First let me say I am computer iliterate so sorry if I sound dumb. I am trying to run avg that i just downladed because i am having problems with things not downloading. when i hit scan it goes for about 5 seconds and then tells it me it cant scan the c or d drive because it cant open them. What do I do?

Hi biggA

Try this.
My Computer / right click C: / click "scan with AVG anti virus"

Let us know how this pans out

Hi; just a check; may one ask; if you have only just downloaded avg anitvirus program, can you please tell us what other protection programs you have on board
from THIS thread of yours you say you have cable internet? http://www.bleepingcomputer.com/forums/topic143776.html

this may very possibly have its own anitvirus protection on it? with whom IS the connection ?have you checked this out ?
and the problems on this thread of yours


http://www.bleepingcomputer.com/forums/topic143790.html

may well be related if you DO have more than one anitvirus protection method on board;

can you let us know the answers to these questions so you can be pointed in what may be a more appropriate direction ?

alright i tried the right click method, begins scan then stops .2 seconds in, says objects scanned 0 errors 1,
I have spybot s&d, mcafee security center trial version expired, and avg
the internet is ran through US cable a local company not sure if it has its own protection how do i find out

You probably need to uninstall McAfee before installing AVG.

doing virus scanning and coming up with trojan horse among other things just wondering what it is and what it does

uninstalled mcafee redownloaded avg (took about 20 tries but got it finally) currently scanning
thanks for the help

>>>COMMENT DELETED<<<


Edit Reason: Post moved, comment irrelevant!

please give the name of the cable company who supplies your internet connection ; I suspect it will have its own antivirus protection on it

you need to find that out as you may well be running with two antivirus protection methods which equates to having NONE on there

and , if you are on CABLE? that avg download should NOT have taken about 20 attempts

may one ask if you have managed to get your windows updates from the microsoft site?

this thread of yours

http://www.bleepingcomputer.com/forums/topic143869.html

is rather relevent to your problem

which program flagged up the trojan ?

The cable company is US CABLE.
there was more than one trojan 4 were in c:\windows\wireless\wireless.exe one of these is followed by (3244)
1 in c:\program files\real\realarcade\googleinstapp.exe

Have you been able to remove any of the trojans AVG found?
Have you also tried scanning in safe mode?
Do you have connection to the internet?

Is this the file?

c:\Program Files\Real\RealArcade\GoogleInstApp.exe
the infection is Trojan horse downloader.Agent.TZB
I think I got all of the above fixed/quarentiened but I have no imprvement. Also my task manager no longer works it says it has been disabled by my administrator. This is a personel laptop. I uninstalled spybot s&d due to constant popups and applications trying to change. I have superantispyware. When i restart my computer now the screen says I have critical errors due to spyware and should click to get a spyware remover. I dont know what to do here
I am very uneducated when it comes to computers.

http://www.malwareremoval.com/tutorials/safemodeboot.php

and then run a scan with superantispyware and post the log into a reply

be sure and let us know if anything stops you from doing this

How do i post the log?

go to preferences

statistics/logs

open the log

copy and paste

the recent log is not there? do i need to be in safe mode to find the log since i ran the scan in safe mode?

If this is vista, you might have to right click/run as administrator

in safe mode

and when SAS finishes it should show a report, not crash and suddenly close(then there would be no log)

it did show a report it found 3 malware items however when i tried t lcate the report it only shows the
other logs that were not run in safe mode. So if i go back to safe mode and find it will i have to save
somewhere then be able to paste here?

run it again and save manually

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/26/2008 at 09:51 PM

Application Version : 4.0.1154

Core Rules Database Version : 3412
Trace Rules Database Version: 1404

Scan type : Complete Scan
Total Scan Time : 01:45:35

Memory items scanned : 166
Memory threats detected : 0
Registry items scanned : 5569
Registry threats detected : 0
File items scanned : 22081
File threats detected : 3

Malware.Installer-Pkg/Gen
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{26D2C2C3-CF14-4ED7-B1FC-0BE64AFBA3B3}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{651956B7-1969-42AA-9453-E0B813019D54}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{D1A6F3FD-7B40-443F-8767-BADB25A0D222}.EXE

that is the most recent one

http://www.kaspersky.com/virusscanner

this online scanner is very good at seeing what's in quarantine or restore points, I am still unclear whether you had true malware or crapware/spyware

got kaspy downloaded it says to turn off other virus protection before scanning. I cant figure out how to temporarily turn off avg8 also should i turn off superAntispyware and how?

I CAN help you with superantispyware...I think


do you have the little spider thingi in your system tray ? if so right mouse click on it/on the menu you should see is an option at the very bottom to 'exit'? do you see that? left mouse click ON it ; you will get a dialogue box which asks you if you are sure you wish TO exit and do you wish to see that dialogue box again; I go for the option TO exit and to see that dialogue box again

as TO avg 8; seems many people are also having problems with it and I do not have it on my computer to assist you ; I DO have avg 7.5 which by the sounds of things seems to be a bit more ''friendly'!!

Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target Critical Areas
C:\WINDOWS
C:\DOCUME~1\Aaron\LOCALS~1\Temp\

Scan Statistics
Total number of scanned objects 17979
Number of viruses found 3
Number of infected objects 7
Number of suspicious objects 0
Duration of the scan process 00:14:54

Infected Object Name Virus Name Last Action
C:\WINDOWS\CSC\00000001 Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\default.htm Infected: not-virus:Hoax.HTML.Secureinvites.b skipped

C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt Object is locked skipped

C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{3788CAE4-358B-4204-819F-48C7E85BA6D7}.crmlog Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{778108B6-2258-4CE7-B8D5-193ECD80D036}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\pnVes06\pnVes061083.exe Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\Acr73.tmp Object is locked skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\Acr83.tmp Object is locked skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\Acr85.tmp Object is locked skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\bbbnew.exe/data0000 Infected: Trojan.Win32.DNSChanger.cjd skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\bbbnew.exe EmbeddedEXE: infected - 1 skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\bbbnew.exe UPX: infected - 1 skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\bbbnew.exe PE_Patch.UPX: infected - 1 skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\bobik.exe Object is locked skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\eqdssnp.exe/data0006 Infected: Trojan-Downloader.Win32.VB.ebf skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\eqdssnp.exe NSIS: infected - 1 skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\hpodvd09.log Object is locked skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\~DF2C7E.tmp Object is locked skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\~DFA75A.tmp Object is locked skipped

C:\DOCUME~1\Aaron\LOCALS~1\Temp\~DFAFAE.tmp Object is locked skipped

Scan process completed.

let's do these 2 things in this order in normal boot

http://www.bleepingcomputer.com/forums/ind...st&p=663697

http://www.bleepingcomputer.com/forums/ind...st&p=807726

Malwarebytes' Anti-Malware 1.11
Database version: 689

Scan type: Quick Scan
Objects scanned: 35902
Time elapsed: 10 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 26
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a} (Adware.123Mania) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4340df8e-d7a3-4675-be74-80077b2b3e81} (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{51a0888c-9970-44de-8c2c-835ba870d06f} (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5acae4b8-62d9-4124-a58a-9b1258b77e99} (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d12fb216-99da-4eb3-9cc0-c0f760b174a0} (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d56c1af1-3fde-471c-9bc2-c52515f260c1} (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e656b867-992c-4462-a27d-ebe604ec3a48} (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e656b867-aa2c-4462-a27d-ebe604ec3a48} (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\121.tmp (Adware.Purityscan) -> Quarantined and deleted successfully.
C:\FB.tmp (Adware.Purityscan) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\didduid.ini (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\123messenger.per (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\licencia.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\telefonos.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\textos.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winfrun32.bin (Malware.Trace) -> Quarantined and deleted successfully.

let's watch the computer for a while before doing anything else, try not to make any changes or install any crapware

alright, but i am still having problems dwnloading and my main screen used to have water and starfish on it now has a blue screen with a message telling me im infected and i need to downlad spyware software with a link to do so. all of my shortcuts are still there. I dont know

what's the name of that software? that will help identify the rogue

The link brings me to winsecuritysolutions.com/?aid=444.0
It will not load though.

Go to Control Panel --> Add/Remove Programs --> Check and remove if the following programs are present: SpyMaxx & AntispyStorm2008

Try it in Safe Mode if it fails in Normal Mode.

let's try sdfix
follow the directions exactly
http://www.bleepingcomputer.com/forums/topic131299.html

is it possible to download from safe mode? pretty sure thats what the directions say
never mind guess iread a litttle too fast

SDFix: Version 1.176
Run by Aaron on Sun 04/27/2008 at 07:23 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default Desktop Wallpaper

Rebooting


Checking Files :

Trojan Files Found:

C:\101.TMP - Deleted
C:\102.TMP - Deleted
C:\103.TMP - Deleted
C:\104.TMP - Deleted
C:\127.TMP - Deleted
C:\128.TMP - Deleted
C:\129.TMP - Deleted
C:\12B.TMP - Deleted
C:\WINDOWS\default.htm - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1353.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-27 19:36:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Common Files\\AOL\\1154195096\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1154195096\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Blubster\\Blubster.exe"="C:\\Program Files\\Blubster\\Blubster.exe:*:Enabled:Blubster"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\1154195096\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1154195096\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Tue 11 Jul 2006 56 A.SHR --- "C:\i386\30963EFF6E.sys"
Tue 11 Jul 2006 1,994 A.SH. --- "C:\i386\KGyGaAvL.sys"
Wed 1 Sep 2004 54,384 A..H. --- "C:\Program Files\America Online 9.0\aolphx.exe"
Wed 1 Sep 2004 156,784 A..H. --- "C:\Program Files\America Online 9.0\aoltray.exe"
Wed 1 Sep 2004 31,344 A..H. --- "C:\Program Files\America Online 9.0\RBM.exe"
Wed 15 Jun 2005 141,312 ..SHR --- "C:\Program Files\PhoTags Express\Setup.exe"
Wed 9 Mar 2005 39,936 A.SHR --- "C:\Program Files\PhoTags Express\_Setupx.dll"
Thu 17 Apr 2008 104 ..SHR --- "C:\WINDOWS\system32\30963EFF6E.sys"
Mon 14 Apr 2008 88 ..SHR --- "C:\WINDOWS\system32\6EFF3E9630.sys"
Thu 17 Apr 2008 7,518 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Thu 24 Jan 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Fri 25 Apr 2008 23,510,720 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b040933e0deef5a2e9484ab144f5202f\BIT59.tmp"
Sat 18 Aug 2007 4,034 A.SH. --- "C:\Documents and Settings\Aaron\Application Data\Roxio\Dragon\DiscInfoCache\PHILIPS__DVD+-RW_SDVD8820_AD15_300_DICV018_DRGV2050108.TMP"
Thu 12 Apr 2007 8 A..H. --- "C:\Documents and Settings\Aaron\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Thu 12 Apr 2007 8 A..H. --- "C:\Documents and Settings\Aaron\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Thu 19 Apr 2007 8 A..H. --- "C:\Documents and Settings\Aaron\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Thu 19 Apr 2007 8 A..H. --- "C:\Documents and Settings\Aaron\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"

Finished!

how is it running after a reboot?

got my screen back. I am still having problems with downloading and things like watching videos they start then stop part way through is it possible that there is pauses in my internet connection? sometimes when i try to go to a forum page i will have to click 2 or 3 times hit stop hit refresh then it will load.

let's kill 2 birds with one stone

download this program, extract to your desktop

reboot and run the program and post the log file

http://www.dougknox.com/xp/utils/xp_starttrack.htm

4/27/2008 8:55:20 PM

-- Registry --
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

No Items Found

-- Registry --
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

ehTray C:\WINDOWS\ehome\ehtray.exe
igfxtray C:\WINDOWS\system32\igfxtray.exe
igfxhkcmd C:\WINDOWS\system32\hkcmd.exe
igfxpers C:\WINDOWS\system32\igfxpers.exe
IntelZeroConfig "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
IntelWireless "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
SigmatelSysTrayApp stsystra.exe
Dell QuickSet C:\Program Files\Dell\QuickSet\quickset.exe
SynTPEnh C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
DVDLauncher "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
dla C:\WINDOWS\system32\dla\tfswctrl.exe
ISUSPM Startup "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
ISUSScheduler "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
HP Software Update "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
HP Component Manager "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
Nosign_Dual C:\WINDOWS\nosign.EXE "Dual Mode Camera"
REGSHAVE C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
SunJavaUpdateSched "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
Blubster C:\PROGRA~1\Blubster\Blubster.exe SILENT
TkBellExe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
YSearchProtection "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
USB Storage Toolbox C:\Program Files\USB Disk Win98 Driver\Res.EXE
dscactivate "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
MSKDetectorExe C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
AVG8_TRAY C:\PROGRA~1\AVG\AVG8\avgtray.exe

-- Registry --
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

No Items Found

-- Registry --
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

ModemOnHold C:\Program Files\NetWaiting\netWaiting.exe
MSMSGS "C:\Program Files\Messenger\msmsgs.exe" /background
ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
DellSupport "C:\Program Files\DellSupport\DSAgnt.exe" /startup
YSearchProtection C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
gcNotifier C:\Documents and Settings\Aaron\Local Settings\Application Data\VTShared\GCNotifier.exe
DellSupportCenter "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
SpywareStop C:\Program Files\SpywareStop\SpywareStop.exe -boot
SpybotSD TeaTimer C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
swg C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

-- Registry --
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce

No Items Found

-- Registry --
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run

No Items Found

-- Start Menu - Current User --
No Items Found

-- Start Menu - All Users --
Digital Line Detect.lnk
Exif Launcher.lnk
HP Digital Imaging Monitor.lnk
HP Image Zone Fast Start.lnk

-- Disabled Items --
No Items Found

-- Registry - Shell Value - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon --
Explorer.exe

-- Running Processes --
System Idle Process
System
smss.exe \SystemRoot\System32\smss.exe
csrss.exe
winlogon.exe winlogon.exe
services.exe C:\WINDOWS\system32\services.exe
lsass.exe C:\WINDOWS\system32\lsass.exe
svchost.exe C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs
EvtEng.exe "C:\Program Files\Intel\Wireless\Bin\EvtEng.exe"
S24EvMon.exe "C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe"
WLKEEPER.exe "C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe"
svchost.exe
svchost.exe
spoolsv.exe C:\WINDOWS\system32\spoolsv.exe
explorer.exe C:\WINDOWS\Explorer.EXE
ehtray.exe "C:\WINDOWS\ehome\ehtray.exe"
hkcmd.exe "C:\WINDOWS\system32\hkcmd.exe"
igfxpers.exe "C:\WINDOWS\system32\igfxpers.exe"
igfxsrvc.exe C:\WINDOWS\system32\igfxsrvc.exe -Embedding
ZCfgSvc.exe "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
iFrmewrk.exe "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
stsystra.exe "C:\WINDOWS\stsystra.exe"
quickset.exe "C:\Program Files\Dell\QuickSet\quickset.exe"
SynTPEnh.exe "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
DVDLauncher.exe "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
tfswctrl.exe "C:\WINDOWS\system32\dla\tfswctrl.exe"
hpwuSchd2.exe "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
hpcmpmgr.exe "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
nosign.exe "C:\WINDOWS\nosign.EXE" "Dual Mode Camera"
jusched.exe "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
realsched.exe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
SearchProtection.exe"C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
Res.exe "C:\Program Files\USB Disk Win98 Driver\Res.EXE"
avgtray.exe "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
ctfmon.exe "C:\WINDOWS\system32\ctfmon.exe"
DSAgnt.exe "C:\Program Files\DellSupport\DSAgnt.exe" /startup
sprtcmd.exe "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
ehrecvr.exe C:\WINDOWS\eHome\ehRecvr.exe
DLG.exe "C:\Program Files\Digital Line Detect\DLG.exe"
ehSched.exe C:\WINDOWS\eHome\ehSched.exe
NicConfigSvc.exe "C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe"
RegSrvc.exe "C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe"
sprtsvc.exe "C:\Program Files\Dell Support Center\bin\sprtsvc.exe" /service /p dellsupportcenter
svchost.exe
svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc
mcrdsvc.exe
QuickDCF.exe "C:\Program Files\FinePixViewer\QuickDCF.exe"
hpqtra08.exe "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"
avgrsx.exe avgrsx.exe
hpqgalry.exe "C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe" -s
wmiprvse.exe
wmiprvse.exe
avgemc.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe
dllhost.exe C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
alg.exe
Dot1XCfg.exe
ehmsas.exe C:\WINDOWS\eHome\ehmsas.exe -Embedding
Dot1XCfg.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe -Embedding
wuauclt.exe "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[564]SUSDSa0bb448e6c3120419ba6990da53f2c19
wuauclt.exe "C:\WINDOWS\system32\wuauclt.exe"
StartupTracker3.exe "C:\Documents and Settings\Aaron\Desktop\StartupTracker3\StartupTracker3.exe"

-- Running Services --

Name: ALG
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\alg.exe

Name: AudioSrv
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: avg8emc
Description:
Startup Mode: Auto
Run from: C:\PROGRA~1\AVG\AVG8\avgemc.exe

Name: avg8wd
Description:
Startup Mode: Auto
Run from: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

Name: BITS
Description: Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: COMSysApp
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Manual
Run from: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Name: CryptSvc
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: DcomLaunch
Description: Provides launch functionality for DCOM services.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost -k DcomLaunch

Name: Dhcp
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: Dnscache
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k NetworkService

Name: ehRecvr
Description: Media Center Service for TV and FM broadcast reception
Startup Mode: Auto
Run from: C:\WINDOWS\eHome\ehRecvr.exe

Name: ehSched
Description:
Startup Mode: Auto
Run from: C:\WINDOWS\eHome\ehSched.exe

Name: ERSvc
Description: Allows error reporting for services and applictions running in non-standard environments.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Eventlog
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\services.exe

Name: EventSystem
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Manual
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: EvtEng
Description: Manages the event trace messages for all the components of Intel® PROSet/Wireless software.
Startup Mode: Auto
Run from: C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

Name: helpsvc
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: HidServ
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: lanmanserver
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: lanmanworkstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: LmHosts
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k LocalService

Name: McrdSvc
Description:
Startup Mode: Auto
Run from: C:\WINDOWS\ehome\mcrdsvc.exe

Name: Netman
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: NICCONFIGSVC
Description: Configure your Internal Network Card power management settings.
Startup Mode: Auto
Run from: C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

Name: Nla
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Startup Mode: Manual
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: PlugPlay
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\services.exe

Name: PolicyAgent
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\lsass.exe

Name: ProtectedStorage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\lsass.exe

Name: RasMan
Description: Creates a network connection.
Startup Mode: Manual
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: RegSrvc
Description: Intel® PROSet/Wireless Registry Service
Startup Mode: Auto
Run from: C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

Name: RemoteRegistry
Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k LocalService

Name: RpcSs
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost -k rpcss

Name: S24EventMonitor
Description: Wireless Management Service for Intel® PROSet/Wireless
Startup Mode: Auto
Run from: C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

Name: SamSs
Description: Stores security information for local user accounts.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\lsass.exe

Name: Schedule
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: seclogon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: SENS
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: SharedAccess
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: ShellHWDetection
Description: Provides notifications for AutoPlay hardware events.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Spooler
Description: Loads files to memory for later printing.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\spoolsv.exe

Name: sprtsvc_dellsupportcenter
Description: SupportSoft Sprocket Service
Startup Mode: Auto
Run from: C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter

Name: srservice
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: SSDPSRV
Description: Enables discovery of UPnP devices on your home network.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k LocalService

Name: stisvc
Description: Provides image acquisition services for scanners and cameras.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k imgsvc

Name: TapiSrv
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: TermService
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost -k DComLaunch

Name: Themes
Description: Provides user experience theme management.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: TrkWks
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: w32time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k LocalService

Name: winmgmt
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: WLANKEEPER
Description: Provides Single Sign On (SSO) functionality.
Startup Mode: Auto
Run from: C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Name: wscsvc
Description: Monitors system security settings and configurations.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: wuauserv
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

http://www.bleepingcomputer.com/forums/topic44694.html

see uncontrolled applications

another issue is sharing your bandwidth by launching a p2p sharing application at startup not to mention the security risk

wireless is especially demanding on cpu resources and then avg resident protection especially with the new yahoo toolbar isn;t helping any

http://www.bleepingcomputer.com/startups/

this is a good search page for any startups that you don't recognize

let us know if any sign of malware shows, someone else may think another scan would be appropriate

wow that is a whole lot of stuff that starts up!! i am pretty dumb about computers so this is pretty confusing. thank you very much for all your help with all this.

one other word of warning, we see the worst infections when a program like this has been run




no better way to find a lot of the most dangerous "state of the art" malware

my wife used limewire if i go to remove programs and remove it will that get rid of it entirely?

the program should uninstall clean, not sure about the wife tho



might have to tell her just how dangerous it is

by the way mp3's are now on limewire with imbedded malware that opens mediaplayer then IE and asks you to install a special mp3 player than puts adware on your computer

lovely!

Is it normal to have over 100 things on the autorun log?

yes, but then the average computer today is an accident waiting to happen

and why more and more experienced users build and load their own

security concerns have necessitated leaving more processes running for the inexperienced user

and a big reason why sp3 for windows xp will crash so many computers

hey chewy im still unable to watch streaming video. Ive dowloaded latest flash version (no help) also ccleaner and ran it and still the same. That autrun list you had me run i eliminated some of those things but that stuff is beyond my knwledge level. Any way all virus scans and things come up clean. Any ther suggestions?

I wonder why my computer doesn't have any of these problems?

is it possible that i am still infected causing slow loads and constant freezing during downloads? my scans come up clean just some cookies here and there. i had posted in the audio video but cant figure anything ut there either