Posts by caperjack

The best thing about DaniWeb is that it has a great Bullpen !:)

Can I play too? .

By all means please do !!Anytime, as i usually only get this computer a couple of hrs a day .I'll be the Starter !!!:} you can run Cleanup .lol, thanks

Alcohol 120% creates a virtual cdrom drive in mycomputer .to mount image right click on the drive icon in mycomputer and direct it to the image ,did you try to mount the image ,you created and install from there . try creating a image of both cds and mount disk 1 first ,start the install then mount disk 2

You need to download those programs on another computer and copy them to disk and install and run on your computer

After that dot the following !!
,,,,,,,,,,,
Go
Here and Get Trojan-Hunter Fully working trial!
,,,,,,,,,,,,,,,,,,

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\
Also delete your Temporary Internet Files, be sure to also select delete all offline content.

Do a virus scan here.
If you get report of files that can’t be cleaned / deleted please write down the filenames and locations and post that in your reply.
,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from :-
HERE
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Then please do this since it’s better to use automated tools to get rid of the bad stuff use these 2 programs first before doing the final cleaning with HJT

First use Spybot S&D. (Version 1.3)
Spybot
Unzip, and update. Install …

You have a pepper infection

the uninstaller is available from these locations:-
http://www.memorywatcher.com/uninst.exe
http://www.mjc1.com/files/peperpage/uninst.exe
http://www.downloads.subratam.org/uninst.exe

When you run the uninstaller, you MUST have an internet connection active for it to work.

Please run this twice with a reboot in between.

I did not delete the partypoker one because that's what I do for a living

Do you party and poke-er on the same night !!:)
All joking aside what is Party poker ,ive seen it in a few logs now,and i see some suggesting a fix on the other hijackthis fourms to.

I see why you don't argue with you friends .:) lol
You need to unzip you copy of hijackthis to a folder of its own not run it from the zip program! And your log is in bad shape!!
,,,,,,,,,,,,,,,,,,,,,,,
Your copy of HijackThis needs to be in a folder of it's own. When HJT fixes anything, it makes backups of the original files in the folder it is in. Since Temporary folders are emptied now and then (the files are DELETED), it would not be a good idea to have your backups there. Those backups would be VITAL to restoring your system if something went wrong in the FIX process!

1. Please go to you're 'My Documents' folder, right-click and select 'New > Folder' then name the folder 'HJT'.

2. Copy and paste HijackThis.exe to the new folder.

3. Close ALL windows except HJT

4. SCAN with HJT

5. POST the new log in this thread using 'Add Reply'

DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL WE CHECK THE LOG, AS SOME OF THE FILES ARE LEGIT AND VITAL TO YOUR COMPUTER'S HEALTH

Open the drive in mycomputer and go to tool/folder options/view to check to see it its set to show hidden files and folders .
Also i would right click on mycomputer/properties /system restore /and make sure system restore is not checked on this drive .

First let me say Im sorry to Charles21 that i missed you hijacklog back when you posted it ,a quick look at it now ,it doesent look bad .
Anyway instead of reinstall of XP ,why not try a repair install ,or just A System file check.
Go to Start /Run type in SFC /SCANNOW

Microsoft AntiSpyware

Try Crunchies directions in the post ,
http://www.daniweb.com/techtalkforums/thread16460-dxsetu.exe.html

I guess it could be a heat problem ,8 min is a long to boot .

yep, thing is, ive tried all that bios setup
and as 4 the boot from cd message?, i see nothing of the sort, i know to look 4 tht and could see it, it just boots the comp up as normal wen an os is installed or if not then it would carry on as if theres no cd in the drive, it simply doesnt boot with it,

i dnt kno wot to try :(

Danniboy. (thank you for your help!)

so does the bios detect the cdrom drive as being installed .

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

F2 - REG:system.ini: Shell=Explorer.exe winsock.scr

O4 - HKLM\..\Run: [dxset.exe] C:\WINDOWS\dxsetu.exe

O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe

Not necessary but recomended FIX by most !
O4 - Startup: PowerReg Scheduler V3.exe

O4 - Global Startup: Digital Line Detect.lnk = ?

another optional but suggested fix
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

Fix these 2 ,but i also suggesting fixing all 016s'just to be safe , as the good ones will download again when you visit the site

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/07d9e032201b494a2116/netzip/RdxIE601.cab

O16 - DPF: {A1A961DA-2BA6-4032-859E-01AC35357163} (One2One Viewer) - http://www.one2one.com/static/class/one2one.cab

Unless you reconize this as you ISP fix it .Actuall it the ip of
RIPE Network Coordination Centre of Ampsterdam
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF5F536C-073B-4D09-85DE-FF229AD6FC89}: NameServer = 194.168.4.100 194.168.8.100

O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
,,,,,,,,,,,,,,,,,,
Go to:

Start > Run > …

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/

R3 - Default URLSearchHook is missing

F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe

O2 - BHO: C:\WINDOWS\lbbho.dll - {3D971FBA-4107-459F-97F6-36FD419895A5} - C:\WINDOWS\lbbho.dll

O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll

O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll (file missing)

O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll (file missing)

O4 - HKLM\..\Run: [hwatzalbkpmzl] C:\WINDOWS\System32\rartic.exe

O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s

O4 - HKLM\..\Run: [OSS] C:\windows\system32\ossproxy.exe -boot

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/f...etup1.0.0.5.cab

Now reboot into safe mode and delete the following files and folders if found .

C:\WINDOWS\System32\rartic.exe,,,,,,,,,delete file

C:\PROGRA~1\NEWDOT~1\,,,,,,,,,,,,delete folder

C:\windows\system32\ossproxy.exe,,,,,,,,,delete file

to delete the above files and folder you will need to do the following
go to
Show hidden files & folders

"Fix Checked"...Reboot to SAFE mode to delete files

First you need to unistall new .netUninstall new.net

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\
Also delete your Temporary Internet Files, be sure to also select delete all offline content.

Do a virus scan here.
If you get report of files that can’t be cleaned / deleted please write down the filenames and locations and post that in your reply.
,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from :-
HERE
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Then please do this since it’s better to use automated tools to get rid of the bad stuff use these 2 programs first before doing the final cleaning with HJT

First use Spybot S&D. (Version 1.3)
Spybot
Unzip, and update. Install the updates and run. Delete all that it marks in red.
Reboot

Then it’s time for Ad-Aware
Ad-Aware
…

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\
Also delete your Temporary Internet Files, be sure to also select delete all offline content.

Do a virus scan here.
If you get report of files that can’t be cleaned / deleted please write down the filenames and locations and post that in your reply.
,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from :-
HERE
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Then please do this since it’s better to use automated tools to get rid of the bad stuff use these 2 programs first before doing the final cleaning with HJT

First use Spybot S&D. (Version 1.3)
Spybot
Unzip, and update. Install the updates and run. Delete all that it marks in red.
Reboot

Then it’s time for Ad-Aware
Ad-Aware
…

I agree too,to some extent ,I use cable and install TCPOptimiser and it increases my file download speed .I know because i download the same file from the same site minutes apart to test it befor applying the optimizer .!
http://www.speedguide.net/downloads.php

Hi. i need help deleting backdoor.colfusion. This is my log. Please help.

Please start a thread of you own ,do not post for help in someone else thread !thanks

This problem could occur because of Spyware , go on over to the Security section of this fourm and post you problem along with a hijackthis log .
Spyware & Trojans and Other Nasties
,,,,,,,,,,,,,,,,,,,,,,,,
Please Don't post the hijackthis log in this section Thanks .
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Please do this.
Download 'Hijack This!'. HijackThis
Save it in a convenient permanent folder such as C:\HJT\, double click HijackThis.exe, and hit "Scan".

Your copy of HijackThis needs to be in a folder of it's own. When HJT fixes anything, it makes backups of the original files in the folder it is in. Since Temporary folders are emptied now and then (the files are DELETED), it would not be a good idea to have your backups there. Those backups would be VITAL to restoring your system if something went wrong in the FIX process!

1. Please go to you're 'My Documents' folder, right-click and select 'New > Folder' then name the folder 'HJT'.

2. Copy and paste HijackThis.exe to the new folder.

3. Close ALL windows except HJT

4. SCAN with HJT

5. POST the new log in this thread using 'Add Reply'

DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL WE CHECK THE LOG, AS SOME OF THE FILES ARE LEGIT AND VITAL TO YOUR COMPUTER'S HEALTH

I've got input signal out of range evertime I start my comp.I had a program called reforce,I accidently changed the screen resolution and hz to 1024x768 120hz,don't think my monitor can handle 120hz.I did change resolution to 640x480 in safe mode but it doesn't work.I've got xp,need help thanks.

I don't have an answer ,but a suggestion ,to get better help you should start a new thread and post you problem ,

what are you using to start computer in dos ,

Yes it should work ,you can test it now by putting it in you cdrom and it should auto open and show you the flash screen and you can then just hit exit on the screen .if it does then it should work

did you Google search for one ! search for, audio File splitter
www.google.com

Did You burn it using a image burning program or just burn it as data file .if data file no it will not work!!

Did you enter the BIOS /SETUP on boot up and make sure that the boot sequence has the CDROM as first boot .

Im Stumped !!
And Crack Sites Are Bad !!

To the best of my knowhow it look good now .
I learned what I know by reading a lot of info and logs and joined ClassRoom section ,just post that you would like to join and they will contact you , ,and learned even more ,actually more that the memory can handle!!
If you are interested in learning more go on over and join!!
http://forums.tomcoyote.org/index.php?act=idx

Although Admilliserve cannot be found here - http://www.sysinfo.org/startuplist.php - this is an excellent place to find out exactly what should and shouldn't be allowed to be running on your PC. Simply run msconfig and enter each process into the search box.

Thats the olde one i do believe and we were told to use the CastleCop one because its updated regulary.
EDIT: A little reserch finds that Im wrong and it was last updated Dec 17/04
Startups= http://castlecops.com/StartupList.html
CLSID & BHO= http://castlecops.com/CLSID.html

And Another Startup list
http://startup.iamnotageek.com/srch-matcli.exe.html

After you run trojan hunter run hiajckthis again and fix any of this if it still in log .
,,,,,,,,,,,,,,,,,,,,

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://realsearch.cc/?a=2
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://realsearch.cc/?a=2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://realsearch.cc/?a=2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://realsearch.cc/?a=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://realsearch.cc/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://realsearch.cc/?a=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://realsearch.cc/?a=2
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://realsearch.cc/?a=2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://realsearch.cc/?a=2
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://realsearch.cc/?a=2
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://realsearch.cc/?a=2

O4 - HKLM\..\Run: [XPSP2 Firewall] C:\WINDOWS\system32\xpsp2fw.exe

O4 - HKCU\..\Run: [MProcessor] "C:\Program Files\\MProcessor\mprocessor.exe"

O4 - HKCU\..\Run: [Windows Update Client ] C:\WINDOWS\system32\wuclient.exe

Now reboot into safe mode and delete the following files and folders if found .

C:\WINDOWS\system32\xpsp2fw.exe,,,,,,,delete file

"C:\Program Files\\MProcessor,,,,,,,,,,,delete folder

C:\WINDOWS\system32\wuclient.exe,,,,,,,,,,,,delete file

to delete the above files and folder you will …

Go
Here and Get Trojan-Hunter Fully working trial! and do a full scan ,then post back a new log ,thanks

Just wondering did you run the CWShredder porgram ??

i think there may be a power supply problem maybe thats why the 'stb led' is not being lit up
is there any way to reset the power supply?

Not that Im aware of ,HP tech support woluld say that unplugging PS and Holding the Power button in for about 40 seconds drains and resets it i think !

So you are fixing these 3 items and , deleting this file ,dxsetu.exe,and it all keeps coming back !

F2 - REG:system.ini: Shell=Explorer.exe winsock.scr
O4 - HKLM\..\Run: [dxset.exe] C:\WINDOWS\dxsetu.exe
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Program Files\ladbrokesMPP\MPPoker.exe

yes i did. the led thats not on right now is the 'stb led' the strange thing is when i turn the computer on i can still here the power supply hum and also i can see the lights on cd as its booted. but nothing else happens.

Sometimes when installing ram you can loosen or nockoff wires check and make sure you didn't pull off any wires ,or hope you didn't short the ram or board with a charge of static electricity

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\
Also delete your Temporary Internet Files, be sure to also select delete all offline content.

Do a virus scan here.
If you get report of files that can’t be cleaned / deleted please write down the filenames and locations and post that in your reply.
,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from :-
HERE
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Then please do this since it’s better to use automated tools to get rid of the bad stuff use these 2 programs first before doing the final cleaning with HJT

First use Spybot S&D. (Version 1.3)
Spybot
Unzip, and update. Install the updates and run. Delete all that it marks in red.
Reboot

Then it’s time for Ad-Aware
Ad-Aware
…

All:

Seems another of my friends has been hijacked (I'm becoming known for helping some of the folks out here with this little problem thanks to you all!)

Don't take this the wrong way ,just posting this ,so you can read up and become familure with what you are telling them to do!:)
Site to help you under stand the log .
http://www.spywareinfo.com/~merijn/htlogtutorial.html

,,,,,,,,,,,,,,,,,,,,
Sites to search the 04 entrys to see whats what!! just search the EXE or whats in the brackets !
http://castlecops.com/StartupList.html

http://startup.iamnotageek.com/search.php

,,,,,,,,,,
Site to search the BHOS',using the long 8E718888-423F-11D2-876E-00A0C9082467 # in the 02 and 03 BHO

http://castlecops.com/CLSID.html

After all that if any of this is left Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.seekerbar.com/ie.aspx?tb_id=50154

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.seekerbar.com/ie.aspx?tb_id=50154

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.seekerbar.com/ie.aspx?tb_id=50154

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FLLESF~1\WinTools\WToolsB.dll

F2 - REG:system.ini: Shell=Explorer.exe winsock.scr

O2 - BHO: sPeerObj Class - {00000026-8735-428D-B81F-DD098223B25F} - C:\WINDOWS\speer.dll

O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FLLESF~1\WinTools\WToolsB.dll

O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)

O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\FLLESF~1\WinTools\WToolsA.exe

O4 - HKLM\..\Run: [uuawkfezwl] C:\WINDOWS\System32\lopkkz.exe

O4 - HKLM\..\Run: [C:\WINDOWS\System32\ope40.exe ] C:\WINDOWS\System32\ope40.exe

O4 - HKLM\..\Run: [dxset.exe] C:\WINDOWS\dxsetu.exe

this one is Optional ,but recomended as its a rescource hog.
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

Now reboot into safe mode and delete the following files and folders if found .

C:\PROGRA~1\FLLESF~1\WinTools,delete folder

C:\WINDOWS\System32\lopkkz.exe,,,,delete file

…

Lets start with this ,also You really should go to windows updates ,and get critical updates
Please go here for Wintools removal instructions.
,,,,,,,,,,,,,,,,,
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Click Here and Get Trojan-Hunter Fully working trial!
,,,,,,,,,,,

Also a trip to windows updates is needed for critical updates
WINDOWS UPDATES

Your copy of HijackThis needs to be in a folder of it's own. When HJT fixes anything, it makes backups of the original files in the folder it is in. Since Temporary folders are emptied now and then (the files are DELETED), it would not be a good idea to have your backups there. Those backups would be VITAL to restoring your system if something went wrong in the FIX process!

1. Please go to you're 'My Documents' folder, right-click and select 'New > Folder' then name the folder 'HJT'.

2. Copy and paste HijackThis.exe to the new folder.

3. Close ALL windows except HJT

4. SCAN with HJT

5. POST the new log in this thread using 'Add Reply'

DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL WE CHECK THE LOG, AS SOME OF THE FILES ARE LEGIT AND VITAL TO YOUR COMPUTER'S HEALTH

,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

And this one while you at it .

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -

are u using yahoo messenger or windows messenger .
I don't use super web cam but!! Sounds like a firewall settin on either you computer or the persons you are trying to use it with!

I assume you were here getting help to set it up !
http://messenger.yahoo.com/messenger/superwebcam/

and here
http://help.yahoo.com/help/us/sbc/messenger/webcam/webcam-14.html

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\
Also delete your Temporary Internet Files, be sure to also select delete all offline content.

Do a virus scan here.
If you get report of files that can’t be cleaned / deleted please write down the filenames and locations and post that in your reply.
,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from :-
HERE
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Then please do this since it’s better to use automated tools to get rid of the bad stuff use these 2 programs first before doing the final cleaning with HJT

First use Spybot S&D. (Version 1.3)
Spybot
Unzip, and update. Install the updates and run. Delete all that it marks in red.
Reboot

Then it’s time for Ad-Aware
Ad-Aware
…

The Green lite on the board was it out when you installed the ram ,If not you may have fried something ,did you remove the power cord and drain power from computer before you installing the ram!!!

I am on a Dell D600 and it does not seem to have a DVD decoder.
I thought XP was supposed to be ultra multi-media friendly...

How do I get it to play DVD's...
Not looking to rip them vust play them.

go to windows updates! and Update to windows media player 10 ,if you haven't all ready it will play dvds if you have a dvd player installed on you computer

I'm not quite sure what you mean by logging in as the real administrator account. ".

If you start computer in safe mode you will get the option to pick The Real Admin acct created when you installed win xp

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

1. Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

   See this link for a listing of some online & their stand-alone antivirus programs:

   Virus, Spyware, and Malware Protection and Removal Resources

2. Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
3. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

   For a tutorial on Firewalls and a listing of some available ones see the link below:

   Understanding and Using Firewalls

4. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to …

Aliitle clean up of some i missed .
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Have Hijack This fix the following by placing a check in the

appropriate boxes and selecting fix checked. Make sure all

browser and all Windows Explorer windows are closed before

fixing.
You might want to print out or copy & paste to notePad , these

instructions as you will need to close this browser window to

fix with hijackthis !

O2 - BHO: (no name) - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - (no file)

O2 - BHO: (no name) - {3F0DE170-80FB-DABB-7A54-88D4A3D16C58} - (no file)

O2 - BHO: (no name) - {447160CD-ECF5-4EA2-8A8A-1F70CA363F85} - (no file)

O2 - BHO: TChkBHO Class - {5B71E02D-4B7C-4266-8CA3-2135AF26104E} - C:\WINNT\system32\oymikwg.dll

O18 - Filter: text/html - {CC905FF6-B553-496C-9DFA-CFF65ADCD0FC} - c:\program files\clientman\run\searchrep4acf6c0b.dll

reboot computer and post a new log

Here's the new log. I did everything with the exception of removing P2P networking because my son uses kazaa lite. Is this a problem ?

You don't need it to use Kazaa lite.you can uninstall it an kazaa will still work .I did when i use to use kazaa lite
EDIT:
Read this You decide
http://www.kephyr.com/spywarescanner/library/p2pnetworking/index.phtml

I have to use a lot of redundant back ups. I have a lot of stuff and CD's & DVD's just can't cut it. The terabyte of space is not one drive it is a a collection of 16 drives. One 120GB drive was the problem. But it's good to know! :lol:

Have you tried Maxtors MaxBlast program to low level format the disk /right the disk to zeros!