need help - Page 2

It looks much better but give me a few to really look through both of these logs.

ok..thank you

Ok, question, what anti-virus program do you have on there? I see McAfee but many of the files are noted as missing. Did you uninstall it? If so what are you using?

I was tryin to reinstall Mcafee, but the previous problems prevented it from downloading...i have installed it today...so now I have mcafee...do you think i should go with a different program?

I, myself wouldn't recommend McAfee, but the choice is yours. IF you installed it before your HiJackThis was run the last time then it was installed incorrectly. If you installed it After then it also may be incorrect because it wasn't uninstalled correctly either. Run a new HJT scan and post that log so I can see.

here it is...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:41:35 PM, on 8/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\WINDOWS\MouPter.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0409/bl8.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: AT&&T Toolbar - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - C:\PROGRA~1\ATTTOO~1\ATTTOO~1.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [mMouse] MouPter.exe
O4 - HKLM\..\Run: [SetMou] SetMou.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISW.exe] "C:\Program Files\AT&T\Internet Security Wizard\ISW.exe" /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Dairy%20Dash/Images/stg_drm.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1219458442000
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1234585684023&h=bec4aa22bde639b666ca1e09933dbbed/&filename=jinstall-6u12-windows-i586-jc.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/SpongeBob%20Diner%20Dash%202/Images/armhelper.ocx
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: McAfee Application Installer Cleanup (0206641251230896) (0206641251230896mcinstcleanup) - McAfee, Inc. - C:\DOCUME~1\Nicholas\LOCALS~1\Temp\020664~1.EXE
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Update Service (gupdate1ca134837a9f05c) (gupdate1ca134837a9f05c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 9037 bytes

Ok, looks like it is on there fully. Now you need also to be sure you have up to date Java, I cannot tell for sure by your log. Current version is 6 update 15. Go HERE to download the latest version. Choose the Offline Install and save it to the desktop. Then go to Add/Remove and Uninstall all the old versions listed there. Once those are all uninstalled then double click the install file to install the new version. Then go back to the download page and click Verify Now to check to be sure the install went as it should have.
Then come back and I will give you some final steps.

Followed all steps

Verifying Java Version
Congratulations!
You have the recommended Java installed (Version 6 Update 15).

thanks so much for your time and effort...any more tips are greatly appreciated...

Southern

Do you feel everything is running correctly?

If you do you need to do the following before you are finished:

You should remove HiJackThis, you don't need it any more.
You also should uninstall combofix. It basically is a "one time" fix. If a person is told to use it again some other time then a new copy would be needed.

* Click START then RUN
* Now type Combofix /u in the runbox and click OK. The space between the combofix and the /u, it must be there.
When shown the disclaimer, Select "2"

You also need to set a new, clean Restore point.
To do this Right Click My computer.
Choose Properties
When System Properties opens choose the System Restore Tab.
Place a check mark in Shut down System Restore.
You will probably get a message telling you it will be shut down, click ok or yes.
Allow it to shut down.
Wait a moment. Then go back in and take that check mark Out so that System Restore will turn back on.

The computer is running so well now....i set a new restore point and got rid of combofix and hijackthis...thank you so much for your help...i will make sure this never happens again...and one more question for you...im going to spend money on a good anti-virus program...whats gonna get me the most protection for the buck...i don't mind spending $50 or $60 bucks...

Absolutely no need to spend a penny. Two of the best out there are Avast and Avira.
Both are consistently at the top of the best list. Go with one of those.

Thanks for that tip...couple of questions...i dont want to sound ignorant, but i have a long list of processes that are constantly running, and i'm not sure what should be running and whats not needed...and also...a couple of minutes ago i just had one window open and the computer got really loud and really fast...i know it does that when scans are going on...but it did it out of nowhere...maybe i'm crazy..but is that normal...

..but is that normal...

sometimes yes, as you said when scans are done or when "labor intensive" programs are used.
As for the large number of processes running, part of the reason for that is the large number of programs you have running all the time in the back ground, because they all load at start up, many of them are unnecessary and can very easily be run manually if needed.
If you want I can give you a list from your last HiJackThis log of programs which can be run manually when you want to use them. I recommend using Mike Lin's Start Up Control Panel to turn off these unnecessary items. It is a FREE program, very small, super easy to use. Download it and then install it. Once it is installed you can find it in the Control Panel with a little computer icon and labeled Start up. You open the program and you will see a group of Tabs. You go through each tab and remove the check mark next to items you see there which don't need to auto start. Some tabs may have nothing in them, that is normal. Once you have removed the check marks from those programs you don't want running at start then you just close the program and restart your computer. That's it.
I will be back with the list shortly.
One program that WILL add a lot to running processes is the McAfee program, take a look at that last HJT log here and you will see how many items are listed there...a huge number.

Just realized here, going through all your start ups that you have the AT&T Internet Security Suite on the computer...what components of this program are you using? It does contain a firewall, anti-virus program and an anti-spy program. Do you have all of these activated? If so then the McAfee should go, along with any other firewall you have OR remove the AT & T program. The rule is ONE anti-virus, one firewall. Frankly, I would advise you to dump them all in favor of either Avira or Avast anti-virus which are FREE by the way. But if you have paid for McAfee then I would guess you would prefer that it stay. Before I recommend anything else give me the particulars of exactly what you have included and running with the AT&T program

The programs you can turn off using Mike Lin's program are:

Adobe Reader Speed Launcher
TkBellExe
HelpCenter4.1
UnlockerAssistant
iTunesHelper
SunJavaUpdateSched
IgfxTray
QuickTime Task
MsnMsgr
swg

Be sure though and let me know about that AT&T Security program.

It seems that the program is there but i haven't been using it...it gives me the option to cut it on or off...i do believe that you have to pay for it which i haven't...I'm going to take your adviceand get rid of that and mcafee...so with the avira...does that cover me as far as a firewall and antivirus?...should i cut off the windows firewall when i get avira or leave it running?...thanks for the start up program..it worked perfect...

Yes you should be covered as far as an anti-virus goes. Don't just "cut off" that AT&T program, UNINSTALL it. Same goes for McAfee...UNINSTALL, don't just "cut off" or delete. If you do there WILL be remaining files which can interfere with proper running of any other anti-virus program you put on there, no matter which one.
Leave the Windows Firewall running. Avira is only an anti-virus program.
If you want to use different firewall there are several free ones that are quite good too. I myself use the Windows Firewall and am quite satisfied. Others may disagree so the choice is yours.

ok uninstalled at&t and mcafee...installed avira...and i'm leaving the windows firewall up....what's a good pop up blocker...the one im using sucks..and also, before i used to play spades on yahoo...now it won't let me connect to their game server...any ideas?

Did u get my last post?

Did u get my last post?

Sorry, this just slipped by me. Maintenance on daniweb on Friday and then I was away yesterday.
For pop-up blocking I use the built in one on Firefox. I rarely use IE, have used Firefox for several years now, but when I do that built in one there also works great too. I don't have an "extra" pop up blocker program on my computer at all.
I see you still are using IE6. I would most definitely urge you to update to IE 7. It is more secure, though not as secure as one like Firefox or Opera. DON'T update to IE8, it really has caused problems for some. But IE7 for sure.