123 Mania Again Sorry (Resolved)

  1. 20-07-2004  #1
    frazer_r
    frazer_r is offline Newbie

    123 Mania Again Sorry (Resolved)

    Hi ,

    I've been given the task of fixing my cousins old IBM thinkpad win98 laptop. He got the 123 mania thing and I need to get rid of it. Here the log form hijackthis. Hope you can help me with this problem.


    Many thanks in advance..


    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\IRMON.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TPHKMGR.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\WINDOWS\SYSTEM\PRPCUI.EXE
    C:\CFGSAFE\AUTOCHK.EXE
    C:\WINDOWS\SYSTEM\IBMBAYSN.EXE
    C:\WINDOWS\SYSTEM\IBMBAY2M.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\PDIRECT.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TP98.EXE
    C:\WINDOWS\SYSTEM\S3MON.EXE
    C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TPONSCR.EXE
    C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
    C:\PROGRAM FILES\LEXMARKX84-X85\ACMONITOR_X84-X85.EXE
    C:\PROGRAM FILES\LEXMARKX84-X85\ACBTNMGR_X84-X85.EXE
    C:\WINDOWS\SYSTEM\PRINTRAY.EXE
    C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BACKWEB-8876480.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\PROGRAM FILES\CAPLIO RR30\RGATEL.EXE
    C:\PROGRAM FILES\AOL 8.0A\AOLTRAY.EXE
    C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\SYSTEM\WINOA386.MOD
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\A2GQ056L\HIJACKTHIS[1].EXE
    C:\PROGRAM FILES\AOL COMPANION\COMPANION.EXE

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.123mania.com/0809/ie.asp
    R3 - URLSearchHook: SrchHook Class - {15651C7C-E812-44a2-A9AC-B467A2233E7D} - C:\WINDOWS\SYSTEM\GIDCAI32.DLL
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\system\googletoolbar_en_2.0.111-deleon.dll
    O2 - BHO: (no name) - {622CC208-B014-4FE0-801B-874A5E5E403A} - C:\WINDOWS\SYSTEM\GIDCAI32.DLL
    O2 - BHO: (no name) - {9C5B2F29-1F46-4639-A6B4-828942301D3E} - C:\WINDOWS\SYSTEM\SIPSPI32.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\system\googletoolbar_en_2.0.111-deleon.dll
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [IrMon] IrMon.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [TpHotkey] C:\PROGRA~1\THINKPAD\UTILIT~1\TPHKMGR.EXE
    O4 - HKLM\..\Run: [TrackPointSrv] daemon.exe
    O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
    O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
    O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\AUTOCHK.EXE
    O4 - HKLM\..\Run: [IBMUltraBayHotSwapSound] c:\windows\SYSTEM\IBMBAYSN.EXE
    O4 - HKLM\..\Run: [IBMUltraBayHotSwapCPLLoader] c:\windows\SYSTEM\IBMBAY2M.EXE
    O4 - HKLM\..\Run: [PDirect] C:\PROGRA~1\THINKPAD\UTILIT~1\PDirect.exe
    O4 - HKLM\..\Run: [TP98UTIL] C:\PROGRA~1\THINKPAD\UTILIT~1\TP98.EXE /s
    O4 - HKLM\..\Run: [S3Mon] S3Mon.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
    O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
    O4 - HKLM\..\Run: [LexStart] Lexstart.exe
    O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [LoadSIPS] rundll32.exe C:\WINDOWS\SYSTEM\SIPSPI32.DLL,SIPSPI32
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [YourMP3] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:YourMP3:t
    O4 - HKCU\..\Run: [ScreenSaverPlus] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:ScreenSaverPlus:t
    O4 - HKCU\..\Run: [NewMP3] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:NewMP3:t
    O4 - HKCU\..\Run: [LotsOfGames] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:LotsOfGames:t
    O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Startup: RICOH Gate L.lnk = C:\Program Files\Caplio RR30\RGateL.exe
    O4 - Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
    O4 - Startup: AOL 8.0 Tray Icon.lnk = C:\Program Files\AOL 8.0a\aoltray.exe
    O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmtrans.html
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: LotsOfGames (HKLM)
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://217.73.66.1/minidialler/mddl/...00_200202_.exe
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...110.5552777778
    O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} (Matrix Class) - http://acceso.masminutos.com/laaplicacion.cab
    O16 - DPF: {582788CA-7014-4904-A4EE-6FB6108AFE8E} - http://launcheruk.escritorioactivo.com/asrcware.cab
    O16 - DPF: {15651C7C-E812-44A2-A9AC-B467A2233E7D} (SrchHook Class) - http://www.123mania.com/GIDCAI32.cab
    O16 - DPF: {9C5B2F29-1F46-4639-A6B4-828942301D3E} (HTML Class) - http://www.123mania.com/SIPSPI32.cab

  3. 21-07-2004  #2
    owen
    owen is offline D-A-L Team Member (UK)
    Hi,
    Before we do anything, could you ensure that you post the whole log. Everything is needed
  4. 21-07-2004  #3
    frazer_r
    frazer_r is offline Newbie
    Hi, This should be all of it.

    Cheers




    Logfile of HijackThis v1.97.7
    Scan saved at 22:57:43, on 20/07/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\IRMON.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TPHKMGR.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\WINDOWS\SYSTEM\PRPCUI.EXE
    C:\CFGSAFE\AUTOCHK.EXE
    C:\WINDOWS\SYSTEM\IBMBAYSN.EXE
    C:\WINDOWS\SYSTEM\IBMBAY2M.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\PDIRECT.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TP98.EXE
    C:\WINDOWS\SYSTEM\S3MON.EXE
    C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TPONSCR.EXE
    C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
    C:\PROGRAM FILES\LEXMARKX84-X85\ACMONITOR_X84-X85.EXE
    C:\PROGRAM FILES\LEXMARKX84-X85\ACBTNMGR_X84-X85.EXE
    C:\WINDOWS\SYSTEM\PRINTRAY.EXE
    C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BACKWEB-8876480.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\PROGRAM FILES\CAPLIO RR30\RGATEL.EXE
    C:\PROGRAM FILES\AOL 8.0A\AOLTRAY.EXE
    C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\SYSTEM\WINOA386.MOD
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\A2GQ056L\HIJACKTHIS[1].EXE
    C:\PROGRAM FILES\AOL COMPANION\COMPANION.EXE

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.123mania.com/0809/ie.asp
    R3 - URLSearchHook: SrchHook Class - {15651C7C-E812-44a2-A9AC-B467A2233E7D} - C:\WINDOWS\SYSTEM\GIDCAI32.DLL
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\system\googletoolbar_en_2.0.111-deleon.dll
    O2 - BHO: (no name) - {622CC208-B014-4FE0-801B-874A5E5E403A} - C:\WINDOWS\SYSTEM\GIDCAI32.DLL
    O2 - BHO: (no name) - {9C5B2F29-1F46-4639-A6B4-828942301D3E} - C:\WINDOWS\SYSTEM\SIPSPI32.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\system\googletoolbar_en_2.0.111-deleon.dll
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [IrMon] IrMon.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [TpHotkey] C:\PROGRA~1\THINKPAD\UTILIT~1\TPHKMGR.EXE
    O4 - HKLM\..\Run: [TrackPointSrv] daemon.exe
    O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
    O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
    O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\AUTOCHK.EXE
    O4 - HKLM\..\Run: [IBMUltraBayHotSwapSound] c:\windows\SYSTEM\IBMBAYSN.EXE
    O4 - HKLM\..\Run: [IBMUltraBayHotSwapCPLLoader] c:\windows\SYSTEM\IBMBAY2M.EXE
    O4 - HKLM\..\Run: [PDirect] C:\PROGRA~1\THINKPAD\UTILIT~1\PDirect.exe
    O4 - HKLM\..\Run: [TP98UTIL] C:\PROGRA~1\THINKPAD\UTILIT~1\TP98.EXE /s
    O4 - HKLM\..\Run: [S3Mon] S3Mon.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
    O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
    O4 - HKLM\..\Run: [LexStart] Lexstart.exe
    O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [LoadSIPS] rundll32.exe C:\WINDOWS\SYSTEM\SIPSPI32.DLL,SIPSPI32
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [YourMP3] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:YourMP3:t
    O4 - HKCU\..\Run: [ScreenSaverPlus] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:ScreenSaverPlus:t
    O4 - HKCU\..\Run: [NewMP3] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:NewMP3:t
    O4 - HKCU\..\Run: [LotsOfGames] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:LotsOfGames:t
    O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Startup: RICOH Gate L.lnk = C:\Program Files\Caplio RR30\RGateL.exe
    O4 - Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
    O4 - Startup: AOL 8.0 Tray Icon.lnk = C:\Program Files\AOL 8.0a\aoltray.exe
    O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmtrans.html
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: LotsOfGames (HKLM)
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://217.73.66.1/minidialler/mddl/...00_200202_.exe
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...110.5552777778
    O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} (Matrix Class) - http://acceso.masminutos.com/laaplicacion.cab
    O16 - DPF: {582788CA-7014-4904-A4EE-6FB6108AFE8E} - http://launcheruk.escritorioactivo.com/asrcware.cab
    O16 - DPF: {15651C7C-E812-44A2-A9AC-B467A2233E7D} (SrchHook Class) - http://www.123mania.com/GIDCAI32.cab
    O16 - DPF: {9C5B2F29-1F46-4639-A6B4-828942301D3E} (HTML Class) - http://www.123mania.com/SIPSPI32.cab
  5. 21-07-2004  #4
    owen
    owen is offline D-A-L Team Member (UK)
    Could you update your version of Hijack This. The latest version of Hijack This can be found here.
  6. 21-07-2004  #5
    frazer_r
    frazer_r is offline Newbie
    here is a copy of the log using the latest version.

    Logfile of HijackThis v1.98.0
    Scan saved at 21:15:46, on 21/07/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\IRMON.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TPHKMGR.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\WINDOWS\SYSTEM\PRPCUI.EXE
    C:\CFGSAFE\AUTOCHK.EXE
    C:\WINDOWS\SYSTEM\IBMBAYSN.EXE
    C:\WINDOWS\SYSTEM\IBMBAY2M.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\PDIRECT.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TP98.EXE
    C:\WINDOWS\SYSTEM\S3MON.EXE
    C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TPONSCR.EXE
    C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
    C:\PROGRAM FILES\LEXMARKX84-X85\ACMONITOR_X84-X85.EXE
    C:\PROGRAM FILES\LEXMARKX84-X85\ACBTNMGR_X84-X85.EXE
    C:\WINDOWS\SYSTEM\PRINTRAY.EXE
    C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BACKWEB-8876480.EXE
    C:\PROGRAM FILES\CAPLIO RR30\RGATEL.EXE
    C:\PROGRAM FILES\AOL 8.0A\AOLTRAY.EXE
    C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\PROGRAM FILES\AOL COMPANION\COMPANION.EXE
    C:\HIJACKTHISV2.EXE

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.123mania.com/0809/ie.asp
    R3 - URLSearchHook: SrchHook Class - {15651C7C-E812-44a2-A9AC-B467A2233E7D} - C:\WINDOWS\SYSTEM\GIDCAI32.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\system\googletoolbar_en_2.0.111-deleon.dll
    O2 - BHO: BHOsrc Class - {622CC208-B014-4FE0-801B-874A5E5E403A} - C:\WINDOWS\SYSTEM\GIDCAI32.DLL
    O2 - BHO: HTML Class - {9C5B2F29-1F46-4639-A6B4-828942301D3E} - C:\WINDOWS\SYSTEM\SIPSPI32.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\system\googletoolbar_en_2.0.111-deleon.dll
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [IrMon] IrMon.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [TpHotkey] C:\PROGRA~1\THINKPAD\UTILIT~1\TPHKMGR.EXE
    O4 - HKLM\..\Run: [TrackPointSrv] daemon.exe
    O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
    O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
    O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\AUTOCHK.EXE
    O4 - HKLM\..\Run: [IBMUltraBayHotSwapSound] c:\windows\SYSTEM\IBMBAYSN.EXE
    O4 - HKLM\..\Run: [IBMUltraBayHotSwapCPLLoader] c:\windows\SYSTEM\IBMBAY2M.EXE
    O4 - HKLM\..\Run: [PDirect] C:\PROGRA~1\THINKPAD\UTILIT~1\PDirect.exe
    O4 - HKLM\..\Run: [TP98UTIL] C:\PROGRA~1\THINKPAD\UTILIT~1\TP98.EXE /s
    O4 - HKLM\..\Run: [S3Mon] S3Mon.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
    O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
    O4 - HKLM\..\Run: [LexStart] Lexstart.exe
    O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [LoadSIPS] rundll32.exe C:\WINDOWS\SYSTEM\SIPSPI32.DLL,SIPSPI32
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [YourMP3] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:YourMP3:t
    O4 - HKCU\..\Run: [ScreenSaverPlus] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:ScreenSaverPlus:t
    O4 - HKCU\..\Run: [NewMP3] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:NewMP3:t
    O4 - HKCU\..\Run: [LotsOfGames] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:LotsOfGames:t
    O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Startup: RICOH Gate L.lnk = C:\Program Files\Caplio RR30\RGateL.exe
    O4 - Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
    O4 - Startup: AOL 8.0 Tray Icon.lnk = C:\Program Files\AOL 8.0a\aoltray.exe
    O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmtrans.html
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
    O9 - Extra button: NewMP3 - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\SYSTEM\NewMP3 (file missing)
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://217.73.66.1/minidialler/mddl/...00_200202_.exe
    O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} (Matrix Class) - http://acceso.masminutos.com/laaplicacion.cab
    O16 - DPF: {582788CA-7014-4904-A4EE-6FB6108AFE8E} - http://launcheruk.escritorioactivo.com/asrcware.cab
    O16 - DPF: {15651C7C-E812-44A2-A9AC-B467A2233E7D} (SrchHook Class) - http://www.123mania.com/GIDCAI32.cab
    O16 - DPF: {9C5B2F29-1F46-4639-A6B4-828942301D3E} (HTML Class) - http://www.123mania.com/SIPSPI32.cab
  7. 21-07-2004  #6
    owen
    owen is offline D-A-L Team Member (UK)
    Hiya again,
    Could you close all browser windows, restart Hijack This and put a checkmark next to the following entries:
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.123mania.com/0809/ie.asp
    R3 - URLSearchHook: SrchHook Class - {15651C7C-E812-44a2-A9AC-B467A2233E7D} - C:\WINDOWS\SYSTEM\GIDCAI32.DLL
    O2 - BHO: BHOsrc Class - {622CC208-B014-4FE0-801B-874A5E5E403A} - C:\WINDOWS\SYSTEM\GIDCAI32.DLL
    O2 - BHO: HTML Class - {9C5B2F29-1F46-4639-A6B4-828942301D3E} - C:\WINDOWS\SYSTEM\SIPSPI32.DLL
    O4 - HKLM\..\Run: [LoadSIPS] rundll32.exe C:\WINDOWS\SYSTEM\SIPSPI32.DLL,SIPSPI32
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [YourMP3] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:YourMP3:t
    O4 - HKCU\..\Run: [ScreenSaverPlus] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:ScreenSaverPlus:t
    O4 - HKCU\..\Run: [NewMP3] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:NewMP3:t
    O4 - HKCU\..\Run: [LotsOfGames] rundll32.exe C:\WINDOWS\SYSTEM\MSA64CHK.DLL,DllMostrar Matrix_HTML:LotsOfGames:t
    O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
    O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://217.73.66.1/minidialler/mddl...000_200202_.exe
    O16 - DPF: {15651C7C-E812-44A2-A9AC-B467A2233E7D} (SrchHook Class) - http://www.123mania.com/GIDCAI32.cab
    O16 - DPF: {9C5B2F29-1F46-4639-A6B4-828942301D3E} (HTML Class) - http://www.123mania.com/SIPSPI32.cab

    Click Fix Checked

    Reboot

    Post a fresh log
  8. 22-07-2004  #7
    frazer_r
    frazer_r is offline Newbie
    Owen,

    Thanks for your quick and helpful responses so far.. I'll certainly be recommending this site to anyone else I know having problems. I've applied the fixes rebooted. Here is the latest log.

    Logfile of HijackThis v1.98.0
    Scan saved at 20:37:18, on 22/07/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\IRMON.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TPHKMGR.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\WINDOWS\SYSTEM\PRPCUI.EXE
    C:\CFGSAFE\AUTOCHK.EXE
    C:\WINDOWS\SYSTEM\IBMBAYSN.EXE
    C:\WINDOWS\SYSTEM\IBMBAY2M.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\PDIRECT.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TP98.EXE
    C:\WINDOWS\SYSTEM\S3MON.EXE
    C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
    C:\PROGRAM FILES\LEXMARKX84-X85\ACMONITOR_X84-X85.EXE
    C:\PROGRAM FILES\THINKPAD\UTILITIES\TPONSCR.EXE
    C:\PROGRAM FILES\LEXMARKX84-X85\ACBTNMGR_X84-X85.EXE
    C:\WINDOWS\SYSTEM\PRINTRAY.EXE
    C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
    C:\PROGRAM FILES\CAPLIO RR30\RGATEL.EXE
    C:\PROGRAM FILES\AOL COMPANION\COMPANION.EXE
    C:\PROGRAM FILES\AOL 8.0A\AOLTRAY.EXE
    C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\HIJACKTHISV2.EXE

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\system\googletoolbar_en_2.0.111-deleon.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\system\googletoolbar_en_2.0.111-deleon.dll
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [IrMon] IrMon.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [TpHotkey] C:\PROGRA~1\THINKPAD\UTILIT~1\TPHKMGR.EXE
    O4 - HKLM\..\Run: [TrackPointSrv] daemon.exe
    O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
    O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
    O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\AUTOCHK.EXE
    O4 - HKLM\..\Run: [IBMUltraBayHotSwapSound] c:\windows\SYSTEM\IBMBAYSN.EXE
    O4 - HKLM\..\Run: [IBMUltraBayHotSwapCPLLoader] c:\windows\SYSTEM\IBMBAY2M.EXE
    O4 - HKLM\..\Run: [PDirect] C:\PROGRA~1\THINKPAD\UTILIT~1\PDirect.exe
    O4 - HKLM\..\Run: [TP98UTIL] C:\PROGRA~1\THINKPAD\UTILIT~1\TP98.EXE /s
    O4 - HKLM\..\Run: [S3Mon] S3Mon.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
    O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
    O4 - HKLM\..\Run: [LexStart] Lexstart.exe
    O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - Startup: RICOH Gate L.lnk = C:\Program Files\Caplio RR30\RGateL.exe
    O4 - Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
    O4 - Startup: AOL 8.0 Tray Icon.lnk = C:\Program Files\AOL 8.0a\aoltray.exe
    O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\WINDOWS\SYSTEM\GOOGLETOOLBAR_EN_2.0.111-DELEON.DLL/cmtrans.html
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
    O9 - Extra button: LotsOfGames - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\SYSTEM\LotsOfGames (file missing)
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} (Matrix Class) - http://acceso.masminutos.com/laaplicacion.cab
    O16 - DPF: {582788CA-7014-4904-A4EE-6FB6108AFE8E} - http://launcheruk.escritorioactivo.com/asrcware.cab
  9. 22-07-2004  #8
    owen
    owen is offline D-A-L Team Member (UK)
    Just restart Hijack This and fix the following entries:

    O9 - Extra button: LotsOfGames - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\SYSTEM\LotsOfGames (file missing)

    And then I'd say thats a clean bill of health . Please have a read of the information below.

    Preventing it returning

    After your problem has been resolved on the forum, it is an absoulute MUST to do the following steps to prevent the problem returning. Click on the link to get access to the software or webpage that I'm referring to.

    1. Visit Windows Update
    Pay a visit to Windows Update and scan for and download ALL Critical Updates and Service Packs. New updates are usually released monthly so check back to Windows Update every month.

    2. Download Antivirus Software-
    If you haven't already got Antivirus software, you should download and install AVG Antivirus. It is freeware and is updated nearly every 2 days (sometimes more frequently if there are a lot of new viruses) and in my opinion, is better than some Antivirus software such as Norton. Antivirus software will prevent viruses infecting your system and it is important that you update it every two days or every week at the most.

    3. Download a Firewall-
    If you haven't already got a firewall, it is Very important that you download one. Firewalls will prevent unauthorised access to your computer and stop data leaking out of your computer. You may think that it won't happen to you, but Hackers don't care who you are, what you do, where you live or what you had for tea last Sunday on your holiday in the Lake District, they want your data. Firewalls will keep these sneaks out and one of the best is Sygate Personal Firewall, which happens to be freeware.

    4. Spyware Scanners-
    It is important that as well as having real time spyware protection, you have a spyware scanning application. If you have not already been told to download one earlier in this thread, it is a good idea to download Spybot Search And Destroy and Ad-aware. They are both spyware scanners and will search for a remove spyware. It is recommended that you have both, because one will pick up entries that the other misses. It is even a good idea to download these if you have other programs such as ASE, Spysweeper, Pest Patrol, etc, because one spyware scanner will not pick up everything. Please remember to update your spyware scanners weekly/fortnightly.

    5. Prevent Spyware slipping through Internet Explorer-
    Quite a lot of spyware slips through Internet Explorer if your settings are not tight enough. Spyware Blaster will help you prevent spyware slipping through and installing tracking cookies. Simply run it via Start> Programs> Spyware Blaster and click Enable All Protection and it will protect you. It doesn't even have to be open! Remember to update weekly/fortnightly.

    6. Constant Spyware Protection-
    It is important to have constant spyware protection. Spyware Guard works like an antivirus program but detects Spyware instead. It will constantly protect your system. Check for updates monthly.

    All Of these steps are very important and it is HIGHLY recommended that you download all of the programs mentioned for your own safety. Remember to Update everything (including Windows using Windows Update)! It is also a good idea to perform weekly/fortnightly scans with Spybot S&D, Ad-aware and your antivirus software.

    And last of all, please remember, that common sense is your greatest tool. Without it, spyware and other related Malware would rule!
  10. 22-07-2004  #9
    frazer_r
    frazer_r is offline Newbie
    Thanks very much all seems well. Thanks again for your expert advice it's really appreciated.
  11. 22-07-2004  #10
    owen
    owen is offline D-A-L Team Member (UK)
    Save 20% on AVG Internet Security 2012 Suite!
    You are very welcome
+ Reply to Thread
« Stuck in Quarantine (Resolved) | http://looking-for.cc/uninstall/homesearchassistant.html »