TeK October 19, 2004 Share TeK Member October 19, 2004 (edited) I know you tech heads know about this so I figure to ask away. Recently, I've been having some problems with IE where when I open up IE, the search window on the left always pops up when I don't want it to, www.msn.com as a home page doesn't load up correctly unless I leave it and come back to it, and whenever I goto a site "Example www.gotfrag.com, it sends me to a page where it says it can't reach the site cause I spelt it wrong and its always missing an m at the end like www.gotfrag.co. I can usually get on it after another try. (I use firefox for my normal browsing my my mom still uses IE when its on and I use IE for a couple things as well.) Buddy told me to run a program called hijackthis. I don't want to delete anything without the consent of others so I'll post the logfile, if anyone here zd,dweezil,birdman, or ak can tell me what is safe to delete plz do. Thanks! Any other help would be appreciated or if I shouldn't even be using this program. Logfile of HijackThis v1.97.7 Scan saved at 6:25:24 PM, on 10/19/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe E:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE E:\WINDOWS\System32\CTsvcCDA.EXE E:\WINDOWS\system32\drivers\dcfssvc.exe E:\WINDOWS\System32\DVDRAMSV.exe E:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE E:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe E:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE E:\WINDOWS\System32\nvsvc32.exe E:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\ZoneLabs\vsmon.exe E:\WINDOWS\wanmpsvc.exe E:\WINDOWS\System32\MsPMSPSv.exe E:\Program Files\Creative\ShareDLL\CtNotify.exe E:\Program Files\Common Files\Symantec Shared\ccApp.exe E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe E:\WINDOWS\System32\RUNDLL32.EXE E:\Program Files\AIM95\aim.exe E:\WINDOWS\System32\shell32.exe E:\Program Files\Creative\ShareDLL\MediaDet.Exe E:\Program Files\mIRC\mirc.exe E:\WINDOWS\System32\wuauclt.exe E:\Program Files\Steam\Steam.exe E:\Program Files\iPod\bin\iPodService.exe E:\Program Files\Ventrilo\Ventrilo.exe E:\Program Files\Winamp\winamp.exe E:\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gotfrag.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R3 - Default URLSearchHook is missing O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000002230} - E:\Program Files\Lycos\IEagent\CSBB.DLL O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - E:\WINDOWS\System32\nzdd.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Disc Detector] E:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [CTStartup] E:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Jet Detection] E:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "E:\Program Files\AIM95\\DeadAIM.ocm",ExportedCheckODLs O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "E:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Zone Labs Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [AIM] E:\Program Files\AIM95\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [shell32] E:\WINDOWS\System32\shell32.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: AIM (HKLM) O9 - Extra button: Real.com (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab O16 - DPF: Yahoo! Dots - http://download.games.yahoo.com/games/clients/y/dtt1_x.cab O16 - DPF: Yahoo! Gin - http://download.games.yahoo.com/games/clients/y/nt0_x.cab O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab O16 - DPF: Yahoo! Hearts - http://download.games.yahoo.com/games/clients/y/ht1_x.cab O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt1_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potb_x.cab O16 - DPF: {023A3744-EA13-4C8A-8B23-ABF98974A9F5} (JoyOnPack Control) - http://gunbound.joyon.com/joyonpack.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v43/yacscom.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://apple.speedera.net/qtinstall.info.a...meInstaller.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1097271860944 O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} (WTDMMPVersion Class) - http://install.wildtangent.com/bgn/partner...lim/install.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.0_01) - O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/...7955.3999189815 O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - http://a320.g.akamai.net/7/320/1456/v50245...layer5AxWin.cab O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {B21A38F1-EC5D-4519-A715-0AD9DC6CC7A3} (SMControl Class) - http://www.machineroom.org/FPSMonitor/SMActiveX.dll O16 - DPF: {BD9B72E4-DC9C-4922-80E9-2D3315E3AADC} (UAClientControl Control) - http://www.ultimatearena.com/UAClientControl.ocx O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_01) - O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab *edit* Friend told me to get rid of. BHO stuff CSBB nzdd.dll All o16 things. Not deleting anything til I get some confirmation from you tech guys. Edited October 19, 2004 by TeK Link to comment Share on other sites More sharing options...
Guest zerodamage October 19, 2004 Share Guest zerodamage Guests October 19, 2004 Remove these via Hijackthis and be sure to be running hijackthis from your desktop or from your Hard Drive so a backup folder is created. Remove these: All of these. You can reinstall if needed if any of these are legit. They could be infected with spyware. O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab O16 - DPF: Yahoo! Dots - http://download.games.yahoo.com/games/clients/y/dtt1_x.cab O16 - DPF: Yahoo! Gin - http://download.games.yahoo.com/games/clients/y/nt0_x.cab O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab O16 - DPF: Yahoo! Hearts - http://download.games.yahoo.com/games/clients/y/ht1_x.cab O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt1_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potb_x.cab O16 - DPF: {023A3744-EA13-4C8A-8B23-ABF98974A9F5} (JoyOnPack Control) - http://gunbound.joyon.com/joyonpack.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v43/yacscom.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://apple.speedera.net/qtinstall.info.a...meInstaller.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1097271860944 O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} (WTDMMPVersion Class) - http://install.wildtangent.com/bgn/partner...lim/install.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.0_01) - O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/...7955.3999189815 O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - http://a320.g.akamai.net/7/320/1456/v50245...layer5AxWin.cab O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {B21A38F1-EC5D-4519-A715-0AD9DC6CC7A3} (SMControl Class) - http://www.machineroom.org/FPSMonitor/SMActiveX.dll O16 - DPF: {BD9B72E4-DC9C-4922-80E9-2D3315E3AADC} (UAClientControl Control) - http://www.ultimatearena.com/UAClientControl.ocx O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_01) - O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab Next post on what IS spyware that should be removed.... Link to comment Share on other sites More sharing options...
Guest zerodamage October 19, 2004 Share Guest zerodamage Guests October 19, 2004 Remove these also: O4 - HKCU\..\Run: [AIM] E:\Program Files\AIM95\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [shell32] E:\WINDOWS\System32\shell32.exe O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "E:\Program Files\AIM95\\DeadAIM.ocm",ExportedCheckODLs O4 - HKLM\..\Run: [Jet Detection] E:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe BHO's are Browser Helper Objects. These are basically mini programs that run within IE. Encourage your mom to use Firefox or some other browser also. These ARE Spyware: O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - E:\WINDOWS\System32\nzdd.dll R3 - Default URLSearchHook is missing O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000002230} - E:\Program Files\Lycos\IEagent\CSBB.DLL Link to comment Share on other sites More sharing options...
Guest zerodamage October 19, 2004 Share Guest zerodamage Guests October 19, 2004 Then run first: Adaware SE. Get it from http://www.lavasoft.de update it and run a "FULL SCAN" not the smart scan. Then go here and download Spybot S&D, update it and run it and also be sure to do the immunizations. download.com Last but not least, prevent spyware with Spyware Blaster. Be sure to update and enable all prevention after the update. http://www.javacoolsoftware.com/spywareblaster.html Link to comment Share on other sites More sharing options...
All Kill3r October 19, 2004 Share All Kill3r Member October 19, 2004 i think your problem with IE is using it. Try a diff browser like Firefox, one not so targeted. Link to comment Share on other sites More sharing options...
TeK October 19, 2004 Author Share TeK Member October 19, 2004 I've ran adaware and spybot before. I had a lot of crap from it. Cleared it all up. Thanks a lot ZD for telling me what to delete. It fixed it right up. Killer, I use Firefox, have been now for a few months and I love it. I still use IE to check a couple of things and like I said my mom uses it, everytime I help her with something on the comp she gets angry with me so I try and avoid her while shes on here. As always thanks again to the guys on this board, always knowing about everything =] Link to comment Share on other sites More sharing options...
dwEEziL October 20, 2004 Share dwEEziL Member October 20, 2004 I would look into that "shell32.exe" process. Methinks you have a virus. I searched my WinXP C drive and while I did find a "shell32.dll", I found no "shell32.exe". Googling for it brought up many virus hits though. Link to comment Share on other sites More sharing options...
Guest zerodamage October 20, 2004 Share Guest zerodamage Guests October 20, 2004 http://housecall.antivirus.com Link to comment Share on other sites More sharing options...
TeK October 20, 2004 Author Share TeK Member October 20, 2004 Did a full scan with Norton with latest definitions and found nothing. Housecall will detect it? Link to comment Share on other sites More sharing options...
Guest zerodamage October 20, 2004 Share Guest zerodamage Guests October 20, 2004 If you are already infected before updating norton, it is too late. So disable Norton and run Housecall. You must use IE to run it. Link to comment Share on other sites More sharing options...
TeK October 20, 2004 Author Share TeK Member October 20, 2004 Wow u guys were right. Disabled norton and ran housecall. Found 3 files that were trojans. They were uncleanable so I deleted them. Thanks a lot again dweez and ZD =] Link to comment Share on other sites More sharing options...
dwEEziL October 21, 2004 Share dwEEziL Member October 21, 2004 np Link to comment Share on other sites More sharing options...
White Knight October 21, 2004 Share White Knight Member October 21, 2004 Another idea: Run Firefox...its superior to IE and is much more secure. You can get it at www.mozilla.org. Link to comment Share on other sites More sharing options...
TeK October 21, 2004 Author Share TeK Member October 21, 2004 Killer, I use Firefox, have been now for a few months and I love it. =D Link to comment Share on other sites More sharing options...
TeK October 25, 2004 Author Share TeK Member October 25, 2004 (edited) Have another request using Hijack this. If any of you can tell me what to tell him to delete it'd be appreciated. He's been getting massive pop-ups. Told him to switch to firefox. Logfile of HijackThis v1.97.7 Scan saved at 17:25:26 , on 10/25/2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Steam\Steam.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\AIM\aim.exe C:\Program Files\NoNameScript\mirc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\timu\My Documents\download\HijackThis.exe O2 - BHO: (no name) - {017C20C1-F86F-11D8-9B25-000ACD002AE3} - C:\WINDOWS\Helper100.dll O2 - BHO: (no name) - {356CB562-B9C9-4C59-86AC-4A77D062C433} - C:\WINDOWS\System32\rkqem.dll O2 - BHO: (no name) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: ICQ (HKLM) O9 - Extra 'Tools' menuitem: ICQ (HKLM) O9 - Extra button: Research (HKLM) O9 - Extra button: AIM (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1096015786592 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab Edited October 25, 2004 by TeK Link to comment Share on other sites More sharing options...
Guest zerodamage October 25, 2004 Share Guest zerodamage Guests October 25, 2004 Delete these: O2 - BHO: (no name) - {017C20C1-F86F-11D8-9B25-000ACD002AE3} - C:\WINDOWS\Helper100.dll O2 - BHO: (no name) - {356CB562-B9C9-4C59-86AC-4A77D062C433} - C:\WINDOWS\System32\rkqem.dll O2 - BHO: (no name) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: ICQ (HKLM) O9 - Extra 'Tools' menuitem: ICQ (HKLM) O9 - Extra button: Research (HKLM) O9 - Extra button: AIM (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1096015786592 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab And like above, have him run adaware se, spybot s&d, spyware blaster and also do this: http://housecall.antivirus.com Link to comment Share on other sites More sharing options...
TeK October 25, 2004 Author Share TeK Member October 25, 2004 thanks again ZD. Link to comment Share on other sites More sharing options...
NOFX October 25, 2004 Share NOFX Member October 25, 2004 been testing firefox since K-melon, then used firebird, Firefox just hit version 1.0 woot! I pick Firefox on IE any day for these reasons. 1. quicker 2. not targeted like IE 3. bookmark toolbar 4. google searchbox on toolbar, without "the google toolbar" 5. did I say no pop-ups? 6. did I say no spyware/adware? Link to comment Share on other sites More sharing options...
dwEEziL October 26, 2004 Share dwEEziL Member October 26, 2004 Firefox starts up at least 4 seconds slower than IE (Maxthon really) on my computers. I know it loads previously visited pages faster but for new pages, it doesn't seem any faster Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now