Posts by caperjack

This problem could occur because of Spyware , go on over to the Security section of this fourm and post you problem along with a hijackthis log .
Spyware & Trojans and Other Nasties
,,,,,,,,,,,,,,,,,,,,,,,,
Please Don't post the hijackthis log in this section Thanks .
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Please do this.
Download 'Hijack This!'. HijackThis
Save it in a convenient permanent folder such as C:\HJT\, double click HijackThis.exe, and hit "Scan".

Your copy of HijackThis needs to be in a folder of it's own. When HJT fixes anything, it makes backups of the original files in the folder it is in. Since Temporary folders are emptied now and then (the files are DELETED), it would not be a good idea to have your backups there. Those backups would be VITAL to restoring your system if something went wrong in the FIX process!

1. Please go to you're 'My Documents' folder, right-click and select 'New > Folder' then name the folder 'HJT'.

2. Copy and paste HijackThis.exe to the new folder.

3. Close ALL windows except HJT

4. SCAN with HJT

5. POST the new log in this thread using 'Add Reply'

DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL WE CHECK THE LOG, AS SOME OF THE FILES ARE LEGIT AND VITAL TO YOUR COMPUTER'S HEALTH

Hi Caperjack, I download the executable file to this drive and install it into the Program Files folder on this storage drive. So when installing a program I changed the default install path from C:/ to G:/. Should I uninstall these programs and re-install them once the drive is in my new computer?
Hope this makes sense.

Thanks

Yes! you are using the drive for more tha storage when you do it that way ,you are insatalling program to the program files folder ,but the system files and registry entries for the programs will be on the C:\ drive ,so if you install a new OS on C:\ and whe nyou go to run the programs on D:\ they will not work as they will have nor registry reference ,in essencee you will have to reinstall the programs anyway .If that makes any sence !

Go
Here and Get Trojan-Hunter Fully working trial!

,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
1. Please download Stinger and save it to your desktop

2. Double-click on the stinger.exe file and open the tool

3. Choose your entire hard drive to scan.

4. Choose Scan Now

5. Stinger will fix anything that it finds

6. Click the File menu and select Save report to file

7. Post the log file results here in this thread.

Start>Settings>Control Panel>Internet Options>Advanced tab. Do you have a "tick"
in Java (Sun) section, "Use Java ...."?

Or try downloading java again
http://www.java.com/en/download/manual.jsp .

Or if that doesen help You could try this .
Start, Settings, Control Panel.
Add/Remove Programs.
Find Internet Explorer, click Add/Remove
Follow the Repair Options.

posting this just in case you don't know how to get into safe mode !
,,,,,,,,,,,,,

To get to safe mode use the F8 key while booting the machine. Detailed instructions from here :-
http://service1.symantec.com/SUPPORT/tsgen...001052409420406

I'm a NOVICE too!so i really cant answer that !
but first did you try CWShredder to see if it helps .

Ok, this should be the last question I have about completing my new computer system.
I have a 160GB ATA drive in my current HP system. It does not have an OS on it and is used for storage and programs only.
Should I uninstall all the programs that are installed on this drive before I move it to my new computer? It will be used for the same purpose, programs and storage- no OS.

Thanks

No need to remove anything from a storage drive ,that the purpouse of having one ! to save file and if needed take to another computer !
One thing though when you say programs do you mean the programs install EXE or do you mean you install programs on that drive instead of you master drive .

HI I TRY EVERTING TO UNISTAL XP BOUT I CAN IF SOME ONE CAN HELP ME I REDY TRY TO GO ON SAFE MODE AND UNISTAL AND GO TO
WINDOWS\SYSTEM32
AND OSUNIST.EXE

BOUT I TING I HAVE A PROBLEM WET OSUNIST.EXE CAUSE I TRY TO RUN THE PROGRAME AND I HAVE A MESEGE

SEETUP CANNOT UNISTALL XP BECAUSE THE NECESSARY REGISTRACION
INFORMACION IS MISSING

SO IF SOME ONE CAN HELP ME PLASE :sad:

You cant uninstall any version of windows from within itself,you need to format the Harddrive to get rid of Windows .
Why are you trying to uninstall XP ,is it to reinstall it or to reinstall another Version of windows .

unless im missing something ,log is ok .
only thing i can say is for a 400mhz coputer 26 programs running at startup is a lot .
you may want to decide if you need them all ,or pick the ones you really need to have running and have hijackthis fix the rest .
all these are running at startup . Dont fix unless you know whats what .you can search the ,exe HERE and it will tell you what program is what .
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [USRpdA] C:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinPatrol [2]] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\RunServices: [ATI VIDEO REGKEY] ati2vid.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Documents and …

missed that thanks !

I found some info here .
http://computercops.biz/postitle94182-0-0-.html
and this is why i suggest cwshredder .
http://www.doxdesk.com/parasite/CoolWebSearch.html

And most of the info in you Escan the files are in quarentene or in you system restore . you will need to turn off system restore after you run cwshredder .untill you get it all cleaned up .

Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from here :-
http://service1.symantec.com/SUPPORT/tsgen...001052409420406

thanks caperjack, appreciate the help.

Your welcome! good luck

I see you have the microdoft Anti spyware removal tool running have you clicked on the icon for it down by the clock and run a full scan lately, if not do so now and post pack a new log .thanks

Go
Here and Get Trojan-Hunter Fully working trial!
,,,,,,,,,,,,,,,,,,,,,

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\
Also delete your Temporary Internet Files, be sure to also select delete all offline content.

Do a virus scan here.
If you get report of files that can’t be cleaned / deleted please write down the filenames and locations and post that in your reply.
,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from :-
HERE
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Then please do this since it’s better to use automated tools to get rid of the bad stuff use these 2 programs first before doing the final cleaning with HJT

First use Spybot S&D. (Version 1.3)
Spybot
Unzip, and update. Install the updates and run. Delete all that it marks …

First of all could you click Start>Settings>Control Panel>Add or Remove

Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP

SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You

may be given a code to insert, do so and reboot when done. If not listed

there, run this uninstaller:
http://members.rogers.com/rjmac/new_uninstall.exe

LOP toolbar uninstaller

http://members.rogers.com/rjmac/toolbar_uninstall.exe

Uninstall Messenger Plus if you have it, as it comes bundled with LOP, You
can reinstall Messenger Plus without the support software that is where the
Lop comes from

After that run SpyBot and ad-aware .
Then post a new log .
,,,,,,,,,,,,,,,,,,,,,,,,,

Go
Here and Get Trojan-Hunter Fully working trial!
,,,,,,,,,,,,,,,,,,,,,

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\
Also delete your Temporary Internet Files, be sure to also select delete all offline content.

Do a virus scan here.
If you get report of files that can’t be cleaned / deleted please write down the filenames and locations and post that in your reply.
,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

yes you are in the right place ,
check of normal start up and ok your way out and reboot computer ,run hijackthis and post a new log .

start /run /type in msconfig ,then check off normal startup .
I'll be gon for a few hrs ,will check back later .

before anything is done you need to set msconfig to normal startup .to see what you have disabled .
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

The problem how I see it is that we Windows users rely on 3rd party applications to secure our information. Why? Because M$ has done such a lousy job.
It looks to me like they cannot fill the holes fast enough, so they have to buy out another company and utilise their program to clean out the backwash :D. Can we trust an M$ security product??
If Windows were built with security in mind, there would be no need for the extraneous stuff.

True enough !

caperjack,crunchie and anyone else that was involved ...
Thanks for the help guys here is what I did after caperjack and crunchie last post..
1. Deleted NetZero from computer and re-booted
2. Re-install NetZero.....no help
3.Deleted NetZero again
4. Deleted Netzero in network Connections
5. Powered down computer for approximately 20 minutes.
6. Loaded older version of NetZero program from floppy disc.
Did this on 1/22/05 and still ok today.
Shure hope that it will stay this way.
Again thanks to all
katman

Your welcome .good to hear you got it working again !

Thanks Caperjack...
I tried to make it simple....

Your Welcome :)

no answer just a comment .When you use Bata versions you run the risk of having problems like this ,it is never recomended that you run Bata versions of any program on you main computer .unless you are redy to deal with some major problems and possiable reload of Windows .
Also you are not alone when it comes to problems with Bata 7,,check link .
http://dotnetjunkies.com/WebLog/sriram/archive/2004/12/01/34609.aspx

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O4 - HKLM\..\Run: [pzmpnvpdhuvra] C:\WINDOWS\System32\itlknby.exe

O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe

not advised to be running things from temp folder and usually only bad things run from there , Fix these and besure to empty the temp folders
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\Martin\LOCALS~1\Temp\200512294333_mcinfo.exe /insfin

O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\Martin\LOCALS~1\Temp\200512294333_mcappins.exe /v=3 /cleanup

This one is optional ,but a resorce hog that not needed in startup.
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

Just to be on the safe side fix all of the O16s' as the good ones will come back when you visit the site again .

Now reboot into safe mode and delete the following files and folders if found .

C:\WINDOWS\System32\itlknby.exe,,,,,delete file

C:\WINDOWS\farmmext.exe,,,,,,,,,Delete file

While in safe mode empty your Temp folders ,usually 3 of them
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\

to delete the above files and folder you will need to …

As it should, caperjack. After all, it is their Operating System! :D.

I agree .so who better to build a spyware blocker !:)

still playing with the program ,found it will show you host file and wether it bad and also LSPs if something is bad with it,I really think that microsoft is headding in the right direction with this program ,it covers all the places where the known spyware is hidden/or affecting / .

What am I doing on Win98 you ask? I am the "master of all things outdated." And if you were talking about the powerful PC thing I didn't do that, it just appeared there...

most likely added when installed some utility to optomise your computers preformance .or someone did this .
http://www.pcnineoneone.com/tweaks/tweekz1.html

I just downloaded the manual for you board from the link in you first post all the info need to make the floppy is in chapter 5 - page 116 .aparently there is a utility on your motherboard Disk to create the floppy ,good luck

Yes I believe it is F6. I am just unsure which drivers to copy onto a floppy from the CD. I know that a SATA drive is usually listed in the bios alongside SCSI, so I am leaning toward those drivers -considering the Motherboard doesn't have SCSI capabilities and thats the closest related folder on the CD.

you will need to explore the cd,i think you need to look for RAID drivers and or check the motherboard manufactors site to find the right ones.
http://www.hothardware.com/forum/messageview.cfm?catid=18&threadid=22321&enterthread=y

most likely you have something hooked up wrong ,for anyone here to tell you what you pronlem is we would have to be a Wizzard!
Try atarting over making sure you has drives that need to be master or slave set right ,make sure the primary ied and secondary ied are plugged in to the righr socked ,and hope you didn't fry your ram playing with it.

http://www.buildyourowncomputer.net/learntobuild.html

I almose sure that when you are installing windows you have to watch the lower screen and wil be prompted to hit F key if you need to load SATA drivers .

a little more info is needed like what you messed with !

Such a big difference between buying a new computer and adding some new memory !
If all you are doing is bit of burning and Internet usage ,I would say add some ram and maybe a bigger CPU if you motherboard will take a bigger one ,this info can usually be found on the makers website . or motherboard makers site

I just purchased a new DVD burner with all the goodies. My problem is that I wanted to start making copies of my movies. I purchased a spindle of DVD+R Discs and when I try to burn it tells me that it does not have enough space to insert another one. I wanted to know if this was the Dual Layer Disc that I was supposed to buy or not. If it is that I must buy DL disc then how does bootleggers make money when those discs cost almost ten dollars a piece.

the Discs say DVD+R 120 Min then underneath it says extended play 240 min
Thanks for any help!

IO have a single layer dvd burner ,and have to use a program called dvdshrink or a burning program that shrinks the orignal and copys it to my Hard drive first.then burns that copy ,i believe that a duel layer burner also burns on single layer disks ,The 10$ be disk was why i went with the silgle layer burner .
I use Clone DVD to burn and DVDxCopy .DVD SHrink is free ware the others i mention aren't

http://www.dvdshrink.org/what.html

hello
I am thinking of building a new system and i have a question about the setup process. do you install the windows os before or after the drivers that come with the board. I was looking through the online manuals, and they seemed very clear except for that one point.
thanks

The OS has to be installed before you load anything!!!

Sure enough, restoring the quarantined files fixed the problem, but now I have to choose (apparently) between having unwelcome and/or damaging files on my computer and being able to access the internet. So now what?

I would suggest running Spy-bot along with adaware ,get spybot from link below also check the links below for the best way to setup ad-aware ans spybot .and get hijackthis and post a log here in this thread
//////////////////
Might I suggest Ad-Aware and Spybot & Hijackthis .

Download the latest version of Ad-Aware at ADAWARE

Setup Ad-Aware !
After installing AAW, and before running the program, update reference files by using the bottom right button in the program, labeled "Check for Updates."

Launch the program, and click on the Gear at the top of the start screen.

Click the "Scanning" button.
Under Drives & Folders, select "Scan within Archives".
Click "Click here to select Drives + folders" and select your installed hard drives.

Under Memory & Registry, select all options.
Click the "Advanced" button.
Under "Log-file detail", select all options.
Click the "Tweaks" button.

Under "Scanning Engine", select the following:
"Include additional Ad-aware settings in logfile" and
"Unload recognized processes during scanning."
Under "Cleaning Engine", select the following:
"Let Windows remove files in use after reboot."
Click on 'Proceed' to save these Preferences.
Please make sure that you activate IN-DEPTH …

I would be suspicious from now of the M$ product, because if one company can twist their arm to have their product removed from the definitions, then who knows how many more can???

good point !
About the program ,with it you has the abiility to remove everything that we have people remove with hijackthis , .like BHOs' ,programs that startup,running processes ,016.activeXs' with out doing a scan just go to the section of the program Advanced tools. I think it will become a popular spyware removal tool ,it also has autoupdates ,im running it now just for the heck of it ,not promoting its use just playing around !I think I might be looking for a excuse to Format and realod my OS.

for problems with Internet Explore ,I beginning to Agree that Firefox is the best fix ,as we help people get rid of spyware and malware and popups ,then a week later they got it all back again.You sister will love Firefox/
http://www.mozilla.org/products/firefox/

I have security set to default levels. I do not see anything at the top showing blocked. I do not know if I have active x blocked. How do I check that?? By the way, thank you...

to check activex go to ,IE tools/internet options /security /custom level ,.
Also have tried another windows update link.like these .

https://windowsupdate.microsoft.com/
http://windowsupdate.microsoft.com/
http://V4.Windowsupdate.microsoft.com
https://V4.Windowsupdate.microsoft.com
http://Download.Windowsupdate.com

windows corporate

http://v4.windowsupdate.microsoft.com/en/default.asp?corporate=true

80gig for OS ,you must be planning on loading a log of programs on the computer .
I only done this once with one of my computers but i had a 4gig with OS and a seperat 500meg drive for swap and it worked just fine .
Also I have used OS on 5gig c:\ with all system files on the 5gig and changed the default install to d:\ and loaded all programs on D:\ partion ,this also made defrag faster .it all worked for me anyway .

Did you read my 2nd post caperjack?

Yes ,just did ,actually ad-aware and spybot both had simular problems with some company they considered to be spyware .

http://www.bbspot.com/News/2005/01/microsoft_antispyware.html

got to love microsft !
I just had some problems opening links ,but it ifxed it self .not sure if related ,but when they get the bugs out it should be a good program .it shows startup idems ,running processes and BHO,activeXs' installed and give one clik button to stop any .
one thing i noticed was when i first opened IE i had to click on a pop up warning to allow it because it saw it a being possiable spyware ,so i said yes ,maybe the ones who had it delete IE said NO !

windows media compressed skin file!I don't know what opens it but i would think that if you go to media player and there might be a way to change skins and use it, not really sure .
http://filext.com/detaillist.php?extdetail=wmz&Submit3=Go%21

Go
Here and Get Trojan-Hunter Fully working trial!
,,,,,,,,,,,,,,,,,,,,,

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\
Also delete your Temporary Internet Files, be sure to also select delete all offline content.

Do a virus scan here.
If you get report of files that can’t be cleaned / deleted please write down the filenames and locations and post that in your reply.
,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from :-
HERE
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Then please do this since it’s better to use automated tools to get rid of the bad stuff use these 2 programs first before doing the final cleaning with HJT

First use Spybot S&D. (Version 1.3)
Spybot
Unzip, and update. Install the updates and run. Delete all that it marks …

Please do this.
Download 'Hijack This!'. http://www.spywareinfo.com/~merijn/files/HijackThis.exe
Save it in a convenient permanent folder such as C:\HJT\, double click HijackThis.exe, and hit "Scan".

Your copy of HijackThis needs to be in a folder of it's own. When HJT fixes anything, it makes backups of the original files in the folder it is in. Since Temporary folders are emptied now and then (the files are DELETED), it would not be a good idea to have your backups there. Those backups would be VITAL to restoring your system if something went wrong in the FIX process!

1. Please go to you're 'My Documents' folder, right-click and select 'New > Folder' then name the folder 'HJT'.

2. Copy and paste HijackThis.exe to the new folder.

3. Close ALL windows except HJT

4. SCAN with HJT

5. POST the new log in this thread using 'Add Reply'

DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL WE CHECK THE LOG, AS SOME OF THE FILES ARE LEGIT AND VITAL TO YOUR COMPUTER'S HEALTH

For this one
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s

Open the Control Panel’s Add/Remove Programs list and use the entries for ‘New.net domains’ (B variant), ‘FirstLook’ (FirstLook variant) and ‘QuickSearch Toolbar’ (QuickSearch variant).

If these options are unavailable, try looking in the Windows folder and the Program Files\NewDotNet folder for an uninstaller. NewDotNet/B typically leaves uninstaller files here. There may be more than one; if so, try the installer with the highest version number in its name.
,
After that runhijack and fix the following if still there .
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)

O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
rebooyt and runhijack again and post a fesh log ,thanks

just one more

I just installed it to-say nad unlike ad-aware and spybot .it can run in the sys tray and run a watch like spywareguard .so far it seems ok
Before i installed it i ran ad-aware pro ,full scan cleaned all ,then install microsoft and it found 2 more references something called SearchSquire .in the registry ,and 1 crack spider in 5 different ones from Crack sites hanging around in my links from earlier years . I has Autoupdates and something called advanced tools that looks interesting and gives lots of control.worth a install just to have a look .i have it setup to run in realtime right along spywareguard and norton antiviri .seems to be behaving ok

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...rch/search.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/cus...://my.yahoo.com

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

this may have something to do with a hp printer ,i don't think it need tobe in startup.
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe \RESET

This is not bad but suggested fix
O4 - Startup: PowerReg Scheduler V3.exe

Same for this one .
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

reboot computer and post a new log

First, download LSPfix here: http://www.cexx.org/lspfix.htm
Launch the application, and click the "I know what I'm doing" checkbox.
Check all instances of 'osmim.dll' (and nothing else), and move them to the "Remove" pane.
Then click Finish.