 |  |  |  |  |  |  |  |
Error Message: Cannot find server; page cannot be displayed
 |
For the past 2 weeks I suddenly have been having problem with Internet Explorer. When I click on any web page the error message appears Cannot find server and at the bottom it says Cannot find server or DNS Error Internet Explorer. Sometimes when I click on Detect Network settings it will load the page or if I go back and then try it again it might work but, it's almost all the time I have tried everything. Even when I'm offline the page will pop up for no reason and interrupts other things I am doing at the time. Another page that might pop up occasionally is Action canceled Internet Explorer. This just started happening is there anything I can do to fix this problem? I'm getting very frustrated.
•
•
Join Date: Jun 2004
Posts: 173
Reputation: 
Solved Threads: 9
Unverified User
sounds like you got some kind of virus or spyware...
grab adware and scan your computer... or download hijackthis. also get some AV on there too!
http://s89223352.onlinehome.us/mirror/hjt/
and post your log in the security forum.
grab adware and scan your computer... or download hijackthis. also get some AV on there too!
http://s89223352.onlinehome.us/mirror/hjt/
and post your log in the security forum.
It sounds that way to me as well, so I'm moving this to our Security Forum.
KimMik1982,
Have a read through the following post to find out how to download, configure, and use a few of the recommended (and free) "malware" detection and removal programs:
http://www.daniweb.com/techtalkforums/thread5690.html
If you have any questions once you've followed the advice in the above thread, please repost with as much specific information as possible.
KimMik1982,
Have a read through the following post to find out how to download, configure, and use a few of the recommended (and free) "malware" detection and removal programs:
http://www.daniweb.com/techtalkforums/thread5690.html
If you have any questions once you've followed the advice in the above thread, please repost with as much specific information as possible.
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
I really appreciate all of your help with my problem. I downloaded spybot and an antivirus and now my internet is working good again. Thank you!
I have one other problem though, when I ran the Spybot it fixed everything except one thing called HotBar. Do you know how I could get rid of this one? For some reason it cannot complete. Something keeps popping up at the end saying the parameters are incorrect. And also when I'm playing a game the screen minimizes in the middle for no reason. I would appreciate any advice you could give me on this problem. Thanks again for all you have done so far.
Kim
I have one other problem though, when I ran the Spybot it fixed everything except one thing called HotBar. Do you know how I could get rid of this one? For some reason it cannot complete. Something keeps popping up at the end saying the parameters are incorrect. And also when I'm playing a game the screen minimizes in the middle for no reason. I would appreciate any advice you could give me on this problem. Thanks again for all you have done so far.
Kim
•
•
Join Date: Aug 2003
Posts: 9,517
Reputation: 
Solved Threads: 488
Here's how to post a Hijack This log - the whole spiel, with (hopefully) every eventuality covered... :
Go to http://www.majorgeeks.com/downloadge...8baee6434cfc13 , and download 'Hijack This!'.
When downloading, choose "save to disk" and NOT open!
Now this download is a *.zipfile, which means you need to decompress it with a utility like WinZip
Many downloads come in the shape of a compressed file, so it's an indispensible tool, really.
It has an evaluation version which you can use for a month or so
Here's a tutorial. It's extremely easy to do.
Now create a new folder for it, C:\Hijackthis, for example.
After unzipping the file to C:\Hijack This, you'll end up with the file itself, which is Hijackthis.exe, and that's the one you'll need to doubleclick.'
When the program launches, hit the "Scan" button
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, and save the log anywhere you like.
Now if you doubleclick the log file, does it open in Notepad?
If so, go to Edit > Select all, then to Edit > copy.
Now you've copied the entire text to the Windows Clipboard (this happens behind your back.)
Next, go back to this forum thread, and click "Post Reply".
In an empty area click your RIGHT mouse button, and choose 'Paste' from the context menu.
And voila, there's your Hijack This log.
Don't fix anythin yet post the log here and we'll have a look
NOTE: Should the log not open in Notepad by default, do this:
. Highlight the logfile by clicking on it once
· Hold down the shift key and then right-click your mouse
· Select "Open With" from the menu
. Pick Notepad.exe.
Be sure to check the box, "Always use this program to open these files".
· Click "OK" and you are all done!
Go to http://www.majorgeeks.com/downloadge...8baee6434cfc13 , and download 'Hijack This!'.
When downloading, choose "save to disk" and NOT open!
Now this download is a *.zipfile, which means you need to decompress it with a utility like WinZip
Many downloads come in the shape of a compressed file, so it's an indispensible tool, really.
It has an evaluation version which you can use for a month or so
Here's a tutorial. It's extremely easy to do.
Now create a new folder for it, C:\Hijackthis, for example.
After unzipping the file to C:\Hijack This, you'll end up with the file itself, which is Hijackthis.exe, and that's the one you'll need to doubleclick.'
When the program launches, hit the "Scan" button
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, and save the log anywhere you like.
Now if you doubleclick the log file, does it open in Notepad?
If so, go to Edit > Select all, then to Edit > copy.
Now you've copied the entire text to the Windows Clipboard (this happens behind your back.)
Next, go back to this forum thread, and click "Post Reply".
In an empty area click your RIGHT mouse button, and choose 'Paste' from the context menu.
And voila, there's your Hijack This log.
Don't fix anythin yet post the log here and we'll have a look
NOTE: Should the log not open in Notepad by default, do this:
. Highlight the logfile by clicking on it once
· Hold down the shift key and then right-click your mouse
· Select "Open With" from the menu
. Pick Notepad.exe.
Be sure to check the box, "Always use this program to open these files".
· Click "OK" and you are all done!
Linux boot cd http://www.knopper.net/knoppix/index-en.html
Thanks for your help but, I'm new at all this and I don't quite understand what to do. I went to the site you advised me to go to and when it downloaded it did not give me the option to save to disk. Just to save to desktop or other files. And in making the new folder C:\Hijackthis it said that I could not have \ in the file name. Do I need to have this in the name or can I just name it Hijackthis? I'm sorry for asking dumb questions but like I said I've never had to do anything like this before.
Thanks,
Kim
Thanks,
Kim
•
•
Join Date: Aug 2003
Posts: 9,517
Reputation:
Solved Threads: 488
You don't name the foler c:\ hijack just hijack the c:\ is automatic ,c:\ is the folders path
Linux boot cd http://www.knopper.net/knoppix/index-en.html
•
•
Join Date: Feb 2004
Posts: 9,980
Reputation:
Solved Threads: 753
If you want to you can also create a folder on your desktop & place the hijackthis.exe in to that folder. Right click on your desktop then select: New then Folder. Name it hijackthis. As long as hijackthis is in it's own folder, it's ok (provided that the folder is not within a temporary folder).
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Logfile of HijackThis v1.98.0
Scan saved at 8:56:04 PM, on 7/6/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Here is the log from the hijackthis. What is my next step?
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\AXBUBZQX.EXE
C:\WINDOWS\PDGMFA.EXE
C:\WINDOWS\JGWALSRZN.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
C:\WINDOWS\ASISTAT.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\ASISERVE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\BHJKGC.EXE
C:\WINDOWS\FPFRGVMBU.EXE
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHAGENT.EXE
C:\WINDOWS\VYPFNEXN.EXE
C:\WINDOWS\SYSTEM\SAHAGENT.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0B\WAOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0B\SHELLMON.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0B\AOLWBSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\PROFILES\KIMMIE\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.seekseek.com/quicksearch.asp?keyphrase=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{965A592F-8EFA-4250-8630-7960230792F1} - (no file)
R3 - URLSearchHook: URLSearch Class - {965A592F-8EFA-4250-8630-7960230792F1} - C:\WINDOWS\SYSTEM\CDSM32.DLL
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497 - (no file)
R3 - URLSearchHook: (no name) - _{965A592F-8EFA-4250-8630-7960230792F1 - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHIEHLPR.DLL
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
O4 - HKLM\..\Run: [IJ75P2PSERVER] IJ75P2PS.EXE
O4 - HKLM\..\Run: [NB Window Patterns] C:\PROGRA~1\NETWOR~1\NUTS&B~1\WINDBKGD.EXE
O4 - HKLM\..\Run: [NB Start Menu] C:\PROGRA~1\NETWOR~1\NUTS&B~1\STARTM.EXE
O4 - HKLM\..\Run: [NB Common Dialog Enhancements] C:\PROGRA~1\NETWOR~1\NUTS&B~1\COMDLGEX.EXE
O4 - HKLM\..\Run: [dvtazgdhtj] C:\WINDOWS\SYSTEM\usstuo.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [fash] C:\WINDOWS\fash.exe
O4 - HKLM\..\Run: [owphrnv] C:\WINDOWS\axbubzqx.exe
O4 - HKLM\..\Run: [zionmbzw] C:\WINDOWS\pdgmfa.exe
O4 - HKLM\..\Run: [upzw] C:\WINDOWS\vypfnexn.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Bart Station] C:\Program Files\ISP50\hta\station.sbrt
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [M2XBMPI] C:\WINDOWS\SYSTEM\M2XBMPI.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [SAHAgent] C:\WINDOWS\SYSTEM\SahAgent.exe
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] c:\Program Files\McAfee\Dr Solomon's Anti-Virus\AVSYNMGR.EXE
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\RunServices: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: NEC SuperScript 870 Status Monitor.lnk = C:\WINDOWS\ASISTAT.EXE
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O16 - DPF: Talk City EZTalk 3.0 - http://chat.talkcity.com/java/ezmed/ezmed.cab
O16 - DPF: Dialpad Java Applet - http://www.dialpad.com/applet/src/vscp.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://www.wildtangent.com/install/w...ony/wtinst.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictivetechnologies.net...ab/p23gabe.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} (WMService Class) - http://download.overpro.com/WildApp.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/inc...ivePreQual.cab
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.roings.com/cabs/roing.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
Scan saved at 8:56:04 PM, on 7/6/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Here is the log from the hijackthis. What is my next step?
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\AXBUBZQX.EXE
C:\WINDOWS\PDGMFA.EXE
C:\WINDOWS\JGWALSRZN.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
C:\WINDOWS\ASISTAT.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\ASISERVE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\BHJKGC.EXE
C:\WINDOWS\FPFRGVMBU.EXE
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHAGENT.EXE
C:\WINDOWS\VYPFNEXN.EXE
C:\WINDOWS\SYSTEM\SAHAGENT.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0B\WAOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0B\SHELLMON.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0B\AOLWBSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\PROFILES\KIMMIE\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.seekseek.com/quicksearch.asp?keyphrase=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{965A592F-8EFA-4250-8630-7960230792F1} - (no file)
R3 - URLSearchHook: URLSearch Class - {965A592F-8EFA-4250-8630-7960230792F1} - C:\WINDOWS\SYSTEM\CDSM32.DLL
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497 - (no file)
R3 - URLSearchHook: (no name) - _{965A592F-8EFA-4250-8630-7960230792F1 - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHIEHLPR.DLL
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
O4 - HKLM\..\Run: [IJ75P2PSERVER] IJ75P2PS.EXE
O4 - HKLM\..\Run: [NB Window Patterns] C:\PROGRA~1\NETWOR~1\NUTS&B~1\WINDBKGD.EXE
O4 - HKLM\..\Run: [NB Start Menu] C:\PROGRA~1\NETWOR~1\NUTS&B~1\STARTM.EXE
O4 - HKLM\..\Run: [NB Common Dialog Enhancements] C:\PROGRA~1\NETWOR~1\NUTS&B~1\COMDLGEX.EXE
O4 - HKLM\..\Run: [dvtazgdhtj] C:\WINDOWS\SYSTEM\usstuo.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [fash] C:\WINDOWS\fash.exe
O4 - HKLM\..\Run: [owphrnv] C:\WINDOWS\axbubzqx.exe
O4 - HKLM\..\Run: [zionmbzw] C:\WINDOWS\pdgmfa.exe
O4 - HKLM\..\Run: [upzw] C:\WINDOWS\vypfnexn.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Bart Station] C:\Program Files\ISP50\hta\station.sbrt
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [M2XBMPI] C:\WINDOWS\SYSTEM\M2XBMPI.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [SAHAgent] C:\WINDOWS\SYSTEM\SahAgent.exe
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] c:\Program Files\McAfee\Dr Solomon's Anti-Virus\AVSYNMGR.EXE
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\RunServices: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: NEC SuperScript 870 Status Monitor.lnk = C:\WINDOWS\ASISTAT.EXE
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O16 - DPF: Talk City EZTalk 3.0 - http://chat.talkcity.com/java/ezmed/ezmed.cab
O16 - DPF: Dialpad Java Applet - http://www.dialpad.com/applet/src/vscp.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://www.wildtangent.com/install/w...ony/wtinst.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictivetechnologies.net...ab/p23gabe.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} (WMService Class) - http://download.overpro.com/WildApp.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/inc...ivePreQual.cab
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.roings.com/cabs/roing.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
|
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: need some serious help...
- Next Thread: At Wit's End: Some Webpages Don't Load; Can Ping Some Sites, Not Others
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple attack audio backtoschoolspeech bar blackhat botnet botnets china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia email europe exam facebook fake fancheckvirus gaming gtaiv gumblar halloween hijack internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista war warning windows worm zeroday
