
December 15th, 2008 06:00
You didn't do anything wrong. It could be that WormFix didn't find anything.
1. Rerun Hijackthis (scan only) and place checks beside the following entries
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\WinUpdater\update.exe" /background
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
Close all other open windows except Hijackthis and Select " Fix checked"
Close Hijackthis ->> Reboot your PC ->> Rerun Hijackthis and post a fresh Hijackthis log
ladyblue777
67 Posts
0
December 15th, 2008 10:00
Ok I followed your directions except that the 04 HKCU [WinUpdater] was not on tLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:52:49 PM, on 12/15/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Elf Bowling Holiday Pack\Images\stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Little Shop of Treasures\Images\armhelper.ocx
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://chill.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 9114 bytes
he list? Here is the log, thanks again.
bamajim
10.4K Posts
1
December 17th, 2008 05:00
Sorry for the delay.
Please perform an Ewido Online Malware Scan
ladyblue777
67 Posts
0
December 17th, 2008 12:00
Ok I got it. Here it is, now I'll fix the errors.__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________
Name: TrackingCookie.247realmedia
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@247realmedia[2].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@2o7[2].txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@ad.yieldmanager[1].txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@adbrite[2].txt
Risk: Medium
Name: TrackingCookie.Euroclick
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@adopt.euroclick[1].txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@adrevolver[1].txt
Risk: Medium
Name: TrackingCookie.Addynamix
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@ads.addynamix[1].txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@ads.pointroll[2].txt
Risk: Medium
Name: TrackingCookie.Advertising
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@advertising[2].txt
Risk: Medium
Name: TrackingCookie.Atdmt
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@atdmt[2].txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@bs.serving-sys[1].txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@casalemedia[1].txt
Risk: Medium
Name: TrackingCookie.Doubleclick
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@doubleclick[1].txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@dynamic.media.adrevolver[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@electronicarts.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Fastclick
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@fastclick[1].txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@media.adrevolver[2].txt
Risk: Medium
Name: TrackingCookie.Mediaplex
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@mediaplex[2].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@nhl.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Overture
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@overture[2].txt
Risk: Medium
Name: TrackingCookie.Questionmarket
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@questionmarket[1].txt
Risk: Medium
Name: TrackingCookie.Realmedia
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@realmedia[2].txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@revsci[1].txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@serving-sys[1].txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@statcounter[2].txt
Risk: Medium
Name: TrackingCookie.Webtrendslive
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@statse.webtrendslive[2].txt
Risk: Medium
Name: TrackingCookie.Tacoda
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@tacoda[1].txt
Risk: Medium
Name: TrackingCookie.Trafficmp
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@trafficmp[1].txt
Risk: Medium
Name: TrackingCookie.Tribalfusion
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@tribalfusion[1].txt
Risk: Medium
Name: TrackingCookie.Burstnet
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@www.burstnet[1].txt
Risk: Medium
Name: TrackingCookie.Zedo
Path: C:\Documents and Settings\PrimaryUser\Cookies\primaryuser@zedo[1].txt
Risk: Medium
Name: Adware.BHO
Path: C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP838\A0060476.dll
Risk: Medium
ladyblue777
67 Posts
0
December 17th, 2008 12:00
Hi...no problem about the delay I'm thankful for your help. I ran the scan but don't seem to be able to copy it? When I hit edit, select all, it copies everything on the page except the errors (which there are 32). Could I prehaps save it in my documents or something & copy it from there? Any other suggestion? Thanks
Ladyblue777
ladyblue777
67 Posts
0
December 17th, 2008 13:00
Glad to hear that. The Awesome homepage seems to be gone and the speed of the computer is ok, there is only one problem I can still see. I use Comcast which means I'm always connected. I use to be able to click on any icon on my desktop & get there, but now I have to connect to Comcast first, then minimize it before I can use my shortcuts. If I don't it freezes and I have to end task which appears to be a windows error of some sort? Thanks
Ladyblue777
bamajim
10.4K Posts
1
December 17th, 2008 13:00
ladyblue777
Nothing serious there, just some cookies. How's your PC running now?
ladyblue777
67 Posts
0
December 17th, 2008 16:00
It just happened again so I pulled up the error report from windows. It doesn't make any sense to me but maybe it will to you. There are 2 errors on there as follows:
C:\DOCUME~1\PRIMAR~1\LOCALS~1\Temp\WER7bc4.dir00\iexplore.exe.mdmp
C:\DOCUME~1\PRIMAR~1\LOCALS~1\Temp\WER7bc4.dir00\Appcompat.txt
Don't know if this will help or not. I hope so. Thanks again
Ladyblue777
bamajim
10.4K Posts
0
December 22nd, 2008 13:00
Ladyblue777
Do you have any Explorer Add-on's?
If so what are they?
ladyblue777
67 Posts
0
December 29th, 2008 08:00
Hi! I am so sorry for the delay in responding, I got booted from the dell community and am now just able to get back on. I DO have some add-ons but, I do not know how to copy them for you other than using print screen. I have tried to copy & paste them but, that does not work. Do you know of any other way i can get them into a list for you? Thanks!
ladyblue777
67 Posts
0
December 29th, 2008 08:00
Hi! A friend of mine figured out how to copy the list of add-ons and post them on here for you to see. Sorry for the mixup!
View Raw Image" href="http://s5.tinypic.com/k4ca9v.jpg" rel="nofollow noopener noreferrer">
bamajim
10.4K Posts
0
December 29th, 2008 08:00
I don't need to see a list of the Explorer Add-on's you have. But the problem you are having with Explorer crashiing is due to one of those Add-on's. You need to un-install them one at a time, and reboot your PC to see which one is causing the problem