I am having problems downloading attachments that's been posted in forums! I don't have any problems downloading anything that I have a direct link to. I thought my browser was the problem. I tiied switching browsers and that didn't help. I have 4 different browsers that I use. Opera, IE, Firefox, and Ace. I have the same problem with all of them. I can't figure out why this would be!!

I guess no one has the answer to this one!

You may be hijacked. Run this program and post your log:
http://www.download.com/HijackThis/3...ml?tag=lst-0-1

I allready have the program. I'll run it and post the log tomorrow. I dont think I've been hijacked, but I'll run it anyway to make sure. I'm not having any other problems. I just don't want to mess up any of my programs like my firewall or any thing else with that programs. I'm going to be changing my firewll anyway! I'll run it tomorrow and post the my log!

Here's my log!!

-------------------------------------------------------------------------------------

Logfile of HijackThis v1.98.2
Scan saved at 10:02:39 PM, on 1/2/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\explorer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Personal Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\pctspk.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Messenger2\messenger2.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\Opera75\opera.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\WINDOWS\system32\notepad.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NZSearch\SearchEnh1.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\ycomp5_5_7_0. dll
O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IEHlprObj Class - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\Go!Zilla\GoIEHlp.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\ycomp5_5_7_0. dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\toolbar.dll
O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [explorer] C:\WINDOWS\System32\explorer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\nzspc.exe" -w
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: @C:\Program Files\Messenger2\im2_ie_plugin.dll,-4 - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\Program Files\Messenger2\im2_ie_plugin.dll
O9 - Extra 'Tools' menuitem: Run IM2 Messenger - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\Program Files\Messenger2\im2_ie_plugin.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Cl...ridge-c139.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE5CE2C6-D60A-422A-B85D-F88F546072DB}: NameServer = 64.136.20.121 64.136.28.121

I fixed it! I think the problem was with my firewall. I unstalled it and I'm not having no problem! I'm switching firewalls so if there is a setting I can change to aviod this problem let me know what it is! If I have anything in my log that can go let me know!

There do 'appear' to be some 'suspicious' objects in your HJT log, Ren, as follows: -

The following two links refer to Go!Zilla, for starters, with reference to these entries: -

O2 - BHO: IEHlprObj Class - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\Go!Zilla\GoIEHlp.dll

O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html

O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html

http://www.oit.duke.edu/ats/support/...e/gozilla.html

http://research.sunbelt-software.com...?name=Go!Zilla

Then possible Alexa entries, with reference to the following entries and the corresponding links next to them: -

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm - Possible Alexa. See here: - http://www.imilly.com/alexa.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm - Possible Alexa. See here: - http://www.imilly.com/alexa.htm

Possible BlazeFind Object, as follows: -

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Cl...ridge-c139.cab - Possible BlazeFind Object. See here: - http://www.lavasoftsupport.com/index...howtopic=54394

Also, the following aren't necessary, IMO: -

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch

Last, but by no means least, the following entries 'look suspicious', IMO. I gather NetZero is your ISP, but you shouldn't need their 'toolbars': -

O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll

R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NZSearch\SearchEnh1.dll

O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\toolbar.dll

O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\nzspc.exe" -w

Personally, to be on the safe side, I would disable System Restore, run Ad-Aware, Spybot and CWShredder (using the tutorials, if relevant), all updated and then run an on-line AV scan. Then, download the latest HJT @ v 1.99 into its own directory, namely C:\HJT, run it and post it at the following forum. One of their friendly experts will help 'clean' your log with you: -

http://forums.net-integration.net/in...p?showforum=32

These are just precautionary measures, Ren. Hopefully, I am spouting rubbish as normal, and they will merely 'clean up' your log. *LOL* Once everything has been purged, if necessary, then turn on System Restore, if you want to. Please let me know the outcome, either way........

All the aforementioned programs can be located in 'Cool Links'.

Good luck...................

Thanks I'll do that!

No worries, Ren. Like I said, I may be spouting nonsense, however, I would get it checked, just to be on the safe side. They will most probably give your log a good clean up, as it is a tad messy... 8)

Let me know the outcome please..... 8)