A newbie w/malware need help

Hope I am doing this right.. I could really use some help. I have tried all the spy ware software that I have and still having problems. Some of my pages do not open at all and the pc runs soooo slow...Please be patient with me i am new at this. Thank you all in advance for any help on this matter. If I did it right my hijack file should be enclosed.....
Peggy from Michigan

 

Ms

Hello and thank you for helping me. I ran the scans and here is the results.
Microsoft Anti---- 0 found
Adware-- 7 found, 1, tracking cookie, 7 MRU's. cleaned and deleted.
Spybot.. When ever i use this one it always comes up with the same.
Windows sercuirty anti-virus disability notify
Windows sercuirty Firewall disability notify....... i check to fix. And it says it does but always comes back.
I am enclosing the other scans and report.
Hope I did okay, I am unsure on how to do this, but I am trying!! haahaa

Thank you again,
Peggy
There is a error in my bitfender file so i will have to re-do this one. Also I could not work the ccleaner program.

 

Ms

Hello,
Finally got the ccleaner to work and enclosed the file. Still cannot send bitdefender file,,,keeps coming up as error when i try to send. so...
Says.c;/Documents and settings\Peggy rydzewski\desktop\unuseddesktop shortcutsinstall_AIM exe=>wise0041=>wise0008 ,, disinfection failed.
Also update failed for this.
Hope I am doing this okay.. I am trying and hugs to you for your patience for helping all of us out here.

Peggy

 

Ms

Hello Once again........ Enclosed is the new hijack log. I deleted what you asked I hope !! Also with the bitdefender it would not let me delete or they did not delete, Said it failed.
Plus I do not know for sure how to delete the file you ask but I tried. Changed start up to normal.
My hijack log is coming up invalid so I will try again
Phew..... hope this works.....
You are a gem,
Thanks, Peggy

 

Ms

P.S. I have also noticed that when I go to a web pages and it needs to go to the next page it comes up blank. Example.. when I need to go to my bank homepage it says done but nothing but a blank page. it has been happening since I aquired this little bugger in my system.

 

Ms

Hello and sorry i did not get back to you sooner,,,,I work for Homeland Sercurty and had to work but i will try it on tuesday and get back to.Thanks again

 

Ms

Hello... I am here finally.. It sure is busy at our airport the last couple of days, so thank you for waiting for the winpfind file. Hope I am encloseing this right, If not, sorry.
WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...

Checking %System% folder...
PEC2 9/3/2002 11:30:40 AM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc
aspack 8/4/2004 12:56:36 AM 708096 C:\WINDOWS\SYSTEM32\ntdll.dll
winsync 9/3/2002 12:10:48 PM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu
PTech 11/4/2005 4:27:24 PM 534280 C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL
Umonitor 8/4/2004 12:56:44 AM 657920 C:\WINDOWS\SYSTEM32\rasdlg.dll
PECompact2 1/4/2006 7:46:40 PM 2827616 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 1/4/2006 7:46:40 PM 2827616 C:\WINDOWS\SYSTEM32\MRT.exe

Checking %System%\Drivers folder and sub-folders...
PTech 8/3/2004 10:41:38 PM 1309184 C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
1/15/2006 3:27:20 PM H 54156 C:\WINDOWS\QTFont.qfn
1/15/2006 3:23:14 PM S 2048 C:\WINDOWS\bootstat.dat
1/16/2006 6:48:54 PM H 1024 C:\WINDOWS\SYSTEM32\config\system.LOG
1/17/2006 3:38:00 AM H 131072 C:\WINDOWS\SYSTEM32\config\software.LOG
1/16/2006 6:26:44 PM H 1024 C:\WINDOWS\SYSTEM32\config\default.LOG
1/15/2006 3:23:16 PM H 1024 C:\WINDOWS\SYSTEM32\config\SAM.LOG
1/17/2006 12:10:16 AM H 1024 C:\WINDOWS\SYSTEM32\config\SECURITY.LOG
1/13/2006 4:18:36 AM H 1024 C:\WINDOWS\SYSTEM32\config\systemprofile\ntuser.dat.LOG
12/14/2005 12:40:34 AM S 194 C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\B82262A5D5DA4DDACE9EDA7F787D0DEB
12/14/2005 12:40:34 AM S 126 C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\7C8A03C4580C6B04FDF34357F3474EDC
12/14/2005 12:40:34 AM S 1370 C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\B82262A5D5DA4DDACE9EDA7F787D0DEB
12/14/2005 12:40:34 AM S 1047 C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\7C8A03C4580C6B04FDF34357F3474EDC
12/1/2005 7:12:48 PM S 10925 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB910437.cat
11/30/2005 11:17:10 PM S 21633 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB905915.cat
1/2/2006 6:09:36 PM S 11223 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB912919.cat
1/4/2006 5:38:42 PM HS 24 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\Preferred
1/4/2006 5:38:42 PM HS 388 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\e22c8a2c-5d7a-4448-932f-6d2cd30b2d35
11/24/2005 1:24:16 PM HS 24 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\Preferred
11/24/2005 1:24:16 PM HS 388 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\df602221-9b5c-4d8a-b0fe-7124a04b7dda
1/15/2006 3:23:20 PM H 6 C:\WINDOWS\TASKS\SA.DAT
1/13/2006 3:32:16 PM HS 67 C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\desktop.ini
1/13/2006 3:32:16 PM HS 67 C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\8XEVG1QF\desktop.ini
1/13/2006 3:32:16 PM HS 67 C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\85Q78P27\desktop.ini
1/13/2006 3:32:18 PM HS 67 C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\QULUMG8O\desktop.ini
1/13/2006 3:32:18 PM HS 67 C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\54LMGRGP\desktop.ini
1/13/2006 3:32:18 PM HS 113 C:\WINDOWS\TEMP\History\History.IE5\desktop.ini

Checking for CPL files...
Microsoft Corporation 8/4/2004 12:56:58 AM 358400 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 9/3/2002 11:40:00 AM 187904 C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 68608 C:\WINDOWS\SYSTEM32\joy.cpl
Microsoft Corporation 9/3/2002 11:47:04 AM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 129536 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 155136 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation 9/3/2002 12:06:36 PM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 5/26/2005 4:16:30 AM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 298496 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 68608 C:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 148480 C:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 380416 C:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 80384 C:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 135168 C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 94208 C:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 114688 C:\WINDOWS\SYSTEM32\powercfg.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 618496 C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 5/26/2005 4:16:30 AM 174360 C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 32768 C:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 68608 C:\WINDOWS\SYSTEM32\dllcache\access.cpl
Microsoft Corporation 9/3/2002 11:40:00 AM 187904 C:\WINDOWS\SYSTEM32\dllcache\main.cpl
Microsoft Corporation 9/3/2002 12:06:36 PM 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl
Microsoft Corporation 9/3/2002 11:47:04 AM 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
9/22/2005 8:44:26 PM 1452 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk
8/21/2004 1:24:54 PM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
4/22/2005 3:14:40 PM 1725 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
8/21/2004 11:58:04 AM 1644 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
8/21/2004 11:56:12 AM 875 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk

Checking files in %ALLUSERSPROFILE%\Application Data folder...
8/21/2004 1:13:36 PM HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini
1/5/2006 6:39:04 PM 2917 C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

Checking files in %USERPROFILE%\Startup folder...
8/21/2004 1:24:54 PM HS 84 C:\Documents and Settings\Peggy Rydzewski\Start Menu\Programs\Startup\desktop.ini

Checking files in %USERPROFILE%\Application Data folder...
8/21/2004 1:13:36 PM HS 62 C:\Documents and Settings\Peggy Rydzewski\Application Data\desktop.ini
10/13/2005 4:58:14 PM 56784 C:\Documents and Settings\Peggy Rydzewski\Application Data\GDIPFONTCACHEV1.DAT

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
SV1 =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Start Menu Pin = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{CFC7205E-2792-4378-9591-3879CC6C9022}
= c:\progra~1\mcafee.com\vso\mcvsshl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\UnlockerShellExtension
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} = C:\Program Files\Unlocker\UnlockerCOM.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\{CFC7205E-2792-4378-9591-3879CC6C9022}
= c:\progra~1\mcafee.com\vso\mcvsshl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
= %SystemRoot%\system32\SHELL32.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}
PCTools Site Guard = C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}
= C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B56A7D7D-6927-48C8-A975-17DF180C71AC}
PCTools Browser Monitor = C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tip of the Day = %SystemRoot%\System32\shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{BA52B914-B692-46c4-B683-905236F6F655} = McAfee VirusScan : c:\progra~1\mcafee.com\vso\mcvsshl.dll
{724d43a0-0d85-11d4-9908-00400523e39a} = &RoboForm : C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2D663D1A-8670-49D9-A1A5-4C56B4E14E84}
ButtonText = Spyware Doctor :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46}
ButtonText = Fill Forms :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49}
ButtonText = Save :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3369AF0D-62E9-4bda-8103-B4C75499B578}
ButtonText = AOL Toolbar :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{724d43aa-0d85-11d4-9908-00400523e39a}
ButtonText = RoboForm :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}
ButtonText = AIM : C:\Program Files\AIM\aim.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E023F504-0C5A-4750-A1E7-A9046DEA8A21}
ButtonText = MoneySide :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
ButtonText = Messenger : C:\Program Files\Messenger\msmsgs.exe

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{30D02401-6A81-11D0-8274-00C04FD5AE38}
Search Band = %SystemRoot%\System32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
=
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}
File Search Explorer Band = %SystemRoot%\system32\SHELL32.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
Favorites Band = %SystemRoot%\System32\shdocvw.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}
Explorer Band = %SystemRoot%\System32\shdocvw.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{724D43A0-0D85-11D4-9908-00400523E39A} = &RoboForm : C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
{1028F737-81E7-452B-A860-E50CAD90A08C} = :
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
{DE9C389F-3316-41A7-809B-AA305ED9D922} = AOL Toolbar :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
VSOCheckTask "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
VirusScan Online C:\Program Files\McAfee.com\VSO\mcvsshld.exe
MCUpdateExe c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
PPMemCheck c:\PROGRA~1\PESTPA~1\PPMemCheck.exe
PestPatrol Control Center c:\PROGRA~1\PESTPA~1\PPControl.exe
CookiePatrol c:\PROGRA~1\PESTPA~1\CookiePatrol.exe
WorksFUD C:\Program Files\Microsoft Works\wkfud.exe
Microsoft Works Portfolio C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
Microsoft Works Update Detection C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
MoneyStartUp10.0 "C:\Program Files\Microsoft Money\System\Activation.exe"
MPFExe C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
gcasServ "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

UserFaultCheck %systemroot%\system32\dumprep 0 -u
OASClnt C:\Program Files\McAfee.com\VSO\oasclnt.exe
MCAgentExe c:\PROGRA~1\mcafee.com\agent\McAgent.exe
iTunesHelper "C:\Program Files\iTunes\iTunesHelper.exe"
QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
HostManager C:\Program Files\Common Files\AOL\1125693931\ee\AOLHostManager.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed = 1
MSFS Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
AIM C:\Program Files\AIM\aim.exe -cnetwait.odl
Spyware Doctor "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
RoboForm "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
MoneyAgent "C:\Program Files\Microsoft Money\System\Money Express.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
system.ini 0
win.ini 0
bootini 0
services 0
startup 0


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer
NoControlPanel 0
NoComputersNearMe 0
NoDrives 0


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
{0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
dontdisplaylastusername 0
legalnoticecaption
legalnoticetext
shutdownwithoutlogon 1
undockwithoutlogon 1


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun 145
NoStartBanner

NoControlPanel 0
NoNetHood 0
NoComputersNearMe 0
NoDrives 0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\Shell


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll

 

Ms

Hi.. I ran the program you asked and it came up clean. When I run spybot it still comes up with the same error everytime as stated in a earlier post .I did not pay attention to what the page says when it comes up blank but I will next time it happens. As you know iI do not understand alot of this but it seems like when I have to run activex Page I have problems. Is there anything else you can suggest?

Thank you a bunch,
Peggy

ps.... here is one example page that does not come for me anymore.
http://slimjim.eprize.net/fairysnapmother/alt/

 

Ms

Hi.
I have heard some about firefox. Is it safe ans easy to use and where do i find it to download?
Also I am unsure if this matters or not but I get alot of script errors.

Peg

 

Ms

Hi,
If I opt to try to repair ot re-install IE,,, is it hard and how do I do that or where do i go yto do that.. Honestly I am a litt;e afraid to try firefox.. Do you have it ?

Hugs to you,
Peggy

 

Ms

Hello,
I ran the scan you asked and inserted the disc like they asked and when it finished restarted but still have the same problems. Could i re-install the windows xp then update or is that to drastic. Plus if I install firefox do I un-install IE or does firefox just override it.
Peggy

 

Hello.
As today isa my day-off(yea) I finally installed firefox and it seems great. A little slow right now an I have to figure out how to install and run my roboform that I highly use. Words can not express how grateful I am for you taking time out of your life to help me. I love this site. Is there any other tricks that I could learn to speed this up and let things run smoothly?

Always,
peggy

 

Ms

Hello,
Okay.. did what you asked and it is speeding things up somewhat. Got a little sluggish this afternoon, Had to reboot.
Also I have a question for you... I enter contest as a hobby and I have a program called turbosweeps. how do I import that to run off of firefox?

 

Ms

Hello,
Turbosweeps is a program that keeps tracks and auto-fills webpages(contests)that i enter on a daily basis. here is the link.
http://www.turbosweeps.com/start.htm
I believe it is still running off of IE because it still is coming up with script errors on every page.
Peggy

 

Ms

Hello,
I am unsure if I did or not, How do I check if I did. I do remember that I had to put in my roboform program in order to make it work. Boy-oh-boy do I feel stupid !!!

Peggy

 

Ms

It is a pop-up that says there is a error in the script of this page then list a line number,char, error, say unspecified error,code,..... it is not the same number on the line .. and my bookmarks are all there but it seems like the one program is running off of IE.
Peggy

 

Ms

Alright. And thank you again for all your help. Hope you have a fantasic year and may all good things come your way.

Peggy

 

Ms

Hi,
Sorry that I did not answer your question, but I want to say no. All I know is that We can go to this site www.turbosweeps.com and do the download. It is extremly helpful to me and I could not have my hobby without it. I went to download it with firefox and I think I made a mistake and ask to repair not install so I think I should go back and re-do. If you know someone whom likes to nter contest givr thisa try. Its great and I have won many item with it. DId this answer your question?
Peggy

 

Ms

Yes .. it is a free download. ANd I will go remove it and re-install.


Peggy