About:blank Forwaaarrrd Die!!!

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by dmanateefish, Jul 1, 2004.

Page 2 of 2
  1. dmanateefish

    dmanateefish Private E-2

    hey chaslang. happy 4th. I just saw the ntldr response a few ago. Thank you for the info. This is what I woke to yesterday after my friend put on her new mouse. Turns out it wasn't a win2000 mouse but a macinmouse/98 or somethin. anyway, that's on the pc we been aboutblankin on and which appears to be abouthappenin now. muchio gracio amigio. of course I have my serapes crossed and pistoleros cocked, just in case. The hard drive I spoke of is actually my pc I brought over, not being up to more cluster ntldring. I should be able to getr back with the info you turned me to and see for sure if the sp.html isn't so special anymore. If not, wellll......Ya'll and you are doin a really cool thing here and I hope it's workin out for ya. The hjt log you just advised me on is from my pc and here's the new log after I did your recomdtns. Tell me whatcha think. Thanks again and GOD bless dfish :cool: :cool: :cool: :cool: :cool: :cool: :cool: :cool: :cool:
     
    dmanateefish, Jul 4, 2004
    #51
  2. dmanateefish

    dmanateefish Private E-2

    dang log. musta dropped it. where the heck did that go? oh yeah here it is R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.majorgeeks.com/
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [XWMSUSBAPI] C:\WINDOWS\System32\Drivers\XWMSAPI.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [tgcmd] "c:\program files\Support.com\bin\tgcmd.exe" /server /nosystray /deaf
    O4 - HKLM\..\Run: [ControlCentreTray] C:\Program Files\xerox\ControlCentre 2.0\XWCTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\Xerox\CONTRO~1.0\TEXTBR~1.0\Bin\REGIST~1.EXE
    O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
    O4 - HKCU\..\Run: [MsnMsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe
    O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Pagis Schedule Monitor.lnk = C:\Program Files\xerox\ControlCentre 2.0\Pagis\Monitor.exe
    O4 - Global Startup: HPAiODevice(hp officejet v series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-9.cab
    O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
    O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?319
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4365/mcfscan.cab
     
    dmanateefish, Jul 4, 2004
    #52
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    For future reference and to avoid confusing any one, a hard disk is the storage device used within your computer. It is not the same thing as saying your PC. A PC is the whole computer, a hard disk is just the storage device, a CPU is the central processing unit (i.e., the micro computer chip like a Pentium IV). :)
     
    chaslang, Jul 4, 2004
    #53
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Also for future reference when posting your HijaakThis log, post the complete HijaakThis log after you save it. This way it contains OS, IE, and HijaakThis version information along with a list of all running processes. This is important info to anyone looking at your logs. It is important though to shutdown (not minimize) all applications (especially browsers and Win Explorer sessions) before posting your log.
    See this link for reference: http://www.majorgeeks.com/vb/showthread.php?t=35407
     
    chaslang, Jul 4, 2004
    #54
  5. dmanateefish

    dmanateefish Private E-2

    Thanks buddy :) :cool: :cool: :)
     
    dmanateefish, Jul 4, 2004
    #55
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Your welcome. By the way the last log you posted looks okay to me.
     
    chaslang, Jul 5, 2004
    #56
  7. dmanateefish

    dmanateefish Private E-2

    Hey chaslang. Is Loose or Faulty IDE/EIDE hard disk drive cable the caple that screws in on the back and runs to the monitor? It's not is it? Or is it inside and what the heck does it look like? I haven't been able to fix my missing ntldr thing so I'm not sure how about blanks are. But maybe you can help me with my not being able to send out any mail from my outlook express on this XP Pro we're usin in place of hers we were workin on. My account is at bellsouth.net and her server here is comcast.net "high speed". I've been tryin to do a proxy thing but still haven't been able to send anything out. I keep getting error messages of two kinds which I'll post if you need them. this is the line my hjt puts out R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=www.bellsouth.net:25;gopher=www.bellsouth.net:25;http=www.bellsouth.net:25;https=www.bellsouth.net:25 can ya advise me in these areas. Thanks dfish
     
    dmanateefish, Jul 6, 2004
    #57
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The IDE cable runs between your mother board and your hard disk. It is a thin flat cable about two inches wide. There is also one going to your CD-ROM or DVD drives.

    As far as your Proxy Server info is concerned, are you getting this info from BellSouth. And you are setting it up in Internet Explorer's Connections, LAN settings?

    From the IE, Tools, Internet Options, Programs tab, are your Email and Newsgroup options set to Outlook Express?

    If you need to discuss these Software settings and if you have hardware issues, it may be best to bring them up in the Software and Hardware Forums respectively. You may get better and more feedback on them there than in this Spyware Forum.
     
    chaslang, Jul 6, 2004
    #58
  9. dmanateefish

    dmanateefish Private E-2

    thanks for this and all your previous help. See ya on the rebound. dfish
     
    dmanateefish, Jul 6, 2004
    #59
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Your welcome!
     
    chaslang, Jul 6, 2004
    #60
Page 2 of 2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds