Hijack This Log - Please help

30BR · 17-Jul-2004, 05:20 PM #1

I am trying to get rid of mywebsearch toolbar in I.E. 6.0. Here is my Hijack log.

Thanks

StartupList report, 7/17/2004, 3:02:52 PM
StartupList version: 1.52.2
Started from : F:\Downloads\Hijackthis\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~3\NPROTECT.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\program files\support.com\bin\tgcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\Iomega HotBurn\Autolaunch.exe
C:\WINDOWS\System32\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SYSTEM32\USRshutA.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\System32\hphmon04.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\showmulti\defynounpile.exe
C:\Program Files\Sierra\Planner\PLNRnote.exe
C:\Palm\HOTSYNC.EXE
C:\WINDOWS\System32\HPHipm11.exe
C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe
C:\Program Files\SBC\Connection Manager\CManager.exe
C:\PROGRA~1\BROADJ~1\CORREC~1\CCD.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Downloads\Hijackthis\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Jay Mead\Start Menu\Programs\Startup]
Camio Viewer.lnk = C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe
Connection Manager.lnk = C:\Program Files\SBC\Connection Manager\CManager.exe
PowerReg SchedulerV2.exe

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Event Planner Reminders Tray Icon.lnk = C:\Program Files\Sierra\Planner\PLNRnote.exe
HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
Quicken Scheduled Updates.lnk = F:\QUICKENW\bagent.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

HPDJ Taskbar Utility = C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
CXMon = "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
BJCFD = C:\Program Files\BroadJump\Client Foundation\CFD.exe
tgcmdprovidersbc = "c:\program files\support.com\bin\tgcmd.exe" /server /startmonitor /deaf /nosystray
MMTray = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
USRpdA = C:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA
Drag'n'Drop_Autolaunch = "C:\Program Files\Iomega HotBurn\Autolaunch.exe"
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
QuickTime Task = C:\WINDOWS\System32\qttask.exe
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
AcctMgr = C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
mmtask = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
HPHmon04 = C:\WINDOWS\System32\hphmon04.exe
HPHUPD04 = F:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe
MessengerPlus3 = "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
Extra once = C:\PROGRA~1\showmulti\defynounpile.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Symantec NetDriver Monitor = C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

washindex = C:\Program Files\Washer\washidx.exe

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=wbsys.dll

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ssbezier.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\MyWay\SearchAt\1.bin\MWSSRCAS.DLL - {00A6FAF1-072E-44cf-8957-5838F569A31D}
(no name) - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\MyWay\bar\1.bin\MWSBAR.DLL - {07B18EA1-A523-4961-B6BB-170DE4475CCA}
(no name) - C:\PROGRA~1\SECOND~1\Support delete.dll - {7FE6BB8E-00DB-D2D1-E132-B4FB2E3143EF}
(no name) - C:\WINDOWS\System32\IETie.dll - {9527D42F-D666-11D3-B8DD-00600838CD5F}
(no name) - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll - {9ECB9560-04F9-4bbc-943D-298DDF1699E1}
(no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Norton AntiVirus - Scan my computer - Jay Mead.job
Norton AntiVirus - Scan my computer.job
Norton SystemWorks One Button Checkup.job
Symantec Drmc.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[Checkers Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab

[Microsoft Office Template and Media Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL
CODEBASE = http://office.microsoft.com/templates/ieawsdc.cab

[QuickTime Object]
InProcServer32 = C:\WINDOWS\System32\QTPlugin.ocx
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

[MetaStreamCtl Class]
InProcServer32 = C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream.dll
CODEBASE = https://components.viewpoint.com/MTS...etaStream3.cab

[sys Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\PCPitstop.dll
CODEBASE = http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

[LiveUpdate Crescendo]
InProcServer32 = C:\WINDOWS\System32\cres.ocx
CODEBASE = http://www.liveupdate.com/controls/getcab5.dll

[Musicnotes Viewer]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\mnviewer.dll
CODEBASE = http://www.musicnotes.com/download/mnviewer.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll
CODEBASE = http://download.macromedia.com/pub/s...irector/sw.cab

[Brix6ie Control]
InProcServer32 = C:\WINDOWS\brix6ie.ocx
CODEBASE = http://a19.g.akamai.net/7/19/7125/14...v7/brix6ie.cab

[{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}]
CODEBASE = http://ak.imgfarm.com/images/nocache...tup1.0.0.6.cab

[ChainCast VMR Client Proxy]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ccpm_0237.dll
CODEBASE = http://www.streamaudio.com/download/ccpm_0237.cab

[{29C13B62-B9F7-4CD3-8CEF-0A58A1A99441}]
CODEBASE = http://fdl.msn.com/public/chat/msnchat41.cab

[YInstStarter Class]
InProcServer32 = C:\Program Files\Yahoo!\common\yinsthelper.dll
CODEBASE = http://download.yahoo.com/dl/installs/yinst0401.cab

[Cult3D ActiveX Player]
InProcServer32 = C:\WINDOWS\System32\Cult3D\IECult.dll
CODEBASE = http://www.cult3d.com/download/cult.cab

[RdxIE Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\RdxIE.dll
CODEBASE = http://207.188.7.150/1655e00218467b7...tzip/RdxIE.cab

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeup...ntent/opuc.cab

[{4129EA54-F04E-11D3-BF96-00C04F0E7BE2}]
CODEBASE = http://www109.coolsavings.com/download/cscmv4X.cab

[{41F17733-B041-4099-A042-B518BB6A408C}]
CODEBASE = http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe

[ChainCast VMR Client Proxy]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ccpm_0223.dll
CODEBASE = http://64.124.45.181/download/ccpm_0223.cab

[{51045741-8C4E-4EAC-8F03-08E43A6FBB29}]
CODEBASE = http://aft.ancestry.com/aftfiles/fil...FamilyTree.cab

[RdxIE Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\RdxIE.dll
CODEBASE = http://207.188.7.150/14dd0fee3d2cae9...p/RdxIE601.cab

[OPUCatalog Class]
InProcServer32 = C:\WINDOWS\System32\opuc.dll
CODEBASE = http://office.microsoft.com/productu...ntent/opuc.cab

[AXELPlayer Class]
InProcServer32 = C:\WINDOWS\System32\MindAvenue\AXELPlayer\AXELPlayer15109.dll
CODEBASE = http://www.mindavenue.com/Downloads/...erAX_Win32.cab

[ExentInf Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\exentctl_0_0_0_1.ocx
CODEBASE = http://us.games2.yimg.com/download.g...tl_0_0_0_1.ocx

[PWMediaSendControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\PWActiveXImgCtl.dll
CODEBASE = http://216.249.24.140/code/PWActiveXImgCtl.CAB

[DiskHealth Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\diskhealth.dll
CODEBASE = http://www.pcpitstop.com/pcpitstop/diskhealth.cab

[SysVerChk Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\SYSVER~1.OCX
CODEBASE = http://pointa.autodesk.com/portal/la.../SysVerChk.ocx

[ImageControl Class]
InProcServer32 = C:\WINDOWS\System32\MFImgVwr.ocx
CODEBASE = http://content.ancestry.com/asfiles/...l/MFImgVwr.cab

[AcDcToday Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\ACDCTO~1.OCX
CODEBASE = file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx

[MSN Chat Control 4.2]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MSNChat42.ocx
CODEBASE = http://fdl.msn.com/public/chat/msnchat42.cab

[MrSIDI Control]
InProcServer32 = C:\WINDOWS\MrSIDI.ocx
CODEBASE = http://images.myfamily.net/isfiles/downloads/MrSIDI.cab

[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE = http://messenger.zone.msn.com/binary...tatsClient.cab

[InstallShield International Setup Player]
InProcServer32 = c:\windows\DOWNLO~1\isetup.dll
CODEBASE = http://www.installengine.com/engine/isetup.cab

[RegConfig Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\yregcfg.dll
CODEBASE = http://download.yahoo.com/dl/install...od/yregcfg.cab

[Update Class]
InProcServer32 = C:\WINDOWS\System32\iuctl.dll
CODEBASE = http://v4.windowsupdate.microsoft.co...633.5719907407

[ScorchPlugin Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\NPSibelius.dll
CODEBASE = http://www.sibelius.com/download/sof...iveXPlugin.cab

[NOXLATE-BANR]
InProcServer32 = C:\WINDOWS\DOWNLO~1\InstBanr.Ocx
CODEBASE = http://pointa.autodesk.com/portal/lang/enu/InstBanr.Ocx

[YAddBook Class]
InProcServer32 = C:\PROGRA~1\Yahoo!\common\yaddbook.dll
CODEBASE = http://us.dl1.yimg.com/download.yaho...tocomplete.cab

[ExteriorSurround Object]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\Outside.ocx
CODEBASE = http://autos.msn.com/Components/Ocx/...or/Outside.cab

[Symantec RuFSI Registry Information Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll
CODEBASE = http://security.symantec.com/sscv6/S.../bin/cabsa.cab

[InstaFred]
InProcServer32 = C:\WINDOWS\DOWNLO~1\InstFred.Ocx
CODEBASE = http://pointa.autodesk.com/portal/lang/enu/InstFred.Ocx

[ScanMe Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\mssecure.dll
CODEBASE = http://download.microsoft.com/downlo...ssecuredll.cab

[ContentAuditX Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\ContentAuditControl.ocx
CODEBASE = http://a840.g.akamai.net/7/840/5805/...ditControl.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/s...sh/swflash.cab

[Genealogy Browser]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\zinst.dll
CODEBASE = http://66.119.139.74/cabs/zinst.cab

[CFForm Runtime]
InProcServer32 = C:\WINDOWS\System32\MSJAVA.DLL
CODEBASE = https://ecommerce.polygon.net/CFIDE/classes/CFJava.cab

[MozillaPluginHostCtrl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\pluginhostctrl.dll
CODEBASE = http://www.musicnotes.com/download/adaptor.cab

[CarPoint Auto-Pricer Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\AutoPricer.ocx
CODEBASE = http://carpoint.msn.com/components/o...autopricer.cab

[Microsoft Office Tools on the Web Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\OUTC.DLL
CODEBASE = http://officeupdate.microsoft.com/Te...loads/outc.cab

[DetectMN]
InProcServer32 = C:\Program Files\MusicNotes\Player\Detectmn.dll
CODEBASE = http://www.musicnotes.com/download/npmusicn.cab

[EPSImageControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\EPScontrol.dll
CODEBASE = http://tools.ebayimg.com/eps/activex...l_v1-0-3-0.cab

[QDiagHUpdateObj Class]
InProcServer32 = C:\WINDOWS\System32\qdiagh.ocx
CODEBASE = http://h30043.www3.hp.com/ps/en/check/qdiagh.cab?319

[&Yahoo! Companion]
InProcServer32 = C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
CODEBASE = http://us.dl1.yimg.com/download.comp...bio5_1_6_0.cab

[AcPreview Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\ACPREV~1.OCX
CODEBASE = file://C:\Program Files\AutoCAD 2002\AcPreview.ocx

[Solitaire Showdown Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll
CODEBASE = http://messenger.zone.msn.com/binary...reShowdown.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
End of report, 18,139 bytes
Report generated in 2.123 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

Styxx · 17-Jul-2004, 05:52 PM #2

Please post your HijackThis log.

30BR · 17-Jul-2004, 08:54 PM #3

Logfile of HijackThis v1.98.0
Scan saved at 6:51:40 PM, on 7/17/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~3\NPROTECT.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\program files\support.com\bin\tgcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\Iomega HotBurn\Autolaunch.exe
C:\WINDOWS\System32\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SYSTEM32\USRshutA.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\System32\hphmon04.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\showmulti\defynounpile.exe
C:\Program Files\Sierra\Planner\PLNRnote.exe
C:\Palm\HOTSYNC.EXE
C:\WINDOWS\System32\HPHipm11.exe
C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe
C:\Program Files\SBC\Connection Manager\CManager.exe
C:\PROGRA~1\BROADJ~1\CORREC~1\CCD.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Downloads\Hijackthis\HijackThis.exe

O1 - Hosts: comments (such as these) may be inserted on individual
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWay\bar\1.bin\MWSBAR.DLL
O2 - BHO: pingmix - {7FE6BB8E-00DB-D2D1-E132-B4FB2E3143EF} - C:\PROGRA~1\SECOND~1\Support delete.dll
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\System32\IETie.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [tgcmdprovidersbc] "c:\program files\support.com\bin\tgcmd.exe" /server /startmonitor /deaf /nosystray
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [USRpdA] C:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA
O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn\Autolaunch.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\System32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] F:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Extra once] C:\PROGRA~1\showmulti\defynounpile.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O4 - Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe
O4 - Startup: Connection Manager.lnk = C:\Program Files\SBC\Connection Manager\CManager.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Program Files\Sierra\Planner\PLNRnote.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = F:\QUICKENW\bagent.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save with Download Manager... - C:\Program Files\J River\Media Jukebox\DMDownload.htm
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTS...etaStream3.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {0FC6BF2B-E16A-11CF-AB2E-0080AD08A326} (LiveUpdate Crescendo) - http://www.liveupdate.com/controls/getcab5.dll
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {1954A4B1-9627-4CF2-A041-58AA2045CB35} (Brix6ie Control) - http://a19.g.akamai.net/7/19/7125/14...v7/brix6ie.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...tup1.0.0.6.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {29C13B62-B9F7-4CD3-8CEF-0A58A1A99441} - http://fdl.msn.com/public/chat/msnchat41.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} (RdxIE Class) - http://207.188.7.150/1655e00218467b7...tzip/RdxIE.cab
O16 - DPF: {4129EA54-F04E-11D3-BF96-00C04F0E7BE2} - http://www109.coolsavings.com/download/cscmv4X.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {4DB565BD-A306-415B-ADCB-336EAAE8D262} (ChainCast VMR Client Proxy) - http://64.124.45.181/download/ccpm_0223.cab
O16 - DPF: {51045741-8C4E-4EAC-8F03-08E43A6FBB29} - http://aft.ancestry.com/aftfiles/fil...FamilyTree.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/14dd0fee3d2cae9...p/RdxIE601.cab
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/...erAX_Win32.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yimg.com/download.g...tl_0_0_0_1.ocx
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.140/code/PWActiveXImgCtl.CAB
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) - http://www.pcpitstop.com/pcpitstop/diskhealth.cab
O16 - DPF: {737D14F8-4090-11D4-AE0E-0010830243BD} (SysVerChk Control) - http://pointa.autodesk.com/portal/la.../SysVerChk.ocx
O16 - DPF: {75565ED2-1560-4F15-B841-20358DE6A0D1} (ImageControl Class) - http://content.ancestry.com/asfiles/...l/MFImgVwr.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} (MSN Chat Control 4.2) - http://fdl.msn.com/public/chat/msnchat42.cab
O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://images.myfamily.net/isfiles/downloads/MrSIDI.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - http://pointa.autodesk.com/portal/lang/enu/InstBanr.Ocx
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) - http://autos.msn.com/Components/Ocx/...or/Outside.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - http://pointa.autodesk.com/portal/lang/enu/InstFred.Ocx
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) - http://a840.g.akamai.net/7/840/5805/...ditControl.cab
O16 - DPF: {D68217F4-1DF9-45C1-BFA6-61DBD5464527} (Genealogy Browser) - http://66.119.139.74/cabs/zinst.cab
O16 - DPF: {D702FBF4-EE60-11D0-BD5B-00A0C91F4635} (CFForm Runtime) - https://ecommerce.polygon.net/CFIDE/classes/CFJava.cab
O16 - DPF: {DBB2DE32-61F1-4F7F-BEB8-A37F5BC24EE2} (MozillaPluginHostCtrl Class) - http://www.musicnotes.com/download/adaptor.cab
O16 - DPF: {DED22F57-FEE2-11D0-953B-00C04FD9152D} (CarPoint Auto-Pricer Control) - http://carpoint.msn.com/components/o...autopricer.cab
O16 - DPF: {E09F6B38-3A0D-11D3-B5E7-0008C7BF61F2} (DetectMN) - http://www.musicnotes.com/download/npmusicn.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...l_v1-0-3-0.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/ps/en/check/qdiagh.cab?319
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (&Yahoo! Companion) - http://us.dl1.yimg.com/download.comp...bio5_1_6_0.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...reShowdown.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{86CFF698-E693-4A02-9EF5-F32F24D75DA4}: NameServer = 151.164.23.201 151.164.1.8
O20 - AppInit_DLLs: wbsys.dll

Styxx · 17-Jul-2004, 11:51 PM #4

Run HJT click Scan, check these items, click Fix Checked.

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWay\bar\1.bin\MWSBAR.DLL

O17 - HKLM\System\CCS\Services\Tcpip\..\{86CFF698-E693-4A02-9EF5-F32F24D75DA4}: NameServer = 151.164.23.201 151.164.1.8
O20 - AppInit_DLLs: wbsys.dll

Styxx · 17-Jul-2004, 11:53 PM #5

Close your internet browser, all other programs, doing the below, restart your computer and then generate your Hijack This log.

Clear your browser's Cache and key folders before you generate a HJT log:

Click the Start button; Point to Control Panel, select Internet Options; In the box that opens, click the Clear History; Delete Cookies And Delete Files buttons (tick the box next to, 'Delete all off-line content', each in turn; In the box that opens after activating each button, click the OK button. Click OK to close the Internet Options window.

Clear the contents of the c:\Windows\Cookies; Temporary Internet Files and Temp folders. In WinXP this involves a little more mouse clicking; First entering Control Panel; Opening Folder Options and click the View tab; Then scrolling to put a mark in the Radio button to select 'Show hidden files and folders'; Then click the Apply button then click the OK button. Then Open My Computer; Double-click Local Disk [C:]; Double-click Documents and Settings; Open the 'primary' user's folder, open and empty all contents but Index.dat of the Cookies folder; Back in the Documents and Settings folder; Open the Local Settings folder, where you empty the contents of the Temp and Temporary Internet Files folders.

***

You've got way too much running at Windows startup.

MSCONFIG - Reduce Your Startup Load

When a computer suffers from progressively slower performance, has more frequent freezes and error messages, has a longer startup time, and starts out with a smaller percentage of system resources, the problem can usually be attributed to a bloated startup load.

To start, heck your available resources by right-clicking My Computer; clicking Properties; Click the Performance tab. Resources available are displayed as percent there at top. Check it when you get done running the System Configuration Utility mentioned below.

Most name-brand computers come with a number of pre-installed programs that load during startup and run in the background. As you install more programs, many of them add themselves to the startup load. This can be seen by the growing number of icons in the taskbar and the growing number of listings in the Close Program box (press Ctrl + Alt + Delete keys simultaneously, on your keyboard, once to open it).

With the introduction of Windows 98 came the MSCONFIG utility. This makes it much easier than Windows 95 does to trim down the startup load. Unfortunately, many people fail to make use of it.

Click the Start button; Run; type 'msconfig', without the quotation marks, in the Run box and click OK; Then click the Startup tab; Uncheck anything you don't need running in the background. For reference on what's not needed running in the background in the System Configuration Utility, view this website first and print out the list:

The Whidbey site

http://www2.whidbey.net/djdenham/Running_items.htm

(Scroll down the list, which is in alphabetical order)

The Kricks site

http://www.3feetunder.com/krick/startup/list.html

Scroll down the list, which is in alphabetical order. One nice thing about this site are the entries that are highlighted in red, which will help you to determine if your computer has been infected by a virus/worm)

***

In the System Configuration Utility (SCU), you can uncheck programs you suspect one at a time and restart your computer. If something doesn't work right, you can always go back into the SCU and re-check it and restart your computer via the Start button. The changes are completely reversible by re-checking an item in SCU or by selecting Normal Startup under the General tab in the SCU and all the programs listed run when Windows starts as it was before you started.

(Note: Three items that you should not disable are ScanRegistry, SystemTray, and your anti-virus program. Windows ME users additionally should not disable StateMgr and PCHealth because it will prevent System Restore from running)

What happens if you accidentally disable one that you do want to load during startup and run in the background? Very simple. Go back into the MSCONFIG startup tab and recheck it.

Most of these programs do not need to load during startup and run in the background, so many of you will discover that you can easily trim your startup load by 50% or more.

Windows 95 users, do not despair. The MSCONFIG utility will also work with Windows 95. Once you obtain a copy of it, move or copy it to the C:\Windows\System folder, then reboot your computer. Do not attempt to activate it by double-clicking it or you will receive an error message. To activate it, click Start - Run, type in MSCONFIG, then click OK - Startup(tab).

For those Windows 95 users who want to make use of it, you can download a copy of it from here.

In closing, I just want to remind you of what you read at the beginning of this article. Whenever you install new programs and update older programs, new entries will be added to the MSCONFIG startup tab. Multimedia, chat, telephony, and programs that contain "spyware" are some of the worse offenders for doing this. You need to be vigilant and check the startup load on a regular basis. If you do not need to have a program load during startup and run in the background, uncheck and disable it.

If you are unsure about certain programs in your startup list and if you should disable them, feel free to contact me here and tell me what they are.

***

Get, install, update and run free Ad-aware (and its HexDump plug-in) from http://www.lavasoftusa.com/software/adaware/

First in the main window look in the bottom right corner and click on Check for updates now and download the latest referencefiles.

Make sure the following settings are made and on -------ON=GREEN

From main window :Click Start then Activate in-depth scan (recommended)

Click Use Custom Scanning Options' then click Customize' and have these options selected: Under Drives and Folders put a check by Scan Within Archives and below that under Memory and Registry put a check by all the options there.

Now click on the Tweak button in that same window. Under Scanning engine select: Unload recognized processes during scanning and under Cleaning Engine select: Let windows remove files in use at next reboot

Click proceed to save your settings.

Now to scan just click the Next button.

When the scan is finished mark everything for removal and get rid of it.(Right-click the window and choose select all from the drop down menu and click Next)

Restart your computer.

***

You might post exactly what programs you have in the Add/Remove Programs Control Panel list box.

***

Go to http://housecall.trendmicro.com or http://www.pandasoftware.com/actives..._principal.htm and click the Scan Now link to run a free on-line virus scan.

***

What anti-virus are you using? If you're running Mcaffee or Norton anti-virus and have not recently paid for a one year subscription to download weekly new virus definitions, you might consider getting free AntiVir 6 from http://free-av.com - Uninstalling Mcaffee; Restarting your computer and installing free AntiVir Anti-virus 6.0.

Tag Cloud
acer asus bios blue screen boot bsod computer crash drive driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory missing monitor motherboard mouse network networking printer problem ram registry router slow software sound toshiba trojan usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Find the solution to yourcomputer problem!

Find the solution to your
computer problem!