OCD,

I was determined to get Eset to work so I went to tools and put the Eset website under trusted sites and changed a few settings to enable. After i did, Eset started scanning.

Here's the log:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.5863
# api_version=3.0.2
# EOSSerial=7f5cbff86fe69b45a1a38ddb683181d7
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-07-03 05:49:35
# local_time=2009-07-02 10:49:35 (-0700, US Mountain Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=3588 61 100 96 67552517031250
# scanned=106046
# found=0
# cleaned=0
# scan_time=3666

yvette,

Are you still receiving the Application Errors?

- - - - - Next - - - - -

Please re-run DDS by sUBs

• Disable any script blocking protection (How to Disable your Security Programs)
• Double click DDS icon to run the tool (may take up to 3 minutes to run)
• When done, DDS.txt will open.
• After a few moments, attach.txt will open in a second window.
• Save both reports to your desktop.

- - - - - Next - - - - -

Reboot, on your next post please provide the following:

• Post the contents of the DDS.txt report in your next reply
• Attach the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and the click UPLOAD.
• Tell me how your computer is running at the moment.

OCD,

I havn't had any other application errors besides Eset since you had me run OTM. I fixed the Eset application error by putting it in trusted sites.
Everything seems to be running much faster, no more delays and windows startup is much faster.
I hope this is the end of my problems, what do you think?
Thank you so much for your help.

Here is the DDS Log and I've attached the Attach.txt file


DDS (Ver_09-06-26.01) - NTFSx86
Run by Yvette at 9:28:51.34 on Fri 07/03/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1407.822 [GMT -7:00]


============== Running Processes ===============

J:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
J:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\WINDOWS\Explorer.EXE
svchost.exe
J:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
J:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
J:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
J:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
J:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
J:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
J:\Program Files\Bonjour\mDNSResponder.exe
J:\WINDOWS\system32\cisvc.exe
J:\WINDOWS\system32\DVDRAMSV.exe
J:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe
J:\Program Files\Java\jre6\bin\jqs.exe
J:\Program Files\HP\HP Software Update\HPWuSchd2.exe
J:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe
J:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
J:\Program Files\HP\hpcoretech\hpcmpmgr.exe
J:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
J:\Program Files\MozyHome\mozybackup.exe
J:\WINDOWS\AGRSMMSG.exe
J:\Program Files\Maxtor\MaxBlast\TimounterMonitor.exe
J:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
J:\Program Files\iTunes\iTunesHelper.exe
J:\Program Files\Java\jre6\bin\jusched.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
J:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
J:\Program Files\MozyHome\mozystat.exe
J:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
J:\QBOOKSW\Components\QBAgent\qbdagent2001.exe
J:\WINDOWS\system32\RAMASST.exe
J:\WINDOWS\system32\tcpsvcs.exe
J:\WINDOWS\System32\snmp.exe
J:\Program Files\Common Files\Sonic Shared\CineTray.exe
J:\WINDOWS\system32\svchost.exe -k imgsvc
J:\WINDOWS\system32\mrtMngr.EXE
J:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
J:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
J:\Program Files\iPod\bin\iPodService.exe
J:\Program Files\Outlook Express\msimn.exe
J:\Program Files\Internet Explorer\IEXPLORE.EXE
J:\Program Files\Internet Explorer\IEXPLORE.EXE
J:\WINDOWS\system32\cidaemon.exe
J:\Program Files\AcroPlot\pdfSaver\pdfSaver3.exe
J:\Documents and Settings\Yvette\Desktop\dds.pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - j:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - j:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - j:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - j:\program files\norton internet security\norton internet security\engine\16.5.0.135\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - j:\program files\norton internet security\norton internet security\engine\16.5.0.135\IPSBHO.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - j:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - j:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - j:\program files\google\googletoolbarnotifier\4.1.509.5470\swg.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - j:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - j:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - j:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - j:\program files\google\google toolbar\GoogleToolbar.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - j:\program files\norton internet security\norton internet security\engine\16.5.0.135\coIEPlg.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - j:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll
TB: Autodesk DWF: {f03966d3-8ea0-47b4-bbe0-85bfe6cbc8ac} - j:\program files\autodesk\autodesk dwf writer\dwf addin\DWFIEAddin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - j:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
uRun: [ctfmon.exe] j:\windows\system32\ctfmon.exe
uRun: [swg] j:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [DW6] "j:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRunOnce: [Shockwave Updater] j:\windows\system32\adobe\shockw~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; FunWebProducts; InfoPath.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.noggin.com/games/doodlepad/"
mRun: [Symantec PIF AlertEng] "j:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "j:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [MaxBlastMonitor.exe] j:\program files\maxtor\maxblast\MaxBlastMonitor.exe
mRun: [HP Software Update] "j:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "j:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [BounceBack Setup] "j:\program files\cms peripherals\bounceback express\AppLaunch.exe" /Launchit
mRun: [AppleSyncNotifier] j:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [AcronisTimounterMonitor] j:\program files\maxtor\maxblast\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "j:\program files\common files\maxtor\schedule2\schedhlp.exe"
mRun: [ArcSoft Connection Service] j:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [Adobe Reader Speed Launcher] "j:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "j:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "j:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "j:\program files\java\jre6\bin\jusched.exe"
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - j:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\autoca~1.lnk - j:\program files\common files\autodesk shared\acstart16.exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - j:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - j:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\mozyho~1.lnk - j:\program files\mozyhome\mozystat.exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - j:\qbooksw\components\qbagent\qbdagent2001.exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - j:\windows\system32\RAMASST.exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\sonicc~1.lnk - j:\program files\common files\sonic shared\CineTray.exe
IE: Add to Google Photos Screensa&ver - j:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - j:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - j:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - j:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - j:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - j:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC} - j:\program files\java\jre6\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - j:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: eset.com\www
DPF: Microsoft XML Parser for Java - file:///J:/WINDOWS/Java/classes/xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {07246F83-6D48-4559-81EC-117CBAE54F1B} - hxxp://workspace.office.live.com/Misc/Microsoft.OfficeLive.Workspace.RichUpload.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://www.maricopa.gov/assessor/gis/plugin/mgaxctrl.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1210105455578
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://www.nick.com/common/groove/gx/GrooveAX27.cab
DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///J:/Program%20Files/AutoCAD%202002/AcDcToday.ocx
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file:///J:/Program%20Files/AutoCAD%202002/InstBanr.ocx
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.34.14/ttinst.cab
DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file:///J:/Program%20Files/AutoCAD%202002/InstFred.ocx
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///J:/Program%20Files/AutoCAD%202002/AcPreview.ocx
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - j:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - j:\program files\norton internet security\norton internet security\engine\16.5.0.135\CoIEPlg.dll
Notify: PCANotify - PCANotify.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - j:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 relog_ap

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;j:\windows\system32\drivers\nis\1005000.087\SymEFA.sys [2009-3-18 310320]
R1 AW_HOST;AW_HOST;j:\windows\system32\drivers\AW_HOST5.sys [2002-2-11 33496]
R1 awlegacy;awlegacy;j:\windows\system32\drivers\AWLEGACY.SYS [2000-9-11 10816]
R1 BHDrvx86;Symantec Heuristics Driver;j:\windows\system32\drivers\nis\1005000.087\BHDrvx86.sys [2009-3-18 258608]
R1 ccHP;Symantec Hash Provider;j:\windows\system32\drivers\nis\1005000.087\cchpx86.sys [2009-3-18 482352]
R1 IDSxpx86;IDSxpx86;j:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090625.003\IDSXpx86.sys [2009-6-30 276344]
R1 mozyFilter;mozyFilter;j:\windows\system32\drivers\mozy.sys [2009-1-20 53752]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;j:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-4 98304]
R2 Iprip;RIP Listener;j:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]
R2 Norton Internet Security;Norton Internet Security;j:\program files\norton internet security\norton internet security\engine\16.5.0.135\ccSvcHst.exe [2009-3-18 115560]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;j:\program files\adobe\photoshop elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-4 118784]
R2 portD;CMS PortIO Service;j:\windows\system32\drivers\portd2k.sys [2008-5-15 14976]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;j:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-3-16 101936]
R3 NAVENG;NAVENG;j:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090703.004\NAVENG.SYS [2009-7-3 89104]
R3 NAVEX15;NAVEX15;j:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090703.004\NAVEX15.SYS [2009-7-3 876144]
S3 awhost32;pcAnywhere Host Service;j:\program files\symantec\pcanywhere\AWHOST32.EXE [2008-5-5 114749]
S3 getPlus® Helper;getPlus® Helper;j:\program files\nos\bin\getPlus_HelperSvc.exe [2008-9-21 33752]

=============== Created Last 30 ================

2009-07-02 07:49 <DIR> --d----- j:\docume~1\yvette\applic~1\Skinux
2009-07-02 07:43 <DIR> --d----- J:\_OTM
2009-06-30 12:20 <DIR> --d----- j:\docume~1\yvette\applic~1\Windows Search
2009-06-29 15:13 <DIR> --d----- j:\program files\Windows Desktop Search
2009-06-29 15:13 <DIR> --d----- j:\windows\system32\GroupPolicy
2009-06-29 15:12 192,000 -c------ j:\windows\system32\dllcache\offfilt.dll
2009-06-29 15:12 98,304 -c------ j:\windows\system32\dllcache\nlhtml.dll
2009-06-29 15:12 29,696 -c------ j:\windows\system32\dllcache\mimefilt.dll
2009-06-29 13:39 <DIR> --d----- j:\program files\ESET
2009-06-23 13:49 <DIR> --d----- j:\program files\Trend Micro
2009-06-21 14:39 <DIR> --d----- j:\docume~1\yvette\applic~1\Malwarebytes
2009-06-21 14:39 38,160 a------- j:\windows\system32\drivers\mbamswissarmy.sys
2009-06-21 14:39 19,096 a------- j:\windows\system32\drivers\mbam.sys
2009-06-21 14:39 <DIR> --d----- j:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-21 14:39 <DIR> --d----- j:\program files\Malwarebytes' Anti-Malware
2009-06-21 12:22 1,342,377 a------- J:\MGtools.exe
2009-06-21 11:22 <DIR> --d----- j:\documents and settings\yvette\.SunDownloadManager
2009-06-21 10:44 55,640 a------- j:\windows\system32\drivers\avgntflt.sys
2009-06-21 10:30 <DIR> --d----- j:\docume~1\yvette\applic~1\Error Fix
2009-06-10 20:05 246,272 -c------ j:\windows\system32\dllcache\ieproxy.dll
2009-06-10 20:05 12,800 -c------ j:\windows\system32\dllcache\xpshims.dll

==================== Find3M ====================

2009-06-21 11:52 410,984 a------- j:\windows\system32\deploytk.dll
2009-06-02 11:17 75,776 a------- j:\windows\system32\WS2Fix.exe
2009-05-13 12:47 7,490,144 a------- j:\documents and settings\yvette\Arch Drawings.zip
2009-05-13 12:44 10,774,963 a------- j:\documents and settings\yvette\Club fit monterey 11-06-07 Bruce's dwg.zip
2009-05-12 22:15 915,456 a------- j:\windows\system32\wininet.dll
2009-05-12 15:12 26,144 a------- j:\windows\system32\spupdsvc.exe
2009-05-07 08:32 345,600 a------- j:\windows\system32\localspl.dll
2009-05-01 11:30 3,366,912 a------- j:\windows\system32\GPhotos.scr
2009-04-17 05:26 1,847,168 a------- j:\windows\system32\win32k.sys
2009-04-15 07:51 585,216 a------- j:\windows\system32\rpcrt4.dll
2008-09-12 09:45 60,744 -------- j:\documents and settings\yvette\g2mdlhlpx.exe
2008-05-06 14:20 32,768 a--sh--- j:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008042820080505\index.dat
2008-05-06 14:20 32,768 a--sh--- j:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008050620080507\index.dat

============= FINISH: 9:29:21.43 ===============

yvette,

Congratulations your log is clean.

• Double-click OTM.exe to start the program.
• Close all other programs apart from OTM as this step will require a reboot
• On the OTM main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.

- - - - - Next - - - - -

Please consider changing your Firewall to one that provides better protection than the Windows Firewall you are currently using.
Here are a few FREE ones:

• Please download one (1) of the firewalls below, but do not install it just yet.
• After you have downloaded the new firewall, disable the Windows firewall.
• Then install the newly selected firewall.

Firewall:

• Comodo - http://www.personalfirewall.comodo.com/
• Outpost Firewall FREE - http://www.agnitum.com/products/outpostfree/

- - - - - Next - - - - -

Here comes the "All Clean Speech":

Now that your log is clean, you need to set a new clean System Restore Point

Create a new Restore Point

• Click on the Start button to open your Start Menu.
• Click on the Control Panel menu option.
• Click on the System and Maintenance menu option.
• Click on the System menu option.
• Click on System Protection in the left-hand task list.
• Create the manual restore point you should click on the Create button. When you press this button a prompt will appear asking you to provide a title for this manual restore point.
• Type in a title for the manual restore point and press the Create button.
• Close the System window after you have been advised that the procedure has been successfully completed.

- - - - - Next - - - - -

Clear your existing system restore points except for the new clean restore point you just created:

• Go to Start > Run and type in cleanmgr
• Select the More options tab
• Next to System Restore click Clean up
• This will remove all restore points except the new one you just created.

- - - - - Next - - - - -

Delete the Contents of the Temporary Internet Files Folder:

• Quit Internet Explorer and quit any instances of Windows Explorer.
• Click Start, click Control Panel, and then double-click Internet Options.
• On the General tab, click Delete Files under Temporary Internet Files.
• In the Delete Files dialog box, click to select the Delete all offline content check box , and then click OK.
• Click OK

- - - - - Next - - - - -

Automatic Updates:

The easiest way to ensure you don't miss any of the critical Windows Updates is to set your computer up to receive Automatic Updates.
To set your computer up for Automatic Updates please do the following:

• Click Start, and then click Control Panel.
• Depending on which Control Panel view you use, Classic or Category, do one of the following:
• Click System, and then click the Automatic Updates tab.
• Click Performance and Maintenance, click System, and then click the Automatic Updates tab.
• Select Automatic and choose a frequency and time that's convenient for you to get the updates.
• Click Apply, then OK
• Close the Control Panel.

- - - - - Next - - - - -

Here are some tips to reduce the potential for spyware infection in the future:

Make your Internet Explorer more secure - This can be done by following these simple instructions:

• From within Internet Explorer click on the Tools menu and then click on Options.
• Click once on the Security tab.
• Click once on the Internet icon so it becomes highlighted.
• Click once on the Custom Level button.
• Change the Download signed ActiveX controls to Prompt
• Change the Download unsigned ActiveX controls to Disable
• Change the Initialize and script ActiveX controls not marked as safe to Disable
• Change the Installation of desktop items to Prompt
• Change the Launching programs and files in an IFRAME to Prompt
• Change the Navigate sub-frames across different domains to Prompt
• When all these settings have been made, click on the OK button.
• If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the Apply button and then the OK to exit the Internet Properties page.

Simple and easy ways to keep your computer safe and secure on the Internet

Alternate Browsers - If you are currently using Internet Explorer you might want to consider changing over to Firefox.
Firefox is one of the most popular alternate browsers. - Mozilla Firefox

Update your AntiVirus Software - You are using Norton Anti - Virus as your anti virus software. It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

Use a Firewall - You are using Windows Firewall (unless you switched to one of the suggested firewalls above). I cannot stress how important it is that you keep the Firewall on your computer active at all times. Without a firewall your computer is susceptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly. For a tutorial on Firewalls and a listing of some available ones see the link below:
Understanding and Using Firewalls

Install SpywareBlaster - SpywareBlaster will add a large list of programs and sites into your Internet Explorer
settings that will protect you from running and downloading known malicious programs. A tutorial on installing & using this product can be found here:
Using SpywareBlaster to protect your computer from Spyware and Malware

IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that
aren't actually innocent at all. Using IE-SPYAD to help block unwanted sites and activities

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.
This will ensure your computer always has the latest security updates available installed on your computer.
If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Update all security programs regularly - Make sure you update all the programs regularly.
Without regular updates you WILL NOT be protected when new malicious programs are released.

Remember to have only one (1) Firewall and one (1) Anti-Virus program running at any one time.

I would also suggest you read "So how did I get infected in the first place"?: by Tony Klein

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

OCD,
Thank you so much, my computer is running great now.
I just have one question....
I am runnning Norton Internet Security's "Smart Firewall", is this a good program or should i disable it and download one of the ones that you suggested?

Again thank you so much for all of your help!

~Yvette

yvette,

Glad to hear things are running better.

QUOTE (yvette @ Jul 5 2009, 01:02 PM)

I just have one question....
I am running Norton Internet Security's "Smart Firewall", is this a good program or should i disable it and download one of the ones that you suggested?

Norton Internet Security's "Smart Firewall" is OK, but Norton has been known to be a bit of a resource hog.
Although it will provide you with adequate protection the choice of whether to switch is entirely up to you.

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.