Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

itsdeductible express installation popup


  • Please log in to reply

#1
yellowwood359

yellowwood359

    New Member

  • Member
  • Pip
  • 2 posts
I've run through all the recommendations for AdAware and tried removing from the Windows control panel.

I've also run TDS3.

I do not believe I've ever tried to install this itsdeductible program, however I did find a subdirectory filled with files and tried to delete it when the program wouldn't uninstall from the control panel .

Now I get frequent popups stating: 1. "Please wait while Windows installs itsdeductible" 2. Microsoft data access components 2.5 and 3. Insert the itsdeductible express disk and click ok.

I hope this isn't a self inflicted wound type thing but it needs to be fixed if there is way to do it. Please help.

Here's the log from running Hijack This:

Logfile of HijackThis v1.99.1
Scan saved at 10:34:12 PM, on 5/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Personal Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\PaperPort\pptd40nt.exe
C:\PROGRA~1\VISION~1\ONETOU~2.EXE
C:\WINDOWS\DOWNLO~1\WebEx\319\atnthost.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\DOWNLO~1\WebEx\319\RAAGTAPP.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ClipCache\clipc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\EARTHL~2\bin\dpcproxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SecCopy\SecCopy.exe
C:\PROGRA~1\VCOM\FINALB~1\finalbid.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\EarthLink Satellite\BIN\dpcstart.exe
C:\Program Files\GetRight\getright.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\DOWNLO~1\WebEx\319\raagtx.exe
C:\Program Files\GetRight\getright.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\NaturallySpeaking8\Program\natspeak.exe
C:\Program Files\LinkStash\lnkstash.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\X1\X1.exe
C:\XDESK\XDESK.EXE
C:\XFilesDialog\XFilesDialog.EXE
C:\program files\x1\X1Systray.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Promise\Utility\MsgAgt.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\XDESK\xdeskr.exe
C:\PROGRA~1\EARTHL~2\bin\dpcnav.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\PROGRA~1\EARTHL~2\bin\webcast.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\1-Utility\Hijack This\Unzip Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:83
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: Anonymizer Core Browser Helper Object - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - C:\Program Files\ANONYMIZER\CORE\Anonymizer.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Anonymizer Toolbar - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - C:\Program Files\ANONYMIZER\TOOLBAR\AnonymizerBar.dll
O3 - Toolbar: Net Snippets - {67970B26-F57D-4455-8262-81C3AE3B8B5E} - C:\PROGRA~1\NETSNI~1\NetSnip.dll
O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [OneTouch Monitor] C:\PROGRA~1\VISION~1\ONETOU~2.EXE
O4 - HKLM\..\Run: [RCScheduleCheck] C:\Program Files\VCOM\Recovery Commander\RCSCHED.EXE -CHECK
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Dimension4] C:\Program Files\D4\D4.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [ClipCache] C:\Program Files\ClipCache\clipc.exe /wait 3
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Second Copy 2000] "C:\Program Files\SecCopy\SecCopy.exe"
O4 - HKCU\..\Run: [finalbid.exe] C:\PROGRA~1\VCOM\FINALB~1\finalbid.exe /minimize
O4 - Startup: Desktop Weather Platinum.lnk = C:\Program Files\Desktop Weather Platinum\DWPlatinum.exe
O4 - Startup: Dimension 4 v5.0.lnk = ?
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\NaturallySpeaking8\Program\natspeak.exe
O4 - Startup: LinkStash.lnk = C:\Program Files\LinkStash\lnkstash.exe
O4 - Startup: X1.lnk = C:\Program Files\X1\X1.exe
O4 - Startup: XDESK.LNK = C:\XDESK\XDESK.EXE
O4 - Startup: XFilesDialog.LNK = C:\XFilesDialog\XFilesDialog.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Desktop Weather Platinum.lnk = C:\Program Files\Desktop Weather Platinum\DWPlatinum.exe
O4 - Global Startup: Dpcstart.lnk = C:\Program Files\EarthLink Satellite\BIN\dpcstart.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebEx PC Agent.LNK = ?
O8 - Extra context menu item: &Add item - file://c:\add.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Add To Net Snippets - C:\PROGRA~1\NETSNI~1\Res\Clipper.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Summarize Using Copernic Summarizer - C:\Program Files\Copernic Summarizer\Web\SummarizePage.htm
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Summarize - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~1\COPERN~2.DLL
O9 - Extra button: LiveSummarizer - {6170AB22-F1E5-4D4F-8F6C-826C73838581} - C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll
O9 - Extra button: Snippets - {7130DF06-BBC1-4e16-83D4-1F875E65B695} - C:\PROGRA~1\NETSNI~1\NetSnip.dll
O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~1\COPERN~2.DLL
O9 - Extra 'Tools' menuitem: Summarize Using Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~1\COPERN~2.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: LinkStash - {4874F370-402D-4d09-A73E-FAB439934E56} - C:\Program Files\LinkStash\lsshow.exe (HKCU)
O9 - Extra 'Tools' menuitem: LinkStash - {4874F370-402D-4d09-A73E-FAB439934E56} - C:\Program Files\LinkStash\lsshow.exe (HKCU)
O9 - Extra button: Add bid - {866875B8-9855-48f8-BAAB-8002C325BE69} - C:\Program Files\VCOM\Final Bid\finalbid.exe (HKCU)
O9 - Extra 'Tools' menuitem: Add bid - {866875B8-9855-48f8-BAAB-8002C325BE69} - C:\Program Files\VCOM\Final Bid\finalbid.exe (HKCU)
O9 - Extra button: Grab URLs - {957DCFA2-39F7-4443-9677-1B14E83A2F87} - C:\Program Files\LinkStash\lsgrab.exe (HKCU)
O9 - Extra 'Tools' menuitem: LinkStash GrabURLs - {957DCFA2-39F7-4443-9677-1B14E83A2F87} - C:\Program Files\LinkStash\lsgrab.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1105824630671
O16 - DPF: {84B7AC1D-9AD1-474F-B6B0-FE1641DBFDFA} (ScanFile.FileScan) - http://www.contentpu.../ScanFilexp.CAB
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://pc.mywebexpc.../ra/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{066BBDB1-81EF-4496-9CF6-09D9DE7F3D65}: Domain = direcway.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{066BBDB1-81EF-4496-9CF6-09D9DE7F3D65}: NameServer = 66.82.4.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{066BBDB1-81EF-4496-9CF6-09D9DE7F3D65}: Domain = direcway.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{066BBDB1-81EF-4496-9CF6-09D9DE7F3D65}: NameServer = 66.82.4.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{066BBDB1-81EF-4496-9CF6-09D9DE7F3D65}: Domain = direcway.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{066BBDB1-81EF-4496-9CF6-09D9DE7F3D65}: NameServer = 66.82.4.8
O23 - Service: AT Host Service (atnthost) - WebEx - C:\WINDOWS\DOWNLO~1\WebEx\319\atnthost.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DIRECWAY Webcast (DPC_SRV_WEBCAST) - Hughes Network Systems - C:\PROGRA~1\EARTHL~2\bin\dpcproxy.exe
O23 - Service: Fix-It Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ISSVC.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Promise RAID message agent (RAIDmAgt) - Unknown owner - C:\Program Files\Promise\Utility\MsgAgt.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • 0

Advertisements


#2
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Sorry you were overlooked. Do you still need help? If so, please post another log. :tazz:
  • 0

#3
yellowwood359

yellowwood359

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I ran regclean and it seems to have helped. Thanks much for the reply saying my earlier post had simply been missed - I was thinking there was something wrong with the way I had posted the original message.
  • 0

#4
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Why don't you run another log and we'll check out and see if you're all clean. :tazz:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP