Suspected Trojan Horse Infection [Archive]

View Full Version : Suspected Trojan Horse Infection

txag89

2006-05-01, 06:33

My PC recently was infected by a trojan horse that redirected my IE homepage to a anti-spyware vendor's home page, in addition to other problems. I followed the instructions given in the following thread:http://forums.spybot.info/showthread.php?t=4015

Following these instructions seemed to have helped, but I don't know if it has completely eliminated the problem. Can someone confirm that my issue is fixed?

Attached are the requested log files.

rapport.txt
SmitFraudFix v2.37

Scan done at 22:02:28.43, Sun 04/30/2006
Run from C:\Documents and Settings\Roark Pollock\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\ot.ico Deleted
C:\WINDOWS\system32\stdole3.tlb Deleted
C:\WINDOWS\system32\1024\ Deleted
C:\Program Files\Security Toolbar\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» End

ewido log
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 9:00:17 PM, 4/30/2006
+ Report-Checksum: FE75A040

+ Scan result:

C:\Documents and Settings\MCX1\Cookies\mcx1@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Hypertracker : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.254:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.280:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.281:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.282:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.283:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.284:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.301:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.302:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.306:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.336:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.337:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.338:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.376:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.377:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.461:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.462:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.466:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.482:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.485:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.486:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.487:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.488:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.522:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.523:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.525:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.526:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.528:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.546:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.573:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.574:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.575:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.576:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.577:C:\Documents and Settings\Roark Pollock\Application Data\Mozilla\Firefox\Profiles\dgpke7d5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\WINDOWS\cpbrkpie.ocx -> Adware.Coupons : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\miniclipGameLoader.dll -> Downloader.Small : Cleaned with backup
C:\WINDOWS\SYSTEM32\dcomcfg.exe -> Downloader.Zlob.mj : Cleaned with backup
C:\WINDOWS\SYSTEM32\hp81FC.tmp -> Downloader.Zlob.mr : Cleaned with backup
C:\WINDOWS\SYSTEM32\simpole.tlb -> Downloader.Zlob.mj : Cleaned with backup

::Report End

I will post the HJT log in the next message.

Thanks for any help you can lend.

txag89

2006-05-01, 06:34

Here is the HJT log.

Logfile of HijackThis v1.99.1
Scan saved at 10:09:08 PM, on 4/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
C:\PROGRA~1\Dantz\RETROS~1\RetroExpress.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\EHOME\RMSysTry.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [RetroExpress] C:\PROGRA~1\Dantz\RETROS~1\RetroExpress.exe /h
O4 - HKLM\..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\EHOME\RMSysTry.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: ItsDeductiblePopUp.lnk = C:\Program Files\ItsDeductible\ItsDeductible.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146441161083
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/1441/ftp.coupons.com/v3123/cpbrkpie.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

pskelley

2006-05-01, 18:06

Hello and welcome to the forum. There are still some nasties, let's do this:

Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/...gameloader.cab
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/supergerball...GameLoader.dll
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/instal...sinstaller.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/14...3/cpbrkpie.cab

Close all programs but HJT and all browser windows, then click on "Fix Checked"

Enable hidden files&folders..reverse the process when finished.
http://www.xtra.co.nz/help/0,,4155-1916458,00.html

RIGHT Click on Start then click on Explore. Locate and delete these items:

C:\Windows\Prefetch\ >>> delete the contents (NOT THE FOLDER)
Prefetch info: http://www.windowsnetworking.com/articles_tutorials/Gaining-Speed-Empty-Prefetch-XP.html

Download CCleaner from this link: http://www.ccleaner.com/ Review the instructions http://www.ccleaner.com/help/tour1.asp
Run CCleaner, Windows & Applications when you run the registry cleaner (Issues) you will be prompted to backup before you can remove stuff, make sure you do.

Restart the computer and post a new HJT log along with your comments. How is the computer running now?

Thanks...pskelley
Safer Networking Forums

txag89

2006-05-02, 04:10

I have completed the instructions you gave me pskelley. The ccleaner utility found a very large number of registry entries to delete - it took 3 runs to completely clear all the issues. The PC appears to be running normally, but it did take an unusually long time to boot the first time after the changes.

However, I can't find any evidence of the previous problems. Below is the HJT log file. Please let me know if you see any other issues at this point or if there are any other steps I should take.

Thanks.
------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 8:02:41 PM, on 5/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\EHOME\RMSysTry.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\Program Files\Hijackthis\HijackThis.exe

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [RetroExpress] C:\PROGRA~1\Dantz\RETROS~1\RetroExpress.exe /h
O4 - HKLM\..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\EHOME\RMSysTry.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: ItsDeductiblePopUp.lnk = C:\Program Files\ItsDeductible\ItsDeductible.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146441161083
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

pskelley

2006-05-02, 04:27

Hello and thanks for returning the information. First, here is some information to help control those nasty cookies in Firefox:
http://privacy.getnetwise.org/browsing/tools/firefox1/ffdisablecookies
http://www.mozilla.org/projects/security/pki/psm/help_21/using_priv_help.html

Cleaning the Prefetch does slowdown a few boots until windows repopulates it for you. I don't suggest you clean it more often than was suggested in the link. I always do mine if I notice my computer getting sluggish.
You are also running ewido, if you don't own it, read the information I post later.

Your HJT log looks clean of malware, here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
http://boards.cexx.org/viewtopic.php?t=957
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

ewido is a great program but it does use some resources. Once the trial is over you can update and use the scanner for as long as you wish, but unless you purchase it you should turn it off completely so it does not run unless you start it manually.

System Restore does not know the good files from the bad. In case bad stuff has gotten into your System Restore files, follow the instructions in this link to get clean System Restore files. Turn it off, reboot then turn it back on:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?Open&src=sec_doc_nam

Here is some information that might help with the overall performance:
http://www.microsoft.com/windows/IE/community/columns/IEtopten.mspx
http://vlaurie.com/computers2/Articles/runbetter.htm
http://www.linkgrinder.com/tutorials/10_Easy_Steps_to_Speed_Up_Your_Comp_24946_Computers_article.html
http://www.techbuilder.org/recipes/59201471

Safe surfing...Phil:bigthumb:

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.

txag89

2006-05-02, 17:01

Thanks very much for the help pskelley. I also appreciate the follow-on information to help me prevent the issues from re-occurring. Hopefully I will not have to return to this particular forum with problems.

Take care and thanks again!

:)

CalamityJane

2006-05-06, 02:54

Since it appears your issues have been resolved, I'll go ahead and close and archive this thread. Should you need it reopened for any reason, please feel free to PM me or one of the Forum Leaders :)