UKC Web control error message at start up

Question

How can I prevent this error message window appearing each time Windows starts up?   'Failed to load web control from your version of may be outdated.  Make sure you are using the version of the control that was provided with your application.'   Also, how can I prevent the Windows Media window from appearing each time I start the computer?  It's very annoying.   Thanks for the assistance.   Marilyn

Midnight Star · Answer

Marilyn, Let's see what's running on your system that might be causing that error: Follow ChrisM's instructions on the top of this forum, and post back a HiJAckThis log for analysis. Mike.

mme3924 · Answer

Thanks for your reply. I attempted to do as you suggest: I had downloaded Hijackthis earlier but had not run it. I just now (1/9/05 @ 11:10 am CST) unzipped the Hijackthis folder on my desktop, clicked on the program icon, then on the Scan and save a log indicator. A window appeared with lines of what appeared to be information about the systerm, but was immediately obscured by a window reading "Hijack this has encountered a problem and needs to close." Several tries resulted in same window message. What now?

Thanks.

Marilyn

Midnight Star · Answer

Marilyn,   Your welcome. Some users seeem to be having a problem with the newest version for some reason.   -   Let's try a prior version and see if that will work; download if from here: http://www.bleepingcomputer.com/files/Merijn/HijackThis1982.zip   -   Mike.   Message Edited by Midnight Star on 01-10-2005 12:44 PM

mme3924 · Answer

Thanks, Mike.  I downloaded the earlier version of Hijackthis and it seemed to work.  With any luck, I am now posting the saved log below.  I appreciate your help very much.  Marilyn   Logfile of HijackThis v1.98.2 Scan saved at 7:16:42 PM, on 1/11/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe C:\WINDOWS\System32
vsvc32.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\WINDOWS\system32\dla	fswctrl.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Dell\EUSW\Support.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe C:\Program Files\Common Files\Real\Update_OBealsched.exe C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe C:\HJTOLDER\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://charter.msn.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = 'C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe' F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: (no name) - SOFTWARE - (no file) O2 - BHO: (no name) - {00000186-C745-43D2-44F1-01A1C789C738} - C:\Program Files\SB\Smart-Browser\ybd.71.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: WebSearch.WSearch - {1FF04B25-0A23-4A12-960C-73F8B9950436} - C:\Program Files\WebSearch\Util\5R2WF4GU.dll O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla	fswshx.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla	fswctrl.exe O4 - HKLM\..\Run: [StorageGuard] 'C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe' /r O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [PCMService] 'C:\Program Files\Dell\Media Experience\PCMService.exe' O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [ccApp] 'C:\Program Files\Common Files\Symantec Shared\ccApp.exe' O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe O4 - HKLM\..\Run: [QuickTime Task] 'C:\Program Files\QuickTime\qttask.exe' -atboottime O4 - HKLM\..\Run: [wmplayer] C:\Program Files\Windows Media Player\wmplayer.exe -invisible O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe O4 - HKLM\..\Run: [winspool] C:\WINDOWS\System32\winspoolx.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AOL Spyware Protection] 'C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe' O4 - HKLM\..\Run: [Pure Networks Port Magic] 'C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe' -Run O4 - HKLM\..\Run: [msnappau] 'C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe' O4 - HKLM\..\Run: [TkBellExe] 'C:\Program Files\Common Files\Real\Update_OBealsched.exe'  -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [Ukc] C:\WINDOWS\system32\ukc.exe O4 - HKLM\..\Run: [QCEEOQ7L.exe] C:\WINDOWS\system32\QCEEOQ7L.exe O4 - HKLM\..\Run: [CorelDRAW ESSENTIALS14] C:\Program Files\Common Files\Corel\Registration\EN\Registration.exe /title='CorelDRAW ESSENTIALS' /date=012405 serial=es02wrd-0104193-aaj O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar	oolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS
ppdf32.dll O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.charter.com/sdccommon/download/tgctlcm.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {75565ED2-1560-4F15-B841-20358DE6A0D1} (ImageControl Class) - http://c.ancestry.com/cab/ImageViewer/MFImgVwr.cab O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://images.myfamily.net/isfiles/downloads/MrSIDI.cab O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?319 O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

Midnight Star · Answer

Marilyn,

Let's see what we can do...

Go to Add/Remove programs and remove(uninstall) the following, if present:

Windows Ad Control

Win Control Ad

(or something like the above two)

WebSearch

Run HiJackThis and click "Config...", then "Misc Tools", then "Open process manager". Now, while holding down the CTRL key, click on each of the following, so that all of them are highlighted, then click "Kill process":

   c:\installer\id53.exe
    C:\WINDOWS\System32\winspoolx.exe
    C:\WINDOWS\system32\ukc.exe
    C:\WINDOWS\system32\QCEEOQ7L.exe
    C:\Program Files\Windows ControlAd\WinCtlAd.exe

Refresh the list and make sure they're gone.

Now, click "back", just below the process task list, then:

1. click " Delete a file on reboot"
2. browse to, then double-click on each of the file(s) below, one at a time, if present:

     C:\Program Files\SB\Smart-Browser\ybd.71.dll
   C:\Program Files\WebSearch\Util\5R2WF4GU.dll
   c:\installer\id53.exe
    C:\WINDOWS\System32\winspoolx.exe
     C:\WINDOWS\system32\ukc.exe
    C:\WINDOWS\system32\QCEEOQ7L.exe
     C:\Program Files\Windows ControlAd\WinCtlAd.exe

3. when prompted to " Reboot Now", after selecting each file, select " No"

Now, let's open a command prompt and unregister the dll(s) we're going to remove, by entering the following:

regsvr32 /u ybd.71.dll
regsvr32 /u 5R2WF4GU.dll

It's ok, if these aren't found or 'error' out. If you want, just copy and paste the individual lines to a command prompt to save on the typing.

Now, click "Back" in the lower-right hand corner of HiJackThis and click " Scan", then check(tick) the following, if present:

O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {00000186-C745-43D2-44F1-01A1C789C738} - C:\Program Files\SB\Smart-Browser\ybd.71.dll
O2 - BHO: WebSearch.WSearch - {1FF04B25-0A23-4A12-960C-73F8B9950436} - C:\Program Files\WebSearch\Util\5R2WF4GU.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [winspool] C:\WINDOWS\System32\winspoolx.exe
O4 - HKLM\..\Run: [Ukc] C:\WINDOWS\system32\ukc.exe
O4 - HKLM\..\Run: [QCEEOQ7L.exe] C:\WINDOWS\system32\QCEEOQ7L.exe
O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -

Now, with all windows closed except HiJackThis, click " Fix checked".

Locate and delete the following item(s), if present. Make sure you able to view system and hidden files and folders:

folder...

C:\Program Files\Windows ControlAd

Don't reboot your computer just yet.

Post back a new log.

Mike.

mme3924 · Answer

Whew!  Okay, I tried to follow all your instructions.  Here is what I could or could not do: I ran HiJackThis, clicked 'config', etc. to the process window.  I did not find any of the 5 files you said to highlight and 'kill process'.  I did find a winspoolv.exe  (v instead of x) but did nothing to it.  I then went back, clicked 'delete file on reboot' and tried to follow those instructions.  I found the files but only on one (C:/ProgramFiles/WebSearch/Util/5R2WF4GU.dll) did I get a window reading 'The file will be deleted by Window when the system restarts.....'  I clicked 'no' .  Then I opened a command prompt and typed in these two lines: regsvr32 /u ybd.71/dll  and  regsver32 /u 5R2WF4GU.dll.   Message reading 'could not be found' appeared for both.  I closed the window and went to the next instruction. I clicked 'back' on HijackThis back to Scan and found the 10 of the 11 files (sorry I don't know how to post under your post; I'll repeat the first and last and the one I couldn't find); 02 - BHL: (no name) - SOFTWARE - (no file) .....to 016 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D) (QdiagHUpdateObj Class).  The file I could not find was:  02 - BHO - WebSearch.WSearch - {1FF04B25-OA23-4A12-96OC-73F8B9950436} - C Files\WebSearch\Util\5R2WF4GU.dll  I clicked on the boxes next to 10 files and with all windows closed, clicked 'Fix checked'  I got a warning message, clicked yes. I then went to C:\Program Files\Windows ControlAd and deleted it (it went to the recycle, where it remains; is that the same as deleting....or will be when I empty the recycle bin?) I then ran a new log (see below).  I have not rebooted my computer. Logfile of HijackThis v1.98.2Scan saved at 9:51:06 PM, on 1/13/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Intel\Modem Event Monitor\IntelMEM.exeC:\WINDOWS\system32\dla	fswctrl.exeC:\WINDOWS\System32\DSentry.exeC:\Program Files\Dell\Media Experience\PCMService.exeC:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Common Files\Dell\EUSW\Support.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exeC:\Program Files\Common Files\AOL\ACS\AOLDial.exeC:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exeC:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exeC:\Program Files\Common Files\Real\Update_OBealsched.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\Program Files\Java\j2re1.4.2_06\bin\jusched.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\system32\cisvc.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Sierra Imaging\Image Expert\IXApplet.exeC:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exeC:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exeC:\WINDOWS\System32
vsvc32.exeC:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\WINDOWS\System32\snmp.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\wanmpsvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\system32\cidaemon.exeC:\HJTOLDER\HijackThis.exeC:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywayR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://charter.msn.com/R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = 'C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe' F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exeO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla	fswshx.dllO2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dllO2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dllO2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dllO2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dllO3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exeO4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla	fswctrl.exeO4 - HKLM\..\Run: [StorageGuard] 'C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe' /rO4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exeO4 - HKLM\..\Run: [PCMService] 'C:\Program Files\Dell\Media Experience\PCMService.exe'O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exeO4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exeO4 - HKLM\..\Run: [ccApp] 'C:\Program Files\Common Files\Symantec Shared\ccApp.exe'O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exeO4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exeO4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exeO4 - HKLM\..\Run: [QuickTime Task] 'C:\Program Files\QuickTime\qttask.exe' -atboottimeO4 - HKLM\..\Run: [wmplayer] C:\Program Files\Windows Media Player\wmplayer.exe -invisibleO4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exeO4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exeO4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exeO4 - HKLM\..\Run: [AOL Spyware Protection] 'C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe'O4 - HKLM\..\Run: [Pure Networks Port Magic] 'C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe' -RunO4 - HKLM\..\Run: [msnappau] 'C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe'O4 - HKLM\..\Run: [TkBellExe] 'C:\Program Files\Common Files\Real\Update_OBealsched.exe'  -osbootO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exeO4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exeO4 - HKLM\..\Run: [CorelDRAW ESSENTIALS14] C:\Program Files\Common Files\Corel\Registration\EN\Registration.exe /title='CorelDRAW ESSENTIALS' /date=012405 serial=es02wrd-0104193-aajO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exeO4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exeO8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar	oolbar.dll/SEARCH.HTMLO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLLO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS
ppdf32.dllO16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.charter.com/sdccommon/download/tgctlcm.cabO16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CABO16 - DPF: {75565ED2-1560-4F15-B841-20358DE6A0D1} (ImageControl Class) - http://c.ancestry.com/cab/ImageViewer/MFImgVwr.cabO16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://images.myfamily.net/isfiles/downloads/MrSIDI.cabO16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cabO16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab   Again, thanks for this detailed help to a real rookie at trying to fix this kind of stuff.  I can operate the software, but this is foreign to me...... Marilyn

mme3924 · Answer

I forgot to say: another problem I have is that when I click on Start and Search, my Start key locks up (appears depressed). Nothing happens (nothing appears) and I cannot unlock the key by clicking on it or on anything else on the desktop. After about a minute, it unlocks and I can use my computer again. This happens every time I try to use the Search feature.

Marilyn

Midnight Star · Answer

Marilyn,

Ok, good work! That log is looking much better. Do you want Windows Media Players starting up in "invisible" mode? See this entry? This may, or may not be legit, based on the user.

HKLM\..\Run: [wmplayer] C:\Program Files\Windows Media Player\wmplayer.exe -invisible

Now let's do some cleanup...

1. Run " Disk Cleanup" and allow it to remove everything it finds.

2. Go to www.trendmicro.com and click " Free Online Scan", then " Scan now, it's free!". When it's downloaded, select all available drives, then check(tick) " Auto clean", then click " Scan".

3. Run AdAware SE Personal and " perform a full system scan", then Spybot S&D, and "Check for Problems". Let them both remove the residual 'problems' left that HiJackThis couldn't fix.

4. Disable, then re-enable system restore; with a reboot in-between. Then immediately create a new system point manually.

I'll be tied up for the new few days, so try reposting the "Search" feature problem in either this, or the software boards, and see if someone there can help? If not, just let me know and i'll see if I can help you track down the problem.

-

Mike.

mme3924 · Answer

Mike,

I did as you suggested, all along the way, and the web control error message no longer appears at start up--hooray! Also, the various scans you directed me through discovered several bugs (including 4 Trojan viruses which Norton could not remove) and apparently removed them all. I'm not sure I followed your directions to "create a new system point manually" since I didn't fully understand the "manually" part, but I did disable my system restore, rebooted, then reset system restore to on.

I'll repost the start up-search- lock up problem later, as you suggest.

Thanks for your infinite patience and help with all of this!

Marilyn

Midnight Star · Answer

Marilyn, Your more than welcome! See here for more information on creating a new restore point. Mike.

Virus & Spyware

Was this post helpful?