That's it! I'm swearing off Internet Explorer.
I'm using my parents comp to post this:
So I'm surfing the net, and IE freezes. so I go Alt-ctrl-del. I go back in, and it turns out my homepage was set to a search engine. I did not do this. The address was about:blank.
When I try to go to a different site, it won't let me. It says "cannot connect to server". Then, just to add insult to injury, my comp freezes. And I mean freezes. Can't move the mouse. No response form alt-ctrl-del. So I do a hard shutdown.
When it loads back up, I get an error message that says something to the effeact that this program has been damaged and that I should reinstall it. Of course, it doesn't tell me what program has been been damaged.
I'm just hoping it is not my copy of windows XP, since it came preloaded on my system and I don't have the CD of it.
Ignoring the damaged program for now, I figure I picked up some spyware from somewhere. Of course, i got nothing currently on my comp that can delete the spyware. And I can't get anything that can delete the spyware since I can't go anywhere except that damn searh engine.
So I'm in a crappy situation.
Fuck This! (Need IE help)
Moderator: Thanas
-
Temjin
- Jedi Council Member
- Posts: 1567
- Joined: 2002-08-04 07:12pm
- Location: Winnipeg, Manitoba, Canada
Fuck This! (Need IE help)
"A mind is like a parachute. It only works when it is open."
-Sir James Dewar
Life should have a soundtrack.
-Sir James Dewar
Life should have a soundtrack.
-
Super-Gagme
- Little Stalker Boy
- Posts: 1282
- Joined: 2002-10-26 07:20am
- Location: Lincoln, UK
- Contact:
Try manually putting in the address, http and all.
History? I love history! First, something happens, then, something else happens! It's so sequential!! Thank you first guy, for writing things down!
evilcat4000: I dont spam
Cairbur: The Bible can, and has, been used to prove anything and everything (practically!)
StarshipTitanic: Prove it.
evilcat4000: I dont spam
Cairbur: The Bible can, and has, been used to prove anything and everything (practically!)
StarshipTitanic: Prove it.
-
Temjin
- Jedi Council Member
- Posts: 1567
- Joined: 2002-08-04 07:12pm
- Location: Winnipeg, Manitoba, Canada
No effect.
But on the bright side, I found a copy of mozilla I downloaded months ago and have installed that. Works fine. So I tried getting Spybot search & destroy. I did a scan, removed the fost of the files it came up with, and that didn't help at all.
Too bad, I would have liked to have kept IE for certain sites....
But on the bright side, I found a copy of mozilla I downloaded months ago and have installed that. Works fine. So I tried getting Spybot search & destroy. I did a scan, removed the fost of the files it came up with, and that didn't help at all.
Too bad, I would have liked to have kept IE for certain sites....
"A mind is like a parachute. It only works when it is open."
-Sir James Dewar
Life should have a soundtrack.
-Sir James Dewar
Life should have a soundtrack.
-
darthdavid
- Pathetic Attention Whore
- Posts: 5470
- Joined: 2003-02-17 12:04pm
- Location: Bat Country!
http://myie2.com/
Even works with windows update. I use it for sites that need ie. For the rest it's firefox all the way.
Even works with windows update. I use it for sites that need ie. For the rest it's firefox all the way.
-
Temjin
- Jedi Council Member
- Posts: 1567
- Joined: 2002-08-04 07:12pm
- Location: Winnipeg, Manitoba, Canada
I just tried it and it suffers from the same problems the normal IE does.darthdavid wrote:http://myie2.com/
Even works with windows update. I use it for sites that need ie. For the rest it's firefox all the way.
It was a good suggestion though....
"A mind is like a parachute. It only works when it is open."
-Sir James Dewar
Life should have a soundtrack.
-Sir James Dewar
Life should have a soundtrack.
-
Einhander Sn0m4n
- Insane Railgunner
- Posts: 18630
- Joined: 2002-10-01 05:51am
- Location: Louisiana... or Dagobah. You know, where Yoda lives.
Try posting a Hijackthis log. Yes, that's a direct link to the EXE, tell it to open from current location.[/url]
-
Temjin
- Jedi Council Member
- Posts: 1567
- Joined: 2002-08-04 07:12pm
- Location: Winnipeg, Manitoba, Canada
Logfile of HijackThis v1.97.7
Scan saved at 10:41:02 PM, on 29/04/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\System32\iyus\pbeglenh.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\valve\steam\steam.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-ca9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-ca9.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://ca9.hpwis.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {414F8057-5A35-4009-90FA-43267F6D68B6} - C:\WINDOWS\System32\oafd.dll
O2 - BHO: Window Shades - {B5B57F4F-EFA5-11D4-A971-444553540000} - C:\PROGRA~1\GMMCOM~1\WINDOW~1\WINDOW~1.DLL
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [MSZTCE] C:\WINDOWS\System32\MSZTCE.EXE
O4 - HKLM\..\Run: [w32sup] C:\WINDOWS\System32\w32sup.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [iyus] C:\WINDOWS\System32\iyus\pbeglenh.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "c:\valve\steam\steam.exe" -silent
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Broken Internet access because of LSP provider 'spsublsp.dll' missing
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://www.wildtangent.com/install/wdri ... wtinst.cab
O16 - DPF: {BB0578ED-E672-4697-9663-EC5A0460B949} (SomaticCAB.Setup) - http://downloads.searchcentrix.com/install/weblz.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/sh ... wflash.cab
Scan saved at 10:41:02 PM, on 29/04/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\System32\iyus\pbeglenh.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\valve\steam\steam.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-ca9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-ca9.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://ca9.hpwis.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {414F8057-5A35-4009-90FA-43267F6D68B6} - C:\WINDOWS\System32\oafd.dll
O2 - BHO: Window Shades - {B5B57F4F-EFA5-11D4-A971-444553540000} - C:\PROGRA~1\GMMCOM~1\WINDOW~1\WINDOW~1.DLL
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [MSZTCE] C:\WINDOWS\System32\MSZTCE.EXE
O4 - HKLM\..\Run: [w32sup] C:\WINDOWS\System32\w32sup.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [iyus] C:\WINDOWS\System32\iyus\pbeglenh.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "c:\valve\steam\steam.exe" -silent
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Broken Internet access because of LSP provider 'spsublsp.dll' missing
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://www.wildtangent.com/install/wdri ... wtinst.cab
O16 - DPF: {BB0578ED-E672-4697-9663-EC5A0460B949} (SomaticCAB.Setup) - http://downloads.searchcentrix.com/install/weblz.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/sh ... wflash.cab
"A mind is like a parachute. It only works when it is open."
-Sir James Dewar
Life should have a soundtrack.
-Sir James Dewar
Life should have a soundtrack.
-
Einhander Sn0m4n
- Insane Railgunner
- Posts: 18630
- Joined: 2002-10-01 05:51am
- Location: Louisiana... or Dagobah. You know, where Yoda lives.
KILL ZE FOLLOWING FILEZ!!
Temjin wrote:R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\oafd.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {414F8057-5A35-4009-90FA-43267F6D68B6} - C:\WINDOWS\System32\oafd.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [MSZTCE] C:\WINDOWS\System32\MSZTCE.EXE
O4 - HKLM\..\Run: [w32sup] C:\WINDOWS\System32\w32sup.exe
O4 - HKLM\..\Run: [iyus] C:\WINDOWS\System32\iyus\pbeglenh.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Broken Internet access because of LSP provider 'spsublsp.dll' missing
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://www.wildtangent.com/install/wdri ... wtinst.cab
O16 - DPF: {BB0578ED-E672-4697-9663-EC5A0460B949} (SomaticCAB.Setup) - http://downloads.searchcentrix.com/install/weblz.CAB
-
Einhander Sn0m4n
- Insane Railgunner
- Posts: 18630
- Joined: 2002-10-01 05:51am
- Location: Louisiana... or Dagobah. You know, where Yoda lives.
Temjin you have a shitload of crap on there.
From the looks of it there is Hewlett-Packard printers/scanner installed, a Lexmark(they make really shitty printers) printer/scanner installed, +2 antivirus solutions, 3-4 movie/music apps, Mozilla(and your still using Internet Explorer?).
And all that junk is running.
You also have steam running. Kill that, it leaches bandwidth & hhd space without telling you.
Basicly a typical OEM machine, by HP if I guess correctly.
From the looks of it there is Hewlett-Packard printers/scanner installed, a Lexmark(they make really shitty printers) printer/scanner installed, +2 antivirus solutions, 3-4 movie/music apps, Mozilla(and your still using Internet Explorer?).
And all that junk is running.
You also have steam running. Kill that, it leaches bandwidth & hhd space without telling you.
Basicly a typical OEM machine, by HP if I guess correctly.
"Okay, I'll have the truth with a side order of clarity." ~ Dr. Daniel Jackson.
"Reality has a well-known liberal bias." ~ Stephen Colbert
"One Drive, One Partition, the One True Path" ~ ars technica forums - warrens - on hhd partitioning schemes.
"Reality has a well-known liberal bias." ~ Stephen Colbert
"One Drive, One Partition, the One True Path" ~ ars technica forums - warrens - on hhd partitioning schemes.
-
Temjin
- Jedi Council Member
- Posts: 1567
- Joined: 2002-08-04 07:12pm
- Location: Winnipeg, Manitoba, Canada
I can explain alot of that. When I'm not using my comp, and the main comp is occupied, one of my parents will usually go on mine. And they install a whole bunch shit they don't want me to get rid of. They bought me the computer, so who am I to say no?ggs wrote:Temjin you have a shitload of crap on there.
From the looks of it there is Hewlett-Packard printers/scanner installed, a Lexmark(they make really shitty printers) printer/scanner installed, +2 antivirus solutions, 3-4 movie/music apps, Mozilla(and your still using Internet Explorer?).
And all that junk is running.
You also have steam running. Kill that, it leaches bandwidth & hhd space without telling you.
Basicly a typical OEM machine, by HP if I guess correctly.
And yep, it's HP prefab. Came with a shitload of junk, but I got it for only $700.
And I want IE as a backup browser, since alot of sites will only work with IE.
"A mind is like a parachute. It only works when it is open."
-Sir James Dewar
Life should have a soundtrack.
-Sir James Dewar
Life should have a soundtrack.
-
Einhander Sn0m4n
- Insane Railgunner
- Posts: 18630
- Joined: 2002-10-01 05:51am
- Location: Louisiana... or Dagobah. You know, where Yoda lives.
Actually I think there are at www.spywareinfo.com but I would get my ass kicked royally by some of the people there. Think I'm a god? You haven't seen what some of them can do! Hint: Hijackthis and CWShredder didn't appear out of thin air...Ace Pace wrote:Thats a load of shit.
Einhander, to bad there arn't spyware cleaning contests ;P