Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 7 of 7 Posts

·
Registered
Joined
·
5 Posts
Discussion Starter · #1 ·
Good (very Cold Morning -3 degrees) morning,
I am having a problem when I first boot up. I have three (3) 'Quick Launch' bars showing when I right click the bottom of my screen, when I right click the toolbar at the bottom, I see Two (2) 'Quick Launch' with a check mark, one (1) 'Quick Launch' without a check mark (the words 'Quick Launch are not next to it). So I have to click 'Close toolbar', uncheck one (1) 'Quick Launch' without the check mark, leaving only one (1) 'Quick Launch' with a check mark, and then drag to resize the tool bar to the left. There is another user on this PC, they do not have the same conditions. Also, after reading numerous post I am send the log from HiJackThis. I enabled most of these as suggested at the HJT web site, I also had them disabled through the Ultimate Trouble Shooter enabled them before running HJT. My internet connection is Adelphia Cable, SB5100 SURFboard Cale Modem, with an ethernet card.
I have been trying to clean up and get my system running faster, and it's been tough!

The 'Background Processes' are accurate from the HJT log NOT from my system info.
Here is my system info, and below that is the HJT log.
Any help you provide is greatly appreciated. Thank you.

Operating System Information
Microsoft Windows ME (Millennium Edition)
Internet Explorer Information
Version 6.00.2800.1106
Background Processes 31/31
System User Other
Process C:\WINDOWS\SYSTEM\KERNEL32.DLL
Process C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Process C:\WINDOWS\SYSTEM\mmtask.tsk
Process C:\WINDOWS\SYSTEM\MPREXE.EXE
Process C:\WINDOWS\SYSTEM\STIMON.EXE
Process C:\WINDOWS\SYSTEM\MSTASK.EXE
Process C:\WINDOWS\SYSTEM\DEVLDR16.EXE
Process C:\WINDOWS\EXPLORER.EXE
Process C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
Process C:\WINDOWS\SYSTEM\SYSTRAY.EXE
Process C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
Process C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
Process C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
Process C:\WINDOWS\SYSTEM\WMIEXE.EXE
Process C:\WINDOWS\TASKMON.EXE
Process C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE
Process C:\PROGRAM FILES\ADELPHIA ESUPPORT ASSISTANT\SMARTBRIDGE\MOTIVESB.EXE
Process C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
Process C:\PROGRAM FILES\IE NEW WINDOW MAXIMIZER\IEMAXIMIZER.EXE
Process C:\WINDOWS\SYSTEM\DDHELP.EXE
Process C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE
Process C:\WINDOWS\RUNDLL32.EXE
Process C:\WINDOWS\SYSTEM\PSTORES.EXE
Process C:\PROGRAM FILES\HP\HPCORETECH\COMP\HPTSKMGR.EXE
Process C:\PROGRAM FILES\ADELPHIA ESUPPORT ASSISTANT\BIN\MPBTN.EXE
Process C:\WINDOWS\SYSTEM\SPOOL32.EXE
Process C:\UNZIPPED\HIJACKTHIS[1]\HIJACKTHIS.EXE
Process C:\WINDOWS\NOTEPAD.EXE
Process C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
Process C:\WINDOWS\PROFILES\CYNSMITH\DESKTOP\EASYINFO V2 FOR POGO.EXE
Process C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE

System Device Information
Processor 1/1
AMD AMD Athlon(tm) Processor 1007.1
FPU True
MMX True
SSE False
SSE2 False
3D Now True
3D Now Plus True
SSE-MMX True
TSC True
IA64 False
APIC True
ACPI False
MTRR True
CMOV True
Serial False
Thermal False

Extended Features
Hyper Threading Support False
MMX Plus True
Logical Processors Per Physical 0
Voltage ID False
Frequency ID False
Temperature Sense Diode False

Memory
System Total 128.4
Virtual Total 2044.0
Pagefile Total 1920.5

Snapshot
System Available 3.6
Virtual Available 1999.6
Pagefile Available 1722.6
Percent Load 100

Mass Storage Devices
Drive a:\
Type Removable
Letter a:\
VolumeName N/A
FileSystem N/A
TotalSpace 0 Bytes
FreeSpace 0 Bytes
Capabilities
Read-Only False
Compressed False
Supports Compression False
Supports Case-preservation False
Supports Case-sensitive filenames False
Supports Encryption False
Supports Named Streams False
Supports Object IDs False
Supports Persistent ACLS False
Supports Quotas False
Supports Reparse Points False
Supports Sparse Files False
Supports Unicode False

Drive c:\
Type Fixed
Letter c:\
VolumeName MICRONPC
FileSystem FAT32
TotalSpace 18.6 GB
FreeSpace 11.3 GB
Capabilities
Read-Only False
Compressed False
Supports Compression False
Supports Case-preservation True
Supports Case-sensitive filenames False
Supports Encryption False
Supports Named Streams False
Supports Object IDs False
Supports Persistent ACLS False
Supports Quotas False
Supports Reparse Points False
Supports Sparse Files False
Supports Unicode True

Drive d:\
Type CD / DVD Drive
Letter d:\
VolumeName N/A
FileSystem N/A
TotalSpace 0 Bytes
FreeSpace 0 Bytes
Capabilities
Read-Only False
Compressed False
Supports Compression False
Supports Case-preservation False
Supports Case-sensitive filenames False
Supports Encryption False
Supports Named Streams False
Supports Object IDs False
Supports Persistent ACLS False
Supports Quotas False
Supports Reparse Points False
Supports Sparse Files False
Supports Unicode False

Drive e:\
Type CD / DVD Drive
Letter e:\
VolumeName N/A
FileSystem N/A
TotalSpace 0 Bytes
FreeSpace 0 Bytes
Capabilities
Read-Only False
Compressed False
Supports Compression False
Supports Case-preservation False
Supports Case-sensitive filenames False
Supports Encryption False
Supports Named Streams False
Supports Object IDs False
Supports Persistent ACLS False
Supports Quotas False
Supports Reparse Points False
Supports Sparse Files False
Supports Unicode False

Monitor Information 1/1
Monitor Name MICRON 700Ex
Refresh Rate 0 Hz

Network Adapter Information 1/1
Network Adapter Name F5D5000, PCI Card/Desktop Network PCI Card
IP Address 68.69.73.42
Subnet Mask 255.255.255.0
Gateway 68.69.73.1
Primary WINS Server N/A
DHCP N/A

Media Device Information
DirectX Information
Version 9.0c
Long Version 4.09.0000.0904

Display Device 1/1
NVIDIA RIVA TNT2 Model 64/Model 64 Pro Local Memory: 32.0 Driver Version: 4.13.01.4109

Device
Description NVIDIA RIVA TNT2 Model 64/Model 64 Pro
Manufacturer NVidia Corporation
GUID D7B71E3E-436D-11CF-F866-0320B7C2C935
Driver
Version 4.13.01.4109
Module NVDD32.DLL
Date 11-18-2002

Memory
Total 32.0
Available 30.0
Non-Local 64.0
Texture 94.0

Sound Device 1/2
SB Live! Wave Device Driver: 5.12.01.3041

Device
Description SB Live! Wave Device
Manufacturer Creative Technology Ltd.
GUID BD6DD71A-3DEB-11D1-B171-00C04FC20000
Driver
Version 5.12.01.3041
Module emu10k1f.sys
Date 2-13-2003

Capabilities
Max 3D Buffers 32
Supports Mono Output True
Supports Stereo Output True

Sound Device 2/2
VIA AC'97 Audio (WAVE) Driver: 6.14.01.3880

Device
Description VIA AC'97 Audio (WAVE)
Manufacturer VIA Technologies, Inc.
GUID BD6DD71A-3DEB-11D1-B171-00C04FC20004
Driver
Version 6.14.01.3880
Module viaudio.SYS
Date 8-19-2003

Capabilities
Max 3D Buffers 0
Supports Mono Output True
Supports Stereo Output True

9:38 AM 1/18/2005Logfile of HijackThis v1.99.0
Scan saved at 8:54:22 AM, on 1/18/2005
Platform: Windows ME (Win9x 4.90.3000A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE
C:\PROGRAM FILES\ADELPHIA ESUPPORT ASSISTANT\SMARTBRIDGE\MOTIVESB.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE
C:\PROGRAM FILES\IE NEW WINDOW MAXIMIZER\IEMAXIMIZER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\HP\HPCORETECH\COMP\HPTSKMGR.EXE
C:\PROGRAM FILES\ADELPHIA ESUPPORT ASSISTANT\BIN\MPBTN.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\UNZIPPED\HIJACKTHIS[1]\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = BlueFrog.Biz - The Best Internet!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE"
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ADELPH~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [Windows ControlAd] C:\PROGRAM FILES\WINDOWS CONTROLAD\WINCTLAD.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [NeoBirthday Reminder] "C:\PROGRAM FILES\NEOBIRTHDAY\NeoBirthday.exe" /L
O4 - HKCU\..\Run: [MSMSGS] C:\PROGRA~1\MESSEN~1\msmsgs.exe /background
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [IE New Window Maximizer] C:\PROGRAM FILES\IE NEW WINDOW MAXIMIZER\iemaximizer.exe
O4 - Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: ADELPHIA ESUPPORT ASSISTANT.LNK = C:\Program Files\Adelphia eSupport Assistant\bin\matcli.exe
O4 - Startup: HP Digital Imaging Monitor.lnk.disabled
O4 - User Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - User Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - User Startup: ADELPHIA ESUPPORT ASSISTANT.LNK = C:\Program Files\Adelphia eSupport Assistant\bin\matcli.exe
O4 - User Startup: HP Digital Imaging Monitor.lnk.disabled
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client) - http://ccon.madonion.com/global/msc.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) - http://www.pcpitstop.com/pcpitstop/diskhealth.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F8F88D0D-E455-11D6-B547-00400555C7FB} (DiskHealth2 Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.6.cab
O16 - DPF: {289AB47F-5B57-4FEA-95E2-BCB40B6C26A3} (IEDownloader Class) - http://www.casinodelrio.com/axdownload/ptdownloader.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4018/ftp.coupons.com/v3122/cpbrkpie.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://anu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdq/downloads/sysinfo.cab
O16 - DPF: {F2A84794-EE6D-447B-8C21-3BA1DC77C5B4} (SDKInstall Class) - http://activex.microsoft.com/activex/controls/sdkupdate/sdkinst.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/partners/shockwave/excavation/install.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...pple.com/mickey/us/win/QuickTimeInstaller.exe
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?325
O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://E:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB
O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) - http://www.gamehouse.com/ghdlctl.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: Turbo 21 TM by pogo - http://game5.pogo.com/applet-6.0.1.28/turbo21/turbo21-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://checkeredflag.pogo.com/applet-6.0.1.28/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Tumble Bees by pogo - http://jumbee.pogo.com/applet-6.0.2.21/jumbee/jumbee-ob-assets.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet-6.0.2.21/checkers2/checkers-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://popfu.pogo.com/applet-6.0.2.21/popfu/popfu-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://vpoker.pogo.com/applet-6.0.3.28/videopoker2/videopoker-ob-assets.cab
O16 - DPF: Keno by pogo - http://keno.pogo.com/applet-6.0.3.28/keno/keno-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://holdem2.pogo.com/applet-6.0.3.28/holdem/holdem-ob-assets.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...fcb456eac7bd:880c508c2c6a291101f64dc3f0db6853
O16 - DPF: Aces Up! by pogo - http://game3.pogo.com/applet-6.0.4.31/aces/aces-ob-assets.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\PROGRAM FILES\HP\HPCORETECH\COMP\HPUIPROT.DLL
 

·
Registered
Joined
·
49,014 Posts
SpywareBlaster http://www.javacoolsoftware.com/spywareblaster.html
AdAware SE http://www.majorgeeks.com/download506.html
SpyBot S&D 1.3 http://www.safer-networking.org/en/download/

DL them (they are free), install them, check each for their
definition updates
and then run AdAware and Spybot, fixing anything
they say.

In SpywareBlaster - Always enable all protection after updates
SpyBot - After an update run immunize

Add/remove programs remove - WINDOWS CONTROLAD, WildTangent – if present

Print this out – Boot to safe mode

Fix

O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

O4 - HKLM\..\Run: [Windows ControlAd] C:\PROGRAM FILES\WINDOWS CONTROLAD\WINCTLAD.EXE

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/...ion/install.cab

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...1f64dc3f0db6853

O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\PROGRAM FILES\HP\HPCORETECH\COMP\HPUIPROT.DLL

Delete these folders
C:\WINDOWS\wt
C:\PROGRAM FILES\WINDOWS CONTROLAD

Empty the recycle bin – boot and post a new log
 

·
Registered
Joined
·
5 Posts
Discussion Starter · #3 ·
MFDnSC, Thank you for your reply. I am at the "Fix" section of your help, but I don't know what you mean by "Fix". I do know how to get into safe mode, I do need help as to how to do the "Fix". So far so good.
WINDOWS CONTROLAD, WildTangent were not present under add/remove.
 

·
Registered
Joined
·
49,014 Posts
Fix means run HJT and select scan only - clikc in the box to the left of the entries I listed and ONLY those entries

When you have selected the list of entries - at the bottom - click on fix checked
 

·
Registered
Joined
·
5 Posts
Discussion Starter · #5 ·
Here are some notes after I ran your suggestions. Following these notes is a new log.

O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
[FONT=Century Gothic]not listed in safe mode or regular after running HJT scan[/FONT]

O4 - HKLM\..\Run: [Windows ControlAd] C:\PROGRAM FILES\WINDOWS CONTROLAD\WINCTLAD.EXE
not listed in safe mode or regular after running HJT scan

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
fixed from safe mode

O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/...ion/install.cab
not there in safe mode fixed from regular

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...1f64dc3f0db6853
not listed in safe mode or regular after running HJT scan

O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\PROGRAM FILES\HP\HPCORETECH\COMP\HPUIPROT.DLL
fixed from safe mode

Logfile of HijackThis v1.99.0
Scan saved at 6:34:44 AM, on 1/20/2005
Platform: Windows ME (Win9x 4.90.3000A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\HP\HPCORETECH\COMP\HPTSKMGR.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\UNZIPPED\HIJACKTHIS[1]\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = BlueFrog.Biz - The Best Internet!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE"
O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client) - http://ccon.madonion.com/global/msc.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) - http://www.pcpitstop.com/pcpitstop/diskhealth.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F8F88D0D-E455-11D6-B547-00400555C7FB} (DiskHealth2 Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.6.cab
O16 - DPF: {289AB47F-5B57-4FEA-95E2-BCB40B6C26A3} (IEDownloader Class) - http://www.casinodelrio.com/axdownload/ptdownloader.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4018/ftp.coupons.com/v3122/cpbrkpie.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://anu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdq/downloads/sysinfo.cab
O16 - DPF: {F2A84794-EE6D-447B-8C21-3BA1DC77C5B4} (SDKInstall Class) - http://activex.microsoft.com/activex/controls/sdkupdate/sdkinst.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/partners/shockwave/excavation/install.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...pple.com/mickey/us/win/QuickTimeInstaller.exe
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?325
O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://E:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: Turbo 21 TM by pogo - http://game5.pogo.com/applet-6.0.1.28/turbo21/turbo21-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://checkeredflag.pogo.com/applet-6.0.1.28/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Tumble Bees by pogo - http://jumbee.pogo.com/applet-6.0.2.21/jumbee/jumbee-ob-assets.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet-6.0.2.21/checkers2/checkers-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://popfu.pogo.com/applet-6.0.2.21/popfu/popfu-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://vpoker.pogo.com/applet-6.0.3.28/videopoker2/videopoker-ob-assets.cab
O16 - DPF: Keno by pogo - http://keno.pogo.com/applet-6.0.3.28/keno/keno-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://holdem2.pogo.com/applet-6.0.3.28/holdem/holdem-ob-assets.cab
O16 - DPF: Aces Up! by pogo - http://game3.pogo.com/applet-6.0.4.31/aces/aces-ob-assets.cab

That's where I'm at where do we go from here?
 
1 - 7 of 7 Posts
Status
Not open for further replies.
Top