Hi, I'm kind of new to all of this. I just found this site while I was using google to look up some things in my task manager. Long story short, I ran that HijackThis thing, and it left me with a really long list. I'm trying to clean my computer up from my ex boyfriend who liked to download everything...now my computer is SO slow. If you can help please let me know. Thanks, Katrina

Hi Katrina, Try these first, or at least 1 AntiVirus, and Spybot & Adaware: Anti-Virus ▫ [on-line] BitDefender Anti-Virus ▫ [on-line] RAV Anti-Virus (AV Security) ▫ [on-line] ActiveScan Anti-Virus (Panda) ▫ [on-line] HouseCall Anti-Virus (Trend Micro) ▫ nod32 Anti-Virus (eset) ▫ F-Prot Anti-Virus (F-Secure) ▫ AVG Anti-Virus (Grisoft) Anti-Spyware ▫ Spybot Search & Destroy (Safer Networking) ▫ Ad-aware (Lavasoft) ▫ CWShredder (Merijn.org) ▫ TDS-3 (DiamondCS) ▫ Pest Patrol ▫ [on-line] TrojanScan (GFi) Keep in mind that some of them may need to be updated over the web first when started, and before zapping the baddies! And then make another HijackThis log, and post it here. You'll get a warning about posting such logs, but just ignore it. ___________________________________________ ☺ [Belgium, GMT+1]_________________________svg

With respect svg there is a forum devoted exclusively to Hijack logs. Would it not be better for the poster to go there and compare the problems of other posters?

You're right, XPose. However, why ask someone to double-post? I might as well build on it here, instead of waiting for the post to appear on the Security & Virus forum. Damage done, so to speak :) ___________________________________________ ☺ [Belgium, GMT+1]_________________________svg

...and on my opinion... Watch out for your future boyfriend not to do this kind of stuf to your computer... :) With all respect... UxM

I set up a user account for my wife with no Admin. Priv. She would get on Kazaa and download anything she was remotely interested in! The first time I ran a Spybot, I had 425 finds.....so now she's limited ...... my you should do the same.

Okay well thanks y'all for all of your help. yeah i know, he would do it while i was at work, i'd come home and there would be all sorts of new stuff on my computer...he thought he was some kind of hacker or something, but really knew nothing. anyway, i ran that bit anti virus, and that spybot, and i also ran ad aware that i already had on my computer. I just ran the hijackthis again and here's what i have left. R0 - HKCU\Software\Microsoft\InternetExplorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rd.yahoo.com/customize/sbcydsl/defaults/*http://yahoo.sbc.com/dsl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://rd.yahoo.com/customize/sbcydsl/defaults/*http://yahoo.sbc.com/dsl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/customize/sbcydsl/defaults/su/*http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file) O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000000} - (no file) O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll O2 - BHO: (no name) - {000E7270-CC7A-0786-8E7A-DA09B51938A6} - C:\WINDOWS\System32\n3tpa1.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx (file missing) O2 - BHO: Clear Search - {947E6D5A-4B9F-4CF4-91B3-562CA8D03313} - C:\Program Files\ClearSearch\IE_ClrSch.DLL O2 - BHO: (no name) - {e43ac1ad-4985-4efe-aac5-742ac7bf3277} - C:\DOCUME~1\User\APPLIC~1\pckiastkdr.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: chlylynvdkd - {35fd771a-6009-4974-a352-4b71da5fa5e0} - C:\DOCUME~1\User\APPLIC~1\pckiastkdr.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [WFIPS] C:\Documents and Settings\User\Local Settings\Temp\Temporary Directory 5 for iphider.zip\ip hider.exe -autoboot O4 - HKLM\..\Run: [winactive] C:\Program Files\Window Active\winactive.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [ClrSchLoader] C:\Program Files\ClearSearch\Loader.exe O4 - HKLM\..\Run: [Belt] C:\WINDOWS\Belt.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Zenet] rundll32.exe C:\PROGRA~1\COMMON~2\Toolbar\CNBabe.dll,DllStartup O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe O4 - Startup: OCRAWARE.lnk = C:\OCRAWARE.exe O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Yahoo! Login (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Login (HKLM) O9 - Extra button: AIM (HKLM) O9 - Extra button: Real.com (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O14 - IERESET.INF: START_PAGE_URL=http://www.e4me.com O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.netpaloffers.net/NetpalOffers/DMO1/GrlNt0i.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/funwebproducts/PopSwatterInitialSetup1.0.0.5.cab O16 - DPF: {20000273-8230-4DD4-BE4F-6889D1E74167} - http://download.abetterinternet.com/download/cabs/TURB8108/payload2.cab O16 - DPF: {26E8361F-BCE7-4F75-A347-98C88B418322} - http://dst.trafficsyndicate.com/Dnl/T_50003/btiein.cab O16 - DPF: {29C13B62-B9F7-4CD3-8CEF-0A58A1A99441} - http://fdl.msn.com/public/chat/msnchat41.cab O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37698.9163888889 O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_1us.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} - http://fdl.msn.com/public/chat/msnchat4.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{4D75922E-3187-4CF3-A63E-49CCEFF465C7}: NameServer = 205.188.146.146 Thanks again.