majdave

Tarun, Foolow-up #2... I used Hijack this to remove the lines you recommended. Program performed as advertised... no problem at all. I also downloaded and ran System Restore Reomover Pro... another great idea! Took a couple of reboots for everything to come back on line, but having all that ME baggage gone has got to be a good thing. Thanks! MAJDAVE

Tarun, Thanks for the reply, and the advice. I'll certainly look into downloaded those programs. I don't spend as much time on the computer as I used to... having a 16-month old eats up a lot of the free time. But I like to keep things running as smoothly and painlessly as possible. Having places like this to go to helps when I don't have the time to figure out everything for myself. If you ever need help with a helicopter problem, give me a call! LOL For any others out there reading this post and wondering if you should take the plunge with Highjack This!... go for it! This site provides some fantastic advice and info. MAJDAVE

Hi All! Had a seminar at the company on computer cleanup. Recently installed a high speed connection, but as soon as I started running Explorer in the clear (bad idea I now know), I was swamped with adware and spyware. I have run SPYBOT and AD-WARE SE, but still think I have some of the bad-guy stuff on my computer. I now run Mozilla Firefox as my browser and am very happy with the change. Anyway, here's my Hijack This Log. I'm pretty sure Q330995.exe needs to go, as well as the two with (no name). Any and all help appreciated greatly! (sorry if there is nothing interesting or really nasty in the log. if that's the case, someone please tell me) Logfile of HijackThis v1.99.1 Scan saved at 9:51:32 PM, on 5/26/2005 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v5.50 (5.50.4134.0100) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\SSDPSRV.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\NORTON ANTIVIRUS\RTVSCN95.EXE C:\PROGRAM FILES\NORTON ANTIVIRUS\DEFWATCH.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE C:\WINDOWS\SYSTEM\HPSYSDRV.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM32\DRIVERS\DCFSSVC.EXE C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE C:\WINDOWS\SYSTEM\HPZTSB06.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\PROGRAM FILES\FELLOWES\MEDIAFACE 4.0\SETHOOK.EXE C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\PROGRAM FILES\COMMON FILES\ROXIO SHARED\PROJECT SELECTOR\PROJSELECTOR.EXE C:\PROGRAM FILES\ROXIO\EASY CD CREATOR 6\DRAGTODISC\DRGTODSC.EXE C:\PROGRAM FILES\ROXIO\EASY CD CREATOR 6\AUDIOCENTRAL\RXMON.EXE C:\PROGRAM FILES\NORTON ANTIVIRUS\VPTRAY.EXE C:\WINDOWS\RunDLL.exe C:\SCANJET\PRECISIONSCAN\HPPPT.EXE C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\FINDFAST.EXE C:\PROGRAM FILES\ROXIO\EASY CD CREATOR 6\AUDIOCENTRAL\PLAYLIST.EXE C:\PROGRAM FILES\IOMEGA\TOOLS\IMGICON.EXE C:\PROGRAM FILES\BACKWEB\BACKWEB\PROGRAM\BWDELAY.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\HPZSTATX.EXE C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp.my.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://hp.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: (no name) - {D94D8BEE-EDBE-41CD-BA43-4E6B40EDEFED} - C:\WINDOWS\SYSTEM\ODLKE.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe O4 - HKLM\..\Run: [mgavrtclexe] C:\WINDOWS\MCBin\AV\Rt\mgavrtcl.exe O4 - HKLM\..\Run: [Dcfssvc] C:\WINDOWS\System32\Drivers\dcfssvc.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb06.exe O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [projselector] "C:\Program Files\Common Files\Roxio Shared\Project Selector\projselector.exe" -r O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [vptray] C:\Program Files\Norton AntiVirus\vptray.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [sSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe O4 - HKLM\..\RunServices: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\RunServices: [rtvscn95] C:\Program Files\Norton AntiVirus\rtvscn95.exe O4 - HKLM\..\RunServices: [defwatch] C:\Program Files\Norton AntiVirus\defwatch.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY O4 - Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe O4 - Startup: HP Parallel Port Test.lnk = C:\SCANJET\PrecisionScan\hpppt.exe O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Startup: IomegaWare.lnk = C:\Program Files\Iomega\IomegaWare\Commander.exe O4 - Startup: Iomega QuikSync.lnk = C:\Program Files\Iomega\QuikSync\QuikSync.exe O4 - Startup: Iomega Icons.lnk = C:\Program Files\Iomega\Tools\imgicon.exe O4 - Startup: Iomega Startup Options.lnk = C:\Program Files\Iomega\Tools\imgstart.exe O4 - Startup: Creating Keepsakes Scrapbook Designer Event Reminder.lnk = C:\Program Files\Scrapbook Designer\scrapremind.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q330995.exe O16 - DPF: {869F3BBC-A812-4D13-A93B-7B3FC816DCD5} (McAfee.com Updater) - http://download.mcafee.com/molbin/clinic/v...can/mcasupd.cab O18 - Filter: text/html - {3DE29399-93C2-4C5A-8C36-D531100AABB7} - C:\WINDOWS\SYSTEM\ODLKE.DLL O18 - Filter: text/plain - {3DE29399-93C2-4C5A-8C36-D531100AABB7} - C:\WINDOWS\SYSTEM\ODLKE.DLL