Posts by caperjack

So, is the CPU heatsinc and fan clean of dust . ,maybe try someThermal grease n the cpu .
The powersupply fan clean ,pull the side of the case and leave it off to see if maybe staying cooler helps .
As you can see im thinking HEAT

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search200.com/passthrough/in...p://about:BLANK

O2 - BHO: CBundleObj Object - {447160CD-ECF5-4EA2-8A8A-1F70CA363F85} - c:\program files\clientman\run\bundleaef94639.dll (file missing

I can't find any info on these 2 ,do you lnow what Bowsan~1 is ,if no you can fix them .

O2 - BHO: long meow burn - {3F0DE170-80FB-DABB-7A54-88D4A3D16C58} - C:\PROGRA~1\BOWSAN~1\BitsObj.dll

O3 - Toolbar: view ooze - {C3F78CC8-F0A2-FB38-4E32-DD0295889BCB} - C:\PROGRA~1\BOWSAN~1\BitsObj.dll

O2 - BHO: (no name) - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - (no file)

I suggest you go to add and remove programs in the control panel and uninstall p2p networking its not needed ,and Messenger plus 2,it came with the spyware you have on you computer ,you can reinstall it later but install with out the support software ,

O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"

O4 - HKLM\..\Run: [Great hold] C:\PROGRA~1\PROCRE~1\upload mode third.exe

O4 - HKLM\..\Run: [ASTART] C:\WINNT\ASTART

O4 - HKCU\..\Run: [System32] C:\WINNT\Services32.exe NORMAL

O4 - HKLM\..\Run: [fash] C:\WINNT\fash.exe

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -

Now reboot into safe mode and delete the following files and folders …

Those entries are LOP related caperjack.

I thought so wasn't sure .I really can't keep up to all the different shit out there .!

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search200.com/passthrough/in...p://about:BLANK

O2 - BHO: CBundleObj Object - {447160CD-ECF5-4EA2-8A8A-1F70CA363F85} - c:\program files\clientman\run\bundleaef94639.dll (file missing

I can't find any info on these 2 ,do you lnow what Bowsan~1 is ,if no you can fix them .

O2 - BHO: long meow burn - {3F0DE170-80FB-DABB-7A54-88D4A3D16C58} - C:\PROGRA~1\BOWSAN~1\BitsObj.dll

O3 - Toolbar: view ooze - {C3F78CC8-F0A2-FB38-4E32-DD0295889BCB} - C:\PROGRA~1\BOWSAN~1\BitsObj.dll

O2 - BHO: (no name) - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - (no file)

I suggest you go to add and remove programs in the control panel and uninstall p2p networking its not needed ,and Messenger plus 2,it came with the spyware you have on you computer ,you can reinstall it later but install with out the support software ,

O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"

O4 - HKLM\..\Run: [Great hold] C:\PROGRA~1\PROCRE~1\upload mode third.exe

O4 - HKLM\..\Run: [ASTART] C:\WINNT\ASTART

O4 - HKCU\..\Run: [System32] C:\WINNT\Services32.exe NORMAL

O4 - HKLM\..\Run: [fash] C:\WINNT\fash.exe

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) …

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !
,,,,,,,,,,,,,,,,,
Lets try it in safe mode!!
Boot to safe mode ,when there using ALT+CTRL+DEL ,end these processes .
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
then run hijack and fix the following

F2 - REG:system.ini: Shell=Explorer.exe winsock.scr

O4 - HKLM\..\Run: [Windows ServeAd] C:\Program Files\Windows ServeAd\WinServAd.exe

O4 - HKLM\..\Run: [dxset.exe] C:\WINDOWS\dxsetu.exe

I search and others are fixing this ,but if you use it to play poker or something i guess it ok.lol !
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Program Files\ladbrokesMPP\MPPoker.exe

Still in safe mode and delete the following files and folders if found .

C:\Program Files\Windows ServeAd\,delete folder

C:\WINDOWS\dxsetu.exe,,delete file

to delete the above files and folder you will need to do the following
go to
Show hidden files & folders

"Fix Checked"...Reboot to SAFE mode to delete files
How to start computer in safe mode

reboot computer and post a new log

All I can add is the first 3 programs I put on my new computer after my Anyivirus program were ,
Spywareblaster
Spywareguard
IE-Spyad
Than was in November and I havn't had a serisous problem since.
All 3 can be Found HERE

Please give these programs a go first .then post a new hijack log with the newer version .
You hijack version is outdated newer virsion at bottom of this post ,I think the latest version of Ad-Aware setup to scan deeper will help !
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from here :-
http://service1.symantec.com/SUPPORT/tsgen...001052409420406
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Scanning in Spybot Search and Destroy:

1. Downloaded and Install Spybot S&D, accepting the Default Settings

2. In the Menu Bar at the top of the Spybot window you will see 'Mode'. Make certain that 'default mode' has a check mark beside it.

3. Close ALL windows except Spybot S&D

4. Click the button to ‘Search for Updates’ then download and install the Updates.

5. Next click the button ‘Check for Problems’

6. When Spybot is complete, it will be showing ‘RED’ entries bold 'Black' entries and ‘GREEN’ entries in the window

7. …

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zpecialoffer.com/indexie.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.zpecialoffer.com/indexie.html

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.zpecialoffer.com/results.asp?keyword=%s

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R3 - URLSearchHook: (no name) - - (no file)

F2 - REG:system.ini: Shell=Explorer.exe winsock.scr

O1 - Hosts: 209.132.200.78 auto.search.msn.com

O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~2.DLL

O2 - BHO: ExplorerExtObj Class - {23BC1CCF-4BE7-497F-B154-6ADA68425FBB} - C:\WINDOWS\system32\expext.dll (file missing)

O2 - BHO: (no name) - {B7B87B57-F383-719B-740B-D47B73F3A995} - (no file)

O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\system32\msbe.dll (file missing)

O3 - Toolbar: (no name) - {2CF0B992-5EEB-4143-99C2-5297EF71F44B} - (no file)

O4 - HKLM\..\Run: [Explkw] C:\WINDOWS\system32\expup.exe

O4 - HKLM\..\Run: [Folder Service ] C:\Program Files\Common Files\Services\wssdtu.exe

O4 - HKLM\..\Run: [Enumeration Service ] C:\Program Files\Common Files\Services\wsys.exe

O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe

O4 - HKLM\..\Run: [Windows ServeAd] C:\Program Files\Windows ServeAd\WinServAd.exe

O4 - HKLM\..\Run: [C:\WINDOWS\system32\ope12.exe ] C:\WINDOWS\system32\ope12.exe

O4 - HKLM\..\Run: [dxset.exe] C:\WINDOWS\dxsetu.exe

Have you tried Safe mode ,and choose last known good configeration !!
,,,,,,,,,,,,,,

How to start computer in safe mode

Disable nortons auto protect until after you scan with hijackthis and create the log

download and run a full scan with TrojanHunter's fully working 30 day Demo!
http://www.trojanhunter.com/products/TrojanHunter.exe

Hi ,lets download and run a full scan with TrojanHunter's fully working 30 day Demo!
http://www.trojanhunter.com/products/TrojanHunter.exe

Caperjack,

THANK YOU so very much. Your suggestions FIXED the problems!!! Yeah. I truly appreciate your help.

To Comatose and everyone else, thanks for your patience and all your help. :D

Glad to have helped :)

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

1. Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

   See this link for a listing of some online & their stand-alone antivirus programs:

   Virus, Spyware, and Malware Protection and Removal Resources

2. Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
3. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

   For a tutorial on Firewalls and a listing of some available ones see the link below:

   Understanding and Using Firewalls

4. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to …

This will lead to a eventual fix ,I hope ,but you have to work for it!LOL

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example
C:\WINDOWS\Temp\
C:\Temp\
C:\Documents and Settings\username\Local Settings\Temp\
Also delete your Temporary Internet Files, be sure to also select delete all offline content.

Do a virus scan here.
If you get report of files that can’t be cleaned / deleted please write down the filenames and locations and post that in your reply.
,,,,,,,,,,,,,,,,,,,,,,,,,,
Download then unzip and run CWShredder to clean up clicking "FIX" to have it remove all it finds.

CWShredder available from these places :-

http://www.aluriasoftware.com/tools/cwshredder.zip
Or this as a full download without any unzipping required
http://www.downloads.subratam.org/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe

We have found that some of the CWS infections can be removed better from safe mode, rather than normal mode.
To get to safe mode use the F8 key while booting the machine. Detailed instructions from here :-
http://service1.symantec.com/SUPPORT/tsgen...001052409420406
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Then please do this since it’s better to use automated tools to get rid of the bad stuff use these 2 programs first before doing the final cleaning with HJT

First use Spybot S&D. (Version 1.3)
Spybot
Unzip, and update. Install the updates and …

The problem is in the redirector for Norton's "Live Update" that's what LU stands for. What has happened is that there are some older versions of Live update out there that are not exactly compatible with the newer versions and the patch is why it is necessary to to fill in that gap in order to make the Live update function work correctly. Please try visiting this page from Symantec to better understand the error. Nothing was hijacked, it's not a trojan or spyware. It's just a needed compatibility patch that can cure it. http://service1.symantec.com/SUPPORT/sharedtech.nsf/d3c44a1678bd8f45852566aa005902cb/aeede83fd244db6188256ed10050ce58?OpenDocument&src=bar_sch_nam

Good one ,Im here to help and learn ,always learning,thanks .

?? I still dont see where the orignal poster gave a norton Error reported ,they just say that they are not able to update Nortons !!!!!!!!

Is it better to un install SP2 or NORTON to TRY to correct this?

This problem could occur because of Spyware , go on over to the Security section of this fourm and post you problem along with a hijackthis log .
Spyware & Trojans and Other Nasties
,,,,,,,,,,,,,,,,,,,,,,,,
Please Don't post the hijackthis log in this section Thanks .
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Please do this.
Download 'Hijack This!'. HijackThis
Save it in a convenient permanent folder such as C:\HJT\, double click HijackThis.exe, and hit "Scan".

Your copy of HijackThis needs to be in a folder of it's own. When HJT fixes anything, it makes backups of the original files in the folder it is in. Since Temporary folders are emptied now and then (the files are DELETED), it would not be a good idea to have your backups there. Those backups would be VITAL to restoring your system if something went wrong in the FIX process!

1. Please go to you're 'My Documents' folder, right-click and select 'New > Folder' then name the folder 'HJT'.

2. Copy and paste HijackThis.exe to the new folder.

3. Close ALL windows except HJT

4. SCAN with HJT

5. POST the new log in this thread using 'Add Reply'

DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL WE CHECK THE LOG, AS SOME OF THE FILES ARE LEGIT AND VITAL TO YOUR COMPUTER'S …

Norton provides instructions with that error on what to do with it when you get it. It is likely that there is a hyperlink contained in that error notice that will point you to a patch that you would need to download from Symantec. You download this patch and execute it and it would likely clear up your problem. If it doesn't, then the issue is not the same one I am thinking of.
SP2 firewall and Norton work very well together if you are using Systemworks and keep everything current. SP2 actually encourages you to use Norton or McAfee. But the error message is definately a Norton error message and not a windows one.

I don't see any error message from Norton in any of the above post ,unless its in one of the links ,so i don't know what error message you refer to ,
But a Trojan/Spyware can disable Nortons ,and updates from working and the ability to get them returns after the trojan/spyware is removed .
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

I ran everything you suggested with the exception of the panda virus scan - it would not load. I was able to get housecall to run by using the explorer browser.
The trojan hunter removed another 11 trojans.
What should i do next ?

Close all browser windows, nothing open but Hijackthis ,scan with hijackthis and post a new log ,thanks

wouldn't firefox just be a lot faster ;)

I use IE ,but have firefox install and use it from time to time and don't find it one bit faster !
Tabed browising is it greatest asset!

Most Hijackthis help sites will not even help you untill you do windows updates ,so I think you should at least go and get the critical updated if you haven't all ready .
,,,,,,,,,,,,,,,,,,,,,
Also a trip to windows updates ,This Way Please .And have a Safe Trip !!:)
WINDOWS UPDATES

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

O2 - BHO: Band Class - {0007522A-2297-43C1-8EB1-C90B0FF20DA5} - C:\WINDOWS\enhtb.dll

O4 - HKLM\..\Run: [Enh Win Updt] C:\WINDOWS\enhupdt.exe

this is not bad but is not need at startup and is a rescource hog !
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Real-time Monitor.lnk = ?

O4 - Global Startup: VAIO Action Setup (Server).lnk = ?

Fix this unless you set it up youself!

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

I find some fixing this ,givin that you are taking to the sony site i would fix it .
O23 - Service: Sony SPTI Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

Now reboot into safe mode and delete the following files and folders if found .

C:\WINDOWS\enhupdt.exe,,,,,,,,,,,delete file

to delete the above files and folder you will need to do the following
go to
Show hidden files & folders

"Fix Checked"...Reboot to SAFE mode to delete files
How to start computer in safe mode

reboot computer and post a new log

You may need to open the case and remove and reseet things like modems and sound card ,network card ,video card, RAM also .! ,to make sure they are all making a connection ,also it could be the power supply not providing enough power to boot ,
If reseeting doesnt help pull all of the cards out except the RAM and boot and see if Hardrive bootup

I don't see anythin bad in the log ,!
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
How do you cnnect to the net Dialup or DSL/Cable
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
This link for error 769 using PPPoE
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q316395
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
From another site ,i assume dialup connecting!!!

Error 769

1. Check the dialer settings, making sure that the user isn't set to static IP addressing (less they are supposed to) and that all other settings are ok.

2. Reinstall TCP/IP.

3. Reboot the computer.

4. Reinstall all dialup components.

,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
one More link !!

http://www.smartcomputing.com/techsupport/detail.aspx?guid=0f788b99ecb74380b55a2e32df5f0bc5&ErrorID=21693
,,,,,,,,,,,,,,,,,,,
Good Luck

I got mine setup tighter than a drum and can download form both ,Go figure !!

When i click on your killbox link i get a redirect to bleeping computer and an open ie page. seems to be running but no down load forthcoming. I went to and joined bleepingcomp. and tried to download killbox but got the same blank, running page. anything else i can do to dl killbox?

Try downloading it from here
http://www.downloads.subratam.org/KillBox.exe

hi thanx for the help but it didnt work lop dot com was not located in the add/remove programs. how do i reinstall msg plus 3.4 without spyware. and the lop dot com uninstaller i think didnt do much because i still have a search spybar in my internet explorer. thx

When you are installing MSG Plus you are asked if you want to install it with supported software or without, choose without .

I suggest this!
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
First use Spybot S&D. (Version 1.3)
Spybot
Unzip, and update. Install the updates and run. Delete all that it marks in red.
Reboot

Then it’s time for Ad-Aware
Ad-Aware
Install and update by using the globe icon. Restart your computer and run Ad-Aware.
Press scan now and select drives and/or partitions to be scanned. When done select all and click next. Remove all checked items and then reboot your computer.

Please go to this page and read the instructions for how to configure Spybot S&D & Ad-Aware
How To Setup Spybot SD and Ad-Aware

Then post a HJT log as a reply to this topic.

just a shot in the dark ,giving that inetcomm.dll is email releated and the svchost is generic and is used by modems .,maybe if you remove the modem or network card if it has one ,then uninstall the software releated to it and reboot and reinstall modem !! like i said a shot in MY dark .good luck

You can turn system restore back on if its off
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

1. Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

   See this link for a listing of some online & their stand-alone antivirus programs:

   Virus, Spyware, and Malware Protection and Removal Resources

2. Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
3. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

   For a tutorial on Firewalls and a listing of some available ones see the link below:

   Understanding and Using Firewalls

4. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest …

Hello make sure you ahve all browsers and windows closed expt hujackthis,I missed these .
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O9 - Extra button: Dell Home - {08DCFC6C-B6E4-480C-95A4-FC64F37B787E} - http://www.dellnet.com/ (file missing) (HKCU)

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

F2 - REG:system.ini: Shell=Explorer.exe winsock.scr

O4 - HKLM\..\Run: [dxset.exe] C:\WINDOWS\dxsetu.exe
Just to be safe fix these as the good ones will come back when you revisit the site
O16 - DPF: Dice Derby by pogo - http://game4.pogo.com/applet-5.9.5....g-ob-assets.cab

O16 - DPF: Fortune Bingo by pogo - http://game4.pogo.com/applet-6.0.2....o-ob-assets.cab

O16 - DPF: Texas Hold'em Poker by pogo - http://game4.pogo.com/applet-6.0.2....m-ob-assets.cab

O16 - DPF: Word Whomp Whackdown by pogo - http://game5.pogo.com/applet-5.9.5....n-ob-assets.cab

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/c...trolLite_KR.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yah...s/yinst0401.cab

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://dev-www.fileplanet.com/fpdlm...DC_1_0_0_41.cab

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/compu...kup/qdiagcc.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab

O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?316

Now reboot into safe mode and delete the following files and folders if found .

C:\WINDOWS\dxsetu.exe,,,,,,,delete file

to delete the above files and folder you will need to do the following
go to
Show hidden files & folders

"Fix Checked"...Reboot to SAFE mode to delete files

Soory ,I have no answer for you .

I cant get the killbox to download!!! what next?

:(

EDIT: Sorry MIsss Read your post .

This problem could occur because of Spyware , go on over to the Security section of this fourm and post you problem along with a hijackthis log .
Spyware & Trojans and Other Nasties
,,,,,,,,,,,,,,,,,,,,,,,,
Please Don't post the hijackthis log in this section Thanks .
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Please do this.
Download 'Hijack This!'. HijackThis
Save it in a convenient permanent folder such as C:\HJT\, double click HijackThis.exe, and hit "Scan".

Your copy of HijackThis needs to be in a folder of it's own. When HJT fixes anything, it makes backups of the original files in the folder it is in. Since Temporary folders are emptied now and then (the files are DELETED), it would not be a good idea to have your backups there. Those backups would be VITAL to restoring your system if something went wrong in the FIX process!

1. Please go to you're 'My Documents' folder, right-click and select 'New > Folder' then name the folder 'HJT'.

2. Copy and paste HijackThis.exe to the new folder.

3. Close ALL windows except HJT

4. SCAN with HJT

5. POST the new log in this thread using 'Add Reply'

DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL WE CHECK THE LOG, AS SOME OF THE FILES ARE LEGIT AND VITAL TO YOUR COMPUTER'S HEALTH

They keep messing with the page that has the qoologic.zip :(. I will upload it for you.
Yep. Enable all in Msconfig, then reboot and post those logs.
I'm off to bed. 2 am here, 2005. Happy new year :D.

Happy New Year Crunchie!!!

Unable to initialize the scaning database antivirus engine files

This message means you antivirus has beed disabled,usuall by virus/or trojan .
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
go back to your other thread and run hijackthis again and post a fresh log .

Read through these you should find the answer .

,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
This info was found on
http://www.uktsupport.co.uk/epson/Inkjet/sc400.htm

If you see conflict error messages or printing is very slow, the problem may be caused by temporary files in the EPSON Spool Manager temporary file directory. To change the Spool Manager settings, you will first need to make a unique directory on your hard drive, such as C:\SPOOL. Open the Spool Manager4 and make sure the EPSON Stylus COLOR 400 is selected. Click on Options, select Default Spool Directory. Change the directory to the new directory you created and click OK. Open the Queue, Setup and make sure the spool directory changed to the new unique directory. Make sure the box for "Use Print Manager for this port" is not checked, then click OK. Close the Spool Manager, restart the computer and try printing again.

boot to the win98 bootdisk ,Try typing this at the A: prompt , sys c:
and reboot computer

Or this .
http://www.computerhope.com/issues/ch000425.htm

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
You already use spybot ,and ad-aware ,to clean spyware ,so try the spyware prevention programs listed below.

1. Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

   See this link for a listing of some online & their stand-alone antivirus programs:

   Virus, Spyware, and Malware Protection and Removal Resources

2. Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
3. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

   For a tutorial on Firewalls and a listing of some available ones see the link below:

   Understanding and Using Firewalls

4. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your …

First thing the DSO in a bug in the spybot program not to worry as long as you have all the latest windows updates .
I will have a look at you log as soon as i get a few minutes!

Log looks ok only thing to fix is this and its not a problem anyway .
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm

O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll

O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/23d2ea993cf953...ip/RdxIE601.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1) -

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1) -

Now reboot into safe mode and delete the following files and folders if found .

C:\Program Files\Windows ControlAd\,,,,,,,,,,,delete folder

to delete the above files and folder you will need to do the following
go to
Show hidden files & folders

"Fix Checked"...Reboot to SAFE mode to delete files
How to start computer in safe mode

reboot computer and post a new log

first thing turn off system restore and leave it off ,until you clean the computer of all the baddies .I will have a look at you log as soon as i get a few minutes .

My thoughts ,no matter how close to being the same no computers are exact!!One program conflicting could cause the difference

Just a shot in the dark,try IE/Tools /internet options/connections ,and make sure never dial a connections Radio button is checked !

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

fix these if you do not recognize them (mchsi.com) as your service provider.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.r21.mchsi.com:8000

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.r21.mchsi.com

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-040BCAF82AD6} - (no file)

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

Unless you set this in up with spybot fix it
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

Fix all the 016s' to be safe ,the good ones will download again when you visit that site ,.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} -
O16 - DPF: {27EB254C-C724-43B1-8DD8-F3AC9ED761B2} - http://client2.tvtonic.com/Webservi...6/TVTStage1.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/...bin/AvSniff.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/297b3f1...ip/RdxIE601.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://download.sidestep.com/get/k00719/sb028.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/...n/bin/cabsa.cab
…

Your copy of HijackThis needs to be in a folder of it's own. When HJT fixes anything, it makes backups of the original files in the folder it is in. Since Temporary folders are emptied now and then (the files are DELETED), it would not be a good idea to have your backups there. Those backups would be VITAL to restoring your system if something went wrong in the FIX process!

1. Please go to you're 'My Documents' folder, right-click and select 'New > Folder' then name the folder 'HJT'.

2. Copy and paste HijackThis.exe to the new folder.

3. Close ALL windows except HJT

4. SCAN with HJT

5. POST the new log in this thread using 'Add Reply'

DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL WE CHECK THE LOG, AS SOME OF THE FILES ARE LEGIT AND VITAL TO YOUR COMPUTER'S HEALTH

Post your Hijackthis log for View ,Also check this from Miscrosoft

Try this from Microsoft

A discription of waht kind of problems are u having would also help .i will have a look at you log and past back soon.

EDIT: Ok Im sorry you problem was in the topic name .I don't see anything in your log to cause the page not to be displayed !