• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
UCLAlum

Installation not working...not on start menu

13 posts in this topic

I was having issues with my McAfee (free subscription), so I uninstalled it to install and run Ad-Aware, as I've use Ad-Aware successfully over the years. After installation, there is no icon on my desktop (I checked the box to put one there), and Ad-Aware is not on my Start menu. In the Lavasoft folder on the start menu is Ad-Aware updates, and a "Toolbox." When I tried the updates, as well as the AutoStart Manager, it could not find the necessary .exe file.

 

I tried the Ad-Aware installation twice, no no avail.

 

Thoughts?

Thanks,

UCLAlum

 

p.s. The Ad-Aware Safe Search has become my home page, although I did not select that option.

Edited by UCLAlum

Share this post


Link to post
Share on other sites

Thanks for the response. This did not work. I ran the MCPF (after calling them for an uninstall code). I then did another Ad-Aware install, and same result. The installation appears to run as it should, but no icon on the desk, and nothing on my start menu.

Suggestions?

Share this post


Link to post
Share on other sites

You are welcome :)

 

Let us see if anything of Ad-Aware is running. Save DDS to your desktop: http://download.bleepingcomputer.com/sUBs/dds.scr

 

Double-click on the DDS tool to run it.

 

When finished, DDS will open two (2) logs:

1. DDS.txt

2. Attach.txt

 

Save them to your desktop and paste the content of DDS.txt into your answer.

Share this post


Link to post
Share on other sites

The link doesn't seem to go anywhere. When I click it, it just opens up a new (blank) tab in Chrome. I also tried copying and pasting the link in a new window, and nothing...

Share this post


Link to post
Share on other sites

Strange, I can click it and download the file. I have attached the file in packed format (zip) for you, but you have to unpack (unzip) the file before you run it. Rigth-click the downloaded file and select extract or something similar.

dds.zip

Share this post


Link to post
Share on other sites

<p>It worked! Here is the DDS.txt file. I hope it means something to you...</p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<div>.</div>

<div>DDS (Ver_2011-08-26.01) - NTFSx86 </div>

<div>Internet Explorer: 7.0.5730.11</div>

<div>Run by Richard Brisacher at 18:37:32 on 2012-09-20</div>

<div>Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.196 [GMT -7:00]</div>

<div>.</div>

<div>.</div>

<div>============== Running Processes ===============</div>

<div>.</div>

<div>C:\WINDOWS\system32\Ati2evxx.exe</div>

<div>C:\WINDOWS\system32\svchost -k DcomLaunch</div>

<div>svchost.exe</div>

<div>C:\WINDOWS\System32\svchost.exe -k netsvcs</div>

<div>C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup</div>

<div>svchost.exe</div>

<div>svchost.exe</div>

<div>C:\WINDOWS\system32\spoolsv.exe</div>

<div>svchost.exe</div>

<div>C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</div>

<div>C:\Program Files\Bonjour\mDNSResponder.exe</div>

<div>C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe</div>

<div>C:\WINDOWS\system32\HPSIsvc.exe</div>

<div>C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe</div>

<div>C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe</div>

<div>C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe</div>

<div>C:\Program Files\Common Files\AppLifeUpdateService2\kjsausvc.exe</div>

<div>C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe</div>

<div>C:\WINDOWS\system32\svchost.exe -k imgsvc</div>

<div>C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe</div>

<div>C:\WINDOWS\Explorer.EXE</div>

<div>C:\WINDOWS\system32\wscntfy.exe</div>

<div>C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe</div>

<div>C:\Program Files\Microsoft Hardware\Mouse\point32.exe</div>

<div>C:\Updater.exe</div>

<div>C:\Program Files\Analog Devices\Core\smax4pnp.exe</div>

<div>C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe</div>

<div>C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe</div>

<div>C:\program files\real\realplayer\update\realsched.exe</div>

<div>C:\Program Files\iTunes\iTunesHelper.exe</div>

<div>C:\WINDOWS\system32\ctfmon.exe</div>

<div>C:\Program Files\Hudl Mercury\HudlMercury.exe</div>

<div>C:\Program Files\Digital Line Detect\DLG.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Application Data\Dropbox\bin\Dropbox.exe</div>

<div>C:\Program Files\iPod\bin\iPodService.exe</div>

<div>C:\WINDOWS\System32\svchost.exe -k HTTPFilter</div>

<div>C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe</div>

<div>C:\WINDOWS\system32\wuauclt.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Program Files\iTunes\iTunes.exe</div>

<div>C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe</div>

<div>C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe</div>

<div>C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>.</div>

<div>============== Pseudo HJT Report ===============</div>

<div>.</div>

<div>uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_1&u=176F4442BC353AEAD62BD9505821D2CF</div>

<div>uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com</div>

<div>uDefault_Page_URL = hxxp://www.dell4me.com/myway</div>

<div>uSearch Bar = hxxp://bfc.myway.com/search/de_srchlft.html</div>

<div>uWindow Title = Road Runner High Speed Online</div>

<div>uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7</div>

<div>uInternet Settings,ProxyOverride = *.local</div>

<div>uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll</div>

<div>uURLSearchHooks: H - No File</div>

<div>BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll</div>

<div>BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll</div>

<div>BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll</div>

<div>BHO: UberButton Class: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll</div>

<div>BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll</div>

<div>BHO: YahooTaggedBM Class: {65d886a2-7ca7-479b-bb95-14d1efb7946a} - c:\program files\yahoo!\common\YIeTagBm.dll</div>

<div>BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll</div>

<div>BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_10\bin\ssv.dll</div>

<div>BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll</div>

<div>BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll</div>

<div>BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll</div>

<div>TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll</div>

<div>TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll</div>

<div>TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll</div>

<div>TB: AIM Search: {40d41a8b-d79b-43d7-99a7-9ee0f344c385} - c:\program files\aim toolbar\AIMBar.dll</div>

<div>TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File</div>

<div>TB: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File</div>

<div>TB: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No File</div>

<div>EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll</div>

<div>EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\progra~1\yahoo!\common\yhexbmesus.dll</div>

<div>EB: &Discuss: {bdeade7f-c265-11d0-bced-00a0c90ab50f} - shdocvw.dll</div>

<div>uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\acrobat\AdobeUpdateManager.exe AcPro7_0_5 -reboot 1</div>

<div>uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe</div>

<div>uRun: [Google Update] "c:\documents and settings\richard brisacher\local settings\application data\google\update\GoogleUpdate.exe" /c</div>

<div>uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"</div>

<div>uRun: [Hudl Mercury] "c:\program files\hudl mercury\HudlMercury.exe" -startup</div>

<div>mRun: [iAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe</div>

<div>mRun: [updateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r</div>

<div>mRun: [POINTER] point32.exe</div>

<div>mRun: [iRiver Updater] \Updater.exe</div>

<div>mRun: [VetStart] "c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe" -r</div>

<div>mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe</div>

<div>mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"</div>

<div>mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe</div>

<div>mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k</div>

<div>mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"</div>

<div>mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"</div>

<div>mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot</div>

<div>mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime</div>

<div>mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"</div>

<div>mRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t</div>

<div>StartupFolder: c:\docume~1\richar~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\richard brisacher\application data\dropbox\bin\Dropbox.exe</div>

<div>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe</div>

<div>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe</div>

<div>IE: &AIM Search - c:\program files\aim toolbar\AIMBar.dll/aimsearch.htm</div>

<div>IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm</div>

<div>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200</div>

<div>IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html</div>

<div>IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html</div>

<div>IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html</div>

<div>IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html</div>

<div>IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html</div>

<div>IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html</div>

<div>IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html</div>

<div>IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html</div>

<div>IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office10\EXCEL.EXE/3000</div>

<div>IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm</div>

<div>IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm</div>

<div>IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm</div>

<div>IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}</div>

<div>IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe</div>

<div>IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe</div>

<div>IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_10\bin\ssv.dll</div>

<div>IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll</div>

<div>IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL</div>

<div>Trusted Zone: intuit.com\ttlc</div>

<div>Trusted Zone: turbotax.com</div>

<div>DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB</div>

<div>DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://www.activation.rr.com/install/downloads/tgctlcm.cab</div>

<div>DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab</div>

<div>DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab</div>

<div>DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab</div>

<div>DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab</div>

<div>DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper200711281.dll</div>

<div>DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab</div>

<div>DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab</div>

<div>DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162432812750</div>

<div>DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab</div>

<div>DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab</div>

<div>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab</div>

<div>DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab</div>

<div>DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab</div>

<div>DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab</div>

<div>DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab</div>

<div>DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab</div>

<div>DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab</div>

<div>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab</div>

<div>DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} - hxxp://plugin.fileopen.com/current/FileOpen.CAB</div>

<div>DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab</div>

<div>DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.shockwave.com/content/bejeweled2/sis/popcaploader_v10.cab</div>

<div>DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab</div>

<div>DPF: {E6BB2089-163F-466B-812A-748096614DFD} - hxxp://cainternetsecurity.net/scanner/cascanner.cab</div>

<div>DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab</div>

<div>TCP: DhcpNameServer = 192.168.0.1</div>

<div>TCP: Interfaces\{2E949CA2-B1A5-4BDA-8F18-FD1675CF9C94} : DhcpNameServer = 192.168.0.1</div>

<div>SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll</div>

<div>.</div>

<div>============= SERVICES / DRIVERS ===============</div>

<div>.</div>

<div>R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-1-16 161064]</div>

<div>R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2011-4-16 99896]</div>

<div>R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]</div>

<div>R2 KjsUpdateService2;AppLife Update Service 2.0;c:\program files\common files\applifeupdateservice2\kjsausvc.exe [2011-8-2 12800]</div>

<div>R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2011-8-24 430136]</div>

<div>R3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [2011-4-16 17408]</div>

<div>R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]</div>

<div>S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]</div>

<div>S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]</div>

<div>S2 Ca50xav;Digital Blue DMC2 Video Device;c:\windows\system32\drivers\Ca50xav.sys [2005-12-28 508304]</div>

<div>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]</div>

<div>S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-1 135664]</div>

<div>S3 AKDWC20ET;Creation Station;c:\windows\system32\drivers\csvid.sys --> c:\windows\system32\drivers\csvid.sys [?]</div>

<div>S3 Dmskbcft_kah;Dmskbcft_kah;c:\windows\system32\lsass.exe [2004-8-4 13312]</div>

<div>S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-1 135664]</div>

<div>S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]</div>

<div>.</div>

<div>=============== Created Last 30 ================</div>

<div>.</div>

<div>2012-09-18 07:25:15<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\documents and settings\richard brisacher\application data\Blekko</div>

<div>2012-09-10 18:39:21<span class="Apple-tab-span" style="white-space:pre"> </span>696520<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\FlashPlayerApp.exe</div>

<div>2012-08-23 22:47:49<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\Dropbox</div>

<div>2012-08-23 22:46:51<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\documents and settings\richard brisacher\application data\Dropbox</div>

<div>.</div>

<div>==================== Find3M ====================</div>

<div>.</div>

<div>2012-09-10 18:39:20<span class="Apple-tab-span" style="white-space:pre"> </span>73416<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\FlashPlayerCPLApp.cpl</div>

<div>2012-07-06 13:58:51<span class="Apple-tab-span" style="white-space:pre"> </span>78336<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\browser.dll</div>

<div>2012-07-04 14:05:18<span class="Apple-tab-span" style="white-space:pre"> </span>139784<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\rdpwd.sys</div>

<div>2012-07-03 15:07:44<span class="Apple-tab-span" style="white-space:pre"> </span>832512<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wininet.dll</div>

<div>2012-07-03 15:07:43<span class="Apple-tab-span" style="white-space:pre"> </span>1830912<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\inetcpl.cpl</div>

<div>2012-07-03 15:07:42<span class="Apple-tab-span" style="white-space:pre"> </span>78336<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\ieencode.dll</div>

<div>2012-07-03 15:07:42<span class="Apple-tab-span" style="white-space:pre"> </span>17408<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\corpol.dll</div>

<div>2012-07-03 13:40:15<span class="Apple-tab-span" style="white-space:pre"> </span>1866112<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\win32k.sys</div>

<div>2012-06-25 23:04:24<span class="Apple-tab-span" style="white-space:pre"> </span>1394248<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\msxml4.dll</div>

<div>.</div>

<div>============= FINISH: 18:39:45.73 ===============</div>

<div> </div>

 

Share this post


Link to post
Share on other sites

That was strange with all those div and style. I haven't seen that before. Did you have the log in Notepad, copied the content and pasted it into your answer?

 

The only visible sign of Ad-Aware 10 is an entry for a driver but the file is missing. There are two left-overs of Ad-Aware 9.

 

<div>mRun: [VetStart] "c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe" -r</div>

This however is a sign of an antivirus program. Is it only a left-over or do you have that folder and file?

 

--------------------

Safety issues:

 

<div>IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_10\bin\ssv.dll</div>

<div>DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab</div>

<div>DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab</div>

<div>DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab</div>

<div>DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab</div>

Those are related to several very old versions of Java. They have a lot of known security vulnerabilities, which make it easy for a web page to infect the computer. I advice you to uninstall them.

 

<div>uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com</div>

<div>uSearch Bar = hxxp://bfc.myway.com/search/de_srchlft.html</div>

I haven't seen those settings in Internet Explorer during the last 5 years, but they weren't trusted in those days and probably it is still the same.

Share this post


Link to post
Share on other sites

Yes, I copied the log from Notepad, and pasted it here.

 

The ca internet security suite is an old anti-virus that I used before using McAfee. Should I delete that file?

 

On the Java stuff, in "add or remove programs" I have:

Java 2 Runtime Environment, SE v1.4.2_03, as well as:

J2SE Runtime Environment 5.0 Updates 4, 6, 9, and 10

 

Should I uninstall all of these? Some of these?

 

And the final 2, red.clientapps... and bfc.myway...

 

Should I delete those files? Uninstall something?

 

Thanks so much for your continued help!

Share this post


Link to post
Share on other sites

I suggest that you delete the folder c:\program files\ca\ca internet security suit, if it still exists.

 

All those Java should be uninstalled. The latest version is version 7 and not 4 or 5 that you have.

 

Maybe easiest to use HijackThis to get rid of that search page and search bar.

Download and install http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi

 

Start and select "Do a system scan and save a logfile".

Copy the log and paste it into your answer.

Share this post


Link to post
Share on other sites

<p>Below is the HijackThis report. As for the Java, if I uninstall all of the old Java, do I need to install version 7 from somewhere in order for stuff to run properly? I had always assumed that Java just kept updating to the most current version.</p>

<p>THANKS!</p>

<p> </p>

<p> </p>

<p> </p>

<div>Logfile of Trend Micro HijackThis v2.0.4</div>

<div>Scan saved at 9:35:51 AM, on 9/24/2012</div>

<div>Platform: Windows XP SP3 (WinNT 5.01.2600)</div>

<div>MSIE: Internet Explorer v7.00 (7.00.6000.17114)</div>

<div>Boot mode: Normal</div>

<div> </div>

<div>Running processes:</div>

<div>C:\WINDOWS\System32\smss.exe</div>

<div>C:\WINDOWS\system32\winlogon.exe</div>

<div>C:\WINDOWS\system32\services.exe</div>

<div>C:\WINDOWS\system32\lsass.exe</div>

<div>C:\WINDOWS\system32\Ati2evxx.exe</div>

<div>C:\WINDOWS\system32\svchost.exe</div>

<div>C:\WINDOWS\System32\svchost.exe</div>

<div>C:\WINDOWS\system32\svchost.exe</div>

<div>C:\WINDOWS\system32\spoolsv.exe</div>

<div>C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</div>

<div>C:\Program Files\Bonjour\mDNSResponder.exe</div>

<div>C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe</div>

<div>C:\WINDOWS\system32\HPSIsvc.exe</div>

<div>C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe</div>

<div>C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe</div>

<div>C:\Program Files\Common Files\AppLifeUpdateService2\kjsausvc.exe</div>

<div>C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe</div>

<div>C:\WINDOWS\system32\svchost.exe</div>

<div>C:\WINDOWS\system32\wscntfy.exe</div>

<div>C:\WINDOWS\Explorer.EXE</div>

<div>C:\WINDOWS\system32\ctfmon.exe</div>

<div>C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe</div>

<div>C:\Program Files\Microsoft Hardware\Mouse\point32.exe</div>

<div>C:\Updater.exe</div>

<div>C:\Program Files\Analog Devices\Core\smax4pnp.exe</div>

<div>C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe</div>

<div>C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe</div>

<div>C:\WINDOWS\System32\svchost.exe</div>

<div>C:\Program Files\iTunes\iTunesHelper.exe</div>

<div>C:\Program Files\Hudl Mercury\HudlMercury.exe</div>

<div>C:\Program Files\Digital Line Detect\DLG.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Application Data\Dropbox\bin\Dropbox.exe</div>

<div>C:\Program Files\iPod\bin\iPodService.exe</div>

<div>C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\program files\real\realplayer\update\realsched.exe</div>

<div>C:\WINDOWS\system32\wuauclt.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\Richard Brisacher\My Documents\Downloads\HijackThis.exe</div>

<div> </div>

<div>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway</div>

<div>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html</div>

<div>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com</div>

<div>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_1&u=176F4442BC353AEAD62BD9505821D2CF</div>

<div>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157</div>

<div>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896</div>

<div>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896</div>

<div>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157</div>

<div>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online</div>

<div>R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local</div>

<div>R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)</div>

<div>R3 - URLSearchHook: (no name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)</div>

<div>O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)</div>

<div>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll</div>

<div>O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll</div>

<div>O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll</div>

<div>O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll</div>

<div>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll</div>

<div>O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll</div>

<div>O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll</div>

<div>O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll</div>

<div>O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll</div>

<div>O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll</div>

<div>O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe</div>

<div>O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r</div>

<div>O4 - HKLM\..\Run: [POINTER] point32.exe</div>

<div>O4 - HKLM\..\Run: [iRiver Updater] \Updater.exe</div>

<div>O4 - HKLM\..\Run: [VetStart] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe" -r</div>

<div>O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe</div>

<div>O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"</div>

<div>O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe</div>

<div>O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k</div>

<div>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"</div>

<div>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"</div>

<div>O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot</div>

<div>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime</div>

<div>O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"</div>

<div>O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t</div>

<div>O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_5 -reboot 1</div>

<div>O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe</div>

<div>O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Richard Brisacher\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c</div>

<div>O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"</div>

<div>O4 - HKCU\..\Run: [Hudl Mercury] "C:\Program Files\Hudl Mercury\HudlMercury.exe" -startup</div>

<div>O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Richard Brisacher\Application Data\Dropbox\bin\Dropbox.exe</div>

<div>O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe</div>

<div>O4 - Global Startup: Digital Line Detect.lnk = ?</div>

<div>O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm</div>

<div>O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200</div>

<div>O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html</div>

<div>O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html</div>

<div>O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html</div>

<div>O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html</div>

<div>O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html</div>

<div>O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html</div>

<div>O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html</div>

<div>O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html</div>

<div>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000</div>

<div>O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll</div>

<div>O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll</div>

<div>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL</div>

<div>O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)</div>

<div>O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe</div>

<div>O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe</div>

<div>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe</div>

<div>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe</div>

<div>O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Richard Brisacher\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)</div>

<div>O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Richard Brisacher\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)</div>

<div>O16 - DPF: Web-Based Email Tools - http://email.secureserver.net/Download.CAB</div>

<div>O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install/downloads/tgctlcm.cab</div>

<div>O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab</div>

<div>O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab</div>

<div>O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab</div>

<div>O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162432812750</div>

<div>O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab</div>

<div>O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab</div>

<div>O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab</div>

<div>O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB</div>

<div>O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab</div>

<div>O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bejeweled2/sis/popcaploader_v10.cab</div>

<div>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab</div>

<div>O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab</div>

<div>O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab</div>

<div>O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll</div>

<div>O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll</div>

<div>O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe</div>

<div>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</div>

<div>O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe</div>

<div>O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe</div>

<div>O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe</div>

<div>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe</div>

<div>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe</div>

<div>O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe</div>

<div>O23 - Service: HP SI Service (HPSIService) - HP - C:\WINDOWS\system32\HPSIsvc.exe</div>

<div>O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe</div>

<div>O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe</div>

<div>O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe</div>

<div>O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe</div>

<div>O23 - Service: AppLife Update Service 2.0 (KjsUpdateService2) - Kinetic Jump Software, LLC - C:\Program Files\Common Files\AppLifeUpdateService2\kjsausvc.exe</div>

<div>O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe</div>

<div>O24 - Desktop Component 0: (no name) - http://espn-i.starwave.com/media/apphoto/CSB10305090128.jpeg</div>

<div>O24 - Desktop Component 1: (no name) - http://espn.go.com/i/story/design05/print_off.gif</div>

<div> </div>

<div>--</div>

<div>End of file - 15816 bytes</div>

<div> </div>

 

Share this post


Link to post
Share on other sites

When you need Java, you can download it from http://www.java.com and it has an update function.

 

Do you recognize these two pictures as something you want to have on the desktop?

http://espn-i.starwave.com/media/apphoto/CSB10305090128.jpeg

http://espn.go.com/i/story/design05/print_off.gif

 

Scan with HijackThis again and check:

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com...hlft.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...yahoo.com

R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)

R3 - URLSearchHook: (no name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O4 - HKLM\..\Run: [VetStart] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe" -r

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

 

Exit all other programs.

Click "Fix checked".

 

Restart the computer.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0