-
Content Count
222 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by Snaxe
-
-
I believe so.
-
Other thread in Spyware/Adware Removal forum
Logfile of HijackThis v1.98.2
Scan saved at 12:46:36 PM, on 9/18/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\hphmon04.exe
C:\Program Files\Washer\washer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\McAfee.com\VSO\mcshield.exe
C:\Adnan\blackbox\blackbox.exe
C:\WINDOWS\system32\winlogon.exe
C:\Adnan\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thelazygamer.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSKUpd] C:\PROGRA~1\mcafee.com\shared\mghtml.exe mcp://C:\Program Files\McAfee\SpamKiller\mskupd.ui::chkupd.htm
O4 - HKLM\..\Run: [Mskexe] c:\program files\mcafee\spamkiller\spamkiller.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\System32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [Washer] c:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [PCBoost] "C:\Program Files\PCBoost\PCBoost.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Trillian.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct1_x.cab
O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab
O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/wt0_x.cab
O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://bin.mcafee.com/molbin/Shared/ComCtl...22/ComCtl32.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/2003...iTunesSetup.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsc...73/mcinsctl.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - http://www.napster.com/client/isetup.cab
O16 - DPF: {9FC87BC7-7963-4B70-8485-B1A41034C9A1} (CSonyPicturesGameDownloaderCtl Object) - http://www.shockwave.com/content/angelx/So...eDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_0_2_0.cab
-
I posted a log a while back and Pete C read it for me, but ok.
-
See, the thing is, none of those work. It says to get rid of registry entries and a file, none of which are existing on my computer. The only remnant of it is HKEY_LOCAL_MACHINE\SOFTWARE\BTIEIN and any subkeys.
The DSO Exploit no longer appears.
-
I use the Firefox Modern Theme. A lot of themes I find are just redone buttons. If they were to change other things, I'd probably get one of those. Apollo has some cool buttons.
-
well I don't know if microsoft is brave or stupid....recon they will find out soon enough.
I say stupid.......
Agreed.
-
I have been finding this for a while. In Spybot it finds it as HuntBar and says its in use. I run Spybot in safe mode and it still says its in use. I let it run at startup, it's still in use. Today I started finding the DSO Exploit which Spybot says gets deleted but finds again in an immediate scan after. Ad-Aware finds the IBIS ToolBar which from a Google I found is the same as the HuntBar. Also, they both list the same registry entry which it won't let me delete. I found a few ways to delete it via Google, but they were either too complicated and something I felt risky or they said to delete certain things which didn't exist. I really have no idea what else to post like an HJT log or something; just tell me what to post, and I will. Oh, XP Home SP1
-
Out of curiosity, I wondered what it does when you do █+PgUp/PgDn. It cycles programs for those of you too lazy to try it yourself. Normally, laziness is high on the list of priorities for me, but not this time.
-
█ will represent the windows key
█+D -- Show Desktop -- Also works with BBLean, shows your "real" desktop with icons
█+L -- Switch User
█, L, L -- Log Off User
█, U, U -- Shutdown
█, U, R -- Restart
█+R or █, R -- Run
EDITED
█ -- Start Menu
█+E -- Explore My Computer
BBLean Win Key shortcuts
█+D -- Display propertiesi
█+P -- Plugins.rc edit
█+S -- Current style edit
█ -- Main Men
█+Y -- Restore window
█+V -- Vertical maximize window
█+G -- Gather windows (bring all to one workspace)
█+Q -- Terminate shell
█+T -- Toggle tray
█+H -- Horizontal maximize
█+M -- Menu.rc edit
█+X -- Maximize window
█+N -- Minimize window
Certain Explorer shortcuts work in BBLean as well.
-
Nerelda, you like this smiley don't you ?
Add Disk Cleanup. It's in Start=>Programs=>Accessories=>System Tools=>Disk Cleanup for me, XP Home.
-
I think the minute wait feature is stupid and I don't ever plan on using it.
Go Beluga!
-
My name hmm...I really don't know. I know I came up with it several years ago and that it was most likely come up with a stupid reason. I was in third or fourth grade and, in my opinion, was an idiot. I use it everywhere. If you see a "Snaxe", it most likely is me. The only places I haven't gotten "Snaxe" at are at shizmoo, AIM, Yahoo, and MSN/Hotmail.
I recently made my avatar myself with The GIMP. My sig is plugging.
-
I'd rather have the quotes go straight to the reply box instead of having a separate one. The only problem with this is that some people have trouble editing the quotes.
As for the "Replying to..." you could try just using hte fast reply box. You have to push the button for it to show. There's an option in the My Controls to have it always open if you so desire.
Is it even possible to do what CurlingSteve was talking about with highlighting the text and then quoting it?
One thing I would like to see is a separate button that quotes to the fast reply box instead.
That's just me...
-
I got the same things BitBanger got and I'm on Firefox 0.9.3. I just made a value for the network.http.pipelining.firstrequests
-
Good suggestion. Something not bright will do for me.
-
I wouldn't bet on it.
-
I apologize for not providing links and for any repeats.
Spybot Search and Destroy
SpywareBlaster
A squared
Ad-Aware SE
The GIMP
iTunes
Trillian
Firefox
Vim
Zone Alarm
any utility that can recover deleted files
-
Thanks, but it's supposed to be animated...
-
'Tis what I did, refused it saying the extension was denied. Most likely due to the fact that it didn't really have an extension. The URL for it is http://tinypic.com/2nmn8
-
I think the avatar size limit should be 160x160. It'll make my avatar look better . Any bigger though and the left side starts to move accordingly. Also, it doesn't allow my sig image. I have it hosted at tinypic.com and when I submit it says that the file format isn't allowed. Let's see if it allows it here:
nope
Odd, it told me the 30 second flood control thing when at the G4techTV forums it's twice as long and have never seen it except when editing posts...
-
Go to My Controls=>Board options=>time zone
-
Feels familiar to me 'cause my boards use the IPB too..
Ibis Toolbar/huntbar Removal
in Malware Removal
Posted
Well, it keeps showing up in Spybot and Ad Aware. I think the only thing of it that's on my computer is a few registry keys. I can go to them, but it says there's an error when I try to delete them. When I try to get rid of them with Spybot, it says that it couldn't be fixed and to try at startup. I did that and I also tried in safe mode. With Ad Aware, it just acts like it did, but if I immediately do another scan it finds the same thing. The registry key is HKEY_LOCAL_MACHINE\SOFTWARE\BTIEIN and when I try to delete it it says "Can not delete BTIEIN - Error while deleting key"