Jump to content

sarty

Members
  • Content Count

    34
  • Joined

  • Last visited

About sarty

  • Rank
    Member

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Florida
  • Interests
    Physical therapy, reading, online forums like totalfark.com, computers, stumbleupon, cats, problem-solving.

Previous Fields

  • System Specifications:
    HP Pavilion a450n;WinXP SP2; 160GBHD; Pent4; 512MhzRAM; DVDwriter/CDWcombo;CDROM; "hyperthreading technology"; Ad-aware; SB S&D; Microsoft Antispyware Beta; Norton Int. Security; Spyware sweeper; CCleaner; Cleanup!; Emptempfldrs; PCPitstop Optimizer; Trendmicro antispyware; aDSL Earthlink 1472/256...and a Walmart chair:)
  • TechExpress Link:
    http://www.pcpitstop.com/techexpress.asp?id=4HXKMWK0PEQSHSWU
  • Teams:
    Nothing Selected
  1. HiJack This! Uninstall log: Ad-Aware SE Professional Adobe Atmosphere Player for Acrobat and Adobe Reader Adobe Photoshop Album 2.0 Starter Edition Adobe Reader 6.0 Alt-Tab Task Switcher Powertoy for Windows XP AOL Instant Messenger ArcSoft Camera Suite ArcSoft PhotoImpression 5 ArcSoft ShowBiz 2 Audacity 1.2.3 Azureus Belarc Advisor 6.1 Calculator Powertoy for Windows XP CC_ccProxyExt ccCommon CCleaner (remove only) ccPxyCore Cda Product Service - shared component C-Dilla Licence Management System CleanUp! ClearType Tuning Control Panel Applet CmdHere Powertoy For Windows XP DivX Codec DivX Player EarthLink Free Online Calling Lite 2.0 release 1104x Easy Internet Sign-up Empty Temp Folders 2.8.3 ewido security suite Folding@Home GE UltraCam Google Earth Plus Google Gmail Notifier Google Talk (remove only) HighMAT Extension to Microsoft Windows XP CD Writing Wizard HijackThis 1.99.1 HijackThis 1.99.1 Hotfix for Windows XP (KB896344) Hoyle Puzzle Games 2005 HP Deskjet Preloaded Printer Drivers HP Instant Support HP Organize HP Photo & Imaging 3.1 HP Photo and Imaging 2.0 - Photosmart Cameras HP PSC & OfficeJet 3.0 HP Software Update HPIZ311 HTML Slideshow Powertoy for Windows XP Image Resizer Powertoy for Windows XP IntelĀ® Extreme Graphics Driver IntelliMover Data Transfer Demo InterVideo WinDVD Player iPod for Windows 2005-02-22 iTunes J2SE Development Kit 5.0 Update 5 J2SE Runtime Environment 5.0 Update 4 J2SE Runtime Environment 5.0 Update 5 Java 2 Platform, Enterprise Edition 1.4 SDK KBD K-Lite Codec Pack 2.53 Full LiveReg (Symantec Corporation) LiveUpdate 2.6 (Symantec Corporation) lyrics_1024x768 Screen Saver Macromedia Shockwave Player Magnifier Powertoy for Windows XP Media Library Management Wizard Memories Disc Creator 2.0 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft AntiSpyware Microsoft Data Access Components KB870669 Microsoft Money 2004 Microsoft Money 2004 System Pack Microsoft Office PowerPoint Viewer 2003 Microsoft Office Standard Edition 2003 Microsoft Outlook Personal Folders Backup Microsoft Plus! Digital Media Edition Microsoft Plus! for Windows XP Microsoft Reader Microsoft Windows Journal Viewer Microsoft Works 7.0 mIRC Movie Maker Background Music Files Movie Maker Sound Effects Movie Maker Title Images Mozilla Firefox (1.0.7) MSN Messenger 7.0 MSN Music Assistant MSRedist Multimedia Card Reader NetBeans IDE 4.1 Norton AntiSpam Norton AntiSpam Norton AntiVirus 2005 Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security 2005 (Symantec Corporation) Norton WMI Update Norton WMI Update NVIDIA Display Driver NVIDIA GART Driver OmniPass overland Panda ActiveScan PC Pitstop Optimize 1.0t PC-Doctor for Windows PCFriendly Personal License Update Wizard for Windows Media Player Photo Story 3 for Windows Photosmart 140,240,7200,7600,7700,7900 Series Plus! MP3 Audio Converter LE PS2 Python 2.2 combined Win32 extensions Python 2.2.1 Quicken 2004 QuickTime Realtek AC'97 Audio RecordNow! Rhapsody RollerCoaster Tycoon Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows XP (KB883939) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896422) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB896688) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899588) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Slideshow Generator Powertoy for Windows XP slideshow_1024x768 Screen Saver Sonic Update Manager SPBBC Spy Sweeper Spybot - Search & Destroy 1.4 SpywareBlaster v3.4 SureThing CD Labeler SE - Sonic Symantec Script Blocking Installer Symantec SCSSDist MSI SymNet TheraWriter.PT Demo Timershot Powertoy for Windows XP toolkit Trend Micro Anti-Spyware Tweak UI Update for Windows XP (KB894391) Update for Windows XP (KB896727) Update for Windows XP (KB898461) Update for Windows XP (KB900930) Updates from HP Veo Digital Studio Veo Stingray VideoLAN VLC media player 0.7.2 Virtual Desktop Manager Powertoy for Windows XP Wal-Mart Music Downloads Store Windows Genuine Advantage v1.3.0254.0 Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows Media Bonus Pack for Windows XP Windows Media Connect Windows Media Connect Windows Media Format Runtime Windows Media Player 10 Windows Media Player Playlist Import to Excel Wizard Windows Media Player Skin Importer Windows Media Player Tray Control Windows XP Hotfix - KB834707 Windows XP Hotfix - KB867282 Windows XP Hotfix - KB873333 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885626 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB887797 Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890047 Windows XP Hotfix - KB890175 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB890923 Windows XP Hotfix - KB891781 Windows XP Hotfix - KB893066 Windows XP Hotfix - KB893086 Windows XP Service Pack 2 WinRAR archiver WinZip Yahoo! Install Manager Yahoo! Messenger Zone Deluxe Games RAM is 512, upgradeable to 1 Ghz, and src /scannow went smoothly. I have a 160+ GB harddrive and 83% of it is free. I did buy spyware sweeper and trendmicro, but I removed them from start since they are bulky and will just run them as needed as you suggested I also removed/let HJT "fix" the other entries you suggested. Again, that first run of SP Sand D f/b Adaware then Ewido made things tons better, then they started going downhill again. I'm having the whole "graphics just stay" on the screen problem, program freezes, and inability to end tasks in task manager...and a weird thing..I can't uninstall roller coaster tycoon because of an "install sever shield" error. Again, it is better than it was, but not as good as it was right after our first step. So...I'm confuzzled...as per usual . Did malware sneak back in, or is this totally unrelated? Thanks for all your help and advice!! Jen/Sarty
  2. Logfile of HijackThis v1.99.1 Scan saved at 10:07:59 PM, on 11/6/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\WINDOWS\LTMSG.exe C:\HP\KBD\KBD.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Microsoft Plus! Digital Media Edition\Alarm Clock\AlarmClock.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Softex\OmniPass\Omniserv.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\HPINST~1\Pavilion\XPHNABP4EN\plugin\bin\pchbutton.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us10.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://start.earthlink.net/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local., R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: PnIEBrowserHelperObj Class - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7 O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iSUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [Ad-Aware] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" +c O4 - HKCU\..\Run: [Plus! Alarm Clock] "C:\Program Files\Microsoft Plus! Digital Media Edition\Alarm Clock\AlarmClock.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\Pavilion\XPHNABP4EN\plugin\bin\pchbutton.exe O4 - Startup: Trend Micro Anti-Spyware.lnk.disabled O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: {6632A7E9-FE1F-43D2-A04A-A15951ED63E0} - http://mediaplayer.walmart.com/installer/install.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 9:55:40 PM, 11/6/2005 + Report-Checksum: 42EA89B6 + Scan result: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MiniBugTransporter.dll\\.Owner -> Spyware.MiniBug : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MiniBugTransporter.dll\\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup C:\WINDOWS\system32\uuecode.exe -> Trojan.VB.wh : Cleaned with backup ::Report End Note: Reboots took about 5-8 minutes each; ewido shutdown 2x due to "error and must be shut down"; images of programs/windows stayed on screen after I had closed them; and had to reboot before ccleaner would work (clicked on program and hourglass appeared, then disappeared). As of this moment though, after this last reboot, computer seems pretty dang happy! Thanks for your help! Jen/Sarty
  3. 4. Yep. I'm right there with you. Hand me a flashlight, would ya? lol
  4. I'm on level 3...man...I think this is going to make my brain cramp up, lol
  5. HJT log: Logfile of HijackThis v1.99.1 Scan saved at 8:33:59 PM, on 10/30/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Softex\OmniPass\Omniserv.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Softex\OmniPass\OPXPApp.exe C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\PROGRA~1\MOZILL~2\THUNDE~1.EXE C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\PC-Doctor for Windows\Java\jre\bin\javaw.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\WINDOWS\LTMSG.exe C:\HP\KBD\KBD.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Microsoft Plus! Digital Media Edition\Alarm Clock\AlarmClock.exe C:\PROGRA~1\HPINST~1\Pavilion\XPHNABP4EN\plugin\bin\pchbutton.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us10.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://start.earthlink.net/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local., R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: PnIEBrowserHelperObj Class - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7 O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iSUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [Plus! Alarm Clock] "C:\Program Files\Microsoft Plus! Digital Media Edition\Alarm Clock\AlarmClock.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\Pavilion\XPHNABP4EN\plugin\bin\pchbutton.exe O4 - Startup: Trend Micro Anti-Spyware.lnk.disabled O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6632A7E9-FE1F-43D2-A04A-A15951ED63E0} - http://mediaplayer.walmart.com/installer/install.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe Current problems: 1. Hit "back" on IE, browser tries to connect to 127.00 (etc), then stops; must hit back 2x to go "back"2. Task manager: when trying to end process, it says it was ended, but the process is still there. (i.e., trying to DL newer version of Thunderbird...got error that it was running...didn't show in apps, but Tbirdexe was in processes so I ended the task, but it wouldn't go away) 3. In task manager, strange processes showing up that I can't stop: ping.exe displayed 6x for example. 4. When trying to unintall programs in add/remove program, sometimes get error message that "Install Server can't be found and this process must be shut down". 5. System shutdown/restart takes at least 5 mins; will fade immediately to "windows is shutting down" but will them go right back to my desktop and then just sit there. No processing noises. But if I try to run something, it tells me it can't initialize the process because Windows is shutting down. 6. Without making changes to anything, ... email can connect sometimes, and other times it can't. I get a "time out" error, but only if I cancel the process. Otherwise, email just hangs at "connected to smtpauth.earthlink.net". 7. Ping from cmd does not work, yet I can access all websites. *Note on 6 and 7: when asking friend last night, was told it was Norton Firewall causing problem; I disabled it and email came right through, but Ping never worked. 8. Now, sometimes programs open when I click on them, sometimes they don't. Sometimes when they open, I see only part of the graphic and it is non-functional. What I have done: I found, last week, what my programs identified as adware and also 2 trojans and I allowed them to fix them. Performance improved immediately, but then started to deteriorate again. I did a System Restore. I have been keeping definitions up to date and running and re-running Norton, MSAS, Lavasoft adware, SB S&D, Spysweeper, Spywareblaster, Trend, Cleanup!, CCLeaner ... in reg mode, diagnostic mode and safe mode. I have done a defrag; then really gone in and deleted music files and things that were just taking up space, freed up a ton of space, then defragged again. I have run reg edit several times and allowed it to fix all problems in "green" (safe) except for "unused extensions" because I didn't see the harm in leaving them. I do have backups from reg edit and sp S&D. I have gone into the system processes and stopped things I was told weren't necessary (like ipod helper loading on startup, etc). Finally, just completed a Panda scan online and was shocked to find: urlspoof x 4, adware/gator, Trj/Dwnldr.CZR x 2, W32/Mytob.FD.worm x 2, Trj/Mitglieder.EK (.EV and .EW), Bagle.DY.worm, Mitglieder.EV x 2, Adware/IST.ISTBar, Trj/Zapchast.AA System info in profile. I don't know what other info you need, but just ask and I will provide it. As an added bonus, when I saved the Panda scan, it saved it as a "documento de texto"...and I'm pretty sure I haven't changed the language on my computer to Spanish. :help: Thanks in advance! Jenny EDIT: Things are getting worse. I noticed in the panda scan that most of the trojans/worms were in old emails from thunderbird (??). So, after numerous attempts/refusals, i finally deleted the program. Reran panda and now all it says is gator in registry and it can't/didn't fix it. Now my firefox needs double clicking to work/do anything and my ability to even access webmail is spotty. Trying to uninstall progs I get "install server error"...must be shut down error. I have system restore off. boot time is now normal. Oh, I ran the registry reset program (unhook) last night: don't know if that made any diff or not. PS: actually, now I can't get FF to open. :crash:
  6. In the process of beginning to delete MSN explorer from moms PC. Where does MSN Explorer keep the favorites? In downloading Firefox, we can import her favorites to that browser so she still has them, but I cannot find where MSN has placed them. Anyone familiar with that? We also have IE, but I didn't see an option to import favs/bookmarks on IE...would be glad to use that, but again, where do I send it looking for those files? Thanks! Jen/Sarty
  7. You are EXACTLY correct! She has the MSN Explorer software, and I personally believe that is the cause of her troubles. I would like her to uninstall the MSN explorer software, then just configure the "my connections" settings to dial-up to MSN. Of course, she could still download MSN Messenger and use Hotmail, etc, just like I do, and I am on Earthlink. I have tried to set up an independent dial-up connection with the MSN explorer software still on the computer, but it does not allow it. Any attempt to connect brings up the pretty butterfly! Coincidentally, I don't use Earthlink's total access software: nothing against it, but I like Firefox's browser and IE when a page comes up that FF doesn't do well with, so I configured the "My connections" settings to connect to earthlink via my aDSL modem. Now, here is my problem: I think my mom (sartysmom) WANTS to keep MSN Explorer, because it looks a lot like WebTV, and that is what she transitioned from when she got this computer. MSN Explorer is very user friendly in its layout, and I think she likes that. So...herein lies the dilemma. How to get MSN Explorer software working well on her computer when it never has worked well. From the first installation of the software (whatever version that was), she has had problems. Is it the software itself? The computer? The combination? I have no idea. My brain is on E, lol, which is why I have sent her to you wonderful people. I can help carryout any instructions, but I am fresh out of ideas on how to make her computer work with any version of MSN Explorer.
  8. Mom, have you done that? Control panel-->Add/remove programs:--> msn messenger -->change/remove--->Remove. Then reboot. Then go to Msn Messenger and re-download.
  9. Her computer is running SO much better now! Just spoke with her on the telephone and she said it is "minding her" now, lol I left norton on the system...mostly because we had just paid for it; but we followed all the other advice. It now restarts in a very reasonable amount of time, and has not been freezing or delaying like it used to. I am going to take over some CDs so she can burn the recovery discs, and we are also going to get her some more RAM. According to Crucial, she has 1 more slot that can take up to a 512 stick, so that is what we will probably get. Thanks everyone for your help! Have an oreo ! Jen/Sarty
  10. Hi Mom! Thanks, everyone, for helping sartysmom with this problem. I've tried to get MSN to release its grasp on every function of her computer, but it just won't do it. Options that I have under my IE browser are grayed out on hers (ie, automatically disconnecting after a certain period of time). Also, when she double clicks on an item like, "My Pictures" for example, it doesn't open the folder. Intead, it opens a "search" of my pictures, complete with the little animated doggy assistant and blanks for her to type in what she is looking for. To open "My Pictures", she has to right click, then select "open". It didn't always do that, and I don't know how to tell it to stop. Is this an MSN issue, or has something been inadvertantly changed in settings somewhere? Regarding the great link above: I'm not sure we understand about the "answer file" section. Is she supposed to be re-installing MSN here? (it says "Using the methods you prefer for unattended installation or remote installation, create an answer file.") Also, if she performs the steps in section, "To Use Group Policy to Block Access to MSN Explorer", what does this do? I'm thinking it will allow her to connect using her MSN account, but stop the MSN software from enmeshing itself with every program on her computer. Is that correct? Just trying to understand so I can help as needed from my house Thanks! Jen/Sarty
  11. Ah, I see... Okay, I am home now but I'll ask my mom to run the scan disk and we'll see what happens. Thanks IntelGuy!
  12. http://www.pcpitstop.com/techexpress.asp?id=W4V4NW9HRLQSNFEU Just re-ran pitstop and things are looking much better System is running faster, with some slowness, but nothing like it was before. Yes, ran scandisk, and it was prompting me for the Windows XP home edition CD...dough[\b] is currently checking to see if I can somehow get the missing dlls from the D recovery drive.
  13. In running the windows file protection scan, I just got a message that said, "files that are required for windows to run properly must be copied to the dll cache. please insert windows XP home edition CD now" This computer didn't come with the OS on a CD, it was pre-loaded. It has the option to make system recovery discs (from Drive D-recovery drive)... Is there a way I can direct it towards D drive to find those files? Or should I burn the recovery discs to a CD(s) and then would that work for what it is prompting me for? Jen/Sarty PS: have upgraded the programs as instructed and run them in safe-mode with nothing found.
  14. Thank you both for those instructions! I am still at my house (don't know if Mom is up and at my grandmother's computer yet...Hey MOM??? lol)...but I will try the registry scanner on my computer here. I feel comfortable with my system and worse-case scenario, I can always do a system restore if I make an error. That way, I'll get used to the product and be more comfortable with it when I use it on my grandmother's computer tonight. I will post again when I go through all of your recommendations and let you know how things are going. **In the meantime, I do have a question: is it possible that her system had a bad OS install that is causing all of this? I got her system (as well as mine and my mother's) from Overstock.com--refurbished. I don't know if it was a display model or a returned model, but it looked shiney new and came in an HP box saying "refurbished" with all of the materials, software, etc. My system and my mother's system are fine, so I don't know that being refurbished had anything to do with it. Well, that's not true, my mother's system isn't "fine", but it is faster than my grandmother's and the problems, while weird, seem to be more related to her MSN software than anything else. My first system was new (from store) and it was a clunker, although at the time, I thought it was just me. Through the help of friends, I found out Win 98 had a bad install and that caused most of my problems. I did a complete re-install and it worked much better (well, as good as 98 could work, lol). With my grandmother's computer, if we get through our troubleshooting here and there is no substantial improvement, would a system recovery be a good next step? What are the chances that it is a hardware problem? Just curious, really. I mean, out of the box, starting up, the thing ran like a car with a clogged gas filter. Noisy, slow, etc. And this is my grandmother: I wanted a system that was hassle-free. She had used webtv previously and I wanted to graduate her up to the computer so she could have the benefits of a harddrive, word processing, and playing games from the CDROM (scrabble, cards, etc---nothing highly demanding or even online). But even bringing up MS Works was a major ordeal with her system. It's almost like the thing has A.D.D.: One task at a time. Insert a CD and seconds go by...THEN you hear the CDROM drive kicking in...THEN you see the light come on...THEN you hear the drive speeding up...THEN the display changes...etc. So you can imagine, I'm trying to help her be more active online and she is really enjoying it, but when she clicks on her email icon and it takes 60 seconds to open, then quite some time to display properly, she is going to think she is doing something wrong and start pressing and clicking and then error messages come up and things freeze. Argh! I'm not looking for lightening fast, super-dooper computer here. I'm looking for "click on the program, and have it open"; "insert game into CDROM and have it open and running before her hot tea gets cold"; "restart computer and have it ready to go faster than 5 minutes"--you know, fairly reasonable requests! lol I'm being a bit wordy this morning ! Just pondering and sharing in the hopes that something I say may trigger someone to reply, "Oh, just shake it upside down for 27 seconds and reboot...you just have dust gnomes nesting in the RAM" or some such simple thing I'm not against getting the RAM, but I'm also not against just getting her another system. I have an a450n from HP, pent 4, 512RAM, Hyperthreading, and I it. My mother is going to be running a business from her computer, and I'm just wondering if I should get he a system like mine as well. I know it isn't "tricked out" like most people's, but it is fast and reliable and has NONE of the problems they are having. Thanks again for your help! sarty/Jen
  15. My mom is going to turn in for the night. I'll update you all on the progress when I get over there tomorrow...or she may sign in herself as she works her way through. Thank you all again! /I'm going to use this advice on my computer now. Great tips!
×
×
  • Create New...