So, can no one help me on my sister's problem of not being able to change the home page away from update.miscrosoft . . .?
So, can no one help me on my sister's problem of not being able to change the home page away from update.miscrosoft . . .?
Hello.
We could see a log and take a look at the system.
- Open SpyBot, check for and get any updates available.
- Close all browsers, check for problems and fix everything found in red
- Then on the toolbar menu select mode and switch to advanced mode, on the left lower down select tools, and view report, ensure all the options are selected near the bottom except
- Uncheck[ ] do not report disabled or known legitimate Items.
- uncheck[ ] Include a list of services in report.
- Uncheck[ ] Include uninstall list in report.
- Now select (near the top) view report.
- Press export in the save in box choose a place such as your my documents folder, then in your next post near the bottom select the "browse" button; navigate to and attach or post that report.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
Tashi, Here is my sister's spybot log as you requested:
Oops, this window flew up and says:
The text that you have entered is too long (186323 characters). Please shorten it to 20000 characters long.
I will try to send it as an attachment. No, I get amessage that the attachment is too big in text format,
So, now what do I do?
zmartha
Hi there.
Did you follow these instructions:
which helps shorten the length of the logs.ensure all the options are selected near the bottom except
Uncheck[ ] do not report disabled or known legitimate Items.
uncheck[ ] Include a list of services in report.
Uncheck[ ] Include uninstall list in report.
If so, please use as many posts as it takes to copy/paste the log into the topic.
Cheers.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
I believe she followed all your instructions. I am back in the Ozarks and she is in Iowa, but I told her to follow your instructions, so here is the first part of the spybot log.
--- Search result list ---
Windows Security Center.FirewallDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
Avenue A, Inc.: Tracking cookie (Internet Explorer: Sue) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-07-03 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-07-01 Includes\Cookies.sbi (*)
2006-07-01 Includes\Dialer.sbi (*)
2006-07-01 Includes\Hijackers.sbi (*)
2006-07-01 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-07-01 Includes\Malware.sbi (*)
2006-07-01 Includes\PUPS.sbi (*)
2006-07-01 Includes\Revision.sbi (*)
2006-07-01 Includes\Security.sbi (*)
2006-07-01 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-07-01 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Windows XP Hotfix - KB888310
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
--- Startup entries list ---
Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 339968
MD5: acc7b414ef1abea6aa654b74cc9a90cf
Located: HK_LM:Run, CTSysVol
command: C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
file:
Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 122939
MD5: 790490f273b0e3bcf05dc3c308abcc0b
Located: HK_LM:Run, DVDLauncher
command: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
file: C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 57344
MD5: 7e5fc860ecbd3fe4d0bf7e1814a37b56
Located: HK_LM:Run, HP Component Manager
command: "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
file: C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: e91cde1b706189c03904a901a1ca1832
Located: HK_LM:Run, HP Software Update
command: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 821f73b833c4daebc33c1a9a4b16bb5a
Located: HK_LM:Run, IAAnotif
command: C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
file: C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
size: 135168
MD5: 84ce197c2869be8965644396841fdd19
Located: HK_LM:Run, IntelMeM
command: C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
file: C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
size: 221184
MD5: bc02e491e88492b02363ce1b384ff7a7
Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep.exe
size: 10752
MD5: 13922eb54890c77005268882629a31fe
Located: HK_LM:Run, MCAgentExe
command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
file: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
size: 303104
MD5: e8d2dcece015f4558aa3853514664f15
Located: HK_LM:Run, MCUpdateExe
command: c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
file: c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
size: 212992
MD5: dec79e9887924b82837b9b7730ecaa1f
Located: HK_LM:Run, MediaFace Integration
command: C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
file: C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
size: 53248
MD5: c108e71530073dda128b9998be00acf9
Located: HK_LM:Run, Microsoft Works Update Detection
command: C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
file: C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
size: 50688
MD5: 5046f135bb97a68bfe485ab039e605c0
Located: HK_LM:Run, mmtask
command: C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
file: C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
size: 53248
MD5: ddded6213d8e8cb91a9bf3107114b335
Located: HK_LM:Run, MPFExe
command: C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
file: C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
size: 1005096
MD5: d76dcba1bce72093e00a4efa114a4e98
Located: HK_LM:Run, OASClnt
command: C:\Program Files\McAfee.com\VSO\oasclnt.exe
file: C:\Program Files\McAfee.com\VSO\oasclnt.exe
size: 53248
MD5: 76e033f33912bfaca4a05be8d1f3a740
Located: HK_LM:Run, P17Helper
command: Rundll32 P17.dll,P17Helper
file:
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: c341ccfbe98bc7df6e0b856bb9fc265a
Located: HK_LM:Run, RealTray
command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
file:
Located: HK_LM:Run, ReminderApp
command: C:\Program Files\Nova Development\Greeting Card Factory Deluxe\ReminderApp.exe
file: C:\Program Files\Nova Development\Greeting Card Factory Deluxe\ReminderApp.exe
size: 145104
MD5: 465499c49b9e1ff943998197464b01ac
Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
file: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ed85b344e6edc30c1bc57ec1a2a56bf3
Located: HK_LM:Run, UpdateManager
command: "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
file: C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
size: 110592
MD5: 52b80c30225de81d7ac989dfe7311877
Located: HK_LM:Run, UpdReg
command: C:\WINDOWS\UpdReg.EXE
file: C:\WINDOWS\UpdReg.EXE
size: 90112
MD5: c419df63e0121d72411285780c2fc6cc
Located: HK_LM:Run, VirusScan Online
command: C:\Program Files\McAfee.com\VSO\mcvsshld.exe
file: C:\Program Files\McAfee.com\VSO\mcvsshld.exe
size: 163840
MD5: b154ac6dbd82f96476003e58e1625bd8
Located: HK_LM:Run, VSOCheckTask
command: "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
file: C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe
size: 151552
MD5: 3c943ceb913520f9981d82db93ba7a8a
Located: HK_LM:Run, Windows Defender
command: "C:\Program Files\Windows Defender\MSASCui.exe" -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 777424
MD5: 3207bba7a51043ff2c5d64df4c3b6310
Located: HK_LM:Run, zSPGuard
command: c:\program files\pjw\spguard\spguard.exe /s
file:
Located: HK_LM:RunOnceEx,
command:
file:
Located: HK_CU:Run, DellSupport
command: "C:\Program Files\Dell Support\DSAgnt.exe" /startup
file: C:\Program Files\Dell Support\DSAgnt.exe
size: 306688
MD5: cea4715092cb7984420dbc9f51fb4c35
Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259
Located: HK_CU:Run, SpybotSD TeaTimer
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1415824
MD5: 70496eee0ddbe485f658693826f44d38
Located: Startup (common), HP Digital Imaging Monitor.lnk
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 241664
MD5: 16e91805cc071039372ae0037aaa9a2b
Located: Startup (common), HP Image Zone Fast Start.lnk
command: C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
size: 53248
MD5: 91c0436bd6cb73370895ef33c1c9cb47
Located: Startup (common), Kodak EasyShare software.lnk
command: C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
file: C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
size: 176128
MD5: 1774f25ee888f4af98dd7aefc2bfbb89
Located: Startup (common), Kodak software updater.lnk
command: C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
Here is 2nd part of 3 parts of sister's spybot log:
file: C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
size: 16423
MD5: db9012564169875f5b2aa7f5fc4905e4
Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5bc65464354a9fd3beaa28e18839734a
Located: Startup (user), SpywareGuard.lnk
command: C:\Program Files\SpywareGuard\sgmain.exe
file: C:\Program Files\SpywareGuard\sgmain.exe
size: 360448
MD5: 61c028aba5e49573a6332f4a7c744e87
Located: Startup (user), Yankee Clipper III.lnk
command: C:\Program Files\YCIII\YankClip.exe
file: C:\Program Files\YCIII\YankClip.exe
size: 1368064
MD5: 046bcdf0793e96dc6d7a4c780ee73ce6
Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll
Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{549B5CA7-4A86-11D7-A4DF-000874180BB3} ()
BHO name:
CLSID name:
{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\system32\dla\
Long name: tfswshx.dll
Short name:
Date (created): 1/17/2005 11:22:04 PM
Date (last access): 7/5/2006 6:29:22 PM
Date (last write): 8/13/2004 2:05:00 AM
Filesize: 118842
Attributes: archive
MD5: 14EFF6496CF0E873F8F7CD930B135CF9
CRC32: AD5180E4
Version: 1.4.8.0
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} ()
BHO name:
CLSID name:
description: Microsoft Money
classification: Open for discussion
known filename: mnyviewer.dll
info link: <http://www.microsoft.com/money/default.asp>
info source: TonyKlein
--- ActiveX list ---
--- Process list ---
PID: 0 ( 0) [System]
PID: 596 ( 4) \SystemRoot\System32\smss.exe
PID: 644 ( 596) \??\C:\WINDOWS\system32\csrss.exe
PID: 668 ( 596) \??\C:\WINDOWS\system32\winlogon.exe
PID: 712 ( 668) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 724 ( 668) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 912 ( 712) C:\WINDOWS\system32\Ati2evxx.exe
size: 389120
MD5: 4DEAA162480367B232F3EE3A6D34084B
PID: 932 ( 712) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1004 ( 712) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1100 ( 712) C:\Program Files\Windows Defender\MsMpEng.exe
size: 14032
MD5: E7E81C6BCD697F5921DF6D6781D2673D
PID: 1164 ( 712) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1308 ( 712) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1440 ( 712) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1568 ( 712) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1728 (1704) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1844 (1728) C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ED85B344E6EDC30C1BC57EC1A2A56BF3
PID: 1884 (1728) C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
size: 135168
MD5: 84CE197C2869BE8965644396841FDD19
PID: 1924 (1728) C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
size: 221184
MD5: BC02E491E88492B02363CE1B384FF7A7
PID: 1932 (1728) C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
size: 57344
MD5: E7D1D8179FE03E2BC569A92B56509414
PID: 1948 (1728) C:\WINDOWS\system32\Rundll32.exe
size: 33280
MD5: DA285490BBD8A1D0CE6623577D5BA1FF
PID: 1972 (1728) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 57344
MD5: 7E5FC860ECBD3FE4D0BF7E1814A37B56
PID: 1992 (1728) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 122939
MD5: 790490F273B0E3BCF05DC3C308ABCC0B
PID: 2008 (1728) C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
size: 53248
MD5: DDDED6213D8E8CB91A9BF3107114B335
PID: 2032 (1728) C:\PROGRA~1\mcafee.com\agent\mcagent.exe
size: 303104
MD5: E8D2DCECE015F4558AA3853514664F15
PID: 160 (1728) C:\Program Files\Real\RealPlayer\RealPlay.exe
size: 26112
MD5: 849D97FE4CC09CFC2772D10F641E1BAF
PID: 232 (1728) C:\Program Files\McAfee.com\VSO\mcvsshld.exe
size: 163840
MD5: B154AC6DBD82F96476003E58E1625BD8
PID: 252 (1728) C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
size: 50688
MD5: 5046F135BB97A68BFE485AB039E605C0
PID: 280 ( 232) c:\progra~1\mcafee.com\vso\mcvsescn.exe
size: 483328
MD5: 3B1A1BAA8D7444DEFCE4093611212ED6
PID: 412 (1728) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: E91CDE1B706189C03904A901A1CA1832
PID: 432 ( 712) C:\WINDOWS\system32\CTsvcCDA.EXE
size: 44032
MD5: 3C8B6609712F4FF78E521F6DCFC4032B
PID: 476 ( 712) C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
size: 73852
MD5: 3277CF101AE78C38B00702D688E37D44
PID: 504 ( 712) c:\program files\mcafee.com\agent\mcdetect.exe
size: 126976
MD5: F73B0F3EBD90B1C87A3B93BE94E831C7
PID: 548 ( 712) c:\PROGRA~1\mcafee.com\vso\mcshield.exe
size: 221184
MD5: FAE84A2F9C11B7C532950BF0AE1EC26A
PID: 624 (1728) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 821F73B833C4DAEBC33C1A9A4B16BB5A
PID: 832 (1728) C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
size: 1005096
MD5: D76DCBA1BCE72093E00A4EFA114A4E98
PID: 776 (1728) C:\Program Files\McAfee.com\VSO\oasclnt.exe
size: 53248
MD5: 76E033F33912BFACA4A05BE8D1F3A740
PID: 956 (1728) C:\Program Files\Nova Development\Greeting Card Factory Deluxe\ReminderApp.exe
size: 145104
MD5: 465499C49B9E1FF943998197464B01AC
PID: 1080 (1728) C:\Program Files\Windows Defender\MSASCui.exe
size: 777424
MD5: 3207BBA7A51043FF2C5D64DF4C3B6310
PID: 1208 (1728) C:\Program Files\Dell Support\DSAgnt.exe
size: 306688
MD5: CEA4715092CB7984420DBC9F51FB4C35
PID: 1292 ( 712) c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
size: 122368
MD5: A214E217784D1002411DCA8E9793D4A4
PID: 1456 ( 712) C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
size: 548864
MD5: 316535E69181703D4CE4623DEA29FECB
PID: 1688 ( 712) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1780 ( 712) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 1344 ( 712) C:\WINDOWS\system32\MsPMSPSv.exe
size: 53520
MD5: 581176F60885AEF8F78C6E38DCC3CDF9
PID: 2168 (1728) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1415824
MD5: 70496EEE0DDBE485F658693826F44D38
PID: 2264 (1728) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 241664
MD5: 16E91805CC071039372AE0037AAA9A2B
PID: 2344 (1728) C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
size: 176128
MD5: 1774F25EE888F4AF98DD7AEFC2BFBB89
PID: 2388 (1728) C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
size: 16423
MD5: DB9012564169875F5B2AA7F5FC4905E4
PID: 2476 (1728) C:\Program Files\SpywareGuard\sgmain.exe
size: 360448
MD5: 61C028ABA5E49573A6332F4A7C744E87
PID: 2516 (1728) C:\Program Files\YCIII\YankClip.exe
size: 1368064
MD5: 046BCDF0793E96DC6D7A4C780EE73CE6
PID: 2604 (2476) C:\Program Files\SpywareGuard\sgbhp.exe
size: 233472
MD5: A80D0704537C0EF97DB2BEF24B99AF1A
PID: 2720 (2284) C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
size: 520192
MD5: B828B8620CAB7FC4D6865A30FB650049
PID: 3572 ( 712) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 3580 ( 932) C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
size: 524288
MD5: EFFC4B0F270FC1A6EDF49A274BF5CDF8
PID: 288 ( 712) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 3204 (1728) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 7/5/2006 6:42:01 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\SYSTEM\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
<http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch>
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
<http://bfc.myway.com/search/de_srchlft.html>
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
<http://www.google.com/>
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
<http://www.dell4me.com/myway>
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\First Home Page
<http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1>
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
<http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch>
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
<http://home.microsoft.com/search/search.asp>
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoftcom/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home <http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home>
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
<http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome>
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
<http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch>
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
<http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm>
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
<http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm>
part 3 of sister's spybot log of perhaps 6 parts
--- Winsock Layered Service Provider list ---
--- Uninstall list ---
2 Player Chess (2 Player Chess)
uninstall cmd: C:\PROGRA~1\eGames\2PLAYE~1\UNWISE.EXE C:\PROGRA~1\eGames\2PLAYE~1\INSTALL.LOG
Acey Deucy Backgammon (Acey Deucy Backgammon)
uninstall cmd: C:\PROGRA~1\eGames\ACEYDE~1\UNWISE.EXE C:\PROGRA~1\eGames\ACEYDE~1\INSTALL.LOG
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com
(AddressBook)
ATI Display Driver 8.051-040825a-017900C-Dell (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Boggle (Bogglev1)
uninstall cmd: C:\WINDOWS\uninst.exe -fC:\WINDOWS\DeIsL1.isu
(Branding)
By Design (By Design V5.0)
uninstall cmd: C:\WINDOWS\uninst.exe -f"C:\Program Files\By Design\DeIsL2.isu"
Card and Board Games (Card and Board Games)
uninstall cmd: C:\PROGRA~1\eGames\CARDAN~1\UNWISE.EXE C:\PROGRA~1\eGames\CARDAN~1\INSTALL.LOG
Checkers (Checkers)
uninstall cmd: C:\PROGRA~1\eGames\Checkers\UNWISE.EXE C:\PROGRA~1\eGames\Checkers\INSTALL.LOG
Chinese Checkers Special Edition (Chinese Checkers Special Edition)
uninstall cmd: C:\PROGRA~1\eGames\CHINES~1\UNWISE.EXE C:\PROGRA~1\eGames\CHINES~1\INSTALL.LOG
Milton Bradley Classic Board Games (ClassicBoard)
uninstall cmd: C:\Program Files\Hasbro Interactive\Classic Games\MBUninst.exe
Colors of War (Colors of War)
uninstall cmd: C:\PROGRA~1\eGames\COLORS~1\UNWISE.EXE C:\PROGRA~1\eGames\COLORS~1\INSTALL.LOG
(Connection Manager)
Corel Applications (Corel Applications)
uninstall cmd: C:\WINDOWS\Corel\Uninstal.exe
(Creative MediaSource)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9 /remove
(Creative MediaSource Detector)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9 /remove
(Creative MediaSource Player Skin Pack)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9 /remove
(Creative MiniDisc Center)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x9 /remove
(Creative Restore Defaults)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
(Creative WaveStudio)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
Cribbage (Cribbage)
uninstall cmd: C:\PROGRA~1\eGames\Cribbage\UNWISE.EXE C:\PROGRA~1\eGames\Cribbage\INSTALL.LOG
Crossword Mania (Crossword Mania)
uninstall cmd: C:\PROGRA~1\eGames\CROSSW~1\UNWISE.EXE C:\PROGRA~1\eGames\CROSSW~1\INSTALL.LOG
Dell Support 5.0.0 (766) (DellSupport)
uninstall cmd: rundll32 C:\PROGRA~1\DELLSU~1\AUInst.dll,ExUninstall
(DEVCTRL2)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC0DD8AE-3DC0-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9 /remove
(Diagnostics3)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
(DirectAnimation)
(DirectDrawEx)
(dlatray.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Dominoes Deluxe (Dominoes Deluxe)
uninstall cmd: C:\PROGRA~1\eGames\DOMINO~1\UNWISE.EXE C:\PROGRA~1\eGames\DOMINO~1\INSTALL.LOG
Dweebs (Dweebs)
uninstall cmd: C:\PROGRA~1\eGames\Dweebs\UNWISE.EXE C:\PROGRA~1\eGames\Dweebs\INSTALL.LOG
(DXM_Runtime)
(EAX)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
eGames Fishing (eGames Fishing)
uninstall cmd: C:\PROGRA~1\eGames\EGAMES~1\UNWISE.EXE C:\PROGRA~1\eGames\EGAMES~1\INSTALL.LOG
(EQUALIZER)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9 /remove
Euchre (Euchre)
uninstall cmd: C:\PROGRA~1\eGames\Euchre\UNWISE.EXE C:\PROGRA~1\eGames\Euchre\INSTALL.LOG
Extreme Bugs Special Edition (Extreme Bugs Special Edition)
uninstall cmd: C:\PROGRA~1\eGames\EXTREM~1\UNWISE.EXE C:\PROGRA~1\eGames\EXTREM~1\INSTALL.LOG
Extreme Orchids Special Edition (Extreme Orchids Special Edition)
uninstall cmd: C:\PROGRA~1\eGames\EXTREM~2\UNWISE.EXE C:\PROGRA~1\eGames\EXTREM~2\INSTALL.LOG
(Fontcore)
Four Field Kono (Four Field Kono)
uninstall cmd: C:\PROGRA~1\eGames\FOURFI~1\UNWISE.EXE C:\PROGRA~1\eGames\FOURFI~1\INSTALL.LOG
Galaxy Man (Galaxy Man)
uninstall cmd: C:\PROGRA~1\eGames\GALAXY~1\UNWISE.EXE C:\PROGRA~1\eGames\GALAXY~1\INSTALL.LOG
Geo Jump (Geo Jump)
uninstall cmd: C:\PROGRA~1\eGames\GEOJUM~1\UNWISE.EXE C:\PROGRA~1\eGames\GEOJUM~1\INSTALL.LOG
Gin Rummy (Gin Rummy)
uninstall cmd: C:\PROGRA~1\eGames\GINRUM~1\UNWISE.EXE C:\PROGRA~1\eGames\GINRUM~1\INSTALL.LOG
HP Image Zone 4.2 4.2 (HP Photo & Imaging)
uninstall cmd: C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
publisher: HP
help link: http://www.hp.com/support
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
(InstallShield Uninstall Information)
Hoyle Casino 2004 1.00.0000 (InstallShield_{224C47F4-CB95-406C-8AD6-81002FEED0CF})
version: 16777216
version (major): 1
estimated size: 496372
install date: 20050125
install source: D:\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{224C47F4-CB95-406C-8AD6-81002FEED0CF}
publisher: Sierra
comments: Patches on the Sierra site are in the Support then Downloads section.
contact: Sierra Entertainment Technical Support
help link: http://support.vugames.com
help telephone: 1-310-649-8033
readme: readme.txt
Broadcom Advanced Control Suite 2 7.58.01 (InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C})
version: 121241601
version (major): 7
version (minor): 58
install date: 20050117
install location: C:\Program Files\Broadcom\BACS\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2E086814-7392-4E0F-ADB8-54A81E47406C} /l1033
publisher: Broadcom
comments: Broadcom Advanced Control Suite 2 (BACS)
contact: Dell Customer Support
help link: http://www.support.dell.com
help telephone: ..
readme: C:\Program Files\Broadcom\BACS\Readme.txt
MediaFACE 4.01 4.01 (InstallShield_{41979C2F-34B8-4F92-8111-B13C5864682D})
version: 67174400
version (major): 4
version (minor): 1
estimated size: 151589
install date: 20050303
install source: D:\Setup\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{41979C2F-34B8-4F92-8111-B13C5864682D} /l1033
publisher: Fellowes
comments:
contact: Media Labeling Technical Support
help link: http://www.fellowes.com
help telephone: 1-866-775-7860
readme: file://C:\Program Files\Fellowes\MediaFACE 4.0\License.txt
Hoyle Card Games 2004 1.00.0000 (InstallShield_{744F6CCF-9F56-40A0-A33D-2A45D53B6046})
version: 16777216
version (major): 1
estimated size: 529572
install date: 20050124
install source: D:\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{744F6CCF-9F56-40A0-A33D-2A45D53B6046}
publisher: Sierra
comments: Patches on the Sierra site are in the Support then Downloads section.
contact: Sierra Entertainment Technical Support
help link: http://support.vugames.com
help telephone: 1-310-649-8033
readme: readme.txt
MediaFACE 4.01 Image Library 4.01 (InstallShield_{82AF77BC-423D-42DA-BE5B-FFCA04752181})
version: 67174400
version (major): 4
version (minor): 1
estimated size: 71377
install date: 20050303
install source: D:\ImageLibraries\All\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{82AF77BC-423D-42DA-BE5B-FFCA04752181} /l1033
publisher: Fellowes
comments:
contact: Media Labeling Technical Support
help link: http://www.fellowes.com
help telephone: +1-866-775-7860
Hoyle Games Demo 1.00.0000 (InstallShield_{9B738A2B-FA31-4483-BC1B-7C49CE4F3C59})
version: 16777216
version (major): 1
estimated size: 53728
install date: 20050124
install source: D:\HSD2\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{9B738A2B-FA31-4483-BC1B-7C49CE4F3C59}
Tashi,
I have submitted spybot log 4 & 5, but they don't appear, and I still have a 6 & 7, but I don't want to post them if the other two posts aren't going to show up.
zmartha:
It appears that you (or your sister) may not have unchecked the following items before producing the Spybot report, causing the listing to be extremely large:
[ ] Include uninstall list in report.
[ ] Include a list of services in report.
Wait and see if what you posted so far is sufficient for analysis.
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
zmartha:
Possible cause of problem:
From Spybot Report:
From Bleeping Computer:Code:Located: HK_LM:Run, zSPGuard command: c:\program files\pjw\spguard\spguard.exe /s
- Spguard.exe Information
http://www.bleepingcomputer.com/star....exe-7084.html
"StartPage Guard (SPG) protects your PC from cyberscam, by detecting and preventing any unauthorized changes to your internet browser's Start and Search pages. It is also capable of removing automatically most of known 'invaders'."
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.