Post by: mom2jam on July 12, 2005, 10:41:26 AM
here is my HiJAck log.
Thank you in advance.
Logfile of HijackThis v1.99.1
Scan saved at 11:35:26 AM, on 7/12/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 SP1 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\CDA\GAMEDRVR.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\LXSUPMON.EXE
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\SURFACCURACY\SACC.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\SONY HANDHELD\HOTSYNC.EXE
C:\PROGRAM FILES\SONY HANDHELD\USBSWT.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp (http://\"http://channels.aimtoday.com/search/aimtoolbar.jsp\")
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ICSDCLT] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\icsdclt.dll,ICSClient
O4 - HKLM\..\Run: [LexStart] LexStart.EXE
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [a0tmg10v] C:\WINDOWS\SYSTEM\a0tmg10v.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Startup: SonyPDA USB Switcher.lnk = C:\Program Files\Sony Handheld\USBSwt.exe
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (http://\"http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab\")
Post by: mom2jam on July 12, 2005, 04:08:17 PM
My post has been viewed but no answers
/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' /> Just sending a little nudge.
Post by: guestolo on July 12, 2005, 11:35:59 PM
Viewpoint <-may be more than one instance
WILDTANGENT <-may be more than one instance
Surf Accuracy
Restart your comptuer afterwards
Back in Windows
Download and Install the free version of Ad-Aware SE Personal 1.06 (http://\"ftp://ftp.download.com/pub/win95/utilities/aawsepersonal.exe\")
Ensure you have this version or the paid version
Open Ad-Aware, ensure to click the check for updates now link and Connect to download the latest updates
Click START
Click the radio button to Perform a Full system scan then click NEXT
When it's finished scanning
At this point you should either right click on the screen and and choose the "Select All" Objects option or individually put a checkmark in each objects checkbox
click on the Next button. Ad-Aware SE will now present you with a confirmation box as to whether or not you would like to remove the objects you have just selected. Press the "OK" button
RESTART your computer to finish the cleaning process
===================================
Download and Install Spybot 1.4 from
HERE (http://\"http://www.download.com/3000-2144-10122137.html?part=104443&subj=dlpage&tag=button\")
or HERE (http://\"http://www.safer-networking.org/en/download/index.html\")
Don't activate the Tea Timer when installing, it's a great feature but can get in the way
of any fixes we may still have to do
After installation--Click the UPDATE button on the left
SEARCH FOR UPDATES on the right
Check, and download all updates
Click the Search & Destroy button on the left
Check for Problems---When the Scan is complete
FIX all selected promblems in RED
RESTART the computer to finish the cleaning process
Note: If you have problems running either Ad-Aware or Spybot in Normal mode
Please restart into Safe mode (http://\"http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001060608000039\")
to run the scan
With ad-Aware, before running the scan
Uncheck beforehand
"Search for Neglible Risk Entries"
and
"Search for low risk threats"
With Spybot, instructions are the same
Remember to restart the computer after cleaning with either one
Run another scan with hijackthis afterwards in Normal mode and post a fresh log
Post by: Guest_mom2jam_* on July 13, 2005, 08:03:37 AM
You said: WILDTANGENT <-may be more than one instance
I tried removing this 10 times or more. It is not leaving my list in add/remove programs. Do I keep doing it until it's gone? The otherswent away after one or two times.
I already have Ad-aware but I will download Spy-Bot without teatime while waiting for your reply and do the scans in the order you suggest after I hear back from you. I am assuming the order is important.
Thank you.
Post by: guestolo on July 13, 2005, 08:50:01 PM
You could try uninstalling it in safe mode
Don't let it trouble you too much, we'll get it later
Make sure you have the latest version of Ad-Aware please
Go ahead and run the scan with Spybot also, remember too restart after running the scans
Post back a fresh hijackthis log after you have ran both scan's
Do what you can, please respond with a fresh hijackthis log
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: mom2jam on July 13, 2005, 10:42:39 PM
Did Adaware 1.06 scan - rebooted
Did Spybot 1.04 scan - rebooted
Here is current HiJack This Log
Logfile of HijackThis v1.99.1
Scan saved at 11:38:03 PM, on 7/13/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 SP1 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\CDA\GAMEDRVR.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\LXSUPMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\SONY HANDHELD\HOTSYNC.EXE
C:\PROGRAM FILES\SONY HANDHELD\USBSWT.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\AIM\AIM.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp (http://\"http://channels.aimtoday.com/search/aimtoolbar.jsp\")
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ICSDCLT] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\icsdclt.dll,ICSClient
O4 - HKLM\..\Run: [LexStart] LexStart.EXE
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [a0tmg10v] C:\WINDOWS\SYSTEM\a0tmg10v.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Startup: SonyPDA USB Switcher.lnk = C:\Program Files\Sony Handheld\USBSwt.exe
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (http://\"http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab\")
Thank you again.
Post by: guestolo on July 13, 2005, 10:54:16 PM
Open Hijackthis>>Open Misc tools Section>>Open Process Manager
End process on the following
C:\PROGRAM FILES\WILDTANGENT\APPS\CDA\GAMEDRVR.EXE
Do another scan with Hijackthis and put a check next to these entries:
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL
O4 - HKLM\..\Run: [a0tmg10v] C:\WINDOWS\SYSTEM\a0tmg10v.exe
The next ones are not needed on startup, considered resource hogs, programs work fine without them, you should fix them too
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
After you have ticked the above entries, close All other open windows, including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis
Access your Add/Remove programs and try removing WildTangent again
If it won't remove, don't worry about this now
Restart your computer afterwards
Back in Windows, find and delete this folder
C:\Program Files\WildTangent <-folder
Run another scan with Hijackthis and post a fresh log
Post by: mom2jam on July 14, 2005, 01:25:54 PM
Checked and fixed entries you requested.
Removed WildTangent folder i Windows and removed WildTangent using Add/Remove programs. (althought it still took about a minute for Control panel to open)
Here's my latest log:
Logfile of HijackThis v1.99.1
Scan saved at 2:17:42 PM, on 7/14/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 SP1 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\LXSUPMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAM FILES\SONY HANDHELD\HOTSYNC.EXE
C:\PROGRAM FILES\SONY HANDHELD\USBSWT.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp (http://\"http://channels.aimtoday.com/search/aimtoolbar.jsp\")
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ICSDCLT] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\icsdclt.dll,ICSClient
O4 - HKLM\..\Run: [LexStart] LexStart.EXE
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Startup: SonyPDA USB Switcher.lnk = C:\Program Files\Sony Handheld\USBSwt.exe
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (http://\"http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab\")
Thank you.
Post by: guestolo on July 14, 2005, 06:45:28 PM
Let's see if there's anything else hiding
If you can't get Panda's to run, try at either Trend Micro's or BitDefender
You can use the link below in my signature
Please use Internet Explorer to run the scan
When it's done can you save the Report please and post it back here with a fresh hijackthis log
Also, when was the last time you defragged your system?
Just want to see how your doing on regular maintenance
Post by: mom2jam on July 15, 2005, 06:30:58 AM
/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' />Panda said something about Active X controls - I changed all my security settings for Active X to enable and tired again got same message.
Trend Micro would not scan wanted a higher version of IE. Tried to download an update and my computer would hang and then gave "unable to find server" messge.
BitDefender said "this site unable to host this Active X control. Please contact webmaster."
Want me to try in Firefox? It seems to run fine. It's IE that's giving me problems.
Have not defragged for probably three months. You want me to do it now or after clean?
Aprreciate all your assistance.
Post by: guestolo on July 15, 2005, 11:43:13 PM
Please do the following
First, 3 months since your last defrag, please do another one now
You need to visit Windows updates
http://v4.windowsupdate.microsoft.com/en/thanks.asp (http://\"http://v4.windowsupdate.microsoft.com/en/thanks.asp\")?
Run a Scan on your computer, Download and Install ALL latest Critical updates and Service packs
Don't install Recommended unless something preferred
After installing latest updates Restart your computer
Re-Visit Windows updates and keep installing all critical updates until you have them all installed
Restarting the computer when prompted
Come back here and post a fresh hijackthis log and let me know how everything's running
Post by: mom2jam on July 16, 2005, 08:29:53 AM
Tried to update windows. The page was not working received error message. Followed steps in Help to remedy the problems and the last step said "Install updated ActiveX controls." It does not tell me how. Can you tell me? Currently when I go to Windows Update it tells me page will not display properly due to Active X Controls ofr that page. so therefore does not search fro updates to install.
Thanks again.
Post by: Guest on July 16, 2005, 11:14:50 AM
"The Windows Update software did not update successfully. Below are some suggestions to help you proceed:
You may have clicked No when prompted to accept the Trust Certificate. To allow the Windows Update site software to install, click Yes when presented with the Security Warning dialog box.
Your Internet Explorer security settings may be set too high. To install the updated software and access Windows Update, Internet Explorer security must be set to medium or lower, and active scripting and the download and initialization of ActiveX controls must be enabled."
I did not click no to any certificates and I tried it with secuirty settings at low and medium- get same message.
There is a line below this with clickable link where I foudn information about update not working followed the steps and got the following:
"Visit the Windows Update Web site to install new copies of the ActiveX controls."
This is what I mentioned in previous post. Since updater is not working I can't seem to get to link about ActiveX controls.
Post by: mom2jam on July 16, 2005, 02:03:05 PM
That was me in the last post that said guest. Guess I wasn't logged in when I posted. oops!
mom2jam
/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Post by: guestolo on July 17, 2005, 08:30:35 PM
Access your Internet options via Control Panel
Under the Programs tab, click the "Reset Web Settings" button
Under the Security tab,
Check your 4 areas
Highlight Internet>>Click Default level>>OK it
Continue doing the same with Local Intranet>>Trusted and Restricted
Make sure to Restart IE if you have it open
Then go back to Windows updates and try it again
If no go, you could try downloading the latest version of IE from here
http://www.microsoft.com/downloads/details...&DisplayLang=en (http://\"http://www.microsoft.com/downloads/details.aspx?FamilyID=1e1550cb-5e5d-48f5-b02b-20b602228de6&DisplayLang=en\")
Save the installer to desktop
Close down IE and install the latest version
Restart the computer after installation then try Windows updates again
Post by: mom2jam on July 17, 2005, 10:09:31 PM
-Windows update did not work.
-Downloaded IE6 from your link
-Windows update still does not work -same error message as before.
Just in case here's the latest HiJack log
Logfile of HijackThis v1.99.1
Scan saved at 11:08:02 PM, on 7/17/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 SP1 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\LXSUPMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\SONY HANDHELD\HOTSYNC.EXE
C:\PROGRAM FILES\SONY HANDHELD\USBSWT.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp (http://\"http://channels.aimtoday.com/search/aimtoolbar.jsp\")
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ICSDCLT] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\icsdclt.dll,ICSClient
O4 - HKLM\..\Run: [LexStart] LexStart.EXE
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Startup: SonyPDA USB Switcher.lnk = C:\Program Files\Sony Handheld\USBSwt.exe
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (http://\"http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab\")
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab (http://\"http://www.pandasoftware.com/activescan/as5/asinst.cab\")
Post by: guestolo on July 18, 2005, 10:22:54 PM
I see you may of got Panda's active x to install???
Did you run a scan???
Please do the following
Most of this is taken from Microsoft, Just rewording it a bit
==Download and Install this small program
to help clean your temp folders,cookies, etc...
Windows Cleanup (http://\"http://downloads.stevengould.org/cleanup/CleanUp40.exe\")
Give the link time to load or try it twice, it may be busy
Alternate Download link (http://\"http://www.spywareaid.com/index.php?file=showsoftware&action=dl&softid=1&softtype=exe\")
==Open Windows CleanUp!>>START>>programs>>Cleanup!
Click on the CleanUp button, let it finish scanning for files
Retsart your computer
Back in Windows
1. Click Start, click Settings, and then click Folder Options.
2. Click the View tab.
3. Under Hidden files and folders, click Show hidden files and folders, and then click OK.
Double-click My Computer, double-click drive C, double-click the Program Files folder, and then double-click the WindowsUpdate folder.
Double-click the V4 folder
Under the V4 folder delete everything EXCEPT for Iuhist.xml
NOTE: If you cannot find the V4 folder
Under the WindowsUpdate folder
Click Edit, click Select All and then press DELETE
NEXT:
Click Start, click Find, and then click For Files or Folders. Search for the files named
iuctl.dll and Iuengine.dll.
Delete all copies of these files.
Navigate to C:\Windows\Downloaded Program Files
Remove the Active x related too Windows updates
It will probably be named Update Class
If unsure>>Right click on it and left click properties
It will give info related too Windows updates
Again, right click on it and remove it
Close down IE if open and restart it
Revisit Windows updates and allow to install new Active x if prompted and then
try downloading and installing all latest critical updates and SP's
Post by: mom2jam on July 20, 2005, 04:09:28 PM
When I return to Windows update I again get the message:
"Your security settings prohibit running Actvie X controls on this page. As a result page may not display correctly." It has an Okay button. This actually appeared twice.
Any suggestions now? All my security, trusted sites, etc are set to windows default currently.
Panda scan never ran either same error message as before in earlier post. Something to do with Active X controls.
Thank you.
Post by: guestolo on July 21, 2005, 07:57:58 AM
http://support.microsoft.com/?scid=kb;en-us;836942 (http://\"http://support.microsoft.com/?scid=kb;en-us;836942\")
It looks like you may of already seen that link
You could try a repair of Internet Explorer
Close IE
Access your add/Remove programs and
Highlight "Microsoft Internet Explorer 5 and Internet Tools"
Click to Remove
Select Repair Internet Explorer
When it's done Restart your computer
If that won't work and your sure you double checked your Active X settings
May have to remove IE and reinstall
Post by: mom2jam on July 21, 2005, 08:27:53 AM
I tried to repair IE as you suggested.
"Access your add/Remove programs and
Highlight "Microsoft Internet Explorer 5 and Internet Tools""
I did not have that listing I had:
"Microsoft Internet Explorer 6 SP1 and Internet Tools"
When I click remove I get an error message:
Error in setupwbv.dll
Missing entry:IE6Maintenance
Thanks for sticking in there with me!
Post by: guestolo on July 22, 2005, 11:56:18 PM
Wierd it's showing IE6 in Add/Remove programs
But can you try the following please
Navigate to your C:\Windows\System folder
In the System folder
Look for
setupwbv.dll
If found right click on and rename that file too
setupwbv.old
Then download and save to your desktop setupwbv.zip
UNZIP to your System folder
This copy of setupwbv.dll
[attachment=297:attachment]
Restart your computer
Try repair IE again or removing it
Let me know if that works
If not we may have to use a tool such as IEEradicator and remove IE and then reinstall
Post by: mom2jam on July 23, 2005, 09:15:22 AM
Thank you for your expertise.
Post by: guestolo on July 23, 2005, 11:27:21 AM
IE6 doesn't appear to ever get installed correctly
You could try install new component and try Installing IE6
Select the options under IE6
You shouldn't need the language support option
Look carefully at what to install
Try that first, I want to leave IEEradicator till later if possible
I've never used it but it does do the job
If we go this route, we'll also get you to Download the full offline install of IE6
But try the repair first please
Post by: mom2jam on July 23, 2005, 08:56:15 PM
So I tried installing new components. I clicked everything I wanted even though it told me bolded ones did not need updating. That seemed to do the trick! It actually installed some things.
Now I can get windows update to work and after numerous restarts I think I have updated Windows with everything but a several different language menus. It appears that IE 6.0 is properly loaded on the computer.
Thank you. Where do we go from here?
Post by: guestolo on July 24, 2005, 12:17:07 PM
Use IE
Post back the report later
Could I also see one last Hijackthis log, thanks
P.S. I just realized I asked you to Repair IE two or more times and you told me you did a couple of times
/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' /> I guess I better read a little closer
/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Post by: mom2jam on August 01, 2005, 04:06:07 PM
Here is the latest HiJack log:
Logfile of HijackThis v1.99.1
Scan saved at 5:05:12 PM, on 8/1/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\LXSUPMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp (http://\"http://channels.aimtoday.com/search/aimtoolbar.jsp\")
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ICSDCLT] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\icsdclt.dll,ICSClient
O4 - HKLM\..\Run: [LexStart] LexStart.EXE
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab (http://\"http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab\")
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (http://\"http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab\")
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab (http://\"http://www.pandasoftware.com/activescan/as5/asinst.cab\")
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab (http://\"http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab\")
Thank you.
Thank you.
Post by: guestolo on August 01, 2005, 11:06:45 PM
Did the one at Trend Micro's complete?
You should set up protection against future attacks
SpywareBlaster 3.4 by JavaCool (http://\"http://www.javacoolsoftware.com/spywareblaster.html\")
*Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer
After installation, Check for updates and then click the "Enable all protection"
For the times you have to use IE
IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
Here is a tutorial and download link
TUTORIAL==Link to Tutorial (http://\"http://www.bleepingcomputer.com/forums/index.php?showtutorial=53\")
Download link (http://\"https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD\")
With both, Check for updates every couple of weeks
Keep the link to IE-Spyad bookmarked so you can check for updates
SpywareBlaster, after every update just simply click the "enable all protection"
Post by: Guest on August 02, 2005, 08:55:36 PM
Critical This vulnerability allows an attacker to cause a denial of service attack by sending malformed, fragmented IGMP packets. MS99-034
Critical This vulnerability could allow an attacker to cause a denial of service via a pathname that includes file device names. MS00-017
Highly Critical This vulnerability enables a remote attacker to access a Windows 9x/ME shared file without having to know the entire password assigned to that share, since just by sending a 1-byte password that matches the first character of the real password could allow access to that share. MS00-072
Moderate A denial of service (DoS) vulnerability exists in Outlook Express that could cause the said program to fail. The malformed email should be removed before restarting Outlook Express in order to regain its normal operation. MS04-018
Critical This vulnerability exists in the DHTML Editing Component ActiveX Control. This vulnerability could allow information disclosure or remote code execution on an affected system. MS05-013
No Virus, no trojans, 3 spywares which I removed and the above 5 Microsoft vulnerability.
The fixes/patches from Microsoft will not download. Get time out errors. "Page cannot be displayed" Any idea on how to get the patches to download?
Going to download prprotection now.
Thank you again.
Post by: guestolo on August 03, 2005, 08:07:57 PM
This may help to identify if you can reach any other updates
Try removing Windows updates from your Trusted sites and restart IE and see if it's any help
It may not help, but I want to make sure
Post by: mom2jam on August 04, 2005, 08:49:11 AM
None of the "non-critical" ones were addressed the above issues.
Removed Windows update from trusted sites and was able to get 4 out of 5 of the patches to download. The fifth said it required XP. I searched for the patch for 98 and it should have been taken care of when updated IE to 6.
Going to runt he scan again to ensure all risks were taken care of.
Post by: mom2jam on August 07, 2005, 02:05:24 PM
Have a great day!
Post by: guestolo on August 07, 2005, 04:55:37 PM
If you need it reopened, please PM a Mod or the site Admin and supply a link to this thread
Take care
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />