Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

rellmac

13 Posts

891

November 4th, 2006 01:00

Hijack log & info re: it

My Dell is 2 years old, reformatted with DSL problems last March. IE has never worked correctly for some reason. Recently upgraded to the new one. Problems started 3 months ago with IM service - severe delays while typing and random crashing. IE closing randomly. In the past 2 weeks, I've had several virtual memory warnings pop up even after I've just rebooted, or hadn't surfed much. IE's are slow to open, slow to surf. No other computer in the house is experiencing problems so I'm assuming it's not a DSL problem. When I do reboot, it takes over ten minutes to get my windows up and running. The actual reboot is normal time, but to open an IE and have my Norton load is where the time is consumed. Surfing the net is practically impossible. Included is my hijack log. Hopefully I've included enough information. I was on another board recommended by a friend and have done several scans leading up to the hijack log to discount any known or visible viruses including Spybot, Windows Defender, Bitdefender, and Crapcleaner. Thanks in advance for any help. I'm at my wits end and if nothing else works, am considering another reformat which I really would rather avoid!

Logfile of HijackThis v1.99.1
Scan saved at 9:49:36 PM, on 11/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0006)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~2\NSCSRVCE.EXE
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SiteAdvisor\4144\SiteAdv.exe
C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn2\YTBSDK.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: CNavExtBho Class - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://www.aim.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110068282203
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-img/operations/symbizpr/xcontrol/SymDlBrg.cab
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

1972vet

3.3K Posts

November 6th, 2006 01:00

Please visit this site. Navigate to the file indicated below in Bold and upload the file for a free scan:

C:\PROGRAM FILES\Yahoo!\COMPANION\Installs\cpn2\ YTBSDK.exe

If you're unsure how to do that, follow the instructions below:

  2. Click in the "File" box at the top of the window to put the cursor there then click the Browse button next to it.
  3. In the File Upload window that opens, click the drop down arrow in the "Look in" box and select your Local Disk.
  4. Click the "Program Files" folder and click "Open".
  5. Scroll across until you locate the file YTBSDK.exe and click open.
  6. Now click the Send button. Please copy the "Results" to submit with your next reply.

  7. We need to disable your Microsoft Windows Defender Real-time Protection as it may interfere with this fix.
    • Open Microsoft Windows Defender. Click Start, Programs, Windows Defender
    • Click on Tools, General Settings
    • Under Real-time protection options, unselect the Turn on real-time protection check box
    • Click Save

    After the fix is complete it is very important that you enable Real-time Protection again.

    Please run HijackThis again and check the following:
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
    Although you may have some trust with the Aim.com site, putting ANYTHING in your trusted zone is equal to leaving your keys in the front door to your house, and going away on vacation. If you agree that is a bad idea, put a check in the box next to this one too:
    O15 - Trusted Zone: http://www.aim.com

    Close all windows now including this browser window. Leave only the HijackThis application window open. Now click Fix Checked.

    Reboot the computer to properly record the changes made to the disk.

    Please post a new log and advise how the computer is running now. Thanks!

rellmac

13 Posts

November 6th, 2006 04:00

Firstly, thank you so much for taking time to help me out. I appreciate it greatly!

-> Please visit this site. Navigate to the file indicated below in Bold and upload the file for a free scan:

C:\PROGRAM FILES\Yahoo!\COMPANION\Installs\cpn2\YTBSDK.exe



I found it and scanned, it came up clean.


->Please run HijackThis again and check the following:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
Although you may have some trust with the Aim.com site, putting ANYTHING in your trusted zone is equal to leaving your keys in the front door to your house, and going away on vacation. If you agree that is a bad idea, put a check in the box next to this one too:
O15 - Trusted Zone: http://www.aim.com

Thanks for letting me know. I know that came about during the last format but I don't remember the cirumstances but I won't do that again! Both were checked off on a new hijack log, and I'm pasting the new hijack log. After I rebooted, I still found IE ridiculously slow to load, although it did seem my reboot time re: my windows coming up was less time. I froze up while opening IE and had to close the first one, and open another one.

Logfile of HijackThis v1.99.1
Scan saved at 1:33:15 AM, on 11/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0006)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\hijackthis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~2\NSCSRVCE.EXE
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: CNavExtBho Class - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110068282203
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-img/operations/symbizpr/xcontrol/SymDlBrg.cab
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

1972vet

3.3K Posts

November 6th, 2006 12:00

The log looks clean. Is I.E. still not working properly? If so, let's try some maintenance functions and if I.E. is still causing heartburn, we should then try to repair it by reinstalling it from the .inf file.

Please do this first:

Click start-->My Computer
then right-click on your local C: drive and select Properties.

Click the Tools tab then click the Check Now... button.
Put a check in both boxes "Automatically fix file system errors" and
"Scan for and attempt recovery of bad sectors", then click the Start
button. Answer "Yes" to the pop up window that asks "Do you want to
schedule this disk check to occur the next time you restart the
computer?" Apply it and OK it, then close everything down and reboot
the system.

Allow the scans to complete. Upon completion the computer will reboot

on it's own. When the computer comes back up, please do the following:

Copy the text below, between the lines, to Notepad and save it to your Desktop as "Cleantempfiles.bat" but without those quote marks.
---------------------------------------------------------
del c:\*.tmp
del %temp%\*.tmp /f
del %windir%\prefetch\*.*
del %windir%\temp\*.* /f
del C:\documents and settings\*\local settings\temp\*.* /f
----------------------------------------------------------
Now double click on the .bat file on your Desktop and answer "Yes" to each question to allow the batch to run. When finished the command prompt window will disappear. Reboot at this point and delete the .bat file on your Desktop.

Next, click start-->Choose Run in the Start Menu and type or copy and paste the following in the Run box and press ENTER:
cleanmgr /sageset:1

What you're doing here is setting up a cleaning profile for Disk Cleanup to use later on. When you type the above, a dialog box will appear with a list of junk file types that you can select for removal. You'll notice, you have more options to choose from here than you would if you were to just open up your cleanmgr from the "All Programs-->Accessories-->Tools" menu. Select which options you want to clean up by putting a check mark in each one but Do not put a check in the box for "Compress old files".
- Click OK after making your choices.

Now, copy the text below (between the lines) to Notepad and save it to your Desktop as "CleanUpandDefrag.bat" but again, without those quote marks:
--------------------
@echo off
cleanmgr /sageset:1
cleanmgr /sagerun:1
defrag c:
@exit
--------------------

Now, double click on the .bat file on your Desktop and click "OK".
When the clean up and defrag complete, reboot your computer. You can save that .bat file and double click on it about once a week to run your automated clean up and defrag with one click so-to-speak.

Post back and let us know how the computer is now behaving and if you are still having any more issues with I.E.

Thanks!

1972vet

3.3K Posts

November 6th, 2006 21:00

If you typed in what you said you had typed here:
"cleanmgr/sageset:1"

...then windows would not find that. It's typed wrong. Please copy and paste from my instruction instead. The error you made was in not including a space between the "cleanmgr" and the "/" it appears.

If you copy and paste from my instruction, you will not get the error. Please try that and post back your results. Thanks!

rellmac

13 Posts

November 6th, 2006 21:00

-> Allow the scans to complete. Upon completion the computer will reboot


I did this step, let the scans run then proceeded to the next step with the notepad - cleantempfiles . bat. Rebooted, deleted file, and went to the start menu to paste the cleanmgr/sageset:1 but when I hit enter, I got a pop up window that said:

Windows cannt find 'cleanmgr/sageset:1'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.


I stopped there to see if how you want me to proceed. I wasn't sure if this was a searchable item or what. Sadly I don't always understand the PC lingo. I'm learning though.

Thanks again. I'm just going to hold until I hear back from you.

rellmac

13 Posts

November 6th, 2006 22:00

I'm so sorry! I clipped the second time, got it to run. Did all you asked, and rebooted.

Comp rebooted quickly, got to my Windows which is where it slowed down considerably when Norton was doing it's status check. Opened IE once Norton was finally done and it opened faster than before. It was a little under 2 minutes from when I clicked IE to when I saw it connect to Yahoo.com. When it loaded, my toolbar doubled and the bottom of my browser doubled before it cleared up and loaded fully. I'm not sure if that's a IE glitch or if it's my computer acting up. Once the IE is up, it's surfing quickly once more. I'm pleasantly shocked and very, very grateful to you for all your help! Should I worry about the doubling of the IE when it loads or be concerned with the hesitation still with how long my windows loads?

I kept the cleanupanddefrag file for use once a week. Thank you so much again!

1972vet

3.3K Posts

November 6th, 2006 23:00

I'm not clear on what it is you are trying to tell me regarding your Internet Explorer...please explain in greater detail what you mean when you say:
Quote:
my toolbar doubled and the bottom of my browser doubled before it cleared up and loaded fully


I do know that waiting two or more minutes for your Internet Explorer to open is NOT right. Especially for DSL...I have DSL and when I open Internet Explorer, it takes 3 seconds to load the home page.

Happy that you've noticed some improvement but we have more work to do.

I think you have a pretty good set up but I should mention that home users need to remember that these 4 things are a must:

1) Antivirus software
2) Antispyware/adware software
3) Antitrojan software
4) Firewall (Third Party)

From your log, I see three of those but you're lacking the antitrojan software. Your Norton antivirus might find a few trojans but for the most part, it's defenseless against most trojans today.

Symantec offers a good product for the corporate world but I never recommend anything they sell for home users these days. Not since Norton 2002 have I had any faith in the product for home users...and not because I think it's no good. On the contrary, it's very good but also very user unfriendly and very very bloated (these days).

For that reason, your system slowing down "considerably" as you put it, is due to the Symantec product running at start up. It would be your preference but If you wanted to remove it for one of the free applications that are available on the public domain, just let me know and I will recommend some that you can use.

Let's get to the free trojan scanning software that you can use. Below is a download link for the free AVG Anti-Spyware application. This is the old Ewido anti-trojan application just renamed. Grisoft, the parent company of AVG, purchased the Ewido software in the recent past and made some changes...the name as well.

Download and scan with AVG Anti-Spyware v7.5
( This is Ewido 4.0 renamed. If you already have Ewido installed, please update to this version which has a special "clean driver" for removing persistent malware)
  • After download, double click on the file to launch the install process.
  • Choose a language, click "OK" and then click "Next".
  • Read the "License Agreement" and click "I Agree".
  • Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install".
  • After setup completes, click "Finish" to start the program automatically or launch AVG Anti-Spyware by double-clicking its icon on your desktop or in the system tray.
  • The main "Status" menu will appear. Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates'.
  • Then right click on AVG Anti-Spyware in the system tray and uncheck "Start with Windows".
Go to Start > Run and type: services.msc
  • Press "OK".
  • Click the "Extended tab" and scroll down the list to find AVG Anti-Spyware guard.
  • When you find the guard service, double-click on it.
  • In the Properties Window > General Tab that opens, click the "Stop" button.
  • From the drop-down menu next to "Startup Type", click on "Manual".
  • Now click "Apply", then "OK" and close the Services window.
  • Select the "Update" button and click "Start update". Wait until you see the "Update succesfull message. If you are having problems with the updater, manually update with the AVG Anti-Spyware Full database installer from here.

Once the updates are installed do the following:
Click on the " Scanner" button and choose the " Settings" tab.
  • Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
  • Under "How to Scan?" check all (default).
  • Under "Possibly unwanted software" check all (default).
  • Under "What to Scan?" make sure "Scan every file" is selected (default).
  • Under "Reports" select "Automatically generate report after every scan" and UNcheck "Only if threats were found".

Close the application and reboot the computer into Safe mode. Once in safe mode continue with the instructions below:

Open the AVG Anti-Spyware application and click the " Scan" tab.
Click " Complete System Scan" to start.

Note: Close all open windows, programs, and DO NOT USE the computer while AVG Anti-Spyware is scanning. If Explorer or other programs are open during the scan that means certain files will also be in use. Some malware will insert itself and hide in areas that are "protected" by Windows when the files are being used. This can hamper AVG Anti-Spyware's ability to clean properly and may result in reinfection.

Note: If AVG Anti-Spyware "crashes" or "hangs" during the scan, try scanning again by doing this:
  • Scan one sector of the system at a time by using the "Custom Scan" feature. To do this select Scanner > Custom Scan and click on Add drive/directory/file. Browse to C:\Windows > System, add this folder to the list and click on "Start Scan". When the scan is complete, repeat the Custom Scan but this time, browse to and add the System32 folder. Then keep repeating this procedure until all your folders have been scanned. Make sure you include the Documents & Settings folder.
  • If this still does not help, then turn the ADS scanner off while making a Custom Scan. To do this select Scanner > Scan Settings and untick "Scan in NTFS Alternate Data Streams". Then repeat the steps above for performing a Custom Scan.
When the scan has finished you will be presented with a list of infected objects found. Click " Apply all actions" to place the files in Quarantine.

IMPORTANT! Do not save the report before you have clicked the Apply all actions button. If you do, the log that is created will indicate " No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button?

Click on " Save Report" to view all completed scans. Click on the most recent scan you just performed and select " Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816.txt. Save to your desktop. A copy of each report will also be saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\

Exit AVG Anti-Spyware when done and reboot back to your normal user mode. Don't forget to submit the log report in your next response.

1972vet

3.3K Posts

November 7th, 2006 15:00

Please select and download one of these free Firewall applications:
ZoneAlarm Free Version
Outpost Free
Kerio
DO NOT INSTALL IT YET

Please select and download One of these free antivirus applications:
AVG Free for Windows
AntiVir Personal Edition Classic
Avast! 4 Home Edition
DO NOT INSTALL IT YET EITHER.

OK, next we want to remove Symantec entirely from your system using their removal tool.

When the tool completes it's function, the computer needs a reboot. When the system comes back up, DO NOT CONNECT TO THE INTERNET just yet.

Next, install the Firewall that you downloaded from above. Reboot upon successful completion of the installation.
When the system comes back up, install the antivirus application you downloaded from above. Connect to the internet when prompted to update.
Allow the application to complete the update then manually run the updater again and again until you find no more updates. Reboot again.

When the system comes back up, first check one more time for updates. If you find no more updates, then boot into safe mode again and run another complete system scan using your new antivirus application.

When completed, boot back to your normal user mode.

Now...to address the I.E. issue once again. If you want to try this, you might like the results. Just uninstall the Yahoo toolbar from add/remove programs and reboot. Open I.E. and see if you like the results. If not, you can always download the toolbar again...it's free. If so, post back and let us know if you have anymore issues. Thanks!

rellmac

13 Posts

November 7th, 2006 15:00

-> It would be your preference but If you wanted to remove it for one of the free applications that are available on the public domain, just let me know and I will recommend some that you can use.


That would be great. I'm with Norton out of habit, not because I love it. I find it slows everything down and I don't doubt it's capability, but I'd love to be pointed in a better direction.


-> Don't forget to submit the log report in your next response.

Here's the report:


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:41:01 AM 11/7/2006

+ Scan result:



C:\Documents and Settings\rellmac\Cookies\rellmac@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\rellmac\Cookies\rellmac@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.


::Report end



As for the problem with the IE, the best way I can describe it is when I click the icon, it loads and says "connecting", about 20 seconds later, my toolbar up top actually duplicates itself before yahoo.com comes up (my homepage) then eventually disappears when IE fully loads. The load time this time was down to about 90 seconds. Thanks!

rellmac

13 Posts

November 8th, 2006 11:00

I chose Zone Alarm and AVG. I deleted the yahoo toolbar which took care of the doubling problem I was experiencing. Unfortunately, I'm still having random delays and lags when opening it ranging from 60-90 seconds. I can deal with it, but it's just frustrating trying to understand why this problem is happening.

Should I try a different browser maybe, or is IE just the best one to stick with? It seems like anything I attempt to open is fairly slow to open. I tried to bring up crapcleaner and it took a bit to open as well.

Thank you for the information on the Zone and AVG. My windows boot up time has been cut in half at least! What a difference.

1972vet

3.3K Posts

November 8th, 2006 17:00

Did AVG scan produce any malware for you? Did you not want to post the log?

I.E. is not the best browser. We recommend installing Mozilla Firefox
Download the version 2 and to keep things simple for you, just don't elect to name it as your primary browser as that will interfer with your Windows Automatic Updates not working for you without your intervention. Just use your FireFox browser for surfing the web. It's much safer and more secure than I.E.

Please post your results and let us know if things are still running slow. Just because the HijackThis scan doesn't show any problems running doesn't mean you have none. There are malware that HijackThis can't see. Try the FF browser first to see if surfing is any better. Then try your other applications while you are offline to see if things still run a bit slow. We may want to try scanning with other applications that take a deeper look at things.

rellmac

13 Posts

November 9th, 2006 00:00

The AVG scan was clean. I'm sorry, it was late and I just checked to be sure it didn't find anything, then I closed it down.

I installed Firefox 2, and it took about a minute to load up. Should I delete IE or keep it and just not use it? Also, you mentioned not making it my primary browser. Is that an option somewhere that I would have to manually check or will it prompt me at some point? I just want to be clear I don't accidentally make Firefox my primary browser.

Surfing is pretty quick, so I'm pleased with that. My other applications are still slow to initialize though. I'm not sure where else to look for malware or what's wrong.

1972vet

3.3K Posts

November 9th, 2006 10:00

When you installed FireFox, you should have received the option to make FireFox your primary browser. You can check that just by opening Internet Explorer. If you made FireFox your primary browser, then when you open Internet Explorer, you should get a message similar to: "Internet Explorer is not your primary browser. Would you like to make it your primary browser? Yes No"...

You'll need I.E. to download and install the Windows Updates. If you leave I.E. as your primary browser, your automatic updates will still download for you automatically.

I'd like you to scan with a few more apps. then an on line scan to make sure nothing else is hiding on your system.

Please download Ad-Aware SE Personal Edition 1.06 and install it. If you already have version 1.06, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.

1) Run Ad-Aware, and click Check for updates now.

2) Select Configurations (click the Gear wheel at the top) as follows:
  • General Button > Safety & Settings: Check (Green) all three.
  • Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules before deletion".
Click Proceed.
3) To start the scan, Click > "Scan Now" at left
  • Deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat.
  • Select "Search for low-risk threats"
  • Select "Perform full system scan"
  • Click Next
4) When the scan has completed, select Next.
  • In the Scanning Results window, select the "Critical Objects" tab.
  • Right-click on the screen and choose "Select all objects"
  • Click Next to remove the infections found, and click OK to the prompt.
  • Restart the computer.

Next, please download "Spybot search and destroy"

After installation, Go to Start > Programs >Spybot - Search & Destroy and when the program opens, click on the mode tab at the top left of the application window and select "advanced". Then click on Tools. In the menu on the left hand side you will see Resident, click there then in the right pane under "resident protection status" put a check mark in the box next to "resident SD helper (Internet explorer bad download blocker).
Close ALL windows except Spybot S&D.

Click the button to Search for Updates and download and install the Updates. When the updates complete, please click "immunize" from the menu on the left. Then in the right pane click the +immunize button.
Next click the "Search and Destroy" button from the left pane menu then click the "check for Problems" button in the right pane.
Spybot will now scan your computer and display in the "problem" window any bad programs it finds. When the scan completes, it may show red, black, and green entries. Please put a check mark next to all the RED entries and click "fix selected problems". When finished, close the application.

Please perform this online scan: F-Secure Online Scanner Next Generation Beta
1. Click on the link " F-Secure Online Scanner Next Generation Beta".
2. You may receive an alert on the address bar at this point to install the ActiveX control.
3. Click on that alert and then Click Insall ActiveX component.
4. Read the license agreement and click " Accept".
5.Click " Custom Scan" and be sure the following are checked:
  • Scan whole System
  • Scan all files
  • Scan whole system for rootkits
  • Scan whole system for spyware
  • Scan inside archives
  • Use advanced heuristics
6. When the scan completes, click the " I want to decide item by item" button.
7. For each item found, Select " Disinfect" and click " Next".
8. When done, click the " Show Report" button, then copy and paste the entire report into your next reply along with a fresh HijackThis log. Thanks!

rellmac

13 Posts

November 10th, 2006 03:00

I already had Ad-Aware and dl'd the updates, ran the scan. There wasn't even a "next" to press to find infections, nothing showed up. Clean log.
 
Spybot showed the same object it always does which I researched before and was told (not sure if it was correct or not) that it was nothing to be concerned about. It's the Microsoft Windows Security Center_disabled.
 
The online scan error'd me three times with "An error has occured! Please close the scanner and your browser, then try again. (id: 24)" So I clicked ok, shut down scanner and browser, reopened IE, not firefox since it warned me only IE was compatible, and tried again with no luck. Repeated three times, same results. Randomly, when I try to close the scanner, another install this software box pops up for FS. OLS-3.0 (it's already popped up once in the beginning and been dl'd) so I click "don't install" and this message pops up: "Insufficient rights to use Active X control! Please check your user rights and IE security settings"
 
I didn't do a hijack this yet until I can get that other scan to run. I went into internet settings but chickened out to change anything without talking to you first. I don't want to undo anything you've done. Thank you.
 
 

1972vet

3.3K Posts

November 10th, 2006 03:00

Did you have Ad-Aware configured the way I had instructed? Spybot likewise?

Let's try this on line scan (hint...the online scanners will almost always require Internet Explorer to run):
Please visit BitDefender Free Online Virus and Malware Scan
  • Click on I Agree.
  • An ActiveX warning box will appear, click on Install.
  • Under Select What You Want To Check For Viruses.
  • Please Check My Computer and Click Ok
  • Now Click On Click Here To Scan
  • Next, Click on Click here to export the scan report
  • Save it to your Desktop.
  • In your next reply, please include the Bitdefender log and a fresh Hijackthis log.

Was this post helpful?

View All

No Events found!

Top