70 replies to this topic

[michelena2000]

OK, well since you said the computer was from your sister's company, there might be a policy in place that prevents the permanent installation of ActiveX components. I may not be on for a while, so I won't go into the details right now.

In the meantime, could you please go to http://www.pcpitstop...top/default.asp and perform the set of PC PitStop Full Tests and then post a TechExpress Link here? You will have to register to be able to get a link.

Thanks,

Ax

I have been gone all day and will do this tonight. THanks

[michelena2000]

OK, well since you said the computer was from your sister's company, there might be a policy in place that prevents the permanent installation of ActiveX components. I may not be on for a while, so I won't go into the details right now.

In the meantime, could you please go to http://www.pcpitstop...top/default.asp and perform the set of PC PitStop Full Tests and then post a TechExpress Link here? You will have to register to be able to get a link.

Thanks,

Ax

I have been gone all day and will do this tonight. THanks

UPDATE:

After the results, I took uninstalled 300MB of files and degragged. I havent defragged since I got this puter, totally forgot. I had V-Com on my last puter. SO, I used the windows version and it i have 20% space now. Also, in the intall/uninstall programs, the Flash is there, but it shows 0 disk spaced used. Shouldn't it have at least 1.2MB or something? Maybe that is why it keeps unintalling. Everything has some number next to disc space but that!!!!That might be the problem, but why????

[Ax238]

Hey michelena, sorry I haven't been on for a while. Flash taking up no space in Add/Remove programs shouldn't be a cause for concern, it's the same on my system. I believe the reason for this is that Add/Remove programs displays disk space used in MB (Mega Bytes) and the Flash plugin is much smaller than this. Could you please post a TechExpress Link from your PC Pitstop test? Thanks

[michelena2000]

Hey michelena, sorry I haven't been on for a while. Flash taking up no space in Add/Remove programs shouldn't be a cause for concern, it's the same on my system. I believe the reason for this is that Add/Remove programs displays disk space used in MB (Mega Bytes) and the Flash plugin is much smaller than this.

Could you please post a TechExpress Link from your PC Pitstop test?

Thanks

I don't know what you mean. I did it already. I will be off until tonite, so let me know what you mean.

[Ax238]

I mean that I require the actual hyperlink to the Pit Test results. You can only share your results if you are registered. Following are instructions in obtaining the TechExpress Link:
http://www.pcpitstop...ress/howto1.asp

[michelena2000]

I mean that I require the actual hyperlink to the Pit Test results. You can only share your results if you are registered. Following are instructions in obtaining the TechExpress Link:
http://www.pcpitstop...ress/howto1.asp

I figured it out after I sent to you email, yippee for dummy me! Here is the result of the pitstop. I

This system has enough power for most applications and web browsing, but will not give you the best experience for fast-action games, video editing, and computing-intensive work. If you are mainly using it for web browsing, you can probably get by with a few simple upgrades and regular system maintenance. Otherwise, consider buying a new system.

[Doug]

Hi michelena2000,

In order for Ax238 to assist you further with your PCPitstop Full test, it will be necessary for your to post the actual TechExpress "Link".
I've attached graphic below to illustrate where you can find that information to post here for additional help from Ax238.



Best Regards

[michelena2000]

Hi michelena2000,

In order for Ax238 to assist you further with your PCPitstop Full test, it will be necessary for your to post the actual TechExpress "Link".
I've attached graphic below to illustrate where you can find that information to post here for additional help from Ax238.



Best Regards

TechExpress link for your current results:
http://www.pcpitstop...U1RFWXVXEWSMDHJ

[Ax238]

Thanks for the link. It turns out I did get the emails, but yeah I still needed the link . You are doing great and I want to see you through this to the end. It looks like you may have become infected with some spyware on your system (RelevantKnowledge). Please download HijackThis, read this, and post an HJT log in a new thread here. Please refer them to this thread so they have some background information as well. When your log file is declared clean by an expert, we can continue with this thread. Please let me know if you need any help.

Ax

[michelena2000]

Thanks for the link. It turns out I did get the emails, but yeah I still needed the link . You are doing great and I want to see you through this to the end. It looks like you may have become infected with some spyware on your system (RelevantKnowledge). Please download HijackThis, read this, and post an HJT log in a new thread here. Please refer them to this thread so they have some background information as well. When your log file is declared clean by an expert, we can continue with this thread. Please let me know if you need any help.

Ax

Logfile of HijackThis v1.99.1
Scan saved at 5:47:51 PM, on 1/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\LXSUPMON.EXE
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\NetRatingsNetmeter\NetMeter\NielsenOnline.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\Common\COMPAN~1\Installs\cpn\YTBSDK.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [NetMeter] C:\Program Files\NetRatingsNetmeter\NetMeter\NielsenOnline.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE" -turbo
O4 - Global Startup: Exif Launcher.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Symantec Ghost Client Agent (NGClient) - Symantec Corporation - C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE

[LDTate]

HijackThis logs aren't answered here in the Other Computer Problems forum.
I replied to your log here:
http://forums.tomcoy...w...pid=348464

[Ax238]

Hello michelena2000,

I've been keeping tabs on your HJT thread and the great work of LDTate. I know it is frustrating dealing with situations like these, but you're doing a great job. It appears that the thread has been finished and your log is clean, that's great! I was just wondering if you are still experiencing issues? If so, and you would like to continue, please go to Start|Control Panel|Add/Remove Programs, find RelevantKnowledge and uninstall it if it is there. This program is listed as malware because it collects information from you while you are browsing the Internet. Let me know if you have questions.

After this, I have one other thing I am suspecting and we will work with that if you choose to continue.

Regards,

Ax

[michelena2000]

Hey there! Yes, LDTate was awesome, but he wasn't able to fix the problem of IE tool/delete temp files removing my flash. My puter is sure clean and the relevant knowledge is no longer in the add/remove. I took it out with you, if I recall correctly. I also re-installed the New Netscape and that is working better. The only reason I don't like using the CCleaner, is because it automatically deltes my cookies, even though I unchecked the cookie box. So I kept some, it is just way better using IE/Tools/ Options/. I tried it yesterday and it is still deleting my flash. That is the only problem with this darn thing. Why after months would it start doing this? I was going to pm you today, but have been gone until now.

[Ax238]

I'm glad to hear that relevant knowledge is not on your system. With my next thought, I would like to check out the group policy settings on your system. To do this, I need you to do the following:

• Go to Start|Help and Support
• Under Pick a Task click "Use Tools to view your computer information and diagnose problems"
• In the Tools section in the left pane, click "Advanced System Information"
• In the right pane, click "View Group Policy settings applied". This will build a list of the group policies on your system.
• Scroll to the bottom and click the "Save this report to an .htm file" link
• The default location is fine. This will save it to your C drive.
• Add "C:\MyPolicy.htm" as an attachment to your post

This should be all that I need to figure out if there are certain group policies affecting your system.

Thanks,

Ax

[michelena2000]

Advanced System Information - Policy Please wait while information is being collected... 100% Refresh screen Group Policy Results for GX100 Computer Information ComputerName: GX100 Domain: WORKGROUP Site: None Last time Group Policy was applied: Tuesday, January 30, 2007 GMT Applied Group Policy Objects Friendly Name GUID None Security Group Membership when Group Policy was applied BUILTIN\Administrators Everyone NT AUTHORITY\Authenticated Users Startup Scripts Name Parameters Source GPO None Shutdown Scripts Name Parameters Source GPO None Security Settings - Restricted Groups Group Name Members Source GPO None Security Settings - File System Object Name Permissions Source GPO None Security Settings - Registry Object Name Permissions Source GPO None Programs Installed Name Version Source Deployed State Source GPO None Programs listed in Add or Remove Programs Name Version Source Source GPO None Note This list of programs is determined by the last time Add or Remove Programs was used by the current user. To get the most up-to-date list, open Control Panel, click Add or Remove Programs, and then run this report again. Registry Settings Display Name Registry Key State Source GPO None Note Only registry settings from default .adm files have their display names listed in the table above. Group Policy Results for GX100\User User Information UserName: GX100\User Domain: WORKGROUP Last time Group Policy was applied: Tuesday, January 30, 2007 GMT Applied Group Policy Objects Friendly Name GUID None Security Group Membership when Group Policy was applied GX100\None Everyone BUILTIN\Administrators BUILTIN\Users LOCAL NT AUTHORITY\INTERACTIVE NT AUTHORITY\Authenticated Users Internet Explorer Automatic Browser Configuration Automatic Configuration State Source GPO Automatically detect configuration settings No None Enable automatic configuration No None Configuration File Location Source GPO Auto Configuration URL (.INS file) None None Auto Configuration URL (.JS, .JVS, PAC file) None None Internet Explorer Proxy Server Settings LAN Proxy Server Settings State Source GPO Use a proxy server No None Bypass proxy server for internal addresses No None Proxy Server Address Port Source GPO HTTP None None None Secure None None None FTP None None None Gopher None None None Logon Scripts Name Parameters Source GPO None Logoff Scripts Name Parameters Source GPO None Redirected Folders Folder Name Path Setting Source GPO None Programs Installed Name Version Source Deployed State Source GPO None Programs listed in Add or Remove Programs Name Version Source Source GPO None Note This list of programs is determined by the last time Add or Remove Programs was used by the current user. To get the most up-to-date list, open Control Panel, click Add or Remove Programs, and then run this report again. Registry Settings Display Name Registry Key State Source GPO None Note Only registry settings from default .adm files have their display names listed in the table above.