hijack this log report
GET OFF
I don't know what it is.
Thanks
Logfile of HijackThis v1.97.7
Scan saved at 6:13:00 PM, on 3/9/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\msbb.exe
C:\Program Files\ClearSearch\Loader.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VBouncer\VirtualBouncer.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Owner\Local Settings\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.y
ahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.y
ahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://rd.companion.yahoo.com/slv/ycheck/hp/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://start.earthlink.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.earthlink.net/partner/more/msie/button/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.ya
hoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.y
ahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.y
ahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.ya
hoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.y
ahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.y
ahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
C:\WINDOWS\SYSTEM\blank.htm
R3 - URLSearchHook: IncrediFindBHO Class -
{5D60FF48-95BE-4956-B4C6-6BB168A70310} -
C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: Clear Search - {00000000-0000-0000-0000-000000000240} - C:\Program
Files\ClearSearch\IE_ClrSch.DLL
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} -
C:\WINDOWS\bi.dll
O2 - BHO: (no name) - {00000762-3965-4A1A-98CE-3D4BF457D4C8} - C:\Program
Files\Lycos\Sidesearch\sidesearch1211.dll
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} -
C:\WINDOWS\System32\bolae9.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program
Files\Kontiki\bin\bh212112.dll
O2 - BHO: (no name) - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program
Files\MyWay\myBar\2.bin\MYBAR.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program
Files\EarthLink TotalAccess\PnEL.dll
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} -
C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\windows\downloaded program files\googletoolbar_en_2.0.108-deleon.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program
Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Pop-Up Blocker - {D7F30B62-8269-41AF-9539-B2697FA7D77E} -
C:\Program Files\EarthLink TotalAccess\PnEL.dll
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} -
C:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\windows\downloaded program files\googletoolbar_en_2.0.108-deleon.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [USB] C:\WINDOWS\system32\usb.exe
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WT GameChannel] C:\Program
Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\
realsched.exe" -osboot
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P
Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points
manager\points manager.exe -s
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\System32\msbb.exe
O4 - HKLM\..\Run: [ClrSchLoader] C:\Program Files\ClearSearch\Loader.exe
O4 - HKLM\..\Run: [updater] C:\Program Files\Common
files\updater\wupdater.exe
O4 - HKLM\..\Run: [BHOUBIOV] C:\WINDOWS\BHOUBIOV.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Acme.PCHButton]
C:\PROGRA~1\HPINST~1\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program
Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program
Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink
TotalAccess\TaskPanl.exe" -winstart
O4 - Startup: PalNetaware.lnk = C:\Paltalk\pnetaware.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: Virtual Bouncer.lnk = C:\Program
Files\VBouncer\VirtualBouncer.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Device Detector 2.lnk = C:\Program
Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG
CreataCard\AGRemind.exe
O4 - Global Startup: Image Transfer.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
present
O8 - Extra context menu item: &Google Search - res://c:\windows\downloaded
program files\GoogleToolbar_en_2.0.108-deleon.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\windows\downloaded
program files\GoogleToolbar_en_2.0.108-deleon.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page -
res://c:\windows\downloaded program
files\GoogleToolbar_en_2.0.108-deleon.dll/cmcache.html
O8 - Extra context menu item: Get It With Kontiki - res://C:\Program
Files\Kontiki\bin\bh212112.dll/201
O8 - Extra context menu item: MyPoints - file://C:\Program
Files\MyPointsPointAlert\System\Temp\mypoints_script0.htm
O8 - Extra context menu item: Si&milar Pages - res://c:\windows\downloaded
program files\GoogleToolbar_en_2.0.108-deleon.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English -
res://c:\windows\downloaded program
files\GoogleToolbar_en_2.0.108-deleon.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: Sidesearch (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: Point Alert (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) -
https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://ww
w.viewpoint.com/cgi-bin/vet_install_popup.pl?1&04.00.07.02&http://www.scion.
com/config/xb/xb_include.htm
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-9490133
8C922/wmv9VCM.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20020323/qtinstall.info.apple.com/qt505/
us/win/QuickTimeInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,72/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://207.188.7.150/2511e862d0d63b3abe03/netzip/RdxIE2.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) -
http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} -
http://toolbar.google.com/data/en/deleon/1.1.54-deleon/GoogleNav.cab
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} -
http://fdl.msn.com/public/chat/msnchat42.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) -
http://a19.g.akamai.net/7/19/7125/4019/ftp.coupons.com/v3123/cpbrkpie.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37845.465891
2037
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {B160422D-0A48-11D4-BD9B-00A0C9B0AB7B} (Download Class) -
http://expressit.broderbund.com/plugin/Download.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) -
http://www.live365.com/players/play365.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} -
http://fdl.msn.com/public/chat/msnchat4.cab
pcbutts1
--
The best live web video on the internet http://www.seedsv.com/webdemo.htm
Sharpvision simply the best http://www.seedsv.com
"GET OFF" <getO...@spamsucks.net> wrote in message
news:JVu3c.12282$%06....@newsread2.news.pas.earthlink.net...
°Mike°
<JVu3c.12282$%06....@newsread2.news.pas.earthlink.net>
GET OFF scrawled:
>I need some help with my log report. Something is screwing me up again and
>I don't know what it is.
>Thanks
>Logfile of HijackThis v1.97.7
>Scan saved at 6:13:00 PM, on 3/9/2004
>Platform: Windows XP (WinNT 5.01.2600)
>MSIE: Internet Explorer v6.00 (6.00.2600.0000)
>
>Running processes:
>C:\WINDOWS\System32\msbb.exe
Web3000 spyware. Terminate this process.
http://www.liutilities.com/products/wintaskspro/processlibrary/msbb/
>C:\Program Files\ClearSearch\Loader.exe
AdWare. Terminate this process.
http://sarc.com/avcenter/venc/data/adware.clearsearch.html
>C:\Program Files\AWS\WeatherBug\Weather.exe
Spyware. Terminate this process.
>C:\Program Files\VBouncer\VirtualBouncer.exe
Worm.Win32.Ircobus. Terminate this process.
http://www.pestpatrol.com/PestInfo/v/virtualbouncer_2_0.asp
Have HijackThis fix ALL of the above 'R0' and 'R1' entries.
>R3 - URLSearchHook: IncrediFindBHO Class -
>{5D60FF48-95BE-4956-B4C6-6BB168A70310}
>C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
Have HijackThis fix the above.
>F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
Have HijackThis fix the above.
>O2 - BHO: Clear Search - {00000000-0000-0000-0000-000000000240} - C:\Program
>Files\ClearSearch\IE_ClrSch.DLL
Have HijackThis fix the above.
>O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} -
>C:\WINDOWS\bi.dll
Have HijackThis fix the above.
>O2 - BHO: (no name) - {00000762-3965-4A1A-98CE-3D4BF457D4C8} - C:\Program
>Files\Lycos\Sidesearch\sidesearch1211.dll
AdWare. Have HijackThis fix the above.
>O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} -
>C:\WINDOWS\System32\bolae9.dll
Have HijackThis fix the above.
>O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program
>Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
Have HijackThis fix the above.
>O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program
>Files\Kontiki\bin\bh212112.dll
Have HijackThis fix the above.
>O2 - BHO: (no name) - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program
>Files\MyWay\myBar\2.bin\MYBAR.DLL
Have HijackThis fix the above.
>O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} -
>C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
Have HijackThis fix the above.
>O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
Have HijackThis fix the above.
>O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} -
>C:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL
Have HijackThis fix the above.
>O4 - HKLM\..\Run: [WT GameChannel] C:\Program
>Files\WildTangent\Apps\GameChannel.exe
AdWare. Have HijackThis fix the above.
>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\
>realsched.exe" -osboot
You really should disable Real Player from starting. Better
still, uninstall it and use Real Alternative.
http://home.hccnet.nl/h.edskes/finalbuilds.htm
>O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY
Uninstall. Get Kazaa Lite.
>O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points
>manager\points manager.exe -s
Boy, you sure have some crap on your system.
>O4 - HKLM\..\Run: [msbb] C:\WINDOWS\System32\msbb.exe
Have HijackThis fix the above.
>O4 - HKLM\..\Run: [ClrSchLoader] C:\Program Files\ClearSearch\Loader.exe
Have HijackThis fix the above.
>O4 - HKLM\..\Run: [updater] C:\Program Files\Common
>files\updater\wupdater.exe
Have HijackThis fix the above.
>O4 - HKLM\..\Run: [BHOUBIOV] C:\WINDOWS\BHOUBIOV.exe
Have HijackThis fix the above.
>O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
Have HijackThis fix the above.
>O4 - Startup: PalNetaware.lnk = C:\Paltalk\pnetaware.exe
Have HijackThis fix the above.
>O4 - Startup: PowerReg SchedulerV2.exe
Have HijackThis fix the above.
>O4 - Startup: Virtual Bouncer.lnk = C:\Program
>Files\VBouncer\VirtualBouncer.exe
Have HijackThis fix the above.
>O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
Have HijackThis fix the above.
>O4 - Global Startup: Device Detector 2.lnk = C:\Program
>Files\Olympus\DeviceDetector\DevDtct2.exe
Legitimate Olympus DSS Player tray application, but can cause
the system to freeze. Have HijackThis fix it.
>O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG
>CreataCard\AGRemind.exe
Have HijackThis fix the above.
>O4 - Global Startup: Image Transfer.lnk = ?
Have HijackThis fix the above.
>O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
>present
Have HijackThis fix the above.
>O8 - Extra context menu item: Get It With Kontiki - res://C:\Program
>Files\Kontiki\bin\bh212112.dll/201
Have HijackThis fix the above.
>O8 - Extra context menu item: MyPoints - file://C:\Program
>Files\MyPointsPointAlert\System\Temp\mypoints_script0.htm
Have HijackThis fix the above.
>O8 - Extra context menu item: Si&milar Pages - res://c:\windows\downloaded
>program files\GoogleToolbar_en_2.0.108-deleon.dll/cmsimilar.html
Have HijackThis fix the above.
>O9 - Extra button: Sidesearch (HKLM)
Have HijackThis fix the above.
>O9 - Extra button: Related (HKLM)
Have HijackThis fix the above.
>O9 - Extra button: Point Alert (HKCU)
Have HijackThis fix the above.
>O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) -
>https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://ww
>w.viewpoint.com/cgi-bin/vet_install_popup.pl?1&04.00.07.02&http://www.scion.
>com/config/xb/xb_include.htm
Have HijackThis fix the above.
>O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
Have HijackThis fix the above.
>O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
>http://207.188.7.150/2511e862d0d63b3abe03/netzip/RdxIE2.cab
Have HijackThis fix the above.
>O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) -
>http://www.webshots.com/samplers/WSDownloader.ocx
Have HijackThis fix the above.
>O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) -
>http://a19.g.akamai.net/7/19/7125/4019/ftp.coupons.com/v3123/cpbrkpie.cab
Have HijackThis fix the above.
>O16 - DPF: {B160422D-0A48-11D4-BD9B-00A0C9B0AB7B} (Download Class) -
>http://expressit.broderbund.com/plugin/Download.cab
Have HijackThis fix the above.
SHEESH!!!!!!!!!!!
--
Basic computer maintenance
http://uk.geocities.com/personel44/maintenance.html
joevan
<ZHNTPD...@fcnzzbgry.pbz> wrote:
>Have HijackThis fix the above.
>
>
>SHEESH!!!!!!!!!!!
I feel you pain. How can you do that day after day. I looked over that
stuff and said maybe he should format and start over with some decent
programs.
You are not just a gentleman, but a gentleman and a scholar.
Maybe you should add Job as in "patience of" . <G>
joevan
°Mike°
<fbpu40h80cfgkr6dg...@4ax.com>
joevan scrawled:
>On Wed, 10 Mar 2004 18:36:03 +0000, °Mike°
><ZHNTPD...@fcnzzbgry.pbz> wrote:
>
>>Have HijackThis fix the above.
>>
>>
>>SHEESH!!!!!!!!!!!
>I feel you pain. How can you do that day after day.
I sometimes ask myself that.
>I looked over that stuff and said maybe he should format
>and start over with some decent programs.
I had the same thoughts. :)
>You are not just a gentleman, but a gentleman and a scholar.
Hmmm. There are some that think otherwise. <g>
>Maybe you should add Job as in "patience of" . <G>
I'm not always this patient. <g>
lsj7
> I need some help with my log report. Something is screwing me up
> again and I don't know what it is.
> Thanks
> Logfile of HijackThis v1.97.7
> Scan saved at 6:13:00 PM, on 3/9/2004
> Platform: Windows XP (WinNT 5.01.2600)
Weatherbug is a spyware program. get rid of it and get a good free ware one
with no spyware crap here:
http://www.singerscreations.com/
.--
Cherish, therefore, the spirit of our people, and keep alive their
attention. .If once they become inattentive to the public affairs, you
and I, and congress and Assemblies, Judges and governors, shall all
become wolves.
_________Jefferson to Carrington 1787
lsj7