Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Security and Virus > Offer Optimizer HELP

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

Offer Optimizer HELP

Reply to Message Icon

Name: Robby_v
Date: September 10, 2004 at 17:55:21 Pacific
OS: win ME
CPU/Ram: 1000
Comment:

I have treid to delete it on my own, but it is too hard to do.. so now . after you tell me what to delete do i just delete it in hjt and then just disable win recovery and reboot and enable it again or what else do i need to do. Thank you for helping


Logfile of HijackThis v1.98.2
Scan saved at 10:21:05 AM, on 11/09/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.exe
C:\WINDOWS\SYSTEM\SPOOL32.exe
C:\WINDOWS\SYSTEM\MPREXE.exe
C:\WINDOWS\SYSTEM\ATI2EVXX.exe
C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.exe
C:\WINDOWS\SYSTEM\MSTASK.exe
C:\WINDOWS\SYSTEM\SSDPSRV.exe
C:\WINDOWS\SYSTEM\CAPRPCS.exe
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.exe
C:\WINDOWS\TASKMON.exe
C:\WINDOWS\SYSTEM\RESTORE\STMGR.exe
C:\WINDOWS\SYSTEM\SYSTRAY.exe
C:\WINDOWS\SYSTEM\ATIPTAXX.exe
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.exe
C:\WINDOWS\SYSTEM\WMIEXE.exe
C:\WINDOWS\LOADQM.exe
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.exe
C:\WINDOWS\SYSTEM\MNIUYNNY.exe
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 4\CREATECD\CREATECD.exe
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.exe
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.exe
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.exe
C:\WINDOWS\SYSTEM\CAPPSW.exe
C:\WINDOWS\SYSTEM\CAPPSW.exe
C:\WINDOWS\SYSTEM\PSTORES.exe
C:\WINDOWS\SYSTEM\RNAAPP.exe
C:\WINDOWS\SYSTEM\TAPISRV.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.exe
C:\PROGRAM FILES\ACDSEE32\ACDSEE32.exe
C:\WINDOWS\SYSTEM\DDHELP.exe
C:\USEFULPROGRAMS\IBM CRACK\HIJACKTHIS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.linksummary.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.za/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.fnb.co.za/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://www.fastwebfinder.com/hp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by First National Bank
O2 - BHO: MultimppObj Class - {002EB272-2590-4693-B166-FBD5D9B6FEA6} - C:\WINDOWS\MULTIMPP.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [CAPON] C:\WINDOWS\SYSTEM\CAPON.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [EPSON Stylus C41 Series] C:\WINDOWS\SYSTEM\E_S10IC2.exe /P23 "EPSON Stylus C41 Series" /O5 "LPT1:" /M "Stylus C41"
O4 - HKLM\..\Run: [Kernel32] C:\WINDOWS\SYSTEM\Kernel.dll
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.exe /LOADQUIET
O4 - HKLM\..\Run: [ncidjnso] C:\WINDOWS\SYSTEM\mniuynny.exe
O4 - HKLM\..\Run: [Popup Chomper] C:\PROGRAM FILES\POPUP CHOMPER\POPUP CHOMPER.exe
O4 - HKLM\..\Run: [PopUp Buster+] C:\PROGRAM FILES\POPUPBUSTER\popupbuster.exe
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\ADAPTEC\EASYCD~1\CREATECD\CREATECD.exe -r
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.exe" /background
O4 - HKCU\..\Run: [Spyware-Cop] "C:\PROGRAM FILES\SPYWARE-COP\SPYWARE-COP.exe" /s
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Canon LBP-810 Status Window.LNK = C:\WINDOWS\SYSTEM\CAPPSW.exe
O4 - Startup: folder.htt
O4 - User Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.exe
O4 - User Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - User Startup: Canon LBP-810 Status Window.LNK = C:\WINDOWS\SYSTEM\CAPPSW.exe
O4 - User Startup: folder.htt
O4 - Global Startup: folder.htt
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: Block - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\PROGRAM FILES\POPUP CHOMPER\block.exe (file missing)
O9 - Extra 'Tools' menuitem: &Block Popup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\PROGRAM FILES\POPUP CHOMPER\block.exe (file missing)
O9 - Extra button: Kill popup - {0A9F8624-4221-4508-9636-69ABD753695A} - C:\PROGRAM FILES\POPUPBUSTER\POPUPBUSTER.exe (file missing)
O9 - Extra 'Tools' menuitem: Kill popup - {0A9F8624-4221-4508-9636-69ABD753695A} - C:\PROGRAM FILES\POPUPBUSTER\POPUPBUSTER.exe (file missing)
O9 - Extra button: Dell Home - {EE117DAA-A30B-40FC-945C-38AE1B80C1FA} - http://www.dellnet.com (file missing) (HKCU)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.co...v45/yacscom.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/i...389/mcfscan.cab



Sponsored Link
Ads by Google

Response Number 1
Name: Wombat
Date: September 10, 2004 at 20:15:10 Pacific
Reply:

Go here and paste yout HJT log into the box, this will help you learn to fix things yourself...

http://hijackthis.de/index.php?langselect=english

Iligitimi non carborundum est


0

Response Number 2
Name: Abnormal
Date: September 11, 2004 at 06:33:53 Pacific
Reply:

Hijackthis log reading help sites.

Places to go for learning and support.



0

Response Number 3
Name: Derek
Date: September 12, 2004 at 15:31:20 Pacific
Reply:

... and when eventually you are "certain" your log is clean set it to ignore all.

From then on it will only report additions which will give you a lot less to wade through.

Derek.W


0

Sponsored Link
Ads by Google
Reply to Message Icon

Related Posts

See More


Restricting downloads Help needed urgently@



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Security and Virus Forum Home


Sponsored links
Ads by Google


Results for: Offer Optimizer HELP
Please help!!! www.computing.net/answers/security/please-help/1346.html

Help with W32.Bugbear@mm virus www.computing.net/answers/security/help-with-w32bugbearmm-virus/10010.html

Need help on Winfavorites pest www.computing.net/answers/security/need-help-on-winfavorites-pest/8930.html