Hate Pop ups ! Hijack please Help

Please can you help i am recieving loads of pops ups i have used hijack this the rests r below

Logfile of HijackThis v1.97.7
Scan saved at 19:37:15, on 01/03/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\MIXER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\MGACTRL.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\COLOR\HGCCTL95.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\QDESK\MGAQDESK.EXE
D:\PROGRAM FILES\STEAM\STEAM.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\MSLAGENT\MSLAGENT.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\ALOGSERV.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\AVSYNMGR.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSSTAT.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSHWIN32.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\AVCONSOL.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\WEBSCANX.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fwgltf.t.muxa.cc/s.php?aid=240 (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fwgltf.t.muxa.cc/s.php?aid=240 (obfuscated)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://fwgltf.t.muxa.cc/s.php?aid=240 (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fwgltf.t.muxa.cc/h.php?aid=240 (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fwgltf.t.muxa.cc/s.php?aid=240 (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fwgltf.t.muxa.cc/s.php?aid=240 (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://fwgltf.t.muxa.cc/s.php?aid=240 (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = www.msn.co.uk
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://fwgltf.t.muxa.cc/h.php?aid=240 (obfuscated)
O1 - Hosts: 66.250.171.136 sitefinder-idn.verisign.com
O1 - Hosts: 66.250.57.9 ad.doubleclick.net
O1 - Hosts: 66.250.57.9 view.atdmt.com
O1 - Hosts: 66.250.57.9 click.atdmt.com
O1 - Hosts: 66.250.57.9 leader.linkexchange.com
O2 - BHO: (no name) - {DE614603-6320-4046-A7A7-6A69CEC26F14} - C:\WINDOWS\MSLAGENT\4B_1,0,0,6_MSLAGENT.DLL
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\CCHELPER.DLL
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Pa&nicware Pop-Up Stopper Pro - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\POPUPPRO.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ICSMGR] ICSMGR.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [sys] regedit -s sys.reg
O4 - HKLM\..\Run: [system] c:\Free_Sex_Download.exe
O4 - HKLM\..\Run: [Matrox Control Center] C:\Program Files\Matrox MGA PowerDesk\mgactrl.exe
O4 - HKLM\..\Run: [Matrox Color Control] C:\Program Files\Matrox MGA PowerDesk\Color\hgcctl95.exe
O4 - HKLM\..\Run: [Matrox Diagnostic] C:\Program Files\Matrox MGA PowerDesk\diag\mgadiag.exe -s
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Matrox QuickDesk] C:\Program Files\Matrox MGA PowerDesk\QDesk\mgaqdesk.exe
O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGCOMLIB_1034.dll,InstantAccess
O4 - HKCU\..\Run: [mslagent] C:\WINDOWS\mslagent\MSLAGENT.EXE
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/Flash/swflash.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://www.smgradio.com/core/player/abasetup144.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38029.6126157407
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN.cab
O16 - DPF: {CF5F84EB-D3FC-4F98-BE3B-F5B56B962CED} - http://akamai.downloadv3.com/binaries/DialHTML/EGCOMLIB_1034.cab

 

Hi Duncanning,

Please download, unzip and run: http://www.computercops.biz/zx/phoenix22/cws.zip
Use the Fix button and follow the instructions provided by the program.

Then reboot, run HijackThis again and post a new log.

Regards,

Pieter

 

Here you go

Logfile of HijackThis v1.97.7
Scan saved at 20:20:01, on 01/03/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\MIXER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\MGACTRL.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\COLOR\HGCCTL95.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\QDESK\MGAQDESK.EXE
D:\PROGRAM FILES\STEAM\STEAM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\MSLAGENT\MSLAGENT.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = www.msn.co.uk
O1 - Hosts: 66.250.57.9 view.atdmt.com
O1 - Hosts: 66.250.57.9 click.atdmt.com
O1 - Hosts: 66.250.57.9 leader.linkexchange.com
O2 - BHO: (no name) - {DE614603-6320-4046-A7A7-6A69CEC26F14} - C:\WINDOWS\MSLAGENT\4B_1,0,0,6_MSLAGENT.DLL
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\CCHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Pa&nicware Pop-Up Stopper Pro - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\POPUPPRO.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ICSMGR] ICSMGR.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Matrox Control Center] C:\Program Files\Matrox MGA PowerDesk\mgactrl.exe
O4 - HKLM\..\Run: [Matrox Color Control] C:\Program Files\Matrox MGA PowerDesk\Color\hgcctl95.exe
O4 - HKLM\..\Run: [Matrox Diagnostic] C:\Program Files\Matrox MGA PowerDesk\diag\mgadiag.exe -s
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Matrox QuickDesk] C:\Program Files\Matrox MGA PowerDesk\QDesk\mgaqdesk.exe
O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGCOMLIB_1034.dll,InstantAccess
O4 - HKCU\..\Run: [mslagent] C:\WINDOWS\mslagent\MSLAGENT.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/Flash/swflash.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://www.smgradio.com/core/player/abasetup144.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38029.6126157407
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN.cab
O16 - DPF: {CF5F84EB-D3FC-4F98-BE3B-F5B56B962CED} - http://akamai.downloadv3.com/binaries/DialHTML/EGCOMLIB_1034.cab

 

Hi duncanning,

Fix these entries in Hijack log

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fwgltf.t.muxa.cc/s.php?aid=240 (obfuscated)

O1 - Hosts: 66.250.57.9 view.atdmt.com

O1 - Hosts: 66.250.57.9 click.atdmt.com

O1 - Hosts: 66.250.57.9 leader.linkexchange.com

reboot, if you already have spybot and ad-aware, check for updates, run them and then post a new hijack log
if you dont have spybot and adaware at present do reboot and post the fresh log and download those two.

keep posting

 

Hi Duncanning,

Add these to the ones Subratam listed:

O2 - BHO: (no name) - {DE614603-6320-4046-A7A7-6A69CEC26F14} - C:\WINDOWS\MSLAGENT\4B_1,0,0,6_MSLAGENT.DLL

O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGCOMLIB_1034.dll,InstantAccess
O4 - HKCU\..\Run: [mslagent] C:\WINDOWS\mslagent\MSLAGENT.EXE

Then reboot and delete:
C:\WINDOWS\mslagent <= entire folder
http://www.doxdesk.com/parasite/MagicControl.html

Regards,

Pieter

 

Latest

Logfile of HijackThis v1.97.7
Scan saved at 20:47:35, on 01/03/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\MIXER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\MGACTRL.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\COLOR\HGCCTL95.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\QDESK\MGAQDESK.EXE
D:\PROGRAM FILES\STEAM\STEAM.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = www.msn.co.uk
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\CCHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Pa&nicware Pop-Up Stopper Pro - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\POPUPPRO.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ICSMGR] ICSMGR.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Matrox Control Center] C:\Program Files\Matrox MGA PowerDesk\mgactrl.exe
O4 - HKLM\..\Run: [Matrox Color Control] C:\Program Files\Matrox MGA PowerDesk\Color\hgcctl95.exe
O4 - HKLM\..\Run: [Matrox Diagnostic] C:\Program Files\Matrox MGA PowerDesk\diag\mgadiag.exe -s
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Matrox QuickDesk] C:\Program Files\Matrox MGA PowerDesk\QDesk\mgaqdesk.exe
O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/Flash/swflash.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://www.smgradio.com/core/player/abasetup144.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38029.6126157407
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN.cab
O16 - DPF: {CF5F84EB-D3FC-4F98-BE3B-F5B56B962CED} - http://akamai.downloadv3.com/binaries/DialHTML/EGCOMLIB_1034.cab

 

Also cws shredder asked me to delete Directcc.exe but i didn't know if i should any ideas ?

 

EDIT: my post removed.

sorry Pieter.

 

NOOOOO!! Windows 98 needs that file to run Frontpage (and maybe others)

Subratam,

Do you actually read the information on the links you post?

Regards,

Pieter

 

It won't allow me to update SpywareGuard or SpywareBlaster but Spybot S&D is Ok & Ad Aware here is the latest scan

Logfile of HijackThis v1.97.7
Scan saved at 21:29:20, on 01/03/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\MIXER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\MGACTRL.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\COLOR\HGCCTL95.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\QDESK\MGAQDESK.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = www.msn.co.uk
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\CCHELPER.DLL
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Pa&nicware Pop-Up Stopper Pro - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\POPUPPRO.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ICSMGR] ICSMGR.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Matrox Control Center] C:\Program Files\Matrox MGA PowerDesk\mgactrl.exe
O4 - HKLM\..\Run: [Matrox Color Control] C:\Program Files\Matrox MGA PowerDesk\Color\hgcctl95.exe
O4 - HKLM\..\Run: [Matrox Diagnostic] C:\Program Files\Matrox MGA PowerDesk\diag\mgadiag.exe -s
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Matrox QuickDesk] C:\Program Files\Matrox MGA PowerDesk\QDesk\mgaqdesk.exe
O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://www.smgradio.com/core/player/abasetup144.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38029.6126157407
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN.cab
O16 - DPF: {CF5F84EB-D3FC-4F98-BE3B-F5B56B962CED} - http://akamai.downloadv3.com/binaries/DialHTML/EGCOMLIB_1034.cab

 

Not very importants, but I missed these before:
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN.cab
O16 - DPF: {CF5F84EB-D3FC-4F98-BE3B-F5B56B962CED} - http://akamai.downloadv3.com/binaries/DialHTML/EGCOMLIB_1034.cab

Those should be fixed as well.

Are you still having problems with the popups?

Regards,

Pieter

 

Thanks Pieter & subratam The popups seem to of stopped

Pieter What about this file i deleted all seems to still be ok exept i cant update SG or SB should i down load from somwhere else ?

 

Hmmpff. I found another file that it more likely was.

If you have a Windows CD:
Go to the Control Panel > Software > Windows Installation
Select Communication and click on Detail; Select DIRECT CABLE CONNECTION and click OK; Windows will ask for the Windows CD-ROM and will install the software.

Regards,

Pieter

 

Pieter i don't have a Software Icon i am running Win98se can u help ?

 

Hi Duncanning,

Open the control panel
Double click the "Add/Remove Programs" icon, the "Properties" window will open.
Click on the "Windows Setup" tab on the top of the window.
A Listing of components will be shown in the white "components" text box

Under Communications you should find:
Dial-Up Networking
Dial-Up Server
Direct Cable Connection
Hyper Terminal
Microsoft Chat
Phone Dialer
Virtual Private Networking

HTH,

Pieter