Tech Support Forum - View Single Post

Seadog · 05-01-2005, 05:28 PM

Thank you for your continued help!! Please see items below.

1) Here is my TDS-3 log: (there was nothing in the "alarms" window)

09:56:40 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED)
09:56:40 [Init] Started 01-05-05 09:56:40 (UTC: 5), Internet Time @622.69
09:56:40 [Init] Loading TDS-3 Systems ...
09:56:40 [Init] Token successfully adjusted.
09:56:40 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum
09:56:42 [Init] • Plugins : OK. Loaded 13
09:56:43 [Init] • Exec Protection : Not Installed
09:56:43 [Init] WARNING: Your Radius.TD3 database needs to be updated!
09:56:43 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3
09:56:43 [Init] Licensed users can use the Update facility from the TDS menu
09:56:43 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs>
09:57:00 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families
09:57:00 [Init] • Systems Initialised [53638 references - 27561 primaries/13851 traces/12226 variants/other]
09:57:00 [Init] Radius Systems loaded. <Databases updated 01-05-2005>
09:57:01 [Init] TDS-3 Ready. <Scott seaman@70.187.219.175, 127.0.0.1 - ??>
09:57:01 [Tip Of The Day] Did you know? - TDS-3 is the only anti-trojan system that can detect trojans by scanning for the memory-resident mutexes that they use.
09:57:01 [Init] NOTICE A change has been detected in the autostart registry. Press Ctrl+A to view the autostart registry
09:57:01 [TDS] Good morning Scott seaman.
09:57:17 [Mutex Memory Scan] Started...
09:57:19 [Mutex Memory Scan] Finished (no trojan mutexes found).
09:57:19 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering.
09:57:31 [CRC32] Started - verifying 29 files ...
09:57:35 [CRC32] Test finished.
10:01:06 [Memory Scan] Memory scan started, please wait a moment ...
10:01:11 [Memory Scan] Memory scan complete.
10:01:11 [Mutex Memory Scan] Started...
10:01:13 [Mutex Memory Scan] Finished (no trojan mutexes found).
10:01:13 [Trace Scan] Started...
10:01:26 [Trace Scan] Finished.
10:01:26 [ServiceScan] Scanning for services and drivers ...
10:01:33 [ServiceScan] Scanned 320 services and drivers.
10:01:33 [File Scan] Scanning in A:\ ...
10:02:01 [File Scan] Scanned 4 files: 0 alarms in 27.83203 seconds (Avg 1.14 files/sec)
10:02:01 [File Scan] Scanning in C:\ ...
11:05:03 [File Scan] Scanned 55818 files: 0 alarms in 3781.027 seconds (Avg 15.76 files/sec)
11:05:03 [File Scan] Scanning in D:\ ...
11:05:03 [File Scan] Scanned 0 files: 0 alarms in 1.953125E-02 seconds (Avg 1. files/sec)
11:05:03 [Scan] Finished.
11:25:27 [TDS] Good morning Scott seaman.

2) I ran all four of the scans you suggested. I only got one virus warning, and this was when I scanned with Panda ActiveScan. The info I was able to get on this is below:

Incident Status Location

Adware:Adware/ExactSearch No disinfected Windows Registry

Common name: ExactSearch

Technical name: Adware/ExactSearch

Threat level: Low

Alias: eXactSearchbar, NaviSearch, Exact Searchbar

Type: Spyware

Subtype: Adware

Effects:
It collects information on Internet usage and the applications installed in the computer and uses it to display pop-up advertisements.

Affected platforms: Windows XP/2000/NT/ME/98/95

First appeared on: Aug. 12, 2004

In circulation? No

Brief Description

ExactSearchis an adware.

Adware is a license form for using programs, which offers the application at the only cost of viewing a series of advertisements. However, these programs sometimes collect data on Internet usage habits, pages viewed, inventory of the applications installed in the computer, etc.

Then, this information can be sent to Internet advertising companies.

3) I uninstalled the printer, the camera, and MS Messenger. I rebooted the computer and hoped that all would be well. Alas, it was just as slow, perhaps even slower (!) after I uninstalled these things as when they were on the computer!!

I have one question related to this. Could it be that I have too many anti-virus programs on my computer and running at the same time? I have heard that sometimes anti-virus programs don't get along very well and can often treat each other as enemies rather than allies. I think I have McAfee, eTrust PestPatrol, and CounterSpy all running simultaneously. This means that one, two, or all of these are often trying to get updates, and this might be slowing down things, especially during the boot-up phase, which seems to take forever these days. (I usually turn on the computer, and then walk away and do other tasks around the house before checking it again. If I sit in front of the computer while it is taking so long to boot, I start to think about turning my computer into a doorstop.) Should I consider uninstalling these things as well??

4) Fresh HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 7:21:03 PM, on 5/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\Program Files\Microsoft Money\System\reminder.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Microsoft Reference\Microsoft Bookshelf 3.0\qshelf.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [imjpmig] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe"
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: The翻訳_ページ翻訳 - C:\Program Files\TTI_V6_LE\addins\Ie\afi_pagetran.htm
O8 - Extra context menu item: The翻訳_範囲指定翻訳 - C:\Program Files\TTI_V6_LE\addins\Ie\afi_seltran.htm
O8 - Extra context menu item: The翻訳_翻訳設定 - C:\Program Files\TTI_V6_LE\addins\Ie\afi_setdlg.htm
O8 - Extra context menu item: The翻訳_辞書参照 - C:\Program Files\TTI_V6_LE\addins\Ie\ttp_showdic.htm
O9 - Extra button: ?y?[?W?|?o - {2A8DA722-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_pagetran.htm
O9 - Extra 'Tools' menuitem: The?|?o_?y?[?W?|?o - {2A8DA722-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_pagetran.htm
O9 - Extra button: (no name) - {2A8DA725-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\ttp_showdic.htm
O9 - Extra 'Tools' menuitem: The?|?o_?≪?‘?Q?A - {2A8DA725-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\ttp_showdic.htm
O9 - Extra button: (no name) - {2A8DA726-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_seltran.htm
O9 - Extra 'Tools' menuitem: The?|?o_”I?I?w’e?|?o - {2A8DA726-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_seltran.htm
O9 - Extra button: (no name) - {2A8DA728-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_setdlg.htm
O9 - Extra 'Tools' menuitem: The?|?o_?|?o?Y’e - {2A8DA728-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_setdlg.htm
O9 - Extra button: ?‘??BOX - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: ?≪?‘ET° - {964174A1-BDB5-11D5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\IeTbandTate.dll
O9 - Extra button: ?|?oET° - {964174A3-BDB5-11D5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\IeTbandYoko.dll
O9 - Extra button: Yahoo! ???b?Z?“?W???| - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\PROGRA~1\Yahoo!J\MESSEN~1\YPagerJ.exe
O9 - Extra 'Tools' menuitem: Yahoo! ???b?Z?“?W???| - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\PROGRA~1\Yahoo!J\MESSEN~1\YPagerJ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://dynabook.com/
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/Sha...in/AvSniff.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...4/mcinsctl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://www.newsstand.com/downloads/r...1/isetupml.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (32U?ET?A° On-Line Scan) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...21/mcgdmgr.cab
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

My fear, of course, is that we will finally get all the bad guys cleaned off my computer, but it will still be as slow as before, indicating a differnet sort of problem. Ah, technology is so fun!

Thank you!!!!!

05-01-2005, 05:28 PM	#21 (permalink)
Seadog Registered User Join Date: Apr 2005 Posts: 15 OS: WinXP	Thank you for your continued help!! Please see items below. 1) Here is my TDS-3 log: (there was nothing in the "alarms" window) 09:56:40 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED) 09:56:40 [Init] Started 01-05-05 09:56:40 (UTC: 5), Internet Time @622.69 09:56:40 [Init] Loading TDS-3 Systems ... 09:56:40 [Init] Token successfully adjusted. 09:56:40 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum 09:56:42 [Init] • Plugins : OK. Loaded 13 09:56:43 [Init] • Exec Protection : Not Installed 09:56:43 [Init] WARNING: Your Radius.TD3 database needs to be updated! 09:56:43 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3 09:56:43 [Init] Licensed users can use the Update facility from the TDS menu 09:56:43 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs> 09:57:00 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families 09:57:00 [Init] • Systems Initialised [53638 references - 27561 primaries/13851 traces/12226 variants/other] 09:57:00 [Init] Radius Systems loaded. <Databases updated 01-05-2005> 09:57:01 [Init] TDS-3 Ready. <Scott seaman@70.187.219.175, 127.0.0.1 - ??> 09:57:01 [Tip Of The Day] Did you know? - TDS-3 is the only anti-trojan system that can detect trojans by scanning for the memory-resident mutexes that they use. 09:57:01 [Init] NOTICE A change has been detected in the autostart registry. Press Ctrl+A to view the autostart registry 09:57:01 [TDS] Good morning Scott seaman. 09:57:17 [Mutex Memory Scan] Started... 09:57:19 [Mutex Memory Scan] Finished (no trojan mutexes found). 09:57:19 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering. 09:57:31 [CRC32] Started - verifying 29 files ... 09:57:35 [CRC32] Test finished. 10:01:06 [Memory Scan] Memory scan started, please wait a moment ... 10:01:11 [Memory Scan] Memory scan complete. 10:01:11 [Mutex Memory Scan] Started... 10:01:13 [Mutex Memory Scan] Finished (no trojan mutexes found). 10:01:13 [Trace Scan] Started... 10:01:26 [Trace Scan] Finished. 10:01:26 [ServiceScan] Scanning for services and drivers ... 10:01:33 [ServiceScan] Scanned 320 services and drivers. 10:01:33 [File Scan] Scanning in A:\ ... 10:02:01 [File Scan] Scanned 4 files: 0 alarms in 27.83203 seconds (Avg 1.14 files/sec) 10:02:01 [File Scan] Scanning in C:\ ... 11:05:03 [File Scan] Scanned 55818 files: 0 alarms in 3781.027 seconds (Avg 15.76 files/sec) 11:05:03 [File Scan] Scanning in D:\ ... 11:05:03 [File Scan] Scanned 0 files: 0 alarms in 1.953125E-02 seconds (Avg 1. files/sec) 11:05:03 [Scan] Finished. 11:25:27 [TDS] Good morning Scott seaman. 2) I ran all four of the scans you suggested. I only got one virus warning, and this was when I scanned with Panda ActiveScan. The info I was able to get on this is below: Incident Status Location Adware:Adware/ExactSearch No disinfected Windows Registry Common name: ExactSearch Technical name: Adware/ExactSearch Threat level: Low Alias: eXactSearchbar, NaviSearch, Exact Searchbar Type: Spyware Subtype: Adware Effects: It collects information on Internet usage and the applications installed in the computer and uses it to display pop-up advertisements. Affected platforms: Windows XP/2000/NT/ME/98/95 First appeared on: Aug. 12, 2004 In circulation? No Brief Description ExactSearchis an adware. Adware is a license form for using programs, which offers the application at the only cost of viewing a series of advertisements. However, these programs sometimes collect data on Internet usage habits, pages viewed, inventory of the applications installed in the computer, etc. Then, this information can be sent to Internet advertising companies. 3) I uninstalled the printer, the camera, and MS Messenger. I rebooted the computer and hoped that all would be well. Alas, it was just as slow, perhaps even slower (!) after I uninstalled these things as when they were on the computer!! I have one question related to this. Could it be that I have too many anti-virus programs on my computer and running at the same time? I have heard that sometimes anti-virus programs don't get along very well and can often treat each other as enemies rather than allies. I think I have McAfee, eTrust PestPatrol, and CounterSpy all running simultaneously. This means that one, two, or all of these are often trying to get updates, and this might be slowing down things, especially during the boot-up phase, which seems to take forever these days. (I usually turn on the computer, and then walk away and do other tasks around the house before checking it again. If I sit in front of the computer while it is taking so long to boot, I start to think about turning my computer into a doorstop.) Should I consider uninstalling these things as well?? 4) Fresh HijackThis log: Logfile of HijackThis v1.99.1 Scan saved at 7:21:03 PM, on 5/1/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Iomega\System32\AppServices.exe c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Iomega\AutoDisk\ADService.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\vso\mcshield.exe C:\WINDOWS\System32\00THotkey.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\TouchED\TouchED.Exe C:\WINDOWS\system32\TPWRTRAY.EXE C:\WINDOWS\system32\TFNF5.exe C:\Program Files\Iomega\AutoDisk\ADUserMon.exe C:\Program Files\Iomega\DriveIcons\ImgIcon.exe C:\WINDOWS\System32\ezSP_Px.exe C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\WINDOWS\system32\CTFMON.EXE C:\Program Files\Microsoft Money\System\reminder.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Nikon\NkView6\NkvMon.exe C:\Program Files\Microsoft Reference\Microsoft Bookshelf 3.0\qshelf.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\WINDOWS\system32\DllHost.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\HJT\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [imjpmig] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe" O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: The翻訳_ページ翻訳 - C:\Program Files\TTI_V6_LE\addins\Ie\afi_pagetran.htm O8 - Extra context menu item: The翻訳_範囲指定翻訳 - C:\Program Files\TTI_V6_LE\addins\Ie\afi_seltran.htm O8 - Extra context menu item: The翻訳_翻訳設定 - C:\Program Files\TTI_V6_LE\addins\Ie\afi_setdlg.htm O8 - Extra context menu item: The翻訳_辞書参照 - C:\Program Files\TTI_V6_LE\addins\Ie\ttp_showdic.htm O9 - Extra button: ?y?[?W?\|?o - {2A8DA722-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_pagetran.htm O9 - Extra 'Tools' menuitem: The?\|?o_?y?[?W?\|?o - {2A8DA722-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_pagetran.htm O9 - Extra button: (no name) - {2A8DA725-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\ttp_showdic.htm O9 - Extra 'Tools' menuitem: The?\|?o_?≪?‘?Q?A - {2A8DA725-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\ttp_showdic.htm O9 - Extra button: (no name) - {2A8DA726-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_seltran.htm O9 - Extra 'Tools' menuitem: The?\|?o_”I?I?w’e?\|?o - {2A8DA726-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_seltran.htm O9 - Extra button: (no name) - {2A8DA728-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_setdlg.htm O9 - Extra 'Tools' menuitem: The?\|?o_?\|?o?Y’e - {2A8DA728-A2E3-11d5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\addins\Ie\afi_setdlg.htm O9 - Extra button: ?‘??BOX - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: ?≪?‘ET° - {964174A1-BDB5-11D5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\IeTbandTate.dll O9 - Extra button: ?\|?oET° - {964174A3-BDB5-11D5-A8FD-00065B1FF8EA} - C:\Program Files\TTI_V6_LE\IeTbandYoko.dll O9 - Extra button: Yahoo! ???b?Z?“?W???\| - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\PROGRA~1\Yahoo!J\MESSEN~1\YPagerJ.exe O9 - Extra 'Tools' menuitem: Yahoo! ???b?Z?“?W???\| - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\PROGRA~1\Yahoo!J\MESSEN~1\YPagerJ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://dynabook.com/ O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/Sha...in/AvSniff.cab O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...4/mcinsctl.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://www.newsstand.com/downloads/r...1/isetupml.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (32U?ET?A° On-Line Scan) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...21/mcgdmgr.cab O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe My fear, of course, is that we will finally get all the bad guys cleaned off my computer, but it will still be as slow as before, indicating a differnet sort of problem. Ah, technology is so fun! Thank you!!!!!