Posts by 'Stein

Hah nah, no one's EVER clean

Run HJT and fix the following:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: (no name) - {B96B1529-FEB0-441C-844A-3B83AE7D62E8} - C:\WINDOWS\System32\kbdipo.dll (file missing)
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://stream1000.babenet.com/cabs/videox.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yah...utocomplete.cab

But ya, other then that, I don't see anything. Are ya experiencing trouble?

Thanks.

Hmm, if the reformat didn't work, then I feel pretty certain that it's a hardware problem.

Now, I dunno what to do about that, so mabe I'd recommend posting into one of those sections.

Thanks.

Haha ya better win the lottery,, but ya, I'm sorry I couldnt help ya.

Heh my bad tayspern, take it from here (after my instructions).

Hi, welcome to DaniWeb.

Alrite, first off, download the LSP-Fix (http://www.cexx.org/lspfix.htm) , save it to the desktop, but DO NOT RUN IT YET. Next, print these off or copy them to a word document, as you'll have to run this in Safe Mode (constantly press F8 while starting up). Run the program, which is sorta easy to use.

Second I see several things wrong with the HJT log. Rerun a new scan and check the following:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - _{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
F3 - REG:win.ini: run=
O2 - BHO: (no name) - {0DEADE31-9A37-48B2-921A-7825EA93D32A} - (no file)
O2 - BHO: Farstone Url Blocker - {316AEF8D-3C37-423E-9E6E-13820A9DC37A} -C:\PROGRA~1\PCSECU~1\THESHI~1\IrlOnIE.dll
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [keyboard] C:\\keyboard.exe
O4 - HKLM\..\Run: [WinTask driver] C:\WINNT\system32\wintask.exe
O4 - HKLM\..\Run: [Tagasuarus7.exe] C:\WINNT\system32\Tagasuarus7.exe
O4 - HKLM\..\Run: [TheMonitor] C:\WINNT\SYSC00.exe
O4 - HKLM\..\Run: [slupiwwA] C:\WINNT\slupiwwA.exe
O4 - HKLM\..\Run: [sys011134565166-] C:\WINNT\sys011134565166-.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O10 - Hijacked Internet access by New.Net
O10 - Broken Internet access because of LSP provider 'farlsp.dll' missing
O18 - Filter: text/html - {BA576CDE-9949-4473-A8F7-6C17C2A7E600} - (no file)
O23 …

Hey
First off, I apolegize for the delay--the past several weeks has been apocalyptic.

Alrite, I see several things wrong with the log.
Run HJT, and fix the following entries:

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - Global Startup: Digital Line Detect.lnk = ?

Also, do you know/use the server 129.15.1.10 129.15.1.9?
I'm unsure of that entry because I'm unsure if you use it or not.

One of the problems might be the "Power Reg Scheduler V3." Basically, it's a reminder to register some product or another. Although it's not considered spyware, many users are bothered by it. However, don't deal with this yet. We'll see if the problems persist later.

Also, if this doesn't help, it wouldn't hurt to run several of these online scans:

http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php

After that, a new log and a description of the remaining problems would be awsome.

Thanks.

Hmm, I don't see anything wrong with the log.
Are ya still having problems?

Also, next time ya post a log, copy/paste it into the body of the message, don't enclose it as an attachment.

Thanks.

Welcome to DaniWeb!

Alrite, I see several things wrong with your HJT log. It appears you're infected with several things.

Ok, so print this out, and close out of all windows. After doing this, run the HJT, and fix the following:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
O4 - Global Startup: Digital Line Detect.lnk = ?
O23 - Service: Local Security Authority Subsystem Service (lsass) - Unknown owner - C:\WINDOWS\scvhost.exe

After this, reboot into Safe Mode (constantly press F8 while restarting).

While in Safe Mode, delete C:\WINDOWS\scvhost.exe
(realize this is sCvhost.exe and NOT sVchost.exe.,, DO NOT DELETE svchost.exe)

Also delete the folder: C:\Program Files\MyWaySA

After doing all of this, restart your computer and post a new HJT log here.

Thanks.

O ya, I'd definitly recommend Ewido. It's free, and catches a wide variety of things. Out of curiosity, is this about the same computer that's mentioned in the other post by you (it was posted around the same time)? If so, mention this in the other thread, and it would be good to remove it if its unnecessary without money.

If it's a different computer, ya could always post another HJT log here.

Thanks

Alrite, great. Could ya please post the HJT log? That would be incredible.

Also, what probably wouldnt hurt is to download Ewido anti-malware. This works significantly better then most other spyware cleaners. The link for this is inside my signature I believe ( http://www.ewido.net/en/ ). After downloading, be sure to run an update, and then scan the entire computer. After running Ewido, please rescan with HJT and post a new log.

So in short, download and run Ewido, and then after that, post a new post.

Thanks.

Mowsart, welcome to Daniweb

Alrite, to start it off, you're gonna have to download a program called HijackThis (HJT) that helps diagnose problems on the compuer.

Download location, and directions for its use can be found here:

http://www.daniweb.com/techtalkforums/thread28196.html

After running the scan (heh, follow the directions please), save a log and copy/paste the log into a new post into this thread. After that, we'll work from there.

Thanks.

Oftentimes when I use the computer, I'll start a program, and, even tho it shows up on the Process List, it doesn't physically run. I've waited a long time, with no results. I also strongly think this is a software problem/computer problem, and doesnt have anything to do with spyware (I've checked it personally). It's not a firewall either. Ive tried it with all the Anti-virus softwares and firewalls off. Lastly, the file isnt corrupted either. Ive double checked this too.

As of now, the problem on hand is the installation of Google Earth. However, its not limited to this--it hasnt worked for many programs.

Thanks.

D3m3nt3d, jus outta curiosity, how'd ya kno it was vundo? (Heh im tryin to learn this stuff :o )

Heh I kno what ya mean...
But ya, lemme just warn ya, oftentimes when ya get them off P2Ps (Its just a 'what if'), they have imbedded viruses that ya gotta look out for.

Also, mabe ya should try reinstalling it, as I see it appears more to be a software problem rather then a spyware one.

Hmm, by any chance, thegu3st, were ya running a web browser when ya tried to fix it?

Hmm, ya might want to try running CCleaner:

http://www.filehippo.com/download/5...e/download.html

Generally, it finds, among other things, faults in the registry code, etc, which builds up after internet use. This probably won't cure the problem completely, but it may prove significant.

Another thing: did the reformat of your computer help the problem any?

Is it possible ya were running a trial version of Photoshop and ya used up its 'trial days'? I kno many people that have done that.

Well, first off, ya should correct these on youre HJT:

O1 - Hosts: 66.218.75.184 mail.yahoo.com
O2 - BHO: Creata Mail - {9FEA5BDA-695A-417B-AA31-B54A06570053} - (no file)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program
Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program
Files\UltimateBet\UltimateBet.exe

That might clear something up.
Hmmm if none of that cleaning helps... I'm more of a spyware guy, it probably wouldnt hurt to mabe reset your router if ya use one, and do the same if ya have a modem (if ya got one). Sometimes the hardware inside the modem/router autoblock certain sites.

After you're done with that, post a new log please.
thanks.

Hmmm, the only thing I see wrong with the log is the Weatherbug. Run HJT and place checks next to these:

O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)

And that's all I see wrong. The Weatherbug is sorta useful, but it has imbedded spyware. After that, try running your spyware program. After that, run Norton and Ewido (I believe ya have those, based on your log).

thanks.

Heh sry its taken us so long to reach ya--it's been a busy week. But ya, I THINK ya got a Trojan on ure computer, named Troj/Dloader-LO. But there are several things to correct in ure HJT log:

R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKCU\..\Run: [SOProc_SoRefRegSoAlertWxLiteNnAj] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack SoRefRegSoAlertWxLiteNnAj
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

In addition to all of that, I'd recommend to run both of these:
http://trojanhunter.com/
http://www.simplysup.com/

and run at least 2 of these too:

http://www.kaspersky.com/scanforvirus.html
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://housecall.trendmicro.com/
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php

Lastly, after all of that, post a new log.
thanks

Heh, if ya formatted, could ya please mark the thread as 'solved' (its a link near the top).

Alrite, not too good.
First off, begin by downloading this and saving it to your desktop:
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

Then, follow directions, and after it all, post a new log.

This thread might help:
http://forum.tweakxp.com/forum/Topic190082-29-1.aspx

Thanks

THe only thing I see is the fact that you're running HJT from a Docs and Settings folder. First, create a new folder in Program Files with a title that you'll recognize (ie HJT, spyware help). Then, drag the HJT files into this new folder.

Other then that, I don't see anything wrong with the log.
Are ya having problems?

Alrite, several things with the HJT log. Please place checks nxt to these entries:

O9 - Extra button: 32Red Poker - {437F7F6F-FFCC-47e1-8A4B-C992493CF6C3} - C:\Program Files\32RedMPP\MPPoker.exe
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Program Files\ladbrokesMPP\MPPoker.exe
O9 - Extra button: Absolute Poker - {EFFF8D47-D060-4108-B761-E8EC86622E56} - C:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {EFFF8D47-D060-4108-B761-E8EC86622E56} - C:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk

Hmm, that LOOKS like it, but mabe not...After running HJT and checking these, click fix. Then, run a new scan and post a log.

Does that solve anything?

Heh sure. Alrite, about the HijackThis, it's easier then it seems. First, you're gonna download the software, but NOT open it. Instead, first create a new folder in the Program Files, and name it HJT. Then, drag the installer folder (what ya downloaded), place it in the new folder made, and double click on it. (what also never hurts is to make a shortcut to it, and place it on the desktop). After opening it, hit 'Scan'. After scanning, JUST click 'Save log'. When ya do this, a notepad document will open with the log. Once you have this, copy+paste it into a reply to this thread.

Things to remember:
1)Make sure to move the installer to a permenant folder.
2)Be sure NOT to check anything after running the scan. Also, be sure to click 'Save log', not 'Fixed checked'.
3)Lastly, be sure NO other windows are open when running HJT. That even includes internet windows, this thread, etc. If necessary, ya might want to print it out.

Thanks.

Heh my bad.. :o . Last thing then, could ya mark the thread as 'solved' (there should be a button near the top).
Thanks.

Hmm, start off by posting a HijackThis log. Insturctions for doing this can be found here:
http://www.daniweb.com/techtalkforums/thread28196.html
thanks.

Hey, sry for the delay, BUT, run HJT and place checks next to these:

R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe

Hmm, so try that, tell me if it's still having problems, and post another log.
thanks.

Sry for the delay,, what's the problem?

By the way, run your HJT and place checks nxt to these:

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll

After checking and fixing, send another log.

Heh here's that link I forgot to put in there for CCleaner

http://www.filehippo.com/download/5...e/download.html

But other then that, I don't see anything else to do, except mabe a Defragment and take out the AOL & Google toolbars.

Also what never hurts is to download CCleaner.

Alrite, mabe I'm wrong, but this seems like spyware. I'd recommend that ya post a new thread in the 'Virus, Spyware, and Other Nasties' thread, along with a HijackThis log. (directions for doing this can be found in the very first thread listed, http://www.daniweb.com/techtalkforums/thread28196.html )

Mabe I'm wrong, but I really think it could be another factor, such as connection speed, etc.

Hmm not a bad plan I guess...Have ya used CCleaner recently?
It can cut down on alotta stuff.

Edit: (and I hate to press the issue, but have ya tried Ewido? :o it's the only malware scanner Ive used that's caught a good number of stuff,, but if you're sure ya have none on you're computer..)

The only reason I keep mentioning it (I apolegize) is because of what Chris5126 said about startup programs. Even msconfig doesnt show all processes...some are hidden.

Hmmmm

Rerun the scan, and place checks by these:

O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/res...can8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/active...free/asinst.cab

Now looking at the scan, I didn't see much wrong with it, so after fixing those several checks, tell me how it's doing. Then, post a new HJT log. Oh, and it wouldn't hurt to run a Windows Update.

Thanks.

..

EDIT: damn, mispost/wont edit itself out/wont let me delete it, sry... :o

Hmmm couple things first,, have ya run Windows Update recently? Your Internet Explorer seems to be out of date possibly. Secondly, which antivirus do ya have? I'd reccomment downloading Ewido Anti-Malware in addition to AVG.

AVG – http://free.grisoft.com/doc/2/lng/us/tpl/v5
Ewido - http://www.ewido.net/en/download/

After updating both and running scans, could ya post a new HJT log?

Dude, I hate to say it, but I wouldnt doubt one bit that ya have a virus/extreme malware. I'd reccomend that ya download HijackThis (a diagnostic software), rewrite the problem in a thread in the 'Virus, Spywares, and other nasties' category, and post a HijackThis log into your thread. Help with the HJT can be found at the top of:

http://www.daniweb.com/techtalkforums/thread28196.html

Thanks. Now you're prly thinking that since ya ran Norton/etc, you're protected, but from what I've noticed (from helping/reading posts here), the majority of the time, virus scans didnt catch the virus. Jus trust me on this one :)

Yes indeed. Could ya please post a HijackThis log in a reply? Directions for doing this are enclosed in the following thread:

http://www.daniweb.com/techtalkforums/thread28196.html

Thanks.

Hey, thanks a TON gemini4, I appreciate it greatly.

Alrite, stupid mistake by me, BUT, how would I go about deleting it?....I've tried checking boot paths and all, but that doesnt do anything.

Alrite, several things. First, is it one of those things, where ya put in your username/pass, hit enter, and it basically reloads the page?

First off, I'd try doing this and following the directions here:
http://www.daniweb.com/techtalkforums/thread27570.html

Then, I'd try converting and switching to use Firefox instead of IE. Overall, it has better safety and fixed the problem mentioned above (first paragraph) for me.

Well, I dunno if it helps much, but if ya want free antivirus SCANS, some websites offer some quality scans...most notably:

http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php

For a Spyware scanner, etc,, I'd try Microsoft AntiSpyware (Beta). Its free, and is good for catching things before they start. And, I don't think it takes up too much space...

Well first off, ya need to move and unzip the folder into a permenant folder (ie outside Documents and Settings). I'd say create a new Program Files folder, name it HJT or something, and unzip the HijackThis folder into the Program Files folder.

wait, it didnt work,, 'Check All Boot Paths' said that all the lines for Microsoft seem to be operational. However, I still see 2 entries under Boot.ini inside msconfig.

Under [operating systems], 2 are listed,

1) multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional "/fastdetect/NoExecute=OptIn

and
2) C:\="Microsoft Windows"

Note: The first 1 is set as the default,, and the 2 entries are vertically in the order they were given (ie 1 is above 2)

Alrite, Im sorta new at reading, but i think ive found some spyware on here:

C:\Program Files\TimeSink\AdGateway\TsAdBot.exe
C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
O2 - BHO: CeresObj Class - {00000049-8F91-4D9C-9573-F016E7626484} - C:\WINDOWS\ceres.dll
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll
O2 - BHO: BestOffers Shopping BHO - {F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} - C:\Program Files\TBONAS\TBONlchr.dll
O3 - Toolbar: BestOffers Shopping v1.20 - {7FD44536-9DF0-4034-939F-5BD4D98E3187} - C:\Program Files\TBONAS\TBONlchr.dll
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKLM\..\Run: [MindSoft FreeRAM] C:\Program Files\MindSoft\MindSoft Utilities XP 9\FreeRAM.exe
O4 - HKLM\..\Run: [TimeSink Ad Client] "C:\Program Files\TimeSink\AdGateway\TsAdBot.exe"
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe"
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/platypus/miniclipGameLoader.dll

In additon to clearing using HJT, you're going to have to delete some files:

C:\Program Files\Time Sink
C:\Program Files\AceLogix
C:\Program Files\Mindsoft

Now, I THINK these are valid fixes, but just to be sure, I'm gonna let DMR look at it. :)

In addition to that, whenever I try to click on "Microsoft Windows" (not the XP Professional one), it tells me Invalid disc drive. Does this mean I can delete this using the method ya mentioned above?

I havn't used this specific computer in a while, so I just wanted to double check it didn't have spyware before I started using it. No problems, just wondering if someone could look at the HJT log. Thanks.

Logfile of HijackThis v1.99.1
Scan saved at 6:50:14 PM, on 2/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\Sktempdm.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\1110066468\ee\aolsoftware.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet k series\Bin\hpoorn07.exe
C:\Program Files\Folding@Home\winFAH.exe
C:\Program Files\Folding@Home\FahCore_78.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.search.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = …

Heh, knowing me, I prly forgot to format. Is there a way to check if I did? And, I don't THINK I had files from the past OS, but I guess its possible I did....

(sry Ive taken so long to respond)

When I reformatted and reinstalled all of Windows XP (last year or so), I feel I might have screwed up and somehow kept the other version on it. The reason I think this is because now, whenever I start up, it comes up with a black screen that asks which operating system I want to run. The options are 'Microsoft Windows XP Professional,' and "Microsoft Windows.'
Because of this, it's been running slower then normal.

Thanks a lot.