Go Back  DoItYourself.com Community Forums > Electrical, AC & DC. Electronic Equipment and Computers > Computers, Internet Capable Devices and Peripherals
Reload this Page >

error

error


   
  #1  
Old 08-16-04, 11:27 PM
bowlingpro2501
Visiting Guest
Posts: n/a
error
my girlfriend has an error come up litterly every 2 mins and it says "Error
loading c:\PROGRA~\INTERN~2\inetkw.dll The specified module could not be
found. it is realy pissing her off and geting tired of this.. it happens
no matter what shes doing and starts as soon as she starts her computer. she
has XP home I beleave.... and I do'nt know much about computers so try to
keep it easy lol. thank you so ver much for your help.
 
Upvote
  #2  
Old 08-16-04, 11:41 PM
tae's Avatar
tae
tae is offline
Member
Join Date: Nov 2002
Posts: 2,451
Upvotes: 0
Received 0 Upvotes on 0 Posts
go here:
http://www.siena.edu/antivirus/Spyware/hijackthis.htm
and download a program called hijack this. run it and post a full log please. Also, dont forget to download spybot search and destroy,update it,immunize your computer, and run a scan.
 
Upvote
  #3  
Old 08-16-04, 11:57 PM
bowlingpro2501
Visiting Guest
Posts: n/a
Logfile of HijackThis v1.98.2
Scan saved at 1:57:00 AM, on 8/17/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec
Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Visual IP InSight\TDS\ARUpld32.exe
C:\Program Files\Visual IP InSight\TDS\ARMon32a.exe
C:\Program Files\Norton
AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Hewlett-Packard\Digital
Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\LXSUPMON.EXE
C:\WINDOWS\cmxktjvi.exe
C:\WINDOWS\System32\gccufem.exe
C:\PROGRA~1\INTERN~2\inetmgr.exe
C:\WINDOWS\dhbrwsr.exe
C:\PROGRA~1\INTERN~2\inetsvc.exe
C:\Program Files\WindUpdates\WinUpdt.exe
C:\Program Files\WindUpdates\WinKA.exe
C:\Program Files\Common Files\Symantec
Shared\ccApp.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Common Files\WinTools\WToolsA.exe
C:\Documents and Settings\Owner\Application
Data\eber.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program
Files\SmartPopupBlocker\SmartPopupBlockerTray.exe
C:\Program Files\Common Files\WinTools\WSup.exe
C:\WINDOWS\System32\wojxfrin.exe
C:\Program Files\Spyware Doctor\spydoctor.exe
C:\Program Files\Hewlett-Packard\Digital
Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\dhsvr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://targetsearch.info/left.php
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Search Bar =
http://www.websearch.com/ie.aspx?tb_id=50168
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://www.topfivesearch.com/search.asp
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,SearchURL = http://go.targetsearch.info/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://www.topfivesearch.com/search.asp
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://www.topfivesearch.com/search.asp
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,SearchAssistant =
http://www.websearch.com/ie.aspx?tb_id=50168
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Bar =
http://www.topfivesearch.com/sidesearch.asp
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://www.topfivesearch.com/search.asp
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,SearchURL = http://go.targetsearch.info/
R1 - HKCU\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://amazingautossearch.com/searchbar.html
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://www.websearch.com/ie.aspx?tb_id=50168
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page_bak = searchweb2.com
R1 - HKCU\Software\Microsoft\Internet Connection
Wizard,ShellNext =
http://msg.edit.yahoo.com/config/res...ail.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Window Title = Microsoft Internet
Explorer provided by TDS Internet Services
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) -
_{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: (no name) -
{707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program
Files\TV Media\TvmBho.dll
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) -
{00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: MxTargetObj Class -
{0000607D-D204-42C7-8E46-216055BF9918} -
C:\WINDOWS\mxTarget.dll
O2 - BHO: (no name) -
{01F44A8A-8C97-4325-A378-76E68DC4AB2E} - (no file)
O2 - BHO: Yahoo! Companion BHO -
{02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program
Files\Yahoo!\Companion\Installs\cpn2\ycomp5_3_19_0.dll
O2 - BHO: (no name) -
{046D6EA4-15E3-4b27-8010-45BD78A9219E} - (no file)
O2 - BHO: AcroIEHlprObj Class -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat
6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PopupBlockerBHO.CPopupBlockerBHO -
{0D929918-C804-4756-B0AC-640EF3F061E9} - C:\Program
Files\SmartPopupBlocker\PopupBlockerBHO.dll
O2 - BHO: URLLink Class -
{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program
Files\NewDotNet\newdotnet6_30.dll
O2 - BHO: (no name) -
{53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) -
{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: (no name) -
{64A76450-E04F-2897-8256-155508A27B38} -
C:\WINDOWS\System32\iqj.dll
O2 - BHO: (no name) -
{83DE62E0-5805-11D8-9B25-00E04C60FAF2} - (no file)
O2 - BHO: (no name) -
{87766247-311C-43B4-8499-3D5FEC94A183} -
C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar1.dll
O2 - BHO: NAV Helper -
{BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program
Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: C:\WINDOWS\lbbho.dll -
{C951601E-0BF8-410B-AE10-65926919571A} -
C:\WINDOWS\lbbho.dll
O2 - BHO: Band Class -
{D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} -
C:\WINDOWS\dealhlpr.dll
O2 - BHO: SDWin32 Class -
{E03DB857-E3FB-4179-B7CE-8D73440E9820} -
C:\WINDOWS\System32\usrol.dll
O2 - BHO: (no name) -
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio -
{8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) -
{2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: Band Class -
{D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} -
C:\WINDOWS\dealhlpr.dll
O3 - Toolbar: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn2\ycomp5_3_19_0.dll
O3 - Toolbar: (no name) -
{BDF6CE3D-F5C5-4462-9814-3C8EAC330CA8} - (no file)
O3 - Toolbar: zSearch Bar -
{5886A6DC-AAF4-45E9-979A-8E5E6DEE30E7} - C:\Program
Files\zSearch\zSearch.dll
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus -
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program
Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv]
c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program
Files\Hewlett-Packard\Digital
Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program
Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program
Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05]
C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
/keeploaded /nodetect
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program
Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [LXSUPMON]
C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program
Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [xef] C:\WINDOWS\xef.exe
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV
Media\Tvm.exe
O4 - HKLM\..\Run: [arirxux] C:\WINDOWS\cmxktjvi.exe
O4 - HKLM\..\Run: [oracazc]
C:\WINDOWS\System32\gccufem.exe
O4 - HKLM\..\Run: [inetmgr]
C:\PROGRA~1\INTERN~2\inetmgr.exe
O4 - HKLM\..\Run: [opomofob]
C:\WINDOWS\System32\opomofob.exe
O4 - HKLM\..\Run: [DealHelperUpdate]
C:\WINDOWS\DHUpdt.exe
O4 - HKLM\..\Run: [DealHelperBrwsr]
C:\WINDOWS\dhbrwsr.exe
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WindUpdates] C:\Program
Files\WindUpdates\WinUpdt.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Program
Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [usrolc]
C:\WINDOWS\System32\usrolc.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PCDRealtime]
C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [zSearch] C:\Program
Files\zSearch\Zstb.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program
Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [Spyware remover]
C:\WINDOWS\Remove_spyware.exe
O4 - HKLM\..\Run: [WebRebates] javaw -cp "C:\Program
Files\WebRebates\System\Code" Main lp: "C:\Program
Files\WebRebates"
O4 - HKLM\..\Run: [websearch] javaw -cp "C:\Program
Files\websearch\System\Code" Main lp: "C:\Program
Files\websearch"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common
Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common
Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check]
C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [New.net Startup] rundll32
C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [Wast] C:\WINDOWS\wast2.exe 2
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common
Files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [stcloader]
C:\WINDOWS\System32\stcloader.exe
O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV
Media\Tvm.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program
Files\Hewlett-Packard\Digital
Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe
nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program
Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Notn] C:\Documents and
Settings\Owner\Application Data\eber.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [asycfilt]
C:\WINDOWS\system32\asycfilt.exe
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV
Media\Tvm.exe
O4 - HKCU\..\Run: [Cat]
C:\WINDOWS\System32\wojxfrin.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program
Files\Spyware Doctor\spydoctor.exe" /Q
O4 - HKCU\..\Run: [zSearch] C:\Program
Files\zSearch\Zstb.exe
O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV
Media\Tvm.exe
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk =
C:\Program Files\Common Files\Adobe\Calibration\Adobe
Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk =
C:\Program Files\Hewlett-Packard\Digital
Imaging\bin\hpqtra08.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk =
C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Google Search -
res://C:\Program
Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search -
file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links -
res://C:\Program
Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page
- res://C:\Program
Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Coupons -
file://C:\Program
Files\couponsandoffers\System\Temp\couponsandoffers_script0.htm
O8 - Extra context menu item: Similar Pages -
res://C:\Program
Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English -
res://C:\Program
Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Web Rebates -
file://C:\Program
Files\websearch\System\Temp\topr1150_script0.htm
O8 - Extra context menu item: Yahoo! &Dictionary -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: MoneySide -
{E023F504-0C5A-4750-A1E7-A9046DEA8A21} - (no file)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O14 - IERESET.INF:
START_PAGE_URL=http://start.tds.net/
O16 - DPF: {07637823-C894-4A52-B3F9-5D777FD8E36A} -
http://www.mydailyhoroscope.net/mdh/install.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary...t.cab28578.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://public.windupdates.com/get_fi...12cbd5372935d8
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E}
(AimSp32 Class) -
http://makeover.ivillage.com/save/makeover.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
(YInstStarter Class) -
http://us.dl1.yimg.com/download.yaho...st20040510.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F}
(Installer Class) -
http://www.xxxtoolbar.com/ist/softwa...06_regular.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61}
(HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary...t.cab28578.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68}
(InstallShield International Setup Player) -
http://www.napster.com/client/isetup.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4}
(ZoneAxRcMgr Class) -
http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} -
http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000}
(YahooYMailTo Class) -
http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}
(ZoneIntro Class) -
http://messenger.zone.msn.com/binary...o.cab28578.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999}
(YAddBook Class) -
http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
(PopCapLoader Object) - http://zone.msn.com/bingame/zuma/def...ploader_v5.cab

this is what it says/
 
Upvote
  #4  
Old 08-17-04, 12:26 AM
bowlingpro2501
Visiting Guest
Posts: n/a
lol its alot lol
 
Upvote
  #5  
Old 08-17-04, 10:05 AM
C
Member
Join Date: Nov 2001
Location: Taylors, SC
Posts: 9,261
Upvotes: 0
Received 0 Upvotes on 0 Posts
Here is a discussion with a solution.

http://www.askmarvin.ca/forums/index...&hl=inetkw.dll

Hope this helps.
 
Upvote
  #6  
Old 08-17-04, 02:26 PM
bowlingpro2501
Visiting Guest
Posts: n/a
thank you
Thank you very much, we will give it a try and thanks again for your help! matt
 
Upvote
  #7  
Old 08-17-04, 03:32 PM
tae's Avatar
tae
tae is offline
Member
Join Date: Nov 2002
Posts: 2,451
Upvotes: 0
Received 0 Upvotes on 0 Posts
Run hijack this and check all the below:
C:\PROGRA~1\INTERN~2\inetmgr.exe
C:\PROGRA~1\INTERN~2\inetsvc.exe
C:\WINDOWS\dhbrwsr.exe
C:\Documents and Settings\Owner\Application
Data\eber.exe
C:\WINDOWS\dhsvr.exe
C:\WINDOWS\System32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) -
_{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: (no name) -
{707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program
Files\TV Media\TvmBho.dll
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) -
{00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: MxTargetObj Class -
{0000607D-D204-42C7-8E46-216055BF9918} -
C:\WINDOWS\mxTarget.dll
O2 - BHO: (no name) -
{01F44A8A-8C97-4325-A378-76E68DC4AB2E} - (no file)
O2 - BHO: (no name) -
{046D6EA4-15E3-4b27-8010-45BD78A9219E} - (no file)
O2 - BHO: (no name) -
{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: (no name) -
{83DE62E0-5805-11D8-9B25-00E04C60FAF2} - (no file)
O2 - BHO: (no name) -
{87766247-311C-43B4-8499-3D5FEC94A183} -
O2 - BHO: (no name) -
{87766247-311C-43B4-8499-3D5FEC94A183} -
C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O2 - BHO: C:\WINDOWS\lbbho.dll -
{C951601E-0BF8-410B-AE10-65926919571A} -
C:\WINDOWS\lbbho.dll
O2 - BHO: Band Class -
{D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} -
C:\WINDOWS\dealhlpr.dll
O2 - BHO: (no name) -
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) -
{2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: Band Class -
{D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} -
C:\WINDOWS\dealhlpr.dll
O3 - Toolbar: (no name) -
{BDF6CE3D-F5C5-4462-9814-3C8EAC330CA8} - (no file)
O3 - Toolbar: zSearch Bar -
{5886A6DC-AAF4-45E9-979A-8E5E6DEE30E7} - C:\Program
Files\zSearch\zSearch.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
/keeploaded /nodetect
O4 - HKLM\..\Run: [inetmgr]
C:\PROGRA~1\INTERN~2\inetmgr.exe
O4 - HKLM\..\Run: [DealHelperUpdate]
C:\WINDOWS\DHUpdt.exe
O4 - HKLM\..\Run: [DealHelperBrwsr]
C:\WINDOWS\dhbrwsr.exe
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Program
Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [zSearch] C:\Program
Files\zSearch\Zstb.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program
Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [Spyware remover]
C:\WINDOWS\Remove_spyware.exe
O4 - HKLM\..\Run: [WebRebates] javaw -cp "C:\Program
Files\WebRebates\System\Code" Main lp: "C:\Program
Files\WebRebates"
O4 - HKLM\..\Run: [websearch] javaw -cp "C:\Program
Files\websearch\System\Code" Main lp: "C:\Program
Files\websearch"
O4 - HKLM\..\Run: [Wast] C:\WINDOWS\wast2.exe 2
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common
Files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [stcloader]
C:\WINDOWS\System32\stcloader.exe
O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV
Media\Tvm.exe
O4 - HKCU\..\Run: [Notn] C:\Documents and
Settings\Owner\Application Data\eber.exe
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV
Media\Tvm.exe
O4 - HKCU\..\Run: [zSearch] C:\Program
Files\zSearch\Zstb.exe
O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV
Media\Tvm.exe
O8 - Extra context menu item: Coupons -
file://C:\Program
Files\couponsandoffers\System\Temp\couponsandoffers_script0.htm
O8 - Extra context menu item: Web Rebates -
file://C:\Program
Files\websearch\System\Temp\topr1150_script0.htm
O9 - Extra button: MoneySide -
{E023F504-0C5A-4750-A1E7-A9046DEA8A21} - (no file)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
Anything with "newnet" in it
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E}
(AimSp32 Class) -
http://makeover.ivillage.com/save/makeover.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F}
(Installer Class) -
http://www.xxxtoolbar.com/ist/softw...006_regular.cab

Reboot into safe mode, this way:
Restart the computer
Immediately begin tapping the F8 key.
Use the arrow keys to highlight Safe Mode and press the Enter key.

Also, enable the ”Show Hidden Files and Folders” option:
Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Click OK.

Now, go to Add/Remove Programs and uninstall TV Media and, while there, look for and uninstall any of these if found: MyBar, Mysearch, Twaintec, WebRebates and any other "search" program that may look dubious.

Next, while remaining in Safe Mode, find and delete the following folder.....

C:\Program Files\TV Media\ < folder

Empty your Recycle bin and reboot into normal mode.

There's alot of spyware. Please:

Download Ad-aware from here.

Install by double-clicking on the downloaded file.
After installing but before running, update Ad-aware by using its Globe icon.
After updating, shutdown and restart Ad-aware.
Ad-aware is ready to scan and clean your system following these steps:

Under Ad-aware 6 > Settings (Gear at the top) > Tweaks > Scanning Engine:
"Unload recognized processes during scanning."
Under Ad-aware 6 > Settings (Gear at the top) > Tweaks > Cleaning Engine:
"Let Windows remove files in use after reboot."
Press "Scan Now"
Check option "Use Custom scanning options"
Check option "Activate In-Depth Scan"
Press "Select drives\folders to scan"
Select the active partition which is usually C:
Press "Next" to let Ad-aware scan your drives...
If it finds "bad" files and registry keys, press "Next" again
Right-click in that pane and choose "select all"
Press "next"
When it asks to remove all checked items, Press "OK"
Close Ad-aware, reboot your system and go on


Spybot S&D
The download for Spybot S&D is available here:
http://www.majorgeeks.com/download2471.html

Install by double-clicking on the downloaded file.
Run Spybot S&D from desktop icon or Start menu.
Press "Search for updates" button to get list of updates available.
Press "Download updates" button.
Close all IE windows and close & restart Spybot S&D.
Press "Check for problems" button.
Have SpyBot remove all it marks in red by pressing "Fix selected problems".

Close Spybot S&D, reboot your system .
Don't forget to use the "innoculate" program in spybot.

Clear out your Temporary internet files and other temp files. Go to Start > Settings > Control Panel >
Internet Options. Under the General tab click the Delete temporary internet files,
choose to delete all Offline content. Clear out Cookies.

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all ->
File > delete.

Empty the contents of the C:\Windows\temp folder and C:\temp folder, if you have one.

This one too if Win2K or XP.
C:\Documents and Settings\username\Local Settings\Temp\

Empty the Recycle Bin.

Flush your restore points in ME and XP, by turning System Restore off and then back on.
This will create a fresh restore point.
 
Upvote
  #8  
Old 08-17-04, 03:47 PM
bowlingpro2501
Visiting Guest
Posts: n/a
Thank you
Thank you so very much, I will have her do this when she wakes up lol... I'll let you know what happens. thanks again.
 
Upvote
 

Thread Tools
Search this Thread
Search this Thread:

Advanced Search
Cookie Settings

DoItYourself.com®, founded in 1995, is the leading independent home improvement and repair website. We welcome your comments and suggestions. All information is provided "AS IS." Website operating problems contact webmaster@doityourself.com. Questions of a Do It Yourself nature should be submitted to our "DoItYourself.com Community Forums". Copyright© 1995-2023 MH Sub I, LLC dba Internet Brands. All rights reserved. You may freely link to this site, and use it for non-commercial use subject to our terms of use. View our Privacy Policy here.

Automotive Repair
Crafts and Recreation
Decorating
Electrical and Lighting
Flooring
Gardening and Patio
Hardware & Tools
Heating, AC & Ventilation
Household and Cleaning
Interior Home Improvement
Exterior Home Improvement
Plumbing
Animal Care & Pest Control
Real Estate, Insurance, Finances
Business
Food, Health, Fitness
Outdoor Recreation
Legal Advice
General Discussions
 
Ask a Question
Question Title:
Description:
Your question will be posted in: