Stopping a daily download... How?

14 years ago

I'm running Windows XP Media Center I used to have the tv hooked up to this but have since gotten rid of that since I dont sit here and watch tv.

My problem is - every morning the computer starts downloading the Program Guide Data (I presume this is the TV Guide) and it literally freezes my computer up until it's complete, which takes a long time to finish. It used to be quick but now it sounds like it's getting stuck and I hear whirling and whirling and then after about 15 minutes, it's finally complete.

Finally onto my question.

Is there any way to stop this download each day?

Even if I right click on the little icon as it's downloading and I select "stop download and disconnect", it continues to download it freezing up this computer and I cant do anything until it's complete.

Thanks for your help!

Sort by:Oldest

Comments (56)

zep516
14 years ago
last modified: 9 years ago
Click the "executable"
shaun
Original Author
14 years ago
last modified: 9 years ago
Ok, be right back.
Related Discussions
OT How do you get those iVIllage videos to stop
Q
Comments (6)
Check the tomato forum. There was a discussion over there and someone listed how to get rid of the ads. I can't remember the exact post but I'll try to find it. It worked for me!! Found it- Try this: I don't know if there's some additional mozilla thing that will get rid of the ads you're still getting, but this will block them: (copied from another thread here) "The Universal Solution: (if you have a PC) This will work on Windows systems for all browsers; IE, FireFox and Netscape. The Windows operating system provides a system-level method to block specific IP addresses before they even get to the browser. To effect this solution you need to edit a Windows system file called "HOSTS". This file is located in the directory: Windows XP: C:\WINDOWS\SYSTEM32\DRIVERS\ETC Windows 2K: C:\WINNT\SYSTEM32\DRIVERS\ETC Windows 98: C:\WINDOWS Open the file in Notepad. Cut the following from this post and paste it to the end of the file. 127.0.0.1 amch.questionmarket.com 127.0.0.1 a820.g.akamai.net 127.0.0.1 iv.doubleclick.net 127.0.0.1 i.ivillage.com 127.0.0.1 m.2mdn.net 127.0.0.1 tste.ivillage.com 127.0.0.1 img-cdn.mediaplex.com 127.0.0.1 ads.vmirror.com 127.0.0.1 cmhtml.ivillage.overture.com 127.0.0.1 ads.pointroll.com 127.0.0.1 xml.ivillage.overture.com 127.0.0.1 cmls.overture.com 127.0.0.1 cm.ivillage.overture.com Close and re-open your browser and all the ads will be gone. Unfortunately, iVillage may in the future buy ads from a new source. In this event the new ad source will have to be added to the list. " o
...See More
How do I stop Firefox
Q
Comments (9)
I had similar issues with FF updating automatically and then not working and causing problems. I went back to an older version per instructions I found here and it works great now. My observation these days, there are so many programs that have an automatic update (Windows, Adobe, FF, security software and so on) that they can cause frustrations too. Nothing worse than working on something and have the computer bogged down suddenly with checking for and or downloading updates automatically. This might not work for everyone but for me, I've found that using the option most programs have of "Notify me of updates but do not download" will give me the reminder I need and when I'm finished a particular task, let the download begin and go take a break.
...See More
How to stop slow load
Q
Comments (7)
Do a general cleanup. To clean out unwanted files. Start - Control Panel - Internet Options open - Delete cookies, Delete files (select all off-line content) - Click OK to Exit. Then go to Start - Run - Enter %temp% - Click OK - Click Edit - Click Select All - Delete. Start - Run-Type - C:\windows\temp - OK - and select everything except temporary internet files, cookies and history folders and delete them. Then Restart your computer. The above does the same as CCleaner. Then use the Defragmenter. Start - All Programs - Accessories - System Tools - Defragmenter - Analyze and Defragment Microsoft has a Malicious Software Removal Tool (KB890830) Microsoft Download Center Download and use Ad-Aware Ad-Aware
...See More
How do i stop the cat from jumping on to me?
Q
Comments (6)
Your post sounds similar to one I made almost 2 years ago. I'll see if I can find it and post a link. We came to the conclusion that our cat is part siamese, and that is not uncommon in their nature. My guy has never had much luck landing on my shoulders, he just scales my back. By the time I made my post, my back was a mass of scratches and I was at my wits end. I can tell you what worked for me was to do my best to set him up for success. I came to know when he was most likely to jump me and actively avoided those situations. For example, he would invariably jump me when I was leaning over the bathroom sink washing my hair. Since the vanity area is not in the water closet, but more in the bedroom, there was no door to shut on the bathroom-- so if I was going to wash my hair, I would just close off the master bedroom and make sure he wasn't in there. At the work table where he liked to jump me, I changed my position so it was harder for him to get behind me and jump me- he rarely jumped me from the front. Time outs worked well when he seemed like he was so wound up and could not control himself. I would pick him up and gently deposit him in the master bedroom, where he had everything he needed except attention. Close off the door and leave him there for 15-20 minutes. Generally when he came out he was fine, but sometimes he was still keyed up and needed another round of time out. I think age has mellowed him too. He is 2 years old now and much better. He rarely tries to jump me. Knock on wood, it has been quite a while since he did that, but I still don't trust him fully. He also seems to like to be up high. He has a ceiling height cat tree in the family room, but could not get up into a high location in the livingroom, where we often spend our time. I have a set up for him there now where he can climb up towers of rubbermaid tubs (ugly, but not for the long term- I hope) and get on top of the entertainment center. He did seem like he got better behaved about jumping on me when we gave him more and more vertical spaces to climb. Good luck to you, I know how frustrating it is to have a jumper. Out of curiosity, does he only jump you? Or everyone in the house? Our guy only had it in for me. Here is a link that might be useful: How do I train this cat?
...See More
shaun
Original Author
14 years ago
last modified: 9 years ago
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:54:50 PM, on 10/14/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\Explorer.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
C:\WINNT\ehome\ehtray.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINNT\ehome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINNT\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\AOL\1100784346\EE\anotify.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINNT\system32\SPOOL\DRIVERS\W32X86\3\LXBRPSWX.EXE
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\AOL 9.1\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: AOL Toolbar BHO - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTBPos00 - (FCBCCB87-9224-4B8D-B117-F56D924BEB18) - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O2 - BHO: SingleInstance Class - (FDAD4DA1-61A2-4FD8-9C17-86F7AC245081) - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - (BA52B914-B692-46c4-B683-905236F6F655) - (no file)
O3 - Toolbar: AOL Toolbar - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Fast Browser Search - (1BB22D38-A411-4B13-A746-C2A4F4EC7344) - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Gateway Extended Warranty] "C:\Program Files\Gateway\GWCares\GWCares.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINNT\ehome\ehtray.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Administrator\Application Data\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - (no file)
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: (01113300-3E00-11D2-8470-0060089874ED) (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cab
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: (1663ed61-23eb-11d2-b92f-008048fdd814) (MeadCo ScriptX Advanced) - https://eagent.farmersinsurance.com/PLA/eAgent/eAuto/commonActiveX/smsx.cab
O16 - DPF: (2E12FB00-546B-4EE3-9CC2-057BF02E1C17) (Webshots Multiple Media Uploader - Container) - http://community.webshots.com/html/atx/wsaxcontrol.cab
O16 - DPF: (37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40) (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: (4871A87A-BFDD-4106-8153-FFDE2BAC2967) (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
O16 - DPF: (4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: (4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21) -
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1196340022703
O16 - DPF: (8100D56A-5661-482C-BEE8-AFECE305D968) (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: (9522B3FB-7A2B-4646-8AF6-36E7F593073C) (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
O16 - DPF: (9600F64D-755F-11D4-A47F-0001023E6D5A) (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: (9F6D8A59-DD92-499D-944A-38FDB2CE46FF) (Napster download control v2.0) - http://sms.napster.com/client/plugin/npdownload.cab
O16 - DPF: (9FC5238F-12C4-454F-B1B5-74599A21DE47) (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: (B49C4597-8721-4789-9250-315DFBD9F525) (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: (BCC0FF27-31D9-4614-A68E-C18E1ADA4389) - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer Class) - https://kupainc.webex.com/client/v_mywebex-t20/webex/ieatgpc.cab
O18 - Protocol: intu-help-qb1 - (9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3) - C:\Program Files\Intuit\QuickBooks 2005\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - (FC598A64-626C-4447-85B8-53150405FD57) - mscoree.dll (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINNT\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

--
End of file - 14312 bytes
zep516
14 years ago
last modified: 9 years ago
Hi,

Do this next please,

Double click the hijackthis Icon on the Desktop, Scroll down to Open the Misc Tools section" Click it at the bottom under System tools click "Open Uninstall Manager" over to the right click "Save List"Save it to your Desktop so you may find it, copy and paste it in your next reply..
shaun
Original Author
14 years ago
last modified: 9 years ago
zep, when I downloaded hijackthis, it never gave me the option to save it to my desktop....I just ran it from my screen. So, knowing this, where do I go to find the Misc Tools Section? If I go thru that link you gave me above, will it be there somewhere?
Thanks.
zep516
14 years ago
last modified: 9 years ago
C:\Documents and Settings\Administrator\MyDocuments\Downloads\HijackThis.exe

That's where it is above.

This is where we need it below:

C:\Program Files \Trend Micro\HijackThis\HijackThis.exe

This is somewhat my fault can you go back to the link and download the installer instead of the executable. It will automatically put in in programs files folder and create an icon.
zep516
14 years ago
last modified: 9 years ago
You have a lot of programs running at start up! 04's

I do not see a program that could cause an issue you are describing.

Do you have any idea what the name of the program is? Does the Icon indicate a name?

What other options do you get when you right click that Icon?
graylight
14 years ago
last modified: 9 years ago
I don't know if this would help but I noticed that you were running as an administrator. You could try creating a new user account and naming that new account an administrator and make your current account into a limited account. That way you could keep your desktop and files but be a limited user instead of an administrator. I don't know if this would cut down on all the programs running but it's your call.
shaun
Original Author
14 years ago
last modified: 9 years ago
I'll have to see what other options come up when I right click on that icon tomorrow. It's on the bottom, right side and it only comes up when it's downloading the program guide data...other than that time, I never see it.

graylight thanks for that link.

I'll be back tomorrow...
shaun
Original Author
14 years ago
last modified: 9 years ago
Well the blasted thing never came up this morning. I've been sitting here waiting on it! hahaha! Figures, huh?

Maybe in all my clicking around and unchecking boxes in the start up menu I turned it off.

Hey thanks for the help - you all are always so helpful. I appreciate that.
zep516
14 years ago
last modified: 9 years ago
Hi,

You really need to turn some of these off from starting up. So using hijackthis. Open hijackthis only have hijackthis open no other programs. Do a System Scan ONLY. Place a check mark in the following entries:

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" osboot

O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" Run

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [Gateway Extended Warranty] "C:\Program Files\Gateway\GWCares\GWCares.exe"

O4 - HKLM\..\Run: [ehTray] C:\WINNT\ehome\ehtray.exe

04 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

04 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

NOW Click fix checked at the bottom.

Close Hijackthis.

Reboot the computer.

Empty the recycle bin.

Post a fresh log.

We are not removing anything only stopping programs from starting up with windows and running in the background. Your computer will run somewhat better after doing this.
Zep516.
shaun
Original Author
14 years ago
last modified: 9 years ago
Ok - I'm going to start all over again here.

I'm having another issue now.

I got a message that there was an update from Microsoft. I tried to download the update and it failed. I tried again and it keeps failing.

So I thought back to what I've done different and it was the highjackthis. So I went into the control panel and removed that.

So maybe I should start from scratch, downloading the installer instead of the exe. Then do what you've said to do above.

I'm working right now - need the computer up and running so I can't restart it takes forever and a day. I'll do this tonight and post back probably tomorrow. Thanks Zep.
owbist
14 years ago
last modified: 9 years ago
Hijackthis should have no adverse affect on MS downloads. However removing it for peace of mind is not a bad thing.

What was the error message from MS when you attempted to updated?
zep516
14 years ago
last modified: 9 years ago
The computer takes forever to start because your loading about 27 unnecessary programs at start up. Then there is the awful bloated McAfee Anti Virus program can it get any bigger? it looks like a McAfee server on there.

Please as you said reinstall hijackthis using the installer. Hijackthis must be in this location:

C:\Program Files \Trend Micro\HijackThis\HijackThis.exe

The installer download should put it there. Do not remove (any entries) until hijackthis is in that location. I will check the location. So you will need to post a fresh log please. Then we will proceed to remove the 04 entries that are slowing the computer down...
shaun
Original Author
14 years ago
last modified: 9 years ago
Ok I'm back - finally. I really do appreciate the help.

I have uninstalled IE8 and it reverted back to IE7. Things are moving along a lot more quicker now.

Zep yes I run McAfee Anti Virus - I get it free thru AOL. That is the only virus protection I run on this.

I am going to go install the highjack this now and post a log.

I hope you're out there!
shaun
Original Author
14 years ago
last modified: 9 years ago
Ok, here is the log after I ran the scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:52:56 PM, on 10/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\Explorer.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
C:\WINNT\ehome\ehtray.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\WINNT\ehome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINNT\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\AOL 9.1\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R3 - URLSearchHook: Yahoo! Toolbar - "EF99BD32-C1FB-11D2-892F-0090271D4F88> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - "02478D38-C3F9-4efb-9B51-7695ECA05670> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - "06849E9F-C8D7-4D59-B87D-784B7D6BE0B3> - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - "3049C3E9-B461-4BC5-8870-4C09146192CA> - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: AOL Toolbar BHO - "7C554162-8CB7-45A4-B8F4-8EA1C75885F9> - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: scriptproxy - "7DB2D5A0-7241-4E79-B68D-6309F01C5231> - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - "DBC80044-A445-435b-BC74-9C25C1C588A9> - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - "E7E6F031-17CE-4C07-BC86-EABFE594F69C> - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTBPos00 - "FCBCCB87-9224-4B8D-B117-F56D924BEB18> - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O2 - BHO: SingleInstance Class - "FDAD4DA1-61A2-4FD8-9C17-86F7AC245081> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - "BA52B914-B692-46c4-B683-905236F6F655> - (no file)
O3 - Toolbar: AOL Toolbar - "DE9C389F-3316-41A7-809B-AA305ED9D922> - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Fast Browser Search - "1BB22D38-A411-4B13-A746-C2A4F4EC7344> - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - "EF99BD32-C1FB-11D2-892F-0090271D4F88> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Gateway Extended Warranty] "C:\Program Files\Gateway\GWCares\GWCares.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINNT\ehome\ehtray.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Administrator\Application Data\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - "CD67F990-D8E9-11d2-98FE-00C0F0318AFE> - (no file)
O9 - Extra button: (no name) - "e2e2dd38-d088-4134-82b7-f2ba38496583> - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - "e2e2dd38-d088-4134-82b7-f2ba38496583> - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - "FB5F1910-F110-11d2-BB9E-00C04F795683> - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - "FB5F1910-F110-11d2-BB9E-00C04F795683> - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: "01113300-3E00-11D2-8470-0060089874ED> (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cab
O16 - DPF: "0742B9EF-8C83-41CA-BFBA-830A59E23533> (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
O16 - DPF: "0CCA191D-13A6-4E29-B746-314DEE697D83> (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: "1663ed61-23eb-11d2-b92f-008048fdd814> (MeadCo ScriptX Advanced) - https://eagent.farmersinsurance.com/PLA/eAgent/eAuto/commonActiveX/smsx.cab
O16 - DPF: "2E12FB00-546B-4EE3-9CC2-057BF02E1C17> (Webshots Multiple Media Uploader - Container) - http://community.webshots.com/html/atx/wsaxcontrol.cab
O16 - DPF: "37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40> (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: "406B5949-7190-4245-91A9-30A17DE16AD0> (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: "4871A87A-BFDD-4106-8153-FFDE2BAC2967> (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
O16 - DPF: "4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B> - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: "4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21> -
O16 - DPF: "6E32070A-766D-4EE6-879C-DC1FA91D2FC3> (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1196340022703
O16 - DPF: "8100D56A-5661-482C-BEE8-AFECE305D968> (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: "9522B3FB-7A2B-4646-8AF6-36E7F593073C> (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
O16 - DPF: "9600F64D-755F-11D4-A47F-0001023E6D5A> (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: "9F6D8A59-DD92-499D-944A-38FDB2CE46FF> (Napster download control v2.0) - http://sms.napster.com/client/plugin/npdownload.cab
O16 - DPF: "9FC5238F-12C4-454F-B1B5-74599A21DE47> (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: "B49C4597-8721-4789-9250-315DFBD9F525> (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: "BCC0FF27-31D9-4614-A68E-C18E1ADA4389> - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
O16 - DPF: "D27CDB6E-AE6D-11CF-96B8-444553540000> (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: "E06E2E99-0AA1-11D4-ABA6-0060082AA75C> (GpcContainer Class) - https://kupainc.webex.com/client/v_mywebex-t20/webex/ieatgpc.cab
O18 - Protocol: intu-help-qb1 - "9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3> - C:\Program Files\Intuit\QuickBooks 2005\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - "FC598A64-626C-4447-85B8-53150405FD57> - mscoree.dll (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINNT\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

--
End of file - 14146 bytes

What next?
shaun
Original Author
14 years ago
last modified: 9 years ago
obwist it just said the download failed.
zep516
14 years ago
last modified: 9 years ago
Hi,

Double click hijackthis Icon on the desktop. Only have hijackthis open no other programs. Do a SYSTEM SCAN ONLY, once the scan opens, Place a check mark in the following entries:

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" osboot

O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" Run

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [Gateway Extended Warranty] "C:\Program Files\Gateway\GWCares\GWCares.exe"

O4 - HKLM\..\Run: [ehTray] C:\WINNT\ehome\ehtray.exe

04 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

04 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

NOW Click fix checked at the bottom.

Close Hijackthis.

Reboot the computer.

Empty the recycle bin.

Post a fresh log.

We are not removing anything only stopping programs from starting up with windows and running in the background. Your computer will run somewhat better after doing this.

Zep516.
owbist
14 years ago
last modified: 9 years ago
it just said the download failed

That has happened to me too. Just try again and it should be good. That might have been a bad connection or the server may have been busy, does not mean anything is wrong necessarily.
shaun
Original Author
14 years ago
last modified: 9 years ago
Okay Zep - here is the new log after I checked off the programs you said to........ but ........ one of them wasnt listed: O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" Run

Here is the new log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24:24 PM, on 10/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\Explorer.EXE
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINNT\ehome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINNT\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R3 - URLSearchHook: Yahoo! Toolbar - "EF99BD32-C1FB-11D2-892F-0090271D4F88> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - "02478D38-C3F9-4efb-9B51-7695ECA05670> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - "06849E9F-C8D7-4D59-B87D-784B7D6BE0B3> - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - "3049C3E9-B461-4BC5-8870-4C09146192CA> - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: AOL Toolbar BHO - "7C554162-8CB7-45A4-B8F4-8EA1C75885F9> - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: scriptproxy - "7DB2D5A0-7241-4E79-B68D-6309F01C5231> - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - "DBC80044-A445-435b-BC74-9C25C1C588A9> - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - "E7E6F031-17CE-4C07-BC86-EABFE594F69C> - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTBPos00 - "FCBCCB87-9224-4B8D-B117-F56D924BEB18> - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O2 - BHO: SingleInstance Class - "FDAD4DA1-61A2-4FD8-9C17-86F7AC245081> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - "BA52B914-B692-46c4-B683-905236F6F655> - (no file)
O3 - Toolbar: AOL Toolbar - "DE9C389F-3316-41A7-809B-AA305ED9D922> - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Fast Browser Search - "1BB22D38-A411-4B13-A746-C2A4F4EC7344> - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - "EF99BD32-C1FB-11D2-892F-0090271D4F88> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Administrator\Application Data\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - "CD67F990-D8E9-11d2-98FE-00C0F0318AFE> - (no file)
O9 - Extra button: (no name) - "e2e2dd38-d088-4134-82b7-f2ba38496583> - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - "e2e2dd38-d088-4134-82b7-f2ba38496583> - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - "FB5F1910-F110-11d2-BB9E-00C04F795683> - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - "FB5F1910-F110-11d2-BB9E-00C04F795683> - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: "01113300-3E00-11D2-8470-0060089874ED> (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cab
O16 - DPF: "0742B9EF-8C83-41CA-BFBA-830A59E23533> (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
O16 - DPF: "0CCA191D-13A6-4E29-B746-314DEE697D83> (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: "1663ed61-23eb-11d2-b92f-008048fdd814> (MeadCo ScriptX Advanced) - https://eagent.farmersinsurance.com/PLA/eAgent/eAuto/commonActiveX/smsx.cab
O16 - DPF: "2E12FB00-546B-4EE3-9CC2-057BF02E1C17> (Webshots Multiple Media Uploader - Container) - http://community.webshots.com/html/atx/wsaxcontrol.cab
O16 - DPF: "37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40> (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: "406B5949-7190-4245-91A9-30A17DE16AD0> (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: "4871A87A-BFDD-4106-8153-FFDE2BAC2967> (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
O16 - DPF: "4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B> - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: "4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21> -
O16 - DPF: "6E32070A-766D-4EE6-879C-DC1FA91D2FC3> (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1196340022703
O16 - DPF: "8100D56A-5661-482C-BEE8-AFECE305D968> (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: "9522B3FB-7A2B-4646-8AF6-36E7F593073C> (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
O16 - DPF: "9600F64D-755F-11D4-A47F-0001023E6D5A> (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: "9F6D8A59-DD92-499D-944A-38FDB2CE46FF> (Napster download control v2.0) - http://sms.napster.com/client/plugin/npdownload.cab
O16 - DPF: "9FC5238F-12C4-454F-B1B5-74599A21DE47> (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: "B49C4597-8721-4789-9250-315DFBD9F525> (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: "BCC0FF27-31D9-4614-A68E-C18E1ADA4389> - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
O16 - DPF: "D27CDB6E-AE6D-11CF-96B8-444553540000> (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: "E06E2E99-0AA1-11D4-ABA6-0060082AA75C> (GpcContainer Class) - https://kupainc.webex.com/client/v_mywebex-t20/webex/ieatgpc.cab
O18 - Protocol: intu-help-qb1 - "9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3> - C:\Program Files\Intuit\QuickBooks 2005\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - "FC598A64-626C-4447-85B8-53150405FD57> - mscoree.dll (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINNT\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

--
End of file - 11643 bytes
zep516
14 years ago
last modified: 9 years ago
O2 - BHO: Adobe PDF Reader Link Helper - "06849E9F-C8D7-4D59-B87D-784B7D6BE0B3> - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)

O3 - Toolbar: (no name) - "BA52B914-B692-46c4-B683-905236F6F655> - (no file)

O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"

O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O9 - Extra button: (no name) - "CD67F990-D8E9-11d2-98FE-00C0F0318AFE> - (no file)

Thanks.
Do the same thing with the above entries.

Post 1 more log.
zep516
14 years ago
last modified: 9 years ago
Do not remove the hijackthis program yet. It keeps back-ups in the event we would need to restore an item.
shaun
Original Author
14 years ago
last modified: 9 years ago
Ok, I wont remove the hijackthis program yet.

Here is a fresh log after removing the next group you posted.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:58:14 PM, on 10/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\Explorer.EXE
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINNT\ehome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R3 - URLSearchHook: Yahoo! Toolbar - "EF99BD32-C1FB-11D2-892F-0090271D4F88> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - "02478D38-C3F9-4efb-9B51-7695ECA05670> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - "3049C3E9-B461-4BC5-8870-4C09146192CA> - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: AOL Toolbar BHO - "7C554162-8CB7-45A4-B8F4-8EA1C75885F9> - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: scriptproxy - "7DB2D5A0-7241-4E79-B68D-6309F01C5231> - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - "DBC80044-A445-435b-BC74-9C25C1C588A9> - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - "E7E6F031-17CE-4C07-BC86-EABFE594F69C> - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTBPos00 - "FCBCCB87-9224-4B8D-B117-F56D924BEB18> - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O2 - BHO: SingleInstance Class - "FDAD4DA1-61A2-4FD8-9C17-86F7AC245081> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: AOL Toolbar - "DE9C389F-3316-41A7-809B-AA305ED9D922> - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Fast Browser Search - "1BB22D38-A411-4B13-A746-C2A4F4EC7344> - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - "EF99BD32-C1FB-11D2-892F-0090271D4F88> - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Administrator\Application Data\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - "e2e2dd38-d088-4134-82b7-f2ba38496583> - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - "e2e2dd38-d088-4134-82b7-f2ba38496583> - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - "FB5F1910-F110-11d2-BB9E-00C04F795683> - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - "FB5F1910-F110-11d2-BB9E-00C04F795683> - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: "01113300-3E00-11D2-8470-0060089874ED> (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cab
O16 - DPF: "0742B9EF-8C83-41CA-BFBA-830A59E23533> (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
O16 - DPF: "0CCA191D-13A6-4E29-B746-314DEE697D83> (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: "1663ed61-23eb-11d2-b92f-008048fdd814> (MeadCo ScriptX Advanced) - https://eagent.farmersinsurance.com/PLA/eAgent/eAuto/commonActiveX/smsx.cab
O16 - DPF: "2E12FB00-546B-4EE3-9CC2-057BF02E1C17> (Webshots Multiple Media Uploader - Container) - http://community.webshots.com/html/atx/wsaxcontrol.cab
O16 - DPF: "37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40> (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: "406B5949-7190-4245-91A9-30A17DE16AD0> (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: "4871A87A-BFDD-4106-8153-FFDE2BAC2967> (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
O16 - DPF: "4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B> - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: "4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21> -
O16 - DPF: "6E32070A-766D-4EE6-879C-DC1FA91D2FC3> (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1196340022703
O16 - DPF: "8100D56A-5661-482C-BEE8-AFECE305D968> (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: "9522B3FB-7A2B-4646-8AF6-36E7F593073C> (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
O16 - DPF: "9600F64D-755F-11D4-A47F-0001023E6D5A> (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: "9F6D8A59-DD92-499D-944A-38FDB2CE46FF> (Napster download control v2.0) - http://sms.napster.com/client/plugin/npdownload.cab
O16 - DPF: "9FC5238F-12C4-454F-B1B5-74599A21DE47> (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: "B49C4597-8721-4789-9250-315DFBD9F525> (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: "BCC0FF27-31D9-4614-A68E-C18E1ADA4389> - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
O16 - DPF: "D27CDB6E-AE6D-11CF-96B8-444553540000> (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: "E06E2E99-0AA1-11D4-ABA6-0060082AA75C> (GpcContainer Class) - https://kupainc.webex.com/client/v_mywebex-t20/webex/ieatgpc.cab
O18 - Protocol: intu-help-qb1 - "9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3> - C:\Program Files\Intuit\QuickBooks 2005\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - "FC598A64-626C-4447-85B8-53150405FD57> - mscoree.dll (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINNT\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

--
End of file - 10902 bytes
shaun
Original Author
14 years ago
last modified: 9 years ago
Off to bed......I'll check back in tomorrow morning.

Zep and everyone else, thank you so much for your help so far.
zep516
14 years ago
last modified: 9 years ago
Do you now what this is:

O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Administrator\Application Data\Smilebox\SmileboxTray.exe"

Please download Malwarebytes' Anti-Malware to your desktop. Click here
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
shaun
Original Author
14 years ago
last modified: 9 years ago
I'm not exactly sure what (O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Administrator\Application Data\Smilebox\SmileboxTray.exe") is; it might be part of a Hallmark ecard program to send greeting cards online. I recall the name smilebox. I dont need it there; I never use that to send ecards anyway.

I'll have to run the Malwarebytes when I get through with work tonight. And I'll follow all the other directions and post back.

Thanks again!
ravencajun Zone 8b TX
14 years ago
last modified: 9 years ago
that is part of a photo program
System Tray access to Smilebox photo sharing/printing service

there are a lot of photo downloaders in there. Also a few toolbars, do you want and use all those toolbars?
Often times toolbars get installed with legit programs, we have to watch very carefully now days when installing anything to make sure we uncheck any of those extras they are trying to force on us, we do not want or need them.

I know you said you get your McAfee free, I did also with my ISP, I continued to have problems with my pc that just would not go away and made no sense, I decided to eliminate McAfee with a full removal following the correct guidelines, and installed the free AVAST. The minute I removed McAfee every one of the problems with the pc were gone. I really had no idea that was what was causing my issues. Sometimes free is good sometimes not so good LOL.
However since your McAfee also has the firewall program with it you would also need to add a firewall program to the pc. I personally use zone alarm and they do have a free version.
Things to think about.

I see a lot of facebook items also I want to caution you to the use of facebook and any of their apps, we see tons of infections all coming from using facebook and the apps, the problem is you have no idea who wrote the apps and what they added to them and using them is like playing Russian Roulette.

Good work zep!
shaun
Original Author
14 years ago
last modified: 9 years ago
Wow ravencajun! Very interesting post you wrote. No I dont need all those toolbars I dont think. How do I get rid of those?

I won't accept anymore apps from facebook, just not worth it. Thanks for that warning.

Now the McAfee virus protection I think I'll hang out with that for a bit and see if everything else we're doing here will help. As a last resort, I'll change that.

I'm still at work and cant run the Malwarebytes scan yet but as soon as I get through here, I'll run that.

You all rock, ya know that?
zep516
14 years ago
last modified: 9 years ago
Ok great will wait for Malwarebytes log. Lets see if finds anything. Then we can address all the toolbars. I will need a print out of the add/remove program list to see them. Will give instruction for that later.
ravencajun Zone 8b TX
14 years ago
last modified: 9 years ago
you are welcome, zep can get rid of those toolbars for you just follow up with his instructions.
shaun
Original Author
14 years ago
last modified: 9 years ago
Good Morning -

I ran the Anti-Malware Scan last night. It was almost 3 hrs into it and I just had to go to bed.

Got up this morning and the scan box was gone and there was a little box that said Microsoft had encountered a problem and had to shut down, did I want to send a report.

Don't know what happened to the scan. I'll run it again today and hopefully there won't be another interruption.

I'll post the log as soon as I get back.
owbist
14 years ago
last modified: 9 years ago
I quite often set my machines to scan and go off to bed or out depending on the time.

Interesting that it ran for 3 hours before MS stopped it. If that happens again try using the free Superantispyware linked below. Stay on the free version, blue link. You might run this one in safe mode. DO NOT try running Malwarebytes in safe mode though, it is designed to be run with Windows in normal mode.
shaun
Original Author
14 years ago
last modified: 9 years ago
owbist, I did run that Superantispyware yesterday and it removed 37 items. I run that at night all the time and never have a problem either; unless the electric flickers or something.

I'll just close out all programs and run the Anti-Malware Scan again today.
ravencajun Zone 8b TX
14 years ago
last modified: 9 years ago
there will be a log kept for malwarebytes open the program and look under the logs tab, if you do not find it there you can go to your program files and open the malwarebytes folder and look there for the log files.

try doing a quick scan and see if it completes, it should run more quickly, if so then you can try a full scan.
shaun
Original Author
14 years ago
last modified: 9 years ago
Okay then. Here is the log after running the Anti-Malware Scan.

Malwarebytes' Anti-Malware 1.41
Database version: 2991
Windows 5.1.2600 Service Pack 3

10/20/2009 12:41:53 PM
mbam-log-2009-10-20 (12-41-53).txt

Scan type: Full Scan (C:\:)
Objects scanned: 290593
Time elapsed: 2 hour(s), 40 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
zep516
14 years ago
last modified: 9 years ago
Hi,

Do this next:

Double click the hijackthis Icon on the Desktop, Scroll down to Open the Misc Tools section" Click it at the bottom under System tools click "Open Uninstall Manager" over to the right click "Save List" Save it to your Desktop so you may find it, copy and paste it in your next reply..
shaun
Original Author
14 years ago
last modified: 9 years ago
Ok, here it is:

Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.1.0
Adobe Shockwave Player 11.5
Ahead Nero BurnRights
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Deskbar
AOL Toolbar 5.0
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATT eChat Support Tools
BellSouth FastAccess DSL WEB Controls
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CCScore
Coupon Printer for Windows
DoMore
DVD
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
ESSvpaht
ESSvpot
Fast Browser Search (My Web Tattoo)
FaxTools
FTDI USB Serial Converter Drivers
Garmin City Navigator North America NT 2009 Update
Garmin Communicator Plugin
GWCares
HijackThis 2.0.2
HLPIndex
HLPRFO
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Intel(R) 537EP Data Fax Modem
Intel(R) PRO Network Adapters and Drivers
iPhone Configuration Utility
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2
Java 2 Runtime Environment, SE v1.4.2_04
Java(TM) 6 Update 15
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Kodak EasyShare software
KSU
Learn2 Player (Uninstall Only)
Lexmark 3100 Series
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 SP1
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
MobileMe Control Panel
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
Notifier
OTtBP
OTtBPSDK
PCDADDIN
PCDHELP
PC-Doctor for Windows
Photo Explosion SE
QuickBooks Pro 2008
QuickTime
RealPlayer
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SFR
SFR2
SHASTA
Shockwave
SKIN0001
SKINXSDK
SUPERAntiSpyware Free Edition
SupportSoft Assisted Service
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
USB MassStorage CardReader
Viewpoint Manager (Remove Only)
VPRINTOL
WebEx
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WinRAR archiver
WIRELESS
Yahoo! Messenger
Yahoo! Toolbar
zep516
14 years ago
last modified: 9 years ago
Please click Start, control Panel, add / remove programs and uninstall the programs below:

2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2
Java 2 Runtime Environment, SE v1.4.2_04
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1

LEAVE UPDATE 15. Old Java files can be an infection risk.

Remove these:

Fast Browser Search (My Web Tattoo)

Viewpoint Manager (Remove only)

RealPlayer Unless you use it all it does is play real media files.

AOL Toolbar 5.0

Yahoo! Toolbar

Let us know if there is any problem removing anything, everything should remove.

Reboot the computer, post that list again.

Thanks zep516
shaun
Original Author
14 years ago
last modified: 9 years ago
Ok, be right back.
shaun
Original Author
14 years ago
last modified: 9 years ago
Unistalled what you said to but when I uninstalled Real Player I got this message:

The following files and/or directories could not be deleted.

********************************************************

C:\Documents and Settings\Administrator\Application Data\Real\RealPlayer

I am now going to reboot and I'll post the list.......stay tuned!
shaun
Original Author
14 years ago
last modified: 9 years ago
Here's the new list after rebooting -

Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.1.0
Adobe Shockwave Player 11.5
Ahead Nero BurnRights
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Deskbar
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATT eChat Support Tools
BellSouth FastAccess DSL WEB Controls
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CCScore
Coupon Printer for Windows
DoMore
DVD
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
ESSvpaht
ESSvpot
FaxTools
FTDI USB Serial Converter Drivers
Garmin City Navigator North America NT 2009 Update
Garmin Communicator Plugin
GWCares
HijackThis 2.0.2
HLPIndex
HLPRFO
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Intel(R) 537EP Data Fax Modem
Intel(R) PRO Network Adapters and Drivers
iPhone Configuration Utility
iTunes
Java(TM) 6 Update 15
Kodak EasyShare software
KSU
Learn2 Player (Uninstall Only)
Lexmark 3100 Series
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 SP1
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
MobileMe Control Panel
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
Notifier
OTtBP
OTtBPSDK
PCDADDIN
PCDHELP
PC-Doctor for Windows
Photo Explosion SE
QuickBooks Pro 2008
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SFR
SFR2
SHASTA
Shockwave
SKIN0001
SKINXSDK
SUPERAntiSpyware Free Edition
SupportSoft Assisted Service
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
USB MassStorage CardReader
VPRINTOL
WebEx
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WinRAR archiver
WIRELESS
Yahoo! Messenger
zep516
14 years ago
last modified: 9 years ago
Lets do a little clean up now.

Download TFC by OldTimer to your desktop FROM THE LINK BELOW. When the window opens from link, click the save tab. Save it to your desktop. Then see below:

Double-click TFC.exe to run it.

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

After you reboot, please double click the HIJACKTHIS Icon on the desktop. DO A SYSTEM SCAN AND SAFE A LOG FILE. POST THAT LOG INTO YOUR NEXT REPLY.
shaun
Original Author
14 years ago
last modified: 9 years ago
Ok, be right back.......
shaun
Original Author
14 years ago
last modified: 9 years ago
Alright, here's the new log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:54:28 PM, on 10/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\Explorer.EXE
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINNT\ehome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: (no name) - "02478D38-C3F9-4efb-9B51-7695ECA05670> - (no file)
O2 - BHO: SSVHelper Class - "761497BB-D6F0-462C-B6EB-D4DAF1D92D43> - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - "7DB2D5A0-7241-4E79-B68D-6309F01C5231> - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - "DBC80044-A445-435b-BC74-9C25C1C588A9> - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - "E7E6F031-17CE-4C07-BC86-EABFE594F69C> - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100784346\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Administrator\Application Data\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
O9 - Extra button: (no name) - "08B0E5C0-4FCB-11CF-AAA5-00401C608501> - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - "08B0E5C0-4FCB-11CF-AAA5-00401C608501> - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - "e2e2dd38-d088-4134-82b7-f2ba38496583> - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - "e2e2dd38-d088-4134-82b7-f2ba38496583> - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - "FB5F1910-F110-11d2-BB9E-00C04F795683> - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - "FB5F1910-F110-11d2-BB9E-00C04F795683> - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: "01113300-3E00-11D2-8470-0060089874ED> (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cab
O16 - DPF: "0742B9EF-8C83-41CA-BFBA-830A59E23533> (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
O16 - DPF: "0CCA191D-13A6-4E29-B746-314DEE697D83> (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: "1663ed61-23eb-11d2-b92f-008048fdd814> (MeadCo ScriptX Advanced) - https://eagent.farmersinsurance.com/PLA/eAgent/eAuto/commonActiveX/smsx.cab
O16 - DPF: "2E12FB00-546B-4EE3-9CC2-057BF02E1C17> (Webshots Multiple Media Uploader - Container) - http://community.webshots.com/html/atx/wsaxcontrol.cab
O16 - DPF: "37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40> (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: "406B5949-7190-4245-91A9-30A17DE16AD0> (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: "4871A87A-BFDD-4106-8153-FFDE2BAC2967> (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
O16 - DPF: "4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B> - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: "4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21> -
O16 - DPF: "6E32070A-766D-4EE6-879C-DC1FA91D2FC3> (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1196340022703
O16 - DPF: "8100D56A-5661-482C-BEE8-AFECE305D968> (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: "9522B3FB-7A2B-4646-8AF6-36E7F593073C> (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
O16 - DPF: "9600F64D-755F-11D4-A47F-0001023E6D5A> (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: "9F6D8A59-DD92-499D-944A-38FDB2CE46FF> (Napster download control v2.0) - http://sms.napster.com/client/plugin/npdownload.cab
O16 - DPF: "9FC5238F-12C4-454F-B1B5-74599A21DE47> (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: "B49C4597-8721-4789-9250-315DFBD9F525> (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: "BCC0FF27-31D9-4614-A68E-C18E1ADA4389> - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
O16 - DPF: "D27CDB6E-AE6D-11CF-96B8-444553540000> (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: "E06E2E99-0AA1-11D4-ABA6-0060082AA75C> (GpcContainer Class) - https://kupainc.webex.com/client/v_mywebex-t20/webex/ieatgpc.cab
O18 - Protocol: intu-help-qb1 - "9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3> - C:\Program Files\Intuit\QuickBooks 2005\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - "FC598A64-626C-4447-85B8-53150405FD57> - mscoree.dll (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINNT\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

--
End of file - 10257 bytes
zep516
14 years ago
last modified: 9 years ago
Hi,

A few leftovers to remove using hijackthis. Close all browser windows. Only have hijackthis open. DO A SYSTEM SCAN ONLY. Place a check mark in the following entries:

O2 - BHO: (no name) - "02478D38-C3F9-4efb-9B51-7695ECA05670> - (no file)

O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Administrator\Application Data\Smilebox\SmileboxTray.exe"

O18 - Protocol: qbwc - "FC598A64-626C-4447-85B8-53150405FD57> - mscoree.dll (file missing)

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINNT\system32\drivers\KodakCCS.exe (file missing)

Click FIX CHECKED.

Close hijackthis

Reboot the computer.

Then do this below:

Please download CCleaner v2.24.1010 from the link below. On that page choose the 4th one down Slim.

Save the file to the desktop. Double click it and install it. Once it opens click the (Analyze tab] at bottom let it finish. Once it has finished. Click (RUN CLEANER) tab at bottom. DON'T use any other functions just the (analyzer) part. Keep the tool and use it often.

Post 1 more log please.

Let me know how the computer is running.

signing off for the nite.

Thanks,

zep516
shaun
Original Author
14 years ago
last modified: 9 years ago
Good Morning~

Ran the CCleaner and here is the new log:

Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.1.0
Adobe Shockwave Player 11.5
Ahead Nero BurnRights
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Deskbar
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATT eChat Support Tools
BellSouth FastAccess DSL WEB Controls
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CCleaner (remove only)
CCScore
Coupon Printer for Windows
DoMore
DVD
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
ESSvpaht
ESSvpot
FaxTools
FTDI USB Serial Converter Drivers
Garmin City Navigator North America NT 2009 Update
Garmin Communicator Plugin
GWCares
HijackThis 2.0.2
HLPIndex
HLPRFO
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Intel(R) 537EP Data Fax Modem
Intel(R) PRO Network Adapters and Drivers
iPhone Configuration Utility
iTunes
Java(TM) 6 Update 15
Kodak EasyShare software
KSU
Learn2 Player (Uninstall Only)
Lexmark 3100 Series
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 SP1
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
MobileMe Control Panel
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
Notifier
OTtBP
OTtBPSDK
PCDADDIN
PCDHELP
PC-Doctor for Windows
Photo Explosion SE
QuickBooks Pro 2008
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SFR
SFR2
SHASTA
Shockwave
SKIN0001
SKINXSDK
SUPERAntiSpyware Free Edition
SupportSoft Assisted Service
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
USB MassStorage CardReader
VPRINTOL
WebEx
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WinRAR archiver
WIRELESS
Yahoo! Messenger
shaun
Original Author
14 years ago
last modified: 9 years ago
Everything seems to be moving along nicely now; quicker than before. I've visited various sites here and there and it is much quicker.

The problem I initially came here for is fixed as well. That Program Guide is not downloading and freezing up the computer.

Zep - your instructions for completing these uninstalls, scans etc., were very clear and well written. I don't know how to thank you for all the help you've given me.

Thank you very much!
ravencajun Zone 8b TX
14 years ago
last modified: 9 years ago
excellent work shaun and zep!
shaun
Original Author
14 years ago
last modified: 9 years ago
Yep! I'm doing the happy dance!
jessyf
14 years ago
last modified: 9 years ago
WTG peeps!

Stopping a daily download... How?

Comments (56)

shaunOriginal Author

Related Discussions

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

shaunOriginal Author

COMPANY

BUSINESS SERVICES

GET HELP

CONNECT WITH US

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author

shaun
Original Author