Earlier today, I noticed that when I tried to open my home page it would say (in the (task?) bar): "toolbar.desktoptraffic" - instead of saying: finding yahoo.com. Then I would get the "The page cannot be displayed" page.
Here are all the spyware tools I have used: Aluria, Ad-aware, stopzilla, spybot sd, registry mechanic, spywareblaster, and hijack this. Nothing has helped!
From what I understand the new sp2 was meant to correct a lot of problems, but I wasn't able to download it. I have windows xp and once I tried to download sp2 and my computer completely messed up. It wouldn't start - it would only do a loop of the "compaq" screen. So, another question. Is it safe for me to download sp2 yet? I'm hoping microsoft has fixed it's problems with it. And would sp2 even help with all this spyware, trojans, etc.?
I have high-speed internet, but with all these problems my computer was faster with dial-up!
One other thing, in normal text (like a news story), I get underlined links. They don't belong there and they are very arbitrary. That started happening after I underlined a word in an eBay ad. Anyway, I clicked on one of these weird, green links once and it went to somebody's personal webpage. Can't figure that one out at all!!
Here is my hijack this log. And if anybody can help...please give me easy directions ...THANKS!!!
Logfile of HijackThis v1.98.2
Scan saved at 6:13:51 PM, on 12/29/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\STOPzilla!\szntsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched
.exe
C:\Program Files\STOPzilla!\Stopzilla.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Java\j2re1.4.2_04\bin\javaw.exe
C:\Program Files\Common Files\Microsoft Shared\Works
Shared\wkcalrem.exe
C:\Program Files\NETGEAR\WG121 Configuration
Utility\wlancfg8.exe
C:\Program Files\Aluria Software\ASE\ASE Scheduler.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start
Page = http://www.yahoo.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-
9B51-7695ECA05670} - C:\Program Files\Yahoo!
\Companion\Installs\cpn1\ycomp5_5_5_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D
7942484F} - C:\Program Files\Spybot - Search &
Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-
8333-CF10577473F7} - c:\program
files\google\googletoolbar1.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-
3212-11D6-9F8B-00D0B743919D} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-
892F-0090271D4F88} - C:\Program Files\Yahoo!
\Companion\Installs\cpn1\ycomp5_5_5_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C
9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-
009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program
Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:
\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program
Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [STOPzilla] "C:\Program Files\STOPzilla!
\Stopzilla.exe" /autorun
O4 - HKLM\..\Run: [IMwire] C:\WINDOWS\System32\imwireup
.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1
\IMEKRMIG.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1
\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [WindUpdates] C:\Program
Files\WindUpdates\WinUpdt.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1
\WINPAT~1\winpatrol.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyStartUp] c:\Program
Files\Microsoft Money\System\Money Startup.exe
O4 - HKCU\..\RunServices: [explorer_BKP] C:
\windows\system\explorer_BKP.com
O4 - Startup: ASE Scheduler.lnk = C:\Program Files\Aluria
Software\ASE\ASE Scheduler.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program
Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: LimeWire 4.0.7 Pro.lnk = C:\Program
Files\LimeWire\LimeWire 4.0.7 Pro\LimeWire.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.
lnk = ?
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:
\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:
\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:\program files\google\GoogleToolbar1.dll/cmcache.
html
O8 - Extra context menu item: Similar Pages - res://c:
\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://
c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5
-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C
0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System
32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E
-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F
1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra button: Support - {060EEB5E-4E1C-42BA-8253-
35DBDB56DEFD} - C:\Program Files\Internet
Explorer\SIGNUP\Presario.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.yahoo.
com
O14 - IERESET.INF: MS_START_PAGE_URL=http://www.
yahoo.com
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (
YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo
.com/dl/installs/yinst20040510.cab
O16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} (
Jigsaw Genius Control) - http://mirror.worldwinner.com/
games/v42/jigsaw/jigsaw.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (
EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/
activex/EPUWALControl_v1-0-3-9.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (
Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (
PopCapLoader Object) - http://download.games.yahoo.com
/games/web_games/popcap/insaniquarium/
popcaploader_v6.cab