HJT Log-Please check

Status
Not open for further replies.
TwiztedTwit

TwiztedTwit

Baseband Member
Messages
95
Computer has been acting quirky lately. Im running Win 98SE with IE 6.

ran AVG
ran Spybot
ran Adaware
ran Bit Defender, it found something in the program files it couldnt delete:

C:\Program Files\Media Access........

I went to add/remove programs to have it uninstall this program and it came up with a page not found on the uninstall. But it removed it from the add remove programs, although it is still in my program files.

Please look at the log and tell me what you find, at your convenience.

Thank you,

Logfile of HijackThis v1.99.1
Scan saved at 7:33:53 PM, on 12/30/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\HJT1.99.1\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\SYSTEM\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O7 "EPUSB1:" /M "Stylus CX3200"
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O15 - Trusted Zone: http://loginnet.passport.com
O15 - Trusted Zone: http://members.msn.com
O15 - Trusted Zone: www.eroticy.com
O15 - Trusted Zone: *.eroticy.com
O15 - Trusted Zone: www.eroticysingles.com
O15 - Trusted Zone: www.emtrk.com
O15 - Trusted Zone: http://*.emtrk.com
O15 - Trusted Zone: http://www.ratemyfaceadult.com
O15 - Trusted Zone: *.ratemyfaceadult.com
O15 - Trusted Zone: www.freetaxusa.com
O15 - Trusted Zone: http://www.eroticydating.com
O15 - Trusted Zone: http://www.qksrv.net
O15 - Trusted Zone: http://media.fastclick.net
O15 - Trusted Zone: http://www.alternativemedicinemessaeboards.info
O15 - Trusted Zone: http://www.iwon.com
O15 - Trusted IP range: http://64.4.34.250
O15 - Trusted IP range: 207.68.173.254
O16 - DPF: WebWorks Help 3.0 - http://www.netgear.com/docs/mr814/wwhelp3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6F6DBC29-7A0C-4AC0-A42D-10EC70678526} (Word Cubes Control) - http://www.worldwinner.com/games/v44/wordcube/wordcube.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/qtinstall.info.apple.com/pthalo/us/win/QuickTimeFullInstaller.exe
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspotter/SpSp29952.41optYplkOmji/SpySpotterCabInstall.cab
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://eztracks.aavalue.com/EZT/Toolbar/eztdl.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.4.2.30/holdem/holdem-ob-assets.cab
O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.3.4.49/mlslots/mlslots-ob-assets.cab
O16 - DPF: Keno by pogo - http://game1.pogo.com/applet-6.3.1.26/keno/keno-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.3.4.49/superbingo/superbingo-ob-assets.cab
O16 - DPF: Showbiz Slots by pogo - http://game1.pogo.com/applet-6.3.1.26/slots/showbiz-ob-assets.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.3.4.64/slots/alibaba-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo - http://game1.pogo.com/applet-6.3.1.26/slots/showbiz2-ob-assets.cab
O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.3.1.33/wordjong/wordjong-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.3.2.25/whackdown/whackdown-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.3.4.64/mahjong/mahjong-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.0.41/worldclass/worldclass-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.3.2.25/turbo21/turbo21-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.4.0.41/waterwheel/waterwheel-ob-assets.cab
O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.3.4.64/spider/spider-ob-assets.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - http://www.worldwinner.com/games/v45/wordmojo/wordmojo.cab
O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.3.3.27/jumbee/jumbee-ob-assets.cab
O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.3.3.27/pool2/pool-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.3.3.27/videopoker2/videopoker-ob-assets.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://www.worldwinner.com/games/v45/sol/sol.cab
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://www.worldwinner.com/games/v42/golfsol/golfsol.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.3.3.38/jigsaw/jigsaw-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.3.4.49/poppit2/poppit2-ob-assets.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.3.4.49/stax/stax-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.3.4.49/squelchies/squelchies-ob-assets.cab
O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.4.2.23/blackjack/blackjack-ob-assets.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.pogo.com/game/deluxe/zuma/popcaploader_v6.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v51/h2hpool/h2hpool.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tile City Control) - http://www.worldwinner.com/games/v41/tilecity/tilecity.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.4.64/wordwhomp2/whomp2-ob-assets.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.4.64/lottso/lottso-ob-assets.cab
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinner.com/games/v55/cubis/cubis.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712...com/downloads/player/Install3.0/Installer.exe
O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.3.4.64/videopoker2/jokerswild-ob-assets.cab
O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0.34/videopoker2/doubledeuce-ob-assets.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.4.0.34/checkers2/checkers-ob-assets.cab
O16 - DPF: The Sims Pinball by pogo - http://game1.pogo.com/applet-6.4.0.34/simball/simball-ob-assets.cab
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/scanner/TestScanner.ocx
O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.4.0.41/videoblackjack/videoblackjack-ob-assets.cab
O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.4.0.41/penguins/penguins-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.4.0.41/flinger/flinger-ob-assets.cab
O16 - DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} (GameControl Class) - http://www.midasplayer.com/midasa.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c2.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.4.2.30/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/version7/DLHelper.cab
O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.riverbelle.com/download_helper/Nyoko.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/cpbrkpie.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.4.3.28/peaks/peaks-ob-assets.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.4.27/popfu/popfu-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.4.34/firstclass2/firstclass2-ob-assets.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.35mb.com/applet/applet_l.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
 
go to internet options, security, trusted sites and remove those sites that are in there unless ofcourse you added them there

Remove these entries

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/qtinstall.i...llInstaller.exe

O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spys...rCabInstall.cab

O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://eztracks.aavalue.com/EZT/Toolbar/eztdl.cab

O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Acti...iveLauncher.cab

O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712...0/Installer.exe

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4...02/cpbrkpie.cab

O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.35mb.com/applet/applet_l.cab
 
Follow these instructions carefully

Download ALL 4 programs and update them as soon as they are installed, this is very important, except for Hijackthis!.

Ad Aware SE Personal Free

Spybot Search and Destroy Free

Microsoft Windows AntiSpyware Free

HijackThis Free

Ewido

Follow these steps

Delete all cookies and temporary internet files in the control panel.

Go to Start, run, type msconfig, go to startup, disable everything except your antivirus, click apply, dont reboot yet.

Download Msconfig Cleanup below

Msconfig Cleanup Free

Run Msconfig Cleanup after you unchecked the items you were told to uncheck and recheck, click "Select All", then click "Clean up Selected", then click "Quit".

Now run each spyware program 1 by 1. Running all 3 at the same time will slow most systems down.

When each program has finished scanning, remove everything.

For Microsoft Antispy, after it has finished scanning, some items will/might be on ignore, you will need to select remove unless the program is valid such as VNC Viewer, etc.


Now go to the recycle bin and delete everything that is in it.

When finished with the scans, reboot, and go into Safe Mode and run these scans again, remove everything they find, and then reboot back into Windows in normal mode. You dont need to run Hijackthis! yet.

Then run HiJackthis!

Save the log, copy and paste the log on www.techist.com
Do not attach the log, copy and paste always. This will make things go much faster.

When you have posted your second log and everything has been cleared, re-scan your system, check everything, then on the bottom right hand corner, click "Add Checked to Ignore List", click "Yes", and thats it. The next time you have a problem and you see an entry, this will be a lot faster to troubleshoot.
 
2nd HJT log

followed all instructions. Was unable to download Microsoft Windows AntiSpyware or Ewido as they stated upon download that one needs Windows 2000 or higher.
Below is my HJT scan after completing all as instructed minus the two stated above.

Logfile of HijackThis v1.99.1
Scan saved at 1:38:32 AM, on 12/31/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\HJT1.99.1\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\My Downloads2\SpybotS&D\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\SYSTEM\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O7 "EPUSB1:" /M "Stylus CX3200"
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O15 - Trusted Zone: http://loginnet.passport.com
O15 - Trusted Zone: http://members.msn.com
O15 - Trusted Zone: http://www.iwon.com
O16 - DPF: WebWorks Help 3.0 - http://www.netgear.com/docs/mr814/wwhelp3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6F6DBC29-7A0C-4AC0-A42D-10EC70678526} (Word Cubes Control) - http://www.worldwinner.com/games/v44/wordcube/wordcube.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.4.2.30/holdem/holdem-ob-assets.cab
O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.3.4.49/mlslots/mlslots-ob-assets.cab
O16 - DPF: Keno by pogo - http://game1.pogo.com/applet-6.3.1.26/keno/keno-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.3.4.49/superbingo/superbingo-ob-assets.cab
O16 - DPF: Showbiz Slots by pogo - http://game1.pogo.com/applet-6.3.1.26/slots/showbiz-ob-assets.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.3.4.64/slots/alibaba-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo - http://game1.pogo.com/applet-6.3.1.26/slots/showbiz2-ob-assets.cab
O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.3.1.33/wordjong/wordjong-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.3.2.25/whackdown/whackdown-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.3.4.64/mahjong/mahjong-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.0.41/worldclass/worldclass-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.3.2.25/turbo21/turbo21-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.4.0.41/waterwheel/waterwheel-ob-assets.cab
O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.3.4.64/spider/spider-ob-assets.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - http://www.worldwinner.com/games/v45/wordmojo/wordmojo.cab
O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.3.3.27/jumbee/jumbee-ob-assets.cab
O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.3.3.27/pool2/pool-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.3.3.27/videopoker2/videopoker-ob-assets.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://www.worldwinner.com/games/v45/sol/sol.cab
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://www.worldwinner.com/games/v42/golfsol/golfsol.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.3.3.38/jigsaw/jigsaw-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.3.4.49/poppit2/poppit2-ob-assets.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.3.4.49/stax/stax-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.3.4.49/squelchies/squelchies-ob-assets.cab
O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.4.2.23/blackjack/blackjack-ob-assets.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.pogo.com/game/deluxe/zuma/popcaploader_v6.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v51/h2hpool/h2hpool.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tile City Control) - http://www.worldwinner.com/games/v41/tilecity/tilecity.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.4.64/wordwhomp2/whomp2-ob-assets.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.4.64/lottso/lottso-ob-assets.cab
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinner.com/games/v55/cubis/cubis.cab
O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.3.4.64/videopoker2/jokerswild-ob-assets.cab
O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0.34/videopoker2/doubledeuce-ob-assets.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.4.0.34/checkers2/checkers-ob-assets.cab
O16 - DPF: The Sims Pinball by pogo - http://game1.pogo.com/applet-6.4.0.34/simball/simball-ob-assets.cab
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/scanner/TestScanner.ocx
O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.4.0.41/videoblackjack/videoblackjack-ob-assets.cab
O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.4.0.41/penguins/penguins-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.4.0.41/flinger/flinger-ob-assets.cab
O16 - DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} (GameControl Class) - http://www.midasplayer.com/midasa.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c2.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.4.2.30/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/version7/DLHelper.cab
O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.riverbelle.com/download_helper/Nyoko.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.4.3.28/peaks/peaks-ob-assets.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.4.27/popfu/popfu-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.4.34/firstclass2/firstclass2-ob-assets.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

Thanks so much for the help, and Happy New Years.
Will check back tomorrow to see if my scan looks okay.

p.s. upon rescanning my system, is it on the HJT program that I click "Add checked to Ignore List"?
 
Lets go ahead and remove these entries as well, they are just downloaded program files

O16 - DPF: WebWorks Help 3.0 - http://www.netgear.com/docs/mr814/wwhelp3.cab

O16 - DPF: {6F6DBC29-7A0C-4AC0-A42D-10EC70678526} (Word Cubes Control) - http://www.worldwinner.com/games/v4...be/wordcube.cab

O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.4.2....m-ob-assets.cab

O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.3.4....s-ob-assets.cab

O16 - DPF: Keno by pogo - http://game1.pogo.com/applet-6.3.1....o-ob-assets.cab

O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.3.4....o-ob-assets.cab

O16 - DPF: Showbiz Slots by pogo - http://game1.pogo.com/applet-6.3.1....z-ob-assets.cab

O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.3.4....a-ob-assets.cab

O16 - DPF: Showbiz Slots 2 by pogo - http://game1.pogo.com/applet-6.3.1....2-ob-assets.cab

O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.3.1....g-ob-assets.cab

O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.3.2....n-ob-assets.cab

O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.3.4....g-ob-assets.cab

O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.0....s-ob-assets.cab

O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.3.2....1-ob-assets.cab

O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.4.0....l-ob-assets.cab

O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.3.4....r-ob-assets.cab

O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab

O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - http://www.worldwinner.com/games/v4...jo/wordmojo.cab

O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.3.3....e-ob-assets.cab

O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.3.3....l-ob-assets.cab

O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.3.3....r-ob-assets.cab

O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://www.worldwinner.com/games/v45/sol/sol.cab

O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://www.worldwinner.com/games/v4...sol/golfsol.cab

O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab

O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.3.3....w-ob-assets.cab

O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.3.4....2-ob-assets.cab

O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.3.4....x-ob-assets.cab

O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.3.4....s-ob-assets.cab

O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.4.2....k-ob-assets.cab


O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v5...ool/h2hpool.cab

O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tile City Control) - http://www.worldwinner.com/games/v4...ty/tilecity.cab

O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.4....2-ob-assets.cab

O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.4....o-ob-assets.cab

O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinner.com/games/v55/cubis/cubis.cab

O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.3.4....d-ob-assets.cab

O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0....e-ob-assets.cab


O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.4.0....s-ob-assets.cab

O16 - DPF: The Sims Pinball by pogo - http://game1.pogo.com/applet-6.4.0....l-ob-assets.cab

O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/scanner/TestScanner.ocx

O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.4.0....k-ob-assets.cab

O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.4.0....s-ob-assets.cab

O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.4.0....r-ob-assets.cab

O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c2.cab

O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.4.2....g-ob-assets.cab

O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHe...n7/DLHelper.cab

O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.riverbelle.com/download_helper/Nyoko.cab


O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.4....u-ob-assets.cab


O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.4....2-ob-assets.cab


and then repost your new log....
 
3rd log

Removed all as instructed.Computer is still a bit sluggish, example when I get out of a program and wind up on my desktop, if I was to click on the "my computer" icon, or even the start button to log off, my cursor will just hang or freeze up on these items.
I also noticed the following folders under "Windows" "user data" what are these? and are they needed?

Well seems like Im having trouble copying and pasting the print screen I put into word. But it is approx 25 folders with titles like: Ozpj2ujd, and Khqvkxaf. They are all different. I think Ive had about 50 at one time, they come and go. Just very curious as to what they are.

But anyways, here is my third log after your instructions and very much appreciated help!

Logfile of HijackThis v1.99.1
Scan saved at 11:52:09 AM, on 12/31/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\HJT1.99.1\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\My Downloads2\SpybotS&D\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\SYSTEM\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O7 "EPUSB1:" /M "Stylus CX3200"
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O15 - Trusted Zone: http://loginnet.passport.com
O15 - Trusted Zone: http://members.msn.com
O15 - Trusted Zone: http://www.iwon.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.pogo.com/game/deluxe/zuma/popcaploader_v6.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} (GameControl Class) - http://www.midasplayer.com/midasa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab


Thanks again!!!
 
Excellent. Now do this for future scans.......

Re-scan your system, check everything, then on the bottom right hand corner, click "Add Checked to Ignore List", click "Yes", and thats it. The next time you have a problem and you see an entry, this will be a lot faster to troubleshoot.
 
The folders under UserData sounds like the work of the replicator worm.

Perform an online scan with Internet Explorer with Panda ActiveScan
** click on "Free use ActiveScan" located on the top right hand corner
  1. Click Check Now & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
  2. Enter your e-mail address, country, and state & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer
  • If it finds any malware, it will offer you a report.
    [*] Please ignore any entry it finds and wants you to buy the program for removal as we will address this later.
    [*] Click on see report. Then click Save report
Please post that log in your next reply.
 
Results of Panda Scan

Here are the results of the panda scan:

Incident Status Location

Spyware:spyware/betterinet Not disinfected C:\WINDOWS\INF\BIINI.INF
Spyware:spyware/dynadesk Not disinfected C:\PROGRAM FILES\ddm
Adware:adware/webhancer Not disinfected C:\PROGRAM FILES\whInstall
Adware:adware/startpage.amb Not disinfected C:\Favorites\Adult
Adware:adware/exact.bargainbuddyNot disinfected Windows Registry
Dialer:dialer.ce Not disinfected HKEY_CLASSES_ROOT\CLSID\{F72BC3F0-6C20-4793-9DDA-258589D8A907}
Adware:adware/cws Not disinfected Windows Registry
Dialer:dialer.b Not disinfected HKEY_CLASSES_ROOT\Interface\{8F0A06F6-DF4D-4D54-B8CA-E8EEDBAE6DDB}
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\INF\BIINI.INF
Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\INF\BIS.INF
Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\INF\BIR.INF
Adware:Adware/Transponder Not disinfected C:\WINDOWS\DLLArchive\D9D9F055_tdbRs.dll
Adware:Adware Program Not disinfected C:\Program Files\HiJack This\backup-20040518-011329-911.inf
Adware:Adware/WUpd Not disinfected C:\Program Files\HJT1.99.1\backups\backup-20051231-115100-329.dll
Thanks in advance for your help.
 
Download and install Cleanup but DO NOT run it yet!

Download KillBox
http://www.bleepingcomputer.com/files/spyware/KillBox.zip

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
    [X]Scan local drives for temporary files (Please uncheck this option)
  • Cleanup! All Users
Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.

Reboot into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.

Run KILL box. Paste the following locations into KILL BOX one at a time. Checkmark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletionÂ…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot.

C:\WINDOWS\INF\BIINI.INF
C:\PROGRAM FILES\ddm
C:\PROGRAM FILES\whInstall
C:\Favorites\Adult
C:\WINDOWS\INF\BIS.INF
C:\WINDOWS\INF\BIR.INF
C:\WINDOWS\DLLArchive\D9D9F055_tdbRs.dll
C:\Program Files\HiJack This\backup-20040518-011329-911.inf
C:\Program Files\HJT1.99.1\backups\backup-20051231-115100-329.dll

Once you reboot.......

Please download Trend Micro™ Anti-Spyware for the Web Utility (by clicking the "Scan and Clean your PC" button).
  • Save it to your desktop.
  • Double-click the new icon on your desktop (tmas-web-scan.exe)
  • It will say "Loading TrendMicro definitions".
  • Once the definitions are loaded, the program will appear to close then re-open.
  • Click "Start Scan"
  • After it's done scanning, click "Scan Results"
  • Make sure all items found have a check next to them, then click "Clean Threats Now".
  • Click Exit.

Reboot your computer. In place of the TrendMicro icon will be a text file called "Antispyware.log".

I then need you to repeat the same procedure above again... using the TrendMicro scan tool. I need the log from the second scan/clean...NOT the first...as this will contain whatÂ’s left in the system.
 
Status
Not open for further replies.

Similar threads

C
Moms laptop running slow Please check
Replies
4
Views
4K
chublake
C
G
Computer slow and work in background
Replies
0
Views
2K
grecycle99
G
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
C
please check
Replies
2
Views
3K
chublake
C
N
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding"
Replies
0
Views
4K
nev
N
Back
Top Bottom