NO luck getting replys other sites? hjt log

NOT sure why but I have tried two other sites and on one site I got ONE reply, no help.....the other I got NO replies. hm

Anyway.......I am in need to clear up some downloaded stuff my kid has gotten into. This is and IMPROVED hjt log. You should have seen it before.

Thanks for any help.
Steve

Logfile of HijackThis v1.97.7
Scan saved at 3:27:07 AM, on 12/18/05
Platform: Windows 98 Gold (Win9x 4.10.2222)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\ALISNDMG.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\EN-US\MSNAPPAU.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\UNZIPPED\HIJACKTHIS[1]\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mchsi.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Mediacom Online
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEINT.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\PROGRAM FILES\YAHOO!\COMMON\YIETAGBM.DLL
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRAM FILES\YAHOO!\COMMON\YIESRVC.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRAM FILES\ICQTOOLBAR\TOOLBAR.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ALiSndMgr] ALiSndMg.exe
O4 - HKLM\..\Run: [SAClient] "C:\PROGRAM FILES\MEDIACOM\BBCLIENT\Programs\RegCon.exe" /admincheck
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ccleaner] "C:\PROGRAM FILES\CCLEANER\CCLEANER.exe" /AUTO
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Download with Star Downloader - C:\PROGRAM FILES\STAR DOWNLOADER\sdie.htm
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRAM FILES\ICQTOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: ICQ 4 (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O9 - Extra button: Yahoo! Services (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.mchsi.com
O15 - Trusted Zone: http://www.tradgang.com
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://www.easports.com/downloads/games/common/snoopy/iesnoopy.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38197.7054513889
O16 - DPF: {1B9935E4-8A50-4DD8-BD09-A7518723BF97} (eAssist NetAgent Customer ActiveX Control version 3) - http://www.cabeagent.com/netagent/objects/custappx3.CAB
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: YExplorer1_8US.CAB - http://photos.groups.yahoo.com/ocx/us/yexplorer1_8us.cab
O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://directv.direcway.com/dwayready/dpcsysinfo.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c6.cab
O16 - DPF: ChatSpace Full Java Client 3.1.0.224 - http://66.28.246.1:9000/Java/cfs31224.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6us.cab
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} - http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab

 

Thanks.......here is new log

Thanks for the update on hjt. I should have checked on that.

Here is the new log file.

REALLY appreciate the help, all!

Logfile of HijackThis v1.99.1
Scan saved at 7:39:39 AM, on 12/18/05
Platform: Windows 98 Gold (Win9x 4.10.2222)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\ALISNDMG.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\EN-US\MSNAPPAU.EXE
C:\UNZIPPED\HIJACKTHIS[1]\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mchsi.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Mediacom Online
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEINT.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\PROGRAM FILES\YAHOO!\COMMON\YIETAGBM.DLL
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRAM FILES\YAHOO!\COMMON\YIESRVC.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRAM FILES\ICQTOOLBAR\TOOLBAR.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ALiSndMgr] ALiSndMg.exe
O4 - HKLM\..\Run: [SAClient] "C:\PROGRAM FILES\MEDIACOM\BBCLIENT\Programs\RegCon.exe" /admincheck
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ccleaner] "C:\PROGRAM FILES\CCLEANER\CCLEANER.exe" /AUTO
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Download with Star Downloader - C:\PROGRAM FILES\STAR DOWNLOADER\sdie.htm
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRAM FILES\ICQTOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRAM FILES\YAHOO!\COMMON\YIESRVC.DLL
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.mchsi.com
O15 - Trusted Zone: http://www.tradgang.com
O15 - Trusted Zone: http://*.tradgang.com
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://www.easports.com/downloads/games/common/snoopy/iesnoopy.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {1B9935E4-8A50-4DD8-BD09-A7518723BF97} (eAssist NetAgent Customer ActiveX Control version 3) - http://www.cabeagent.com/netagent/objects/custappx3.CAB
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: YExplorer1_8US.CAB - http://photos.groups.yahoo.com/ocx/us/yexplorer1_8us.cab
O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://directv.direcway.com/dwayready/dpcsysinfo.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c6.cab
O16 - DPF: ChatSpace Full Java Client 3.1.0.224 - http://66.28.246.1:9000/Java/cfs31224.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6us.cab
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab

 

Hello. I am not sure if TonyT is going to try to help or not so just in case, here is my recommendation.

Run HJT and place checkmark next to the following itemsDefinite problems)
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Me.../bridge-c6.cab


now click on Fix Selected and when finished, restart your computer.

if you dont already have them - download, install, update, scan and fix anything found whith each of the following programs in the order listed:
AdAware SE at http://www.download.com/Ad-Aware-SE...153545.html?part=dl-ad-aware&subj=dl&tag=top5
SpyBot Search and Destroy at http://www.spybot.info/en/index.html
CWShredder at http://www.intermute.com/spysubtract/cwshredder_download.html

Now restart your computer and run HiJack this and post a new log. (you should be running better at this point)


Questionable items: (research and decide for yourself AFTER you complete the above. they may be gone at that point anyways.)

Quick Time and Real Player are both very bad about running themselves and "phoneing home" without you knowing about it. make sure you know EXACTLY what this is. if you dont need this, "fix it "
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab

Make sure you know where these lead to. unless it is ABSOLUTELY necessary I would not have ANY trusted sites listed. I dont even have any trusted sites in my local intranet but everything including file and printer shareing on my local network works perfectly.

O15 - Trusted Zone: http://www.tradgang.com
O15 - Trusted Zone: http://*.tradgang.com

Hope this helps.

 

I've been working on it all day....take a look now.

My son uses the two media players but......they don't load on boot, unless doing so invisible somehow.

Thanks for the other advice too. I'll keep it in mind and check things out.

Here is what I ended up with an hour ago.

YOUR advice is appreciated........MERRY CHRISTMAS!

Steve

Logfile of HijackThis v1.99.1
Scan saved at 6:48:23 PM, on 12/18/05
Platform: Windows 98 Gold (Win9x 4.10.2222)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\ALISNDMG.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\EN-US\MSNAPPAU.EXE
C:\PROGRAM FILES\WISDOM-SOFT SCREENHUNTER\SCREENHUNTER.EXE
C:\UNZIPPED\HIJACKTHIS[1]\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mchsi.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Mediacom Online
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEINT.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\PROGRAM FILES\YAHOO!\COMMON\YIETAGBM.DLL
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRAM FILES\YAHOO!\COMMON\YIESRVC.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRAM FILES\ICQTOOLBAR\TOOLBAR.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ALiSndMgr] ALiSndMg.exe
O4 - HKLM\..\Run: [SAClient] "C:\PROGRAM FILES\MEDIACOM\BBCLIENT\Programs\RegCon.exe" /admincheck
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ccleaner] "C:\PROGRAM FILES\CCLEANER\CCLEANER.exe" /AUTO
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Download with Star Downloader - C:\PROGRAM FILES\STAR DOWNLOADER\sdie.htm
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRAM FILES\ICQTOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRAM FILES\YAHOO!\COMMON\YIESRVC.DLL
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.mchsi.com
O15 - Trusted Zone: http://www.tradgang.com
O15 - Trusted Zone: http://*.tradgang.com
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://www.easports.com/downloads/games/common/snoopy/iesnoopy.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: YExplorer1_8US.CAB - http://photos.groups.yahoo.com/ocx/us/yexplorer1_8us.cab
O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://directv.direcway.com/dwayready/dpcsysinfo.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6us.cab
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab

 

about Tradgang

I'll probably remove those later. I had one HECK of a time getting IN that site and it's not anything but a bunch of bowhunters. Took ME DAYS to get accepted and this setting was the ONLY way to do so.

thanks again

 

Hello stevenSR,
Looks like you did a great job. dont worry about the media plarers. just an FYI. something you had was using the java and quicktime active x. looks like they are gone now. you can compare the 2 postings and see that these are no longer listed in your HJT log.
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
O16 - DPF: ChatSpace Full Java Client 3.1.0.224 - http://66.28.246.1:9000/Java/cfs31224.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
obviously you still have QuickTime and im sure you didnt uninstall Java.
Anyways, I would now do the following:
go into the internet options in the control panel. click on the security tab and under trusted sites, remove any and all that are listed. click OK OK OK until you are out of the internet options.
Now under the start menu > all programs > accessories > system tools click on system restore and create a new restore point. Name it whatever you like. close out of there when it is complete and open Disk Cleanup. (in the same location as system restore) under the more options tab you will see system restore. click on the clean up button. then click OK. when it is finished, run CCleaner again. now shut down your computer, wait 10 - 15 seconds and you can then restart your computer.

***CONGRADULATIONS! YOU KICKED THIER BUTT! YOUR SYSTEM IS CLEAN!!!***
not sure what firewall you are running but make sure you have 1. if you are using the windows firewall, hopefully you are behind a router.
Right on stevenSR, HAPPY SURFING AND MERRY CHRISTMAS TO YOU AND YOUR FAMILY!!!

 

Windows 98

I don't have a 'system restor' option in Windows 98se unless it's hidden somewhere that I was unaware of.

thanks

 

hmmm. not sure about the win 98se. havent dealt with that program for years. will check on it for you. as long as you did everything else you should be good to go.
When I find out ill let you know. unless someone more up on that OP has anything to add on the subject?
Happy surfin bro!
D

 

BTW how is it runnin now?

BTW How is your system running now?
would like to know.
havent had time to actually check on the win 98se restore thing but if my memory serves me correctly, that option did not come into play until XP.

 

A LOT better.

It is running much , much smoother and faster. Only real problem I notice now is the speed at which I run out of ram.

I did a check on yahoo messenger ( the new one ) and found it to be the villian, at least iMO.

Only running 320mb of ram and start after boot with 86 percent remaining. Fire up yahoo messenger, I'm at 65 percent. OUCH.

My MB is a 1.3 atlon that takes both sdr and ddr. I need to pick up some ddr ram to replace the sdr. I'll start with 512...I would think that would be sufficient.

My son wasn't aware I was working on the computer. He left me a note today.
"WHAT THE H DID YOU DO TO MAKE THE COMPUTER RUN SO MUCH BETTER??!!" LOL

Hoping to build a larger on this coming year. Just my hobby. I keep thinking a RAID 0 + 1 but honestly, I have no need for that kind of speed and the duplication.......just think it's neat.

Boys and their toys!!

Thanks SO much for your help. I look forward to studying the hjt log help files I have saved to learn that better myself.

MERRY CHRISTMAS!

 

right on man. yahoo is bad for that(amongst other things) try disableing some of the features like the auto away mode and things of that nature. if you run more than 1 messenger program you should check this 1 out. its what I use.
trillian at http://ceruleanstudios.com/
basic is free and pro version (enables video confrencing) is $25 you already have quicktime so you will be set. wont use near as much space as yahoo and you can access any yahoo mail with any browser so just uninstall yahoo completely from your system.
also if you dont mind the input, when you get ready to build, if you want performance(like me ) use a raid 0 and do regular backups to another location like an external harddrive or in my case an internal that is set alone for that type of stuff. I run a SATA 2 - raid 0 array and normal transfer rate ( not maxin it or stressin it) is 137 mbps. just be sure to do normal backups in case of a hardware failure or you are ******* if that was to happen.
HAPPY SURFIN BRO AND MERRY CHRISTMAS! YOU KICKED A**!!!

 

Thanks to you both!

Mrs. Smith.....it is always a treat to see what others use and suggest.......and why! MY THANKS for it and all the above.

TonyT......super. I would be way behind learning all I can about computers if not for those kind people ......like yourself.

I kicked in the "Resource Meter" AND installed Freeram xp pro. I seem to run out of resource EXTREMELY fast and yes......upgrading to xp is in the plans.

That will be on another computer. I have WAY too many programs here I will lose with xp (pro version, thanks).

Money is short.....times are hard.......and all that, but I'll get there.

Having never sat down at a computer till 1998,(age 46) I immediately was hooked......HAD TO KNOW "what was what ", how "what DID what" and how I could build, upgrade, and "learn it all ". LOL........long road, and a huge task that will neer be completed, of course.

But OHHHHHHHH such fun!

ty to all! Always a pleasure to get advice from those in the know.

Steve

 

right on TonyT!
and keep on truckin stevenSR!
HAPPY SURFIN!!!