-
:angel:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 11/28/2008 at 03:49 PM
Application Version : 4.22.1014
Core Rules Database Version : 3654
Trace Rules Database Version: 1636
Scan type : Complete Scan
Total Scan Time : 00:44:38
Memory items scanned : 180
Memory threats detected : 3
Registry items scanned : 2131
Registry threats detected : 301
File items scanned : 31429
File threats detected : 226
Adware.DelFin Project
C:\WINDOWS\SYSTEM\NFOMON\NFOMON.EXE
C:\WINDOWS\SYSTEM\NFOMON\NFOMON.EXE
C:\WINDOWS\SYSTEM\VIDMON\VIDMON.EXE
C:\WINDOWS\SYSTEM\VIDMON\VIDMON.EXE
[Nfo] C:\WINDOWS\SYSTEM\NFOMON\NFOMON.EXE
[vidmon] C:\WINDOWS\SYSTEM\VIDMON\VIDMON.EXE
C:\PROGRAM FILES\COMMON FILES\UNINSTALL INFORMATION\REMOVEWEBDP.EXE
DateManager
C:\PROGRAM FILES\DATE MANAGER\DATEMANAGER.EXE
C:\PROGRAM FILES\DATE MANAGER\DATEMANAGER.EXE
Adware.HotBar (Low Risk)
[Hotbar] C:\PROGRAM FILES\HOTBAR\BIN\4.3.5.0\HBINST.EXE
C:\PROGRAM FILES\HOTBAR\BIN\4.3.5.0\HBINST.EXE
C:\WINDOWS\SYSTEM\HBINST.EXE
C:\PROGRAM FILES\HOTBAR\BIN\HBINST.EXE
Adware.MediaLoads
HKLM\Software\Classes\CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
HKCR\CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
HKCR\CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
HKCR\CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}\ProgID
HKCR\CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}\VersionIndependentProgID
HKCR\CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}\Programmable
HKCR\CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}\InprocServer32
HKCR\CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}\InprocServer32#ThreadingModel
HKCR\CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}\TypeLib
HKCR\MP.MediaPops.1
HKCR\MP.MediaPops.1\CLSID
HKCR\MP.MediaPops
HKCR\MP.MediaPops\CLSID
HKCR\MP.MediaPops\CurVer
HKCR\TypeLib\{4767C447-EF15-42F2-8809-68ADB7FA76F1}
HKCR\TypeLib\{4767C447-EF15-42F2-8809-68ADB7FA76F1}\1.0
HKCR\TypeLib\{4767C447-EF15-42F2-8809-68ADB7FA76F1}\1.0\FLAGS
HKCR\TypeLib\{4767C447-EF15-42F2-8809-68ADB7FA76F1}\1.0\0
HKCR\TypeLib\{4767C447-EF15-42F2-8809-68ADB7FA76F1}\1.0\0\win32
HKCR\TypeLib\{4767C447-EF15-42F2-8809-68ADB7FA76F1}\1.0\HELPDIR
C:\PROGRAM FILES\MEDIALOADS ENHANCED\ME1.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
HKCR\Interface\{4438A5DC-E00B-41A0-B0E6-B63FD3B86EEE}
HKCR\Interface\{4438A5DC-E00B-41A0-B0E6-B63FD3B86EEE}\ProxyStubClsid
HKCR\Interface\{4438A5DC-E00B-41A0-B0E6-B63FD3B86EEE}\ProxyStubClsid32
HKCR\Interface\{4438A5DC-E00B-41A0-B0E6-B63FD3B86EEE}\TypeLib
HKCR\Interface\{4438A5DC-E00B-41A0-B0E6-B63FD3B86EEE}\TypeLib#Version
Adware.Xupiter
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{57E69D5A-6539-4d7d-9637-775DE8A385B4}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks#{6E6DD93E-1FC3-4F43-8AFB-1B7B90C9D3EB}
Trojan.Unclassified-Packed/Suspicious
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\ProgID
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\VersionIndependentProgID
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\Programmable
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\InprocServer32
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\InprocServer32#ThreadingModel
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\Control
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\Insertable
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\ToolboxBitmap32
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\MiscStatus
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\MiscStatus\1
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\TypeLib
HKCR\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}\Version
HKCR\NSUpdateLite.NSUpdateLiteCtrl.1
HKCR\NSUpdateLite.NSUpdateLiteCtrl.1\CLSID
HKCR\NSUpdateLite.NSUpdateLiteCtrl.1\Insertable
HKCR\NSUpdateLite.NSUpdateLiteCtrl
HKCR\NSUpdateLite.NSUpdateLiteCtrl\CLSID
HKCR\NSUpdateLite.NSUpdateLiteCtrl\CurVer
HKCR\TypeLib\{DA9A0B0F-9B7B-11D3-B8A4-00C04F79641C}
HKCR\TypeLib\{DA9A0B0F-9B7B-11D3-B8A4-00C04F79641C}\1.0
HKCR\TypeLib\{DA9A0B0F-9B7B-11D3-B8A4-00C04F79641C}\1.0\FLAGS
HKCR\TypeLib\{DA9A0B0F-9B7B-11D3-B8A4-00C04F79641C}\1.0\0
HKCR\TypeLib\{DA9A0B0F-9B7B-11D3-B8A4-00C04F79641C}\1.0\0\win32
HKCR\TypeLib\{DA9A0B0F-9B7B-11D3-B8A4-00C04F79641C}\1.0\HELPDIR
C:\WINDOWS\SYSTEM\NSUPDATE.DLL
HKCR\Interface\{DA9A0B1F-9B7B-11D3-B8A4-00C04F79641C}
HKCR\Interface\{DA9A0B1F-9B7B-11D3-B8A4-00C04F79641C}\ProxyStubClsid
HKCR\Interface\{DA9A0B1F-9B7B-11D3-B8A4-00C04F79641C}\ProxyStubClsid32
HKCR\Interface\{DA9A0B1F-9B7B-11D3-B8A4-00C04F79641C}\TypeLib
HKCR\Interface\{DA9A0B1F-9B7B-11D3-B8A4-00C04F79641C}\TypeLib#Version
HKCR\Interface\{DA9A0B1D-9B7B-11D3-B8A4-00C04F79641C}
HKCR\Interface\{DA9A0B1D-9B7B-11D3-B8A4-00C04F79641C}\ProxyStubClsid
HKCR\Interface\{DA9A0B1D-9B7B-11D3-B8A4-00C04F79641C}\ProxyStubClsid32
HKCR\Interface\{DA9A0B1D-9B7B-11D3-B8A4-00C04F79641C}\TypeLib
HKCR\Interface\{DA9A0B1D-9B7B-11D3-B8A4-00C04F79641C}\TypeLib#Version
Adware.Tracking Cookie
C:\WINDOWS\Cookies\default@videoegg.adbureau[2].txt
C:\WINDOWS\Cookies\default@specificclick[3].txt
C:\WINDOWS\Cookies\default@ehg-proflowers.hitbox[2].txt
C:\WINDOWS\Cookies\default@ads.apn.co[2].txt
C:\WINDOWS\Cookies\default@ad[1].txt
C:\WINDOWS\Cookies\default@media.mtvnservices[2].txt
C:\WINDOWS\Cookies\default@perf.overture[3].txt
C:\WINDOWS\Cookies\default@www.windowsmedia[1].txt
C:\WINDOWS\Cookies\default@dcsew60m1oifwznbkznc6j9ix_5x7j[1].txt
C:\WINDOWS\Cookies\default@realmedia[1].txt
C:\WINDOWS\Cookies\default@atwola[2].txt
C:\WINDOWS\Cookies\default@xxxtoolbar[2].txt
C:\WINDOWS\Cookies\default@myaccount.centrelink.gov[1].txt
C:\WINDOWS\Cookies\default@0[2].txt
C:\WINDOWS\Cookies\default@www.teenagehumor[2].txt
C:\WINDOWS\Cookies\default@dealtime[1].txt
C:\WINDOWS\Cookies\default@crackle[1].txt
C:\WINDOWS\Cookies\default@bs.serving-sys[1].txt
C:\WINDOWS\Cookies\default@tracker.mediatracker.co[1].txt
C:\WINDOWS\Cookies\default@cassava[1].txt
C:\WINDOWS\Cookies\default@ads.adsag[1].txt
C:\WINDOWS\Cookies\default@qksrv[1].txt
C:\WINDOWS\Cookies\default@2[2].txt
C:\WINDOWS\Cookies\default@276[2].txt
C:\WINDOWS\Cookies\default@a.as-us.falkag[2].txt
C:\WINDOWS\Cookies\default@linksynergy[1].txt
C:\WINDOWS\Cookies\default@socialmedia[1].txt
C:\WINDOWS\Cookies\default@script[2].txt
C:\WINDOWS\Cookies\default@ehg-bskyb.hitbox[2].txt
C:\WINDOWS\Cookies\default@1070207279[1].txt
C:\WINDOWS\Cookies\default@zedo[3].txt
C:\WINDOWS\Cookies\default@ads.pointroll[1].txt
C:\WINDOWS\Cookies\default@6[1].txt
C:\WINDOWS\Cookies\default@valueclick[1].txt
C:\WINDOWS\Cookies\default@0[3].txt
C:\WINDOWS\Cookies\default@ehg-electricbusiness.hitbox[1].txt
C:\WINDOWS\Cookies\default@www.popuptraffic[2].txt
C:\WINDOWS\Cookies\default@www.ezytrack[1].txt
C:\WINDOWS\Cookies\default@tribalfusion[2].txt
C:\WINDOWS\Cookies\default@mediaplex[3].txt
C:\WINDOWS\Cookies\default@2o7[3].txt
C:\WINDOWS\Cookies\default@tracking.thunderdownloads[2].txt
C:\WINDOWS\Cookies\default@incentaclick[2].txt
C:\WINDOWS\Cookies\default@cz6.clickzs[1].txt
C:\WINDOWS\Cookies\default@www.trafficbeamer[2].txt
C:\WINDOWS\Cookies\default@websponsors[2].txt
C:\WINDOWS\Cookies\default@atdmt[1].txt
C:\WINDOWS\Cookies\default@as-us.falkag[2].txt
C:\WINDOWS\Cookies\default@clickbank[1].txt
C:\WINDOWS\Cookies\default@statcounter[4].txt
C:\WINDOWS\Cookies\default@maxserving[1].txt
C:\WINDOWS\Cookies\default@ads.x10[1].txt
C:\WINDOWS\Cookies\default@serving-sys[4].txt
C:\WINDOWS\Cookies\default@353[1].txt
C:\WINDOWS\Cookies\default@ehg-attenza.hitbox[2].txt
C:\WINDOWS\Cookies\default@as1.falkag[2].txt
C:\WINDOWS\Cookies\default@e-2dj6wflokhcjilo.stats.esomniture[2].txt
C:\WINDOWS\Cookies\default@www.burstnet[1].txt
C:\WINDOWS\Cookies\default@stat.dealtime[2].txt
C:\WINDOWS\Cookies\default@revsci[3].txt
C:\WINDOWS\Cookies\default@ad.yieldmanager[4].txt
C:\WINDOWS\Cookies\default@media.sensis.com[2].txt
C:\WINDOWS\Cookies\default@5[2].txt
C:\WINDOWS\Cookies\default@overture[4].txt
C:\WINDOWS\Cookies\default@azjmp[1].txt
C:\WINDOWS\Cookies\default@bluestreak[2].txt
C:\WINDOWS\Cookies\default@ehg-dig.hitbox[2].txt
C:\WINDOWS\Cookies\default@insightfirst[2].txt
C:\WINDOWS\Cookies\default@fastclick[1].txt
C:\WINDOWS\Cookies\default@windowsmedia[1].txt
C:\WINDOWS\Cookies\default@tracking[2].txt
C:\WINDOWS\Cookies\default@344[1].txt
C:\WINDOWS\Cookies\default@semdirector.112.2o7[1].txt
C:\WINDOWS\Cookies\default@burstnet[2].txt
C:\WINDOWS\Cookies\default@ad.sensismediasmart.com[2].txt
C:\WINDOWS\Cookies\default@casalemedia[2].txt
C:\WINDOWS\Cookies\default@adserver.adtechus[1].txt
C:\WINDOWS\Cookies\default@pacificpoker[3].txt
C:\WINDOWS\Cookies\default@msnaccountservices.112.2o7[1].txt
C:\WINDOWS\Cookies\default@etype.adbureau[1].txt
C:\WINDOWS\Cookies\default@adopt.euroclick[1].txt
C:\WINDOWS\Cookies\default@www.realcastmedia[1].txt
C:\WINDOWS\Cookies\default@3684752[2].txt
C:\WINDOWS\Cookies\default@adserver.news.com[2].txt
C:\WINDOWS\Cookies\default@adserver.easyad[1].txt
C:\WINDOWS\Cookies\default@statse.webtrendslive[3].txt
C:\WINDOWS\Cookies\default@new-pcp[1].txt
C:\WINDOWS\Cookies\default@optus.112.2o7[1].txt
C:\WINDOWS\Cookies\default@z1.adserver[1].txt
C:\WINDOWS\Cookies\default@counter.123counts[1].txt
C:\WINDOWS\Cookies\default@ads.addynamix[1].txt
C:\WINDOWS\Cookies\default@hc2.humanclick[1].txt
C:\WINDOWS\Cookies\default@ad2.pamedia.com[1].txt
C:\WINDOWS\Cookies\default@trafficvenuedirect[2].txt
C:\WINDOWS\Cookies\default@apnonline.112.2o7[1].txt
C:\WINDOWS\Cookies\default@account.live[3].txt
C:\WINDOWS\Cookies\default@trafficmp[1].txt
C:\WINDOWS\Cookies\default@cgi-bin[2].txt
C:\WINDOWS\Cookies\default@adinterax[1].txt
C:\WINDOWS\Cookies\default@track.adform[2].txt
C:\WINDOWS\Cookies\default@cz3.clickzs[2].txt
C:\WINDOWS\Cookies\default@87506651[1].txt
C:\WINDOWS\Cookies\default@888[1].txt
C:\WINDOWS\Cookies\default@cgi-bin[1].txt
C:\WINDOWS\Cookies\default@spylog[2].txt
C:\WINDOWS\Cookies\default@commission-junction[1].txt
C:\WINDOWS\Cookies\default@cz8.clickzs[1].txt
C:\WINDOWS\Cookies\default@advertising[3].txt
C:\WINDOWS\Cookies\default@counter.hitslink[1].txt
C:\WINDOWS\Cookies\default@revenue[2].txt
C:\WINDOWS\Cookies\default@msnportal.112.2o7[4].txt
C:\WINDOWS\Cookies\default@doubleclick[1].txt
C:\WINDOWS\Cookies\default@hg1.hitbox[2].txt
C:\WINDOWS\Cookies\default@mywebsearch[1].txt
C:\WINDOWS\Cookies\default@ad.trackbar[2].txt
C:\WINDOWS\Cookies\default@hitbox[1].txt
C:\WINDOWS\Cookies\default@belnk[1].txt
C:\WINDOWS\Cookies\default@56081914[2].txt
C:\WINDOWS\Cookies\default@ad[2].txt
C:\WINDOWS\Cookies\default@7[2].txt
C:\WINDOWS\Cookies\default@rocku.adbureau[2].txt
C:\WINDOWS\Cookies\default@tradedoubler[1].txt
C:\WINDOWS\Cookies\default@ssm.directtrack[2].txt
C:\WINDOWS\Cookies\default@1057891207[1].txt
C:\WINDOWS\Cookies\default@tracking.foxnews[2].txt
C:\WINDOWS\Cookies\default@mediaonenetwork[2].txt
C:\WINDOWS\Cookies\default@ehg-groupernetworks.hitbox[1].txt
C:\WINDOWS\Cookies\default@adbrite[3].txt
C:\WINDOWS\Cookies\default@ads.contactmusic[2].txt
C:\WINDOWS\Cookies\default@ehg-nokiafin.hitbox[2].txt
C:\WINDOWS\Cookies\default@scan.antivirus2008scanner[1].txt
C:\WINDOWS\Cookies\default@server.cpmstar[2].txt
C:\WINDOWS\Cookies\default@www.incentaclick[2].txt
C:\WINDOWS\Cookies\default@adtech[1].txt
C:\WINDOWS\Cookies\default@edge.ru4[1].txt
C:\WINDOWS\Cookies\default@1054571031[1].txt
C:\WINDOWS\Cookies\default@insightexpressai[1].txt
C:\WINDOWS\Cookies\default@ad.lookery[1].txt
C:\WINDOWS\Cookies\default@microsoftwlmessengermkt.112.2o7[1].txt
C:\WINDOWS\Cookies\default@tacoda[2].txt
C:\WINDOWS\Cookies\default@mansion.122.2o7[1].txt
C:\WINDOWS\Cookies\default@1070847646[1].txt
C:\WINDOWS\Cookies\default@ads.cnn[2].txt
C:\WINDOWS\Cookies\default@directtrack[1].txt
C:\WINDOWS\Cookies\default@questionmarket[2].txt
C:\WINDOWS\Cookies\default@network.alluremedia.com[2].txt
C:\WINDOWS\Cookies\default@ats[1].txt
C:\WINDOWS\Cookies\default@media6degrees[1].txt
C:\WINDOWS\Cookies\default@kontera[3].txt
C:\WINDOWS\Cookies\default@ad.zanox[3].txt
c:\WINDOWS\Cookies\default@doubleclick[2].txt
c:\WINDOWS\Cookies\default@mediaplex[1].txt
c:\WINDOWS\Cookies\default@overture[1].txt
c:\WINDOWS\Cookies\default@ad.zanox[2].txt
c:\WINDOWS\Cookies\default@advertising[2].txt
c:\WINDOWS\Cookies\default@tribalfusion[1].txt
c:\WINDOWS\Cookies\default@zedo[1].txt
c:\WINDOWS\Cookies\default@webpdp.gator[1].txt
c:\WINDOWS\Cookies\default@webpdp.gator[3].txt
c:\WINDOWS\Cookies\default@webpdp.gator[4].txt
c:\WINDOWS\Cookies\default@free.pornstarunion[1].txt
c:\WINDOWS\Cookies\default@media[6].txt
c:\WINDOWS\Cookies\default@free.pornstarunion[2].txt
c:\WINDOWS\Cookies\default@trafficmp[4].txt
c:\WINDOWS\Cookies\default@questionmarket[1].txt
c:\WINDOWS\Cookies\default@edge.ru4[2].txt
c:\WINDOWS\Cookies\default@hypertracker[2].txt
c:\WINDOWS\Cookies\default@www.theteenstar[1].txt
c:\WINDOWS\Cookies\default@hotlog[1].txt
c:\WINDOWS\Cookies\default@hitbox[2].txt
c:\WINDOWS\Cookies\default@ads.specificpop[1].txt
c:\WINDOWS\Cookies\default@counter13.sextracker[1].txt
c:\WINDOWS\Cookies\default@webpdp.gator[2].txt
c:\WINDOWS\Cookies\default@webpdp.gator[5].txt
c:\WINDOWS\Cookies\default@doubleclick[3].txt
c:\WINDOWS\Cookies\default@overture[3].txt
c:\WINDOWS\Cookies\default@perf.overture[1].txt
c:\WINDOWS\Cookies\default@msnportal.112.2o7[1].txt
c:\WINDOWS\Cookies\default@adinterax[2].txt
c:\WINDOWS\Cookies\default@fastclick[2].txt
c:\WINDOWS\Cookies\default@adopt.euroclick[2].txt
c:\WINDOWS\Cookies\default@casalemedia[1].txt
c:\WINDOWS\Cookies\default@2o7[2].txt
c:\WINDOWS\Cookies\default@accounts[1].txt
c:\WINDOWS\Cookies\default@msnportal.112.2o7[3].txt
c:\WINDOWS\Cookies\default@serving-sys[2].txt
c:\WINDOWS\Cookies\default@specificclick[2].txt
c:\WINDOWS\Cookies\default@ad.yieldmanager[1].txt
c:\WINDOWS\Cookies\default@statcounter[1].txt
c:\WINDOWS\Cookies\default@mediaonenetwork[1].txt
c:\WINDOWS\Cookies\default@ads.addynamix[2].txt
c:\WINDOWS\Cookies\default@richmedia.yahoo[1].txt
c:\WINDOWS\Cookies\default@account.live[2].txt
c:\WINDOWS\Cookies\default@pacificpoker[1].txt
c:\WINDOWS\Cookies\default@bs.serving-sys[2].txt
c:\WINDOWS\Cookies\default@fastclick[3].txt
c:\WINDOWS\Cookies\default@adserver[1].txt
c:\WINDOWS\Cookies\default@serving-sys[3].txt
c:\WINDOWS\Cookies\default@statse.webtrendslive[2].txt
c:\WINDOWS\Cookies\default@adbrite[2].txt
c:\WINDOWS\Cookies\default@revsci[1].txt
c:\WINDOWS\Cookies\default@ad.yieldmanager[3].txt
c:\WINDOWS\Cookies\default@adopt.euroclick[3].txt
c:\WINDOWS\Cookies\default@2o7[1].txt
c:\WINDOWS\Cookies\default@mediaplex[2].txt
c:\WINDOWS\Cookies\default@socialmedia[2].txt
c:\WINDOWS\Cookies\default@statcounter[2].txt
c:\WINDOWS\Cookies\default@mediaonenetwork[3].txt
c:\WINDOWS\Cookies\default@tribalfusion[3].txt
c:\WINDOWS\Cookies\default@kontera[2].txt
c:\WINDOWS\Cookies\default@bs.serving-sys[3].txt
CommonName Toolbar/Browser Helper Object
HKCR\CLSID\{00000000-0000-0000-0000-000000000000}
HKCR\CLSID\{00000000-0000-0000-0000-000000000000}\InprocServer32
HKCR\CLSID\{00000000-0000-0000-0000-000000000000}\ProgID
Adware.WhenU
HKCR\WUSN.1
HKCR\WUSN.1#WUSN_Id
Adware.Cydoor
HKU\.DEFAULT\Software\Cydoor
HKLM\Software\Cydoor
HKLM\Software\Cydoor#AdwrCnt
Adware.GAIN/Gator
HKLM\Software\Gator.com
HKLM\Software\Gator.com\AppInfo
HKLM\Software\Gator.com\AppInfo\DateManager
HKLM\Software\Gator.com\AppInfo\DateManager#event
HKLM\Software\Gator.com\AppInfo\DateManager#timeout_secs_ui
HKLM\Software\Gator.com\AppInfo\DateManager#timeout_secs_full
HKLM\Software\Gator.com\AppInfo\DateManager#lockfiles
HKLM\Software\Gator.com\AppInfo\DateManager#restart
HKLM\Software\Gator.com\Date Manager
HKLM\Software\Gator.com\Date Manager#AppPath
HKLM\Software\Gator.com\Date Manager#LastAutoupdateCall
HKLM\Software\Gator.com\CMEII
HKLM\Software\Gator.com\CMEII#AppHist
HKLM\Software\Gator.com\CMEII#numInst
HKLM\Software\Gator.com\Gator
HKLM\Software\Gator.com\Gator\dyn
HKLM\Software\Gator.com\Gator\dyn\GCH
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#StartTime
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#OldestTime
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#302-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#302-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#302--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#303-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#303-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#303--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#304-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#304-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#304--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#305-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#305-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#305--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#306-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#306-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#306--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#307-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#307-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#311-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#311-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#312-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#312-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#313-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#313-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#314-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#314-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#314--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#315-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#315-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#315--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#316-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#316-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#316--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#321-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#321-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#321--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#322--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#322-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#322-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#323-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#323-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#323--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#324-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#324-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#324--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#326-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#326-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#326--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#327-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#327-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#327--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#328--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#328-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#328-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#329-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#329-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#329--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#330-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#330-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#330--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#331-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#331-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#331--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#332-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#332-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#332--1
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#StartTime
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#OldestTime
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#346-12007
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#346-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#347-12007
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#347-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#348-200
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#348-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#349-12007
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#349-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#350-12007
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatortime#350-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#StartTime
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#OldestTime
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#300-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#300-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#301-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#301-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#302-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#302-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#302-200
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#305-200
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#305-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#311-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#311-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#312-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#312-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#313-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#313-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#314-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#314-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#314-200
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#321-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#321-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#321-200
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#326-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#326-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#326-200
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#330-12029
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#330-bytes
HKLM\Software\Gator.com\Gator\dyn\GCH\_gatorcme#330-200
HKLM\Software\Gator.com\Gator\dyn\GUS
HKLM\Software\Gator.com\Gator\stat
HKLM\Software\Gator.com\Gator\stat#Guid
HKLM\Software\Gator.com\GInternet
HKLM\Software\Gator.com\GInternet\Proxy
HKLM\Software\Gator.com\GInternet\Proxy#Enabled
Adware.MyWebSearch/FunWebProducts
HKU\.DEFAULT\SOFTWARE\FunWebProducts
HKLM\SOFTWARE\FunWebProducts
HKLM\SOFTWARE\FunWebProducts\Installer
HKLM\SOFTWARE\FunWebProducts\Installer#Dir
HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
HKLM\SOFTWARE\FunWebProducts\Installer#CheckForConnection
HKLM\SOFTWARE\FunWebProducts\Installer#CacheDir
HKLM\SOFTWARE\FunWebProducts\Installer\downloaded
HKLM\SOFTWARE\FunWebProducts\PopSwatter
HKLM\SOFTWARE\FunWebProducts\PopSwatter#enabled
HKLM\SOFTWARE\MyWebSearch
HKLM\SOFTWARE\MyWebSearch\bar
HKLM\SOFTWARE\MyWebSearch\bar#pid
HKLM\SOFTWARE\MyWebSearch\bar#un
HKLM\SOFTWARE\MyWebSearch\bar#Dir
HKLM\SOFTWARE\MyWebSearch\bar#CurInstall
HKLM\SOFTWARE\MyWebSearch\bar#sr
HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir
HKLM\SOFTWARE\MyWebSearch\bar#Id
HKLM\SOFTWARE\MyWebSearch\bar#Build
HKLM\SOFTWARE\MyWebSearch\bar#CacheDir
HKLM\SOFTWARE\MyWebSearch\bar#HistoryDir
HKLM\SOFTWARE\MyWebSearch\bar#Visible
HKLM\SOFTWARE\MyWebSearch\bar#Maximized
HKLM\SOFTWARE\MyWebSearch\bar#ConfigRevisionURL
HKLM\SOFTWARE\MyWebSearch\bar#ConfigDateStamp
HKLM\SOFTWARE\MyWebSearch\SearchAssistant
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Dir
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#CurInstall
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sr
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Id
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#CacheDir
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ConfigDateStamp
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs
Adware.MyWay
HKCR\TypeLib\{0494D0D0-F8E0-41AD-92A3-14154ECE70AC}
HKCR\TypeLib\{0494D0D0-F8E0-41AD-92A3-14154ECE70AC}\1.0
HKCR\TypeLib\{0494D0D0-F8E0-41AD-92A3-14154ECE70AC}\1.0\FLAGS
HKCR\TypeLib\{0494D0D0-F8E0-41AD-92A3-14154ECE70AC}\1.0\0
HKCR\TypeLib\{0494D0D0-F8E0-41AD-92A3-14154ECE70AC}\1.0\0\win32
HKCR\TypeLib\{0494D0D0-F8E0-41AD-92A3-14154ECE70AC}\1.0\HELPDIR
HKLM\Software\MyWay
HKLM\Software\MyWay\myBar
HKLM\Software\MyWay\myBar#Dir
HKLM\Software\MyWay\myBar#ShzmCurInstall
HKLM\Software\MyWay\myBar#pid
HKLM\Software\MyWay\myBar#CurInstall
HKLM\Software\MyWay\myBar#sr
HKLM\Software\MyWay\myBar#pl
HKLM\Software\MyWay\myBar#Id
HKLM\Software\MyWay\myBar#Build
HKLM\Software\MyWay\myBar#CacheDir
HKLM\Software\MyWay\myBar#HistoryDir
HKLM\Software\MyWay\myBar#Visible
HKLM\Software\MyWay\myBar#Maximized
HKLM\Software\MyWay\myBar#SettingsDir
HKLM\Software\MyWay\myBar#ConfigRevisionURL
HKLM\Software\MyWay\myBar#ConfigDateStamp
HKLM\Software\MyWay\myBar\partner
HKLM\Software\MyWay\myBar\partner#bitmap
HKLM\Software\MyWay\myBar\partner#name
HKLM\Software\MyWay\myBar\partner#test
HKLM\Software\MyWay\myBar\partner#PM-Home
HKLM\Software\MyWay\myBar\partner#PM-Points
HKLM\Software\MyWay\myBar\partner#PM-Redeem
HKLM\Software\MyWay\myBar\partner#PM-Wallet
HKLM\Software\MyWay\myBar\partner#PM-Settings
HKCR\Interface\{0494D0D6-F8E0-41AD-92A3-14154ECE70AC}
HKCR\Interface\{0494D0D6-F8E0-41AD-92A3-14154ECE70AC}\ProxyStubClsid
HKCR\Interface\{0494D0D6-F8E0-41AD-92A3-14154ECE70AC}\ProxyStubClsid32
HKCR\Interface\{0494D0D6-F8E0-41AD-92A3-14154ECE70AC}\TypeLib
HKCR\Interface\{0494D0D6-F8E0-41AD-92A3-14154ECE70AC}\TypeLib#Version
HKCR\Interface\{0494D0D4-F8E0-41AD-92A3-14154ECE70AC}
HKCR\Interface\{0494D0D4-F8E0-41AD-92A3-14154ECE70AC}\ProxyStubClsid
HKCR\Interface\{0494D0D4-F8E0-41AD-92A3-14154ECE70AC}\ProxyStubClsid32
HKCR\Interface\{0494D0D4-F8E0-41AD-92A3-14154ECE70AC}\TypeLib
HKCR\Interface\{0494D0D4-F8E0-41AD-92A3-14154ECE70AC}\TypeLib#Version
HKCR\Interface\{0494D0DA-F8E0-41AD-92A3-14154ECE70AC}
HKCR\Interface\{0494D0DA-F8E0-41AD-92A3-14154ECE70AC}\ProxyStubClsid
HKCR\Interface\{0494D0DA-F8E0-41AD-92A3-14154ECE70AC}\ProxyStubClsid32
HKCR\Interface\{0494D0DA-F8E0-41AD-92A3-14154ECE70AC}\TypeLib
HKCR\Interface\{0494D0DA-F8E0-41AD-92A3-14154ECE70AC}\TypeLib#Version
HKCR\Interface\{0494D0DC-F8E0-41AD-92A3-14154ECE70AC}
HKCR\Interface\{0494D0DC-F8E0-41AD-92A3-14154ECE70AC}\ProxyStubClsid
HKCR\Interface\{0494D0DC-F8E0-41AD-92A3-14154ECE70AC}\ProxyStubClsid32
HKCR\Interface\{0494D0DC-F8E0-41AD-92A3-14154ECE70AC}\TypeLib
HKCR\Interface\{0494D0DC-F8E0-41AD-92A3-14154ECE70AC}\TypeLib#Version
Trojan.NewDotNet
C:\WINDOWS\NEWDOTNET3_36.DLL
C:\WINDOWS\NDNUNINSTALL4_50.EXE
C:\WINDOWS\NDNUNINSTALL4_88.EXE
C:\WINDOWS\NDNUNINSTALL4_94.EXE
Trojan.Gen
C:\WINDOWS\UNIFISH3.EXE
Adware.Lop
C:\PROGRAM FILES\C2MEDIA\SETUP.EXE
-
Hi -mandy-83
Please post a fresh hjt log
How is the computer running now?
Thanks peku006
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:37 PM, on 11/28/08
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\CTNOTIFY.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\COMMON FILES\NOKIA\NCLTOOLS\NCLTRAY.EXE
C:\WINDOWS\MOTOROLA\SMSERIAL\SM56HLPR.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
C:\PROGRAM FILES\DIAMOND\INCONTROL TOOLS 98\DMHKEY.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\MEDIADET.EXE
C:\PROGRAM FILES\COMMON FILES\NOKIA\SERVICES\SERVICELAYER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\OPERA\OPERA.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchbar.linksummary.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.linksummary.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX (file missing)
O2 - BHO: ynjpmnlqosbvxeoulunj - {7e9c4540-d984-11d7-95ac-444553540000} - C:\WINDOWS\APPLICATION DATA\ISHSBLBOUEE.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: rsswblstntr - {7e9c4541-d984-11d7-95ac-444553540000} - C:\WINDOWS\APPLICATION DATA\ISHSBLBOUEE.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN TOOLBAR\01.01.2607.0\MSGR.EN-US.EN-AU\MSNTB.DLL
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [MediaLoads Installer] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [SQUpdatesChecker] C:\Program Files\Sqwire\uc.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [SQConfigChecker] C:\Program Files\Sqwire\cc.exe
O4 - HKLM\..\Run: [eaboush] C:\WINDOWS\APPLIC~1\strprlyn.exe -QuieT
O4 - HKLM\..\Run: [win32info] c:\windows\system\win32info.exe /noconnect
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Norton Antivirus AV] C:\WINDOWS\FVProtect.exe
O4 - HKLM\..\Run: [DataLayer] c:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] c:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\WINDOWS\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - HKUS\.DEFAULT\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE (User 'Default user')
O4 - .DEFAULT Startup: InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 98\DMHKEY.EXE (User 'Default user')
O4 - .DEFAULT Startup: Microsoft Office Fast Start.lnk = C:\WINDOWS\MM2ENT.EXE (User 'Default user')
O4 - .DEFAULT Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe (User 'Default user')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 98\DMHKEY.EXE
O4 - Startup: Microsoft Office Fast Start.lnk = C:\WINDOWS\MM2ENT.EXE
O4 - Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Startup: PowerReg Scheduler.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0819.DLL (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0819.DLL (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O12 - Plugin for .au/search?q=birds+licenses++&ie=ISO-8859-1&hl=en&btnI=I'm+Feeling+Lucky&meta=cr=countryAU: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O12 - Plugin for .tga: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin5.dll
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/fu...tup1.0.0.5.exe
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...reShowdown.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O20 - Winlogon Notify: !SASWinLogon - C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL
O24 - Desktop Component 0: (no name) - file:///C:/My%20Documents/My%20Received%20Files/spidy.gif
--
End of file - 9308 bytes
thanks the computer is running fine now
-
when windows starts up it starts searching for a missing shortcut for datemanager :snorkle:
-
Hi -mandy-83
Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible.
Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.
Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX (file missing)
O2 - BHO: ynjpmnlqosbvxeoulunj - {7e9c4540-d984-11d7-95ac-444553540000} - C:\WINDOWS\APPLICATION DATA\ISHSBLBOUEE.DLL
O3 - Toolbar: rsswblstntr - {7e9c4541-d984-11d7-95ac-444553540000} - C:\WINDOWS\APPLICATION DATA\ISHSBLBOUEE.DLL
O4 - HKLM\..\Run: [MediaLoads Installer] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [SQUpdatesChecker] C:\Program Files\Sqwire\uc.ex
O4 - HKLM\..\Run: [SQConfigChecker] C:\Program Files\Sqwire\cc.exe
O4 - HKLM\..\Run: [eaboush] C:\WINDOWS\APPLIC~1\strprlyn.exe -QuieT
O4 - HKLM\..\Run: [win32info] c:\windows\system\win32info.exe /noconnect
O4 - HKLM\..\Run: [Norton Antivirus AV] C:\WINDOWS\FVProtect.exe
O4 - .DEFAULT Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe (User 'Default user')
O4 - Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
Now close all windows other than HiJackThis, then click Fix Checked
Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked.
Reboot into safe mode.
As soon as your screen goes black after restarting, hold down the F8 key. After a bit, the computer will probably start to beep. At that point, release the F8 key. Eventually, you'll see a menu of choices. Pick Safe Mode.
If that doesn't work, restart and try holding down the Ctrl key when your computer starts. You may see keyboard error messages; ignore them. Hold the Ctrl key down until you see a startup menu.
Please remove these entries from Add/Remove Programs in the Control Panel(if present):
DownloadWare
Sqwire
Date Manager
Please delete these folders using Windows Explorer(if present):
C:\Program Files\DownloadWare
C:\Program Files\Sqwire
C:\Program Files\Date Manager
Please delete these files using Windows Explorer(if present):
C:\WINDOWS\APPLICATION DATA\ISHSBLBOUEE.DLL
C:\windows\system\win32info.exe
C:\WINDOWS\APPLICATION DATA\strprlyn.exe
C:\WINDOWS\FVProtect.exe
After that, Reboot.
With that done, please post back with a fresh HiJackThis log. Also, please let me know how things are running now and if you encountered any problems while you were following the instructions I posted.
Thanks peku006
-
:bighug:
The computer is still running fine and no longer starts searching for the missing shortcut for date manager. I had no problems at all with your instructions, I am also very grateful for all your time and help. Thank you.Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:31:46 PM, on 11/30/08
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\CTNOTIFY.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\COMMON FILES\NOKIA\NCLTOOLS\NCLTRAY.EXE
C:\WINDOWS\MOTOROLA\SMSERIAL\SM56HLPR.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
C:\PROGRAM FILES\DIAMOND\INCONTROL TOOLS 98\DMHKEY.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\MEDIADET.EXE
C:\PROGRAM FILES\COMMON FILES\NOKIA\SERVICES\SERVICELAYER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchbar.linksummary.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.linksummary.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
R3 - Default URLSearchHook is missing
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN TOOLBAR\01.01.2607.0\MSGR.EN-US.EN-AU\MSNTB.DLL
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [DataLayer] c:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] c:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\WINDOWS\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Norton Antivirus AV] C:\WINDOWS\FVProtect.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - HKUS\.DEFAULT\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE (User 'Default user')
O4 - .DEFAULT Startup: InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 98\DMHKEY.EXE (User 'Default user')
O4 - .DEFAULT Startup: Microsoft Office Fast Start.lnk = C:\WINDOWS\MM2ENT.EXE (User 'Default user')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 98\DMHKEY.EXE
O4 - Startup: Microsoft Office Fast Start.lnk = C:\WINDOWS\MM2ENT.EXE
O4 - Startup: PowerReg Scheduler.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0819.DLL (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0819.DLL (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O12 - Plugin for .au/search?q=birds+licenses++&ie=ISO-8859-1&hl=en&btnI=I'm+Feeling+Lucky&meta=cr=countryAU: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O12 - Plugin for .tga: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin5.dll
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/fu...tup1.0.0.5.exe
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...reShowdown.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O20 - Winlogon Notify: !SASWinLogon - C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL
O24 - Desktop Component 0: (no name) - file:///C:/My%20Documents/My%20Received%20Files/spidy.gif
--
End of file - 7981 bytes
-
Hi -mandy-83
you're running Windows 98 and that platform is no longer supported by MS , and will not be updated.
I strongly suggest you upgrade to Win XP
Read here for more info
End of support for Windows 98, Windows Me
How to prevent Malware
Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below
O4 - HKLM\..\Run: [Norton Antivirus AV] C:\WINDOWS\FVProtect.exe
O4 - Startup: PowerReg Scheduler.exe
Now close all windows other than HiJackThis, then click Fix Checked
please post back with a fresh HiJackThis log
Thanks peku006
-
This topic has been archived due to inactivity.
As it has been five days or more since your last post, and your helper posted a response to which you did not reply, this topic has been archived and will not be reopened. If you still require help, please start a new topic and include a fresh HijackThis log and a link to this thread.
Applies only to the original poster, anyone else with similar problems please start a new topic.
Thank you peku006. :)