Desktop item

I have what appears to be a link on my desktop that I can't click on, my icons appear over the top of, and I would like to get rid of it because someone said it could be a trojan.
So, I have done the Read And Run Me thing all the way to the Panda scan, which advised it couldn't do something, and asked if I wanted it to scan anyway, I did and It did, I will attempt to attach the logs. You may get more than you need, sorry.
Oh by the way I am on dial up, so I could not do step 6 in Safe Mode.
This item states: To access web sites or emails, you must have an internet service provider.... (then it drops down and in bold larger font) To setup Internet access, open: This item covers about 20% of the center of my screen. I run XP and it has crashed once before, last year.
I would love to know what makes these PCs tick, I have always tinkered with my machines, but don't have a clue about these things, and it is very frustrating when something goes off and I am helpless to do anything.
So any help you guys can give would be valuable to me, thanks ahead of time. James

 

Please attach the log from the Panda online scan and the Bit Defender log.

Please see the below thread on how to install and run Ewido Security Suite.

• Running Ewido Security Suite ...

 

bj, I could not get Panda to download, so I haven't ran that. I will attach the Ewido log so you can review that. Thanks, James

 

New problem found

When trying to run automatic updates off the microsoft web site, I get kicked off AOL with this message," Error c0000005 occurredd in module MSXML3.DLL at address 72E023E5, and it Aol restarts. Also, when I click on Automatic Updates in my Control Panel, I get: An exception occured while trying to run "shell32.dll,Control_RunDLL "C:\WINDOWS\System32\wuaucpl.cpl",Automatic Updates"
So I'm guessing its got something to do with blocking my auto updates...
BRILLIANT...as the beer guys say.
Help me Help me.

 

Attach a fresh HJT log from normal mode.

 

Here is the new HJT log, it was ran while online, with Avast and other security stuff running in normal mode.

 

Please look in Add or Remove Programs for the following and Uninstall them if found:

Ewido

WildTangent

AdwareAlert

Now scan with HijackThis and check the boxes for the following entries:
( Make sure ALL browser windows are closed when you click FIX )

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us5.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us5.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us5.hpwis.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://srch-us5.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://srch-us5.hpwis.com/

O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot

Again, make sure ALL browser windows are closed when you click FIX.

Now, Please boot into Safe Mode, be sure you have the Viewing of Hidden Files & Folders Enabled per the tutorial. Now, navigate to and DELETE the following if they should remain:

C:\Program Files\WildTangent ← Delete this whole folder if it exist!

C:\Program Files\AdwareAlert ← Delete this whole folder if it exist!

Next, run CCleaner to clean up cookies and temp files.

Run full scans with Ad-Aware SE & Spybot S&D and have both programs fix what they find.
Note: Remember to get all updates before doing the scans.

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:

• Temporary Files
• Temporary Internet Files
• Recycle Bin

And Click OK.

Finally, I would like you to flush your System Restore points. Please follow the instructions in the below:

• Disable and Re-enable System Restore
  
  
• Turn OFF System Restore to flush any bad Restore Points.
  
  
• Then, follow the instructions at the bottom of the linked page to Re-enable the Restore Utility which will create a fresh restore point.

Reboot to Normal Windows, Scan with HijackThis and attach the new log.
Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.

 

Still slow and ugly

Ok, I did what you suggested, but on the download of "Detection rules" for Spybot S&D it gave a bad checksum.

In my control panel, there is a "Wildtangent Contro Panel" it only gives two options, OPEN or create a shortcut, there is no delete option and there is no wildtangent anything in my add/delete programs list.

Automatic updates still don't work and give the same message: An exception has occurred while trying to run "shell32.dll,Control_RunDLL "C:\WINDOWS\System32\wuaucpl.cpl",Automaic Updates"

And that mysterious "Internet Access" link is still on my desktop.

I do have a Louiville Slugger in the closet!!!

 

You log looks good but there is a few things you must do. First, install Serivce Pack 2 for security purposes and then follow the below.

Navigate to and delete the file C:\WINDOWS\system32\wtcpl.cpl and then the Wild Tangent icon the Control Panel should be gone.

After you complete the above, reboot and let me know how things are running along with a fresh HJT log.

 

I'm dieing a sure death, I think!!!

Ok, it seems to be getting worse. Now when I try to install the updates, it freezes and I sometimes have to reboot to get anything done.
When I click on install updates and it tries to, it only sits on the 1 of 22 updates for ever with no progress. So only a few updates show to be installed when I look at the "history of updates" on the Microsoft download page.
The wildtangent icon is now gone from my control panel, thanks.
But I am really concerned my PC in not far from giving up, like it did about a year ago. Oh, here is another HJT log.
Help me , Help me. James

 

Download Service Pack 1a and install this update.

After you have installed this update, then download and instal the below update.

Windows XP Service Pack 2

 

Ok, it took the updates, and restarted very slow but seems to be complete.
The "Internet access" thing is still on my desktop though.
I haven't used the PC much else to say how it is really performing.

Here is something of note... the clock is 15 minutes fast!!!
Hold on a minute and I'll run a HJT and attach a log.

 

Another point, the Spyware Doctor scan shows several problems, but I am financially embarraced and did not buy in to get the problems fixed. I tried to go through the freeby route, but it wouldn't let me. Is there another way to get this done?
And here is the HJT log ran just a few minutes ago.
Thanks for the help, James

 

Sorry to keep changing my mind, but I just tried clicking on the automatic updates in my quck launch thing, and it will not react. It doesn't even recognize it when I put the mouse over it. When I went into the Control Panel and clicked on Auto Updates, it blinks and then does nothing. There is something definately messin with the auto updates thing. Hope this info provides light on this dark subject.

 

You still need to update, now install Service Pack 2.

If your talking about a "shortcut" you will have to manually delete this.

 

What is it detecting? Your HJT log looks good.

 

Install Service Pack 2 first, then we will worry about the other updates. Your still not protected good enough.

 

No, the "Internet Access" thing is not a shortcut, infact the shortcut lay on top of this, as if it were a background. Microsoft suggested other updates instead of SP2 since I was only protecting one computer. I will try to download SP2 tonight, it takes many hours on this dial up.

 

OK, the desktop item was indeed an active desktop setting/picture. I chose "none" and it went away. So now just getting the PC to run good is all I need. Yeaaaaaa

 

After you complete the update to SP2, reboot a few times and let me know how things are running.

 

Well I left my PC on all night, online, trying to download and install the SP2. When I got up this morning it was back at the Microsoft Home page with the two options I had to choose from last night, "Express" and "Custom". I had chosen the "Express" download and install before calling it a night. So I clicked on the "check update history" and it froze there. Before I left it last night the download had started, I turned off my monitor to save electricity and went to bed.
How can I check to see if it did download, and what could be messing with my auto updates?

 

Couple of questions, first the novice one, must the PC be online to receive automatic updates, and the other, why does nothing happen when I click on "continue" when trying to get to the free section of the Spyware Doctor?
It is if something knows I am trying to fix my PC, and won't allow anything I try.

 

I'm not familiar with Spyware Doctor so I couldn't answer that one. Yes, you have to be online to recieve automatic updates.

Press the windows key and the pause|break key at the same time, this will bring up system properties, look and see what SP level your at now.

If it did not work, you can order a free Service Pack 2 disc from Microsoft.

 

OK, I finally got SP2 downloaded and installed along with other updates. I am having trouble with one security update installing, it has failed 3 times. I will persue an explanation from Microsoft first.
Things seem to be running good otherwise. Thanks for the help.
Later, James

 

Be sure you get all critical updates, don't bother with any hardware updates as these will cause problems.

 

How will I know the difference between the critical and hardware updates, remember I'm new at this stuff.
Also, my PC is now doing other weird stuff. I have one excel file on seedlings I have started for planting in the spring. When I open this, the screen goes black for a second or two then when it reappears the colors in the tool bar and desktop are coagulated. When I close the file the screen again goes blank, but everything goes back to normal when it comes back on.
Being online has now slown to a crawl again. Hope this gets through for some possible assistance. In case you need it I did another HJT scan and attempted to attach the log.

 

Your log looks good!

If your not having any malware problems I would post the others in the Software Forum.