Hi: Have a fairly new Acer Desktop system (Classic Software was a GREAT help to me in selecting my system) which had been running GREAT. Now recently system freezes and I have to press alt/cont/delete. Today, I did this and received a message from Microsoft that maybe I have spyware. My computer was set up my Tiger Direct to receive all Microsoft Updates automatically. I have the following freeware programs downloaded: spf Sygate, AVG Free, and SpyBot as well as Lavasoft AVG Free. DO I HAVE ALL I NEED TO KEEP MY SYSTEM FROM GETTING SPYWARE OR IS THERE SOMETHING ELSE. ALSO, HOW CAN I TELL IF I NEED THE PROGRAMS THAT ARE RUNNING AT START UP? Thanks to all for help provided.

As an afterthought, I went to start and then run and typed in msconfig and then clicked on start up and the following twenty-seven programs are checked (I do not know what they are or what they represent and whether I need them or not.

They are in the order listed: Alaunch, ntmui, pdvd serv, imjpmig, imscinst, tintsetp, tintsetp, soundman, ccapp, monitor, lgfxtray, hkcmd, jusched, sndmon, real play, avgcc, apdproxy, cfd, ybrwicon, motivesb, smc, msms6, 1, micro-soft off, sbc self support tool, adobe reader, trueasst spe.

Again, thanks in advance to all for help. :confused:

Hi Crestwood,
I moved this to Applications & Security as you are asking about securing/infection issues.

Hi there,

I apologize if I posted my message in wrong area. :(

Please post a HijackThis log so we can see what is going on that might be effecting your system...

To run HJT, extract it to a permanent folder such as one
you create like C:\HJT or the Desktop. Close all open windows and
browsers and make sure that all programs are enabled if
you use msconfig. Run it and Scan, then Save the log.
When the log window appears, Right click to Copy it, open
your browser and come here to Paste the entire log. Do
not make any changes until it is checked since most items
are either benign or essential to the computer.

http://www.subratam.org/main/index.php?option=com_content&task=view&id=19&Itemid=41

Hi: I appreciate your reply but I believe this is too complicated for me to do as I am not very computer savy. The procedures outlined in your message unfortunately go "over my head". Crestwood. :(

It is pretty simple...

Download the program using the link I gave you...

Save it to a folder like C:\HJT or into one you already have like C:\Downloads... You can even just save it to the Desktop...

If you have WinXP, you should be able to unzip it and then just run it...

Run a scan and save a log...

Copy that log and paste it here... If you need more detail about how to do that, post back...

The download link did not work and I saw warnings to "use at one's own risk if not an expert user" -- again I appreciate your post but I think for someone who is a senior and not computer savy, this is to complicated for me. If you have something simplier for me to follow (without risk to my desktop) I would feel more at ease about it. Also, you said something about posting the results of test at the PC Guide Discussion Forum -- I am afraid I do not know how to do this. Thanks again. :confused: :confused:

The HijackThis log will tell us where and exactly what all of those startup programs are.

The risk from HJT is using it without guidance...one of the experts, of which Budfred is an emminently qualified member of that group, will tell you exactly what to remove witht hte tool.

We will also provide you with step by step instructions on how to do the removals.

Now, you are familiar with how to Copy and Paste?

All you need to do, since the HJT log opens in Notepad, is to Select All, then Copy, then paste it into a reply box here on the forum.

To run HJT, you need to create a folder for it...as it doesn't actually get installed, it doesn't make its own folders. Once it has been place in a folder, then run it.

If the first link didn't work, try here...

http://www.merijn.org/files/hijackthis.zip

If that doesn't work then there is the chance that you are infected by something that is blocking your access to the tools needed to remove it.

Sir: Thank you so much for your help -- here is the result of copy and paste. Thanks again. :confused:

Logfile of HijackThis v1.99.1
Scan saved at 4:58:49 AM, on 6/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\YAHOO!\browser\ybrwicon.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\YAHOO!\browser\ycommon.exe
C:\Program Files\TrueAssistant\TrueAssistant.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.chicagotribune.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\YAHOO!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - Startup: TrueAssistant.lnk = C:\Program Files\TrueAssistant\TrueAssistant.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=39204[/url]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url]http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137373298515[/url]
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - [url]http://a19.g.akamai.net/7/19/7125/1452/ftp.coupons.com/r3302/cpbrkpie.cab[/url]
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

You don't have much there that is bad... Please open a HJT scan and put checks next to:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com

Close all open windows except HJT and press Fix checked...

I think the main problem may be that you seem to be running Norton Antivirus at the same time you are running AVG antivirus... Running two antivirus programs at the same time means that they are fighting over resources to do the same job... I suggest that you turn one of them off... If you continue to have problems after that, we may need to dig a bit deeper... Let us know how things are going...

Thank you ever so much. Norton Anti-virus came with my system and I keep on getting messages to renew it which I have been ignoring. After receiving your suggestion, I disabled Norton and I received a message that it will no longer automatically come on at start up of my desktop. I really appreciate your kind help. :)

How is your system running?? Did the problems clear up??

Yes my system seems to be better but a bit slow. I thought earlier that I had disabled Norton anti virus but I just received another message to renew so I am going to try and remove it entirely since I have never used it. I am very grateful to you for your support and assistance. Thanks again, so very much.

Hi, one more question please. What are the three files that you asked that I place a checkmark next to. Will this mean that they will be deleted? Thanks again for your help and your patience.

They weren't files, they were reigistry entries that are not the Mocrosoft defaults. By checking them, they are reset to the default values. That particular set enters Yahoo through a web tracking portal.

Hi: I checked the three items and then selected "fix" and these are items remaining - thanks again so very much. Anything else you can suggest to me to keep my Acer desktop safe, would be greatly appreciated. :)

Logfile of HijackThis v1.99.1
Scan saved at 7:44:57 AM, on 6/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\YAHOO!\browser\ybrwicon.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\YAHOO!\browser\ycommon.exe
C:\Program Files\TrueAssistant\TrueAssistant.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 4 for hijackthis[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.chicagotribune.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\YAHOO!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - Startup: TrueAssistant.lnk = C:\Program Files\TrueAssistant\TrueAssistant.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=39204[/url]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url]http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137373298515[/url]
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - [url]http://a19.g.akamai.net/7/19/7125/1452/ftp.coupons.com/r3302/cpbrkpie.cab[/url]
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

Your log looks clean... This is what I post for prevention, the article is particularly helpful...

Here is my prevention speech to help avoid future infection:

This is a good time to set up protection against further
attacks. Read the article linked below about "How did I
get infected". You need an antivirus that is updated, a
good firewall (a router firewall is not enough) and a
spyware blocker like SpywareBlaster and also IE-Spyads.
All of these have good free versions available... be very
cautious about any security software that advertises in
popups or other intrusive ways, they are not only usually
useless, but also often have malware in them....

http://forums.spywareinfo.com/index.php?showtopic=60955

I am so very grateful and appreciative for your kind help. Would you advise me to have additional security programs on my desktop in addition to adaware, spy bot, avg grisoft and sygate -- thanks again! :)

I would keep those up to date and add SpywareBlaster... The advantage to SpywareBlaster is that you load it, update it and set the protection, then close it... It doesn't require any resources to use it... It is important to update it every week or two... Other than that you have the basics...

Spybot has a program called TeaTimer that provides some protection all the time... I would suggest turning it on as well...

Please do read that article, it talks about how to use the internet to reduce the chances of infection as well as talking about tools...

I have downloaded SpywareBlaster Protection. It indicates that Internet Explorer Protection is disabled and Restricted Sites Protection is disabled but I have the option to activate them - would you say I should do this? Also there is a message that MozillaFirefox is not installed. I don't mean to be a pest but being a novice, I need and appreciate all the help I can get. I will read the article. Thanks again for all your help! :) Also, I will look into the tea timer.

Yes, you want to enable both those protections.

Spyware blaster operates by adding restrictions to certain sites. It places known spyware hosts in IE's restricted zone, whic basically cripples those sites. It also a number of IE's security features for tighter security.

FireFox is an alternate browser. I, and many others, beleive it to be a much better browser than IE.

Hi: I have enabled both of these protections and also I have tea timer turned on. Would it be difficult and advantageous to change my desktop from Internet Explorer to Mozilla Firefox? You have been a tremendous help and I truly appreciate it. Thanks so much. :)

It isn't changing your Desktop, it is your browser... It is the tool you use to look at things like PCGuide while on the Internet... You can't remove Internet Explorer, but you can use whatever browser you want in addition to IE... I use FireFox for most of my web browsing and only resort to IE when I am visiting a site that won't work properly with FireFox... FireFox is much more secure, responds more quickly when a vulnerability is found and has some really excellent features including the ability to turn off all of those awful flashing ads... I certainly would urge you to use it, but it is your choice each time you do...

Hi, I have just downloaded Mozilla Firefox and it seems so much faster. However, I don't see my mail icon anywhere (Yahoo AT&T is my ISP). If I may I would like to ask you another question, I want to purchase a Canon A540 Digital Camera -- can you tell me if there is anyway I can tell if my Acer FE desktop is compatible with the camera. Also, do you know if it is very difficult to download pictures, and the camera comes with a free Epson printer. Is this a good printer for the Canon camera or would it be best to have a Canon printer. Thanks so much again for all of your kind help! :)

You will need to set up whatever link you need for your Yahoo mail, there is probably a description of how to do so on the Yahoo site or someone here may have done and know how...

It is usually easy to download pictures from any camera and any printer should work well... Epson has good quality photo printing, so it is a good choice...

It's even easier to download your image files to your HDD if use an inexpensive "Universal Card Reader".
You leave this permanently connected to the USB socket [if you like], and all you need do is take the memory card out of the camera, put it into the appropriate slot in the reader, and the files should show up on your Explorer window.
HERE (http://www.jessops.com/Store/s27062/0/Card-Readers-and-Adapters/Jessops/Universal-Card-Reader-USB-20/details.aspx) is the one I use.
I find it easier and therefore more convenient than connecting the camera [which is the way I did it formerly].

Hi: I am extremely grateful to you - thank you so very much. Crestwood :)

Hi Budfred:

Just want you to know that my desktop is running real well. I love Mozilla Firefox as it seems so much quicker. I purchased my Canon A540 digital camera on Saturday so now I need to get out the instruction booklet and figure out how to use it. Ritz Camera had a special offer where with the purchase of a digital camera, they gave you a Epson photo printer which is free after rebates. I really appreciate all the kind help you have given me -- everyone at this site is so nice. Thanks again! :) :) Crestwood, Illinois

Sounds good!! Thanks for letting us know... :)

Good morning: You have been so helpful in the past, that I wonder if you could help me with a few questions that I have. My new Acer desktop, for some reason I am unable to clear my history trail. Firefox is my browser and I have SBC Yahoo High speed as my ISP. Also, is there anyway that I can turn up the volume on my monitor (Acer 1722 17 inch). According to the volume button, I have it turned up as high as it will go but sometimes it is not loud enough for me. If I am posting this message on the incorrect forum, I am sorry. Thanks in advance for your help. Crestwood, Illinois.

"I am unable to clear my history trail"
CCleaner (http://www.ccleaner.com/) would be well suited to doing that; it has tick boxes for eliminating various things like that [see image below].

"is there anyway that I can turn up the volume on my monitor (Acer 1722 17 inch). According to the volume button, I have it turned up as high as it will go but sometimes it is not loud enough for me"
Is there no hardware volume control? Only software?
Can you use a headset with the system?
Is the headset also not loud enough?
Does the headset have a hardware volume control on it? [mine does]
Do you have a headphone socket on a CD-drive, and have you tried it?

In case you think it only does Internet Explorer...

A big thank you to you -- it worked! As far as volume is concerned, there is a volume control on my monitor but I have that as loud as it will go to. I have not looked into earphones. Thanks again so much for your kind help. :)

So the hardware volume control is full up for the speakers.

Are these speakers built onto the side of the monitor, or freestanding?
Do they have their own buit-in amplifier?
Are they connected to the "Line Out" or "Speaker" socket on your sound card?
Is the software volume control full up?

Speakers are built into the Acer 1722 Monitor. Not sure about amplifer or where to find this or the other that you referred to. :confused: If you will advise me how to copy and paste to this forum, I will try and do this so you can see what my settings are. Thanks again for your kind help.

If you look in Tools - Options - Privacy in Firefox, you will find options to clear just about every bit of history or info about you that Firefox touches... There is also an option under Tools to simply clear all personal data... Keep in mind that if you use that, you will need to log in again to sites like this one...

You can also set which items to clear, when using the Clear function...and you can seet it to clear the caches everytime you close FF...

Yeah I set it to clear everything when closing. You can also set "exceptions" for sites in the "cookies" tab to "allow" and those cookies won't get removed and you won't need to log in every time you come here.

"advise me how to copy and paste to this forum"
What kind of things to you want to copy and paste?
Text, images?
If you want to show an image of your "Volume Control" slider settings...

1. Install Gadwin PrintScreen (http://www.gadwin.com/) and configure it to your satisfaction.
I have it configured so it is ready to take an image when I hit "Print Screen" on the keyboard .
If you want your cursor in the image [that can be configured], have it in place before you hit "Print Screen" [sometimes it is necessary to hit "Esc" and do it a 2nd time because the cursor isn't an arrowhead or whatever, but a sand-timer].

2 A different cursor will appear. Click at one of the corners where you want your image selection to begin, then drag to the opposite diagonal corner and drop it.

3. Hit "Enter" to capture the image of the area selected. A window will open to show the captured image. Click the "Continue Output" button. OK the "Capture complete" window.

4. You should have configured Gadwin PrintScreen to save captured images in a folder of your choice, so the file [of a type configured by your choice, I use jpg] will be saved in that location. I make a folder for such things. C:\00tmp in my case, but C:\00 would be ok.

5. That file must be less than 19 kB to be able to be uploaded to the PC Guide [pestiferous].

6. In the PC Guide thread, in "Attach Files", click the "Manage Attachments" button [see image below].
Then navigate to where Gadwin saved the image file and "choose" it [[I]single-click to select, double-click to choose?]hover the cursor over to select and single-click to choose].
Then click "Upload File" and "Close Window".

Couldn't find any user manual for the Acer LCD AL 1722, so used the Acer LCD AL 1721 at ftp://ftp.acer-euro.com/monitor/lcd/manuals/al1721/al1721_uk.pdf

See the image of the audio cable [item 6] that should be connected to the PC's audio output socket [green port say the instructions].

1 & 2 are the volume controls according to this.

Seems the sound volume adjustment is not simple.

The audio power output of the amplifier is VERY low.
Even my old speakers bought in 1996 are 5 times more powerful than those.

You may be forced to use separate, more powerful speakers or earphones to get decent volume.

Sylvander, You are wonderful - thank you so much. I have never received such good computer tips and help anywhere else on the web that would even compare to the wonderful and detailed help that I have received at this PC Guide Discussion Forum. When I mentioned copy and paste I wanted to see if I could take like a snapshot photo of my volume settings and save somewhere(?) and then post it to this forum so you could see what they are. I believe I had heard how to do this but can't recall or find the instructions. Now you have provided them for me. I will look into getting separate speakers to attach to my Acer Power FE Desktop. I AM SO VERY GRATEFUL TO YOU. God bless, and have a beautiful day. Crestwood, Illinois. :)

We aim to please here at the PC Guide.

Nice to hear I succeeded. :D :cool:

I bought an audio cable splitter so I could connect my stereo speaker pair [they have their own built-in amplifier in one of the cabinets, and a headphone socket on that one too] and my headset [it has a volume (reduction) control on the cable] to the same audio output from the sound card.
You might want to try that.

Can you please recommend a good brand or a good set of external speakers? Thanks so much. :)

The trouble is that the info I have available to me is all UK related. :(

e.g. $191 "Aego M-System" (http://www.firebox.com/index.html?dir=firebox&action=product&pid=1380&src_t=cat&src_id=audio&currency_conversion=1), note the 240V @ 50Hz; 80VA power ratings.
Or, if the budget won't stretch that far...
£35 Creative I-Trigue 250 PC multimedia speakers (http://www.ciao.co.uk/Creative_I_Trigue_250_PC_multimedia_speakers__6475 720).

Thank you -- I didn't notice until this morning that you are in Scotland. Wow, talk about modern technology nowadays. Went to Walmart (local discount store) and purchased Altec Lansing speakers for $15.00 and they work great. Thanks again for all your help and have a great day! Say, do you know if there is a way to search all of my email messages for a single word or phrase? Thanks again. :)

"Altec Lansing speakers for $15.00 and they work great"
Good name, SUPERBly low price. Do they give out much better sound volume than those on the monitor?

"do you know if there is a way to search all of my email messages for a single word or phrase?"
I run Outlook Express; used "Edit->Find->Message->Message: window"; typed a word from the quote by the PC Guide from your posting in there, and it found the email message in a blink.

There is no comparison in the improvement of sound. I can hear now! Thanks much and have a great day!

Happy listening. :D :cool: