This has gone on long enough!
Started by
frontball13
, Mar 23 2004 04:34 PM
#1
Posted 23 March 2004 - 04:34 PM
#2
Posted 23 March 2004 - 07:33 PM
Welcome frontball13
You can download virus definitions without using live updater here:
http://securityrespo...s.download.html
Let's take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.
Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.
Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
You can download virus definitions without using live updater here:
http://securityrespo...s.download.html
Let's take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.
Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.
Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
#3
Posted 24 March 2004 - 04:55 PM
Logfile of HijackThis v1.97.7
Scan saved at 4:58:44 PM, on 3/24/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\INTERNET CALL WAITING PC\CALLWAITING.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\DAP\DAP.EXE
C:\WINDOWS\PROFILES\DALE000\DESKTOP\STUFF THAT USED TO BE ON THE DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://awebfind.biz/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://awebfind.biz/sp.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://awebfind.biz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://awebfind.biz/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://awebfind.biz/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://awebfind.biz/sp.htm
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
O1 - Hosts: 645238813 auto.search.msn.com
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRAM FILES\DAP\DAPBHO.DLL
O3 - Toolbar: GameBar - {4E7BD74F-2B8D-469E-C0FF-FD69B994BD7D} - C:\PROGRA~1\GAMERI~1\GAMEBAR\GAMEBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [Norton eMail Protect] C:\PROGRAM FILES\NORTON ANTIVIRUS\POProxy.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE /AUTOSTART
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Internet Call Waiting PC.lnk = C:\Program Files\Internet Call Waiting PC\CallWaiting.exe
O4 - User Startup: Internet Call Waiting PC.lnk = C:\Program Files\Internet Call Waiting PC\CallWaiting.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra button: Run DAP (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O10 - Broken Internet access because of LSP provider 'osmim.dll' missing
O12 - Plugin for .swf: C:\Program Files\Sympatico\Communicator\Program\PLUGINS\NPSWF32.dll
O15 - Trusted Zone: *.msn.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...4/heartbeat.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Macromedia Shockwave Director Control) - http://download.macr...director/sw.cab
O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernet...urferplugin.ocx
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7892.2920833333
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - http://www.blizzard....des/cabs/si.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O19 - User stylesheet: C:\WINDOWS\Web\oslogo.bmp
Scan saved at 4:58:44 PM, on 3/24/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\INTERNET CALL WAITING PC\CALLWAITING.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\DAP\DAP.EXE
C:\WINDOWS\PROFILES\DALE000\DESKTOP\STUFF THAT USED TO BE ON THE DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://awebfind.biz/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://awebfind.biz/sp.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://awebfind.biz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://awebfind.biz/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://awebfind.biz/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://awebfind.biz/sp.htm
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
O1 - Hosts: 645238813 auto.search.msn.com
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRAM FILES\DAP\DAPBHO.DLL
O3 - Toolbar: GameBar - {4E7BD74F-2B8D-469E-C0FF-FD69B994BD7D} - C:\PROGRA~1\GAMERI~1\GAMEBAR\GAMEBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [Norton eMail Protect] C:\PROGRAM FILES\NORTON ANTIVIRUS\POProxy.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE /AUTOSTART
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Internet Call Waiting PC.lnk = C:\Program Files\Internet Call Waiting PC\CallWaiting.exe
O4 - User Startup: Internet Call Waiting PC.lnk = C:\Program Files\Internet Call Waiting PC\CallWaiting.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra button: Run DAP (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O10 - Broken Internet access because of LSP provider 'osmim.dll' missing
O12 - Plugin for .swf: C:\Program Files\Sympatico\Communicator\Program\PLUGINS\NPSWF32.dll
O15 - Trusted Zone: *.msn.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...4/heartbeat.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Macromedia Shockwave Director Control) - http://download.macr...director/sw.cab
O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernet...urferplugin.ocx
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7892.2920833333
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - http://www.blizzard....des/cabs/si.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O19 - User stylesheet: C:\WINDOWS\Web\oslogo.bmp
#4
Posted 24 March 2004 - 11:49 PM
First get cwshredder: http://www.spywarein.../CWShredder.exe
Run it and reboot when it is done. Then rescan using Hijack This and post a new log.
Have you tried removing and reinstalling Norton to fix your Live Update problem?
Run it and reboot when it is done. Then rescan using Hijack This and post a new log.
Have you tried removing and reinstalling Norton to fix your Live Update problem?
#5
Posted 27 March 2004 - 11:06 AM
Logfile of HijackThis v1.97.7
Scan saved at 11:05:17 AM, on 3/27/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\PROGRAM FILES\DAP\DAP.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\INTERNET CALL WAITING PC\CALLWAITING.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\PROFILES\DALE'S\DESKTOP\STUFF THAT USED TO BE ON THE DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRAM FILES\DAP\DAPBHO.DLL
O3 - Toolbar: GameBar - {4E7BD74F-2B8D-469E-C0FF-FD69B994BD7D} - C:\PROGRA~1\GAMERI~1\GAMEBAR\GAMEBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [Norton eMail Protect] C:\PROGRAM FILES\NORTON ANTIVIRUS\POProxy.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE /AUTOSTART
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OPQFile] C:\WINDOWS\regedit.exe /s C:\WINDOWS\SYSTEM\rad6D707.tmp
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - Startup: Internet Call Waiting PC.lnk = C:\Program Files\Internet Call Waiting PC\CallWaiting.exe
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O4 - Startup: Event Reminder.lnk = C:\PMG4\PMREMIND.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra button: Run DAP (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O10 - Broken Internet access because of LSP provider 'osmim.dll' missing
O12 - Plugin for .swf: C:\Program Files\Sympatico\Communicator\Program\PLUGINS\NPSWF32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...4/heartbeat.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Macromedia Shockwave Director Control) - http://download.macr...director/sw.cab
O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernet...urferplugin.ocx
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7892.2920833333
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - http://www.blizzard....des/cabs/si.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
About Norton Antivirus, I don't have the disk, a local computer repair store installed it while fixing the computer.
I don't know if this'll help but my computer has multiple users.
Also wondering about how I can get Kazaa to work. The Ad cleaning programs are making it fail to start due to an "advertisements are our main source of profit with this version" problam.
Scan saved at 11:05:17 AM, on 3/27/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\PROGRAM FILES\DAP\DAP.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\INTERNET CALL WAITING PC\CALLWAITING.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\PROFILES\DALE'S\DESKTOP\STUFF THAT USED TO BE ON THE DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRAM FILES\DAP\DAPBHO.DLL
O3 - Toolbar: GameBar - {4E7BD74F-2B8D-469E-C0FF-FD69B994BD7D} - C:\PROGRA~1\GAMERI~1\GAMEBAR\GAMEBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [Norton eMail Protect] C:\PROGRAM FILES\NORTON ANTIVIRUS\POProxy.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE /AUTOSTART
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OPQFile] C:\WINDOWS\regedit.exe /s C:\WINDOWS\SYSTEM\rad6D707.tmp
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - Startup: Internet Call Waiting PC.lnk = C:\Program Files\Internet Call Waiting PC\CallWaiting.exe
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O4 - Startup: Event Reminder.lnk = C:\PMG4\PMREMIND.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra button: Run DAP (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O10 - Broken Internet access because of LSP provider 'osmim.dll' missing
O12 - Plugin for .swf: C:\Program Files\Sympatico\Communicator\Program\PLUGINS\NPSWF32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...4/heartbeat.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Macromedia Shockwave Director Control) - http://download.macr...director/sw.cab
O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernet...urferplugin.ocx
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7892.2920833333
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - http://www.blizzard....des/cabs/si.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
About Norton Antivirus, I don't have the disk, a local computer repair store installed it while fixing the computer.
I don't know if this'll help but my computer has multiple users.
Also wondering about how I can get Kazaa to work. The Ad cleaning programs are making it fail to start due to an "advertisements are our main source of profit with this version" problam.
#6
Posted 27 March 2004 - 11:08 AM
Oh and the program you told me to download said to ask you about deleting the C:\WINDOWS\UNINSTCC.EXE file.
#7
Posted 27 March 2004 - 12:46 PM
Kazaa has spyware bundled with it, and also checks for this spyware before running. If it's not found Kaazaa will display your message. If you want to use Kazaa you're going to have to live with the spyware, because that's how they make their money.
There used to be a spyware free version called Kazaa Lite, but Kazaa sued them and I think it's gone now (unless you can find a verision on the Internet). Shareaza is a spyware free program that utilizes the Kazaa, and other P2P networks.
You appear to have a pretty old version of Norton Antivirus (2001 or earlier) that's not working properly, and no installation disk. I'd suggest you uninstall it and try free AVG antivirus software click here
First, remove P2P networking from Add/Remove programs in your control panel.
Next, please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked.
C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE
http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
O3 - Toolbar: GameBar - {4E7BD74F-2B8D-469E-C0FF-FD69B994BD7D} - C:\PROGRA~1\GAMERI~1\GAMEBAR\GAMEBAR.DLL
O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE /AUTOSTART
O4 - HKCU\..\Run: [OPQFile] C:\WINDOWS\regedit.exe /s C:\WINDOWS\SYSTEM\rad6D707.tmp
O10 - Broken Internet access because of LSP provider 'osmim.dll' missing
O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernet...urferplugin.ocx
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
Reboot your PC.
If you would please, rescan with HijackThis and post a fresh log.
There used to be a spyware free version called Kazaa Lite, but Kazaa sued them and I think it's gone now (unless you can find a verision on the Internet). Shareaza is a spyware free program that utilizes the Kazaa, and other P2P networks.
You appear to have a pretty old version of Norton Antivirus (2001 or earlier) that's not working properly, and no installation disk. I'd suggest you uninstall it and try free AVG antivirus software click here
First, remove P2P networking from Add/Remove programs in your control panel.
Next, please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked.
C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE
http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.cyber-lol...ion=in&ACC=1046
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cyber-lol...ion=in&ACC=1046
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
O3 - Toolbar: GameBar - {4E7BD74F-2B8D-469E-C0FF-FD69B994BD7D} - C:\PROGRA~1\GAMERI~1\GAMEBAR\GAMEBAR.DLL
O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE /AUTOSTART
O4 - HKCU\..\Run: [OPQFile] C:\WINDOWS\regedit.exe /s C:\WINDOWS\SYSTEM\rad6D707.tmp
O10 - Broken Internet access because of LSP provider 'osmim.dll' missing
O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernet...urferplugin.ocx
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
Reboot your PC.
If you would please, rescan with HijackThis and post a fresh log.
Looks to be a random name and safe to delete.Oh and the program you told me to download said to ask you about deleting the C:\WINDOWS\UNINSTCC.EXE file.
#8
Posted 27 March 2004 - 08:59 PM
Logfile of HijackThis v1.97.7
Scan saved at 9:01:51 PM, on 3/27/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\PROGRAM FILES\DAP\DAP.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\INTERNET CALL WAITING PC\CALLWAITING.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\PROFILES\DALE'S\DESKTOP\STUFF THAT USED TO BE ON THE DESKTOP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRAM FILES\DAP\DAPBHO.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [Norton eMail Protect] C:\PROGRAM FILES\NORTON ANTIVIRUS\POProxy.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - Startup: Internet Call Waiting PC.lnk = C:\Program Files\Internet Call Waiting PC\CallWaiting.exe
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O4 - Startup: Event Reminder.lnk = C:\PMG4\PMREMIND.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra button: Run DAP (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O12 - Plugin for .swf: C:\Program Files\Sympatico\Communicator\Program\PLUGINS\NPSWF32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...4/heartbeat.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Macromedia Shockwave Director Control) - http://download.macr...director/sw.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7892.2920833333
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - http://www.blizzard....des/cabs/si.cab
Scan saved at 9:01:51 PM, on 3/27/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\PROGRAM FILES\DAP\DAP.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\INTERNET CALL WAITING PC\CALLWAITING.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\PROFILES\DALE'S\DESKTOP\STUFF THAT USED TO BE ON THE DESKTOP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRAM FILES\DAP\DAPBHO.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [Norton eMail Protect] C:\PROGRAM FILES\NORTON ANTIVIRUS\POProxy.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - Startup: Internet Call Waiting PC.lnk = C:\Program Files\Internet Call Waiting PC\CallWaiting.exe
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O4 - Startup: Event Reminder.lnk = C:\PMG4\PMREMIND.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra button: Run DAP (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O12 - Plugin for .swf: C:\Program Files\Sympatico\Communicator\Program\PLUGINS\NPSWF32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...4/heartbeat.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Macromedia Shockwave Director Control) - http://download.macr...director/sw.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7892.2920833333
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - http://www.blizzard....des/cabs/si.cab
#9
Posted 28 March 2004 - 01:18 AM
Your system looks clean. How's it working?
To prevent spyware from being installed again, we strongly recommend installing SpywareBlaster and IE/Spyad.
Both are free programs. SpywareBlaster will prevent spyware from being installed and consumes no system resources.
IE/Spyad places over 4000 websites and domains in the IE Restricted list which will several impair attempts to infect your system.
More info and download is available at:
SpywareBlaster: http://www.javacools...areblaster.html
IE/Spyad: http://www.staff.uiu...es/resource.htm
To prevent spyware from being installed again, we strongly recommend installing SpywareBlaster and IE/Spyad.
Both are free programs. SpywareBlaster will prevent spyware from being installed and consumes no system resources.
IE/Spyad places over 4000 websites and domains in the IE Restricted list which will several impair attempts to infect your system.
More info and download is available at:
SpywareBlaster: http://www.javacools...areblaster.html
IE/Spyad: http://www.staff.uiu...es/resource.htm
#10
Posted 28 March 2004 - 10:13 AM
Its working as good as it can. I've never seen it do exceptionally well but at least none of the programs don't freeze. (unless I'm playing Diablo 2 lord of destruction on the net, that freezes a lot).
I heard that dial-up connections in my area should go 6 kb/s, but mine only goes at max 2 kb/s. Why?
I heard that dial-up connections in my area should go 6 kb/s, but mine only goes at max 2 kb/s. Why?
#11
Posted 28 March 2004 - 10:23 AM
Probably line conditions. About the only thing you can try is investing in a better modem. Most modems today use software and the CPU to process the signal, becasue they're cheap (>$20). While modern computer are fast enough that this is hardly noticible, they aren't as reliable.
More expensive (~$50) and less popular are hardware modems (all the processing is done on the modem). You'll generally get better connection speeds and fewer drops using a hardware modem.
You can also try contacting your telco, but most are less than helpful unles there's actual static on the line. Finally, run the shortest cord you can, and make sure there's no splitters in the line.
More expensive (~$50) and less popular are hardware modems (all the processing is done on the modem). You'll generally get better connection speeds and fewer drops using a hardware modem.
You can also try contacting your telco, but most are less than helpful unles there's actual static on the line. Finally, run the shortest cord you can, and make sure there's no splitters in the line.
#12
Posted 29 March 2004 - 03:55 PM
Okay, my house is really old and we're still using the old phone line (it got chewed through once by gophers too). Well, thanks for the help and long live Geeks to Go!
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users