Sponsored By


  • Content Count

  • Joined

  • Last visited

Everything posted by flashh4

  1. yes welcome to the forum !!!!!!! i usually just sit & read the post but theres some real knowledgable people here ! i hope to join the HJT team when i grad from TOM COYOTE ! so as dave said have a cup & enjoy !!!!!!
  2. jsky, theres many stories out there that never get told ! yes i have seen that incident b4 & many more after 31 yrs. with the DEA as under cover agent !! one night we busted the door into an apartment & after a sweep i found a 13 yr. old laying beside her bed. i could not get a pulse so i started cpr & called another officer in to help & get 911 ambulance. but i knew it was too late. so i sat there and held her close & cried for about 15 minutes till the ambulance got there. she had od on meth !!!!!!!! so young & not informed on the missuse of drugs & their potential problems !!!! sorry people i just have to get this off my chest every once in a while !!!!
  3. wow id like to work your log but im only in training to do them !!!! some day !!!!! but i can tell what i see ! CoolWebSearch Trojan R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50245 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id= R3 - URLSearchHook: (no name) - _{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - (no file) R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll O2 - BHO: Replace Search Ctl - {832BEBED-C3DA-4534-A2C2-B2FFF220C820} - C:\WINDOWS\System32\replaceSearch.dll O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll O3 - Toolbar: searchforit - {C109664B-CEB1-420b-B353-D55A561536DD} - C:\WINDOWS\System32\SYSsfitb.dll O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr_.ex O4 - HKLM\..\Run: [ErrorGuard] C:\Program Files\ErrorGuard\ErrorGuard.Exe O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe O4 - HKLM\..\Run: [CashBack] C:\Program Files\CashBack\bin\cashback.exe O4 - HKLM\..\Run: [msmc] C:\WINDOWS\System32\msdioo.exe O4 - HKLM\..\Run: [surfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe O4 - HKLM\..\Run: [version] C:\WINDOWS\System32\bjarubj.exe O4 - HKLM\..\Run: [AutoUpdater] \"C:\Program Files\AutoUpdate\AutoUpdate.exe\" O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\SpamBlockerUtility\Bin\\SbWeatherOnTray.exe O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] \"C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe\" O4 - HKLM\..\Run: [PaciSoft] C:\WINDOWS\System32\pacis.exe O4 - HKLM\..\Run: [exp.exe] C:\WINDOWS\System32\exp.exe O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS\System32\wintask.exe O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBouncer\VirtualBouncer.exe O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe O4 - HKLM\..\Run: [TBPS] C:\PROGRA~1\Toolbar\TBPS.exe O4 - HKLM\..\Run: [C:\WINDOWS\IEXPLORER.exe] C:\WINDOWS\IEXPLORER.exe O4 - HKLM\..\Run: [AtxBrw] C:\WINDOWS\IEXPLORER.exe O4 - HKLM\..\Run: [salm] c:\temp\salm.exe O4 - HKLM\..\Run: [RSync] C:\WINDOWS\System32\netsync.exe O4 - HKLM\..\Run: [cfgmgr51] RunDLL32.EXE C:\WINDOWS\cfgmgr51.dll,DllRun O4 - HKLM\..\Run: [winupdtl] C:\WINDOWS\System32\winupdt.exe O4 - HKLM\..\Run: [AUNPS2] RUNDLL32 AUNPS2.DLL,[email protected] O4 - HKLM\..\Run: [WinLogon] C:\WINDOWS\logon.exe O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\System32\rpnkup.exe reg_run O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe O4 - HKLM\..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe O4 - HKCU\..\Run: [surfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe O4 - HKCU\..\Run: [sfita] C:\WINDOWS\sfita.exe O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe O4 - HKCU\..\Run: [eZWO] C:\PROGRA~1\Web Offer\wo.exe O4 - Startup: AdDestroyer.lnk = C:\Program Files\AdDestroyer\AdDestroyer.exe O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - C:\PROGRA~1\Toolbar\toolbar.dll O18 - Filter: text/html - {CC905FF6-B553-496C-9DFA-CFF65ADCD0FC} - C:\WINDOWS\System32\mscgdc.d O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe whewwwwww now maby someone can take over from here & tell you how to remove them !! oh & you have a lot of files & some folders that need to be removed !!!
  4. im in traing to do logs at COYOTE, & im not supposed to tell you how & what to remove but i can tell you this can slow your computer O3 - Toolbar: IPrive - {AEE46806-2C5A-4a4e-A5DD-B4531F64A187} - C:\PROGRA~1\IPrive\TBIPrive.dll O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c18.cab si a delivery service for advertiseing, but wait for an expert to comfirm & clean your computer !!!!
  5. howdy, wrong information revoved, but im no expert ( still in training ) so wait for an expert to tell you how & with which program to remove your problems !!! do nothing till an expert advises you !!!!!!!!
  6. flashh4

    Memorial Day

    thanks you all who support us vietnam vets & of all other war vets !!! we were just kids !!!!!!
  7. howdy BRETT, i had the same problem on my tower computer & i tried everything. so i did a repair install & have never had any problems since. don't know if this will help you ..
  8. my first fiancee decided not to marry me after i asked her to change her name......now i thought it would be cute if we were both named larry.
  9. flashh4

    2 Drunks

    2 drunks walking down the street walked into a bar, one said to the other " i should of see that comeing " !!!!!
  10. 2 blonds driveing their car to disneyland in california. down the interstate saw a sign that said disneyland left, so the turned around and headed back home !!!
  11. howdy Vile_DR , since im in COYOTE classes i can't tell you how to fix your log but i can tell you what i see !!!!! this is an ad agency !! O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Download...e/bridge-c9.cab this is a very poor spy scanner !! O16 - DPF: {7D40ADF2-AD68-4959-ACEC-DA96BF5E6EB7} (SpyBouncer.SBDownloader) - http://spywareremover.spybouncer.com/downloader.ocx AND THESE WOULD BE OPTIONAL : O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe just what it says .......SunJavaUpdate. not necessary this loads some Microsoft Office components into memory even if you are not currently useing the program ! O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE but wait for an expert to review you log !!!!!!!
  12. there was a car broke down beside the rode with california plates. along came this cowboy in his big high riding 4x4 pickup truck. so he stops & ask the guy if he would like a ride to the next town to find a service station with a mechanic. so the california guy gets in as they are driveing down the road the cowboy sees a sheep with his head stuck in the fence. so the cowboy slams on his breaks, jumps out, runs over to the sheep & pulls down his pants and has his way with the sheep. they take off down the road & the same thing happens. so they were driveing down the road again & the cowboy slams on his brakes again. the california guy yell its my turn so he jumps out runs over to the fence & pulls down his pants & sticks his head in the fence !!!!!!!!!!!
  13. i too have been in COYOTE classes for quite a while. its easy for me to find the spys & trojans but the tough part is recommending the right program to remove problems & in which order they should be removed, but its real interesting to me . some day ill be a WARRIOR !!!!! jsut take things slowly & study a lot of practice logs to watch how the experts do it !!! gl in class
  14. an old rooster was watching the farmer bring a new rooster into the yard. the new rooster ran up to the old rooster & said im here to take over now you can leave! the old rooster said now wait a minute, tell you what ill do. if you can beat me in a race around the house ill go peacefully with no fuss. the young rooster said ok, and ill give you a head start. so off the old rooster ran. soon the young rooster almost caught up as they came in front of the house where the farmer was sitting. BOOM went the shotgun that the farmer kept handy. dam , thats the 3rd gay rooster this week !!!!
  15. thanks DAVE, been trying to figure how you log fixers do that .great help !!!! thanks so much . CHUCK
  16. yes thats it Tg1911 thanks so much !!!
  17. well maby that would help but i dont have firefox, so guess ill have to keep searching, i know theres got to be a way to do this. thanks DKNOPPIX
  18. sorry john, i know that. maby dknoppix you can tell me since you are also in COYOTE. how do you get links copied , put in folders,then retrive to post so the links work !!!!!!!!!! or is there another way ??????
  20. i need some help from you guys. i want to know how you save your links so they will work when you retrive them from your folders or files where you keep your help,canned speeches & other help to reply to posted logs ??? mine doesn't work when i get them from my folder where i keep all links. & i use wordpad. so any help on how you save your links ????? thanks
  21. thanks sidekickcat for that info. just to see if you read this on the logitech post ............logitech post.
  22. just thought id post this here to let all know....O18 - Protocol: bw+0s - {33AD96E5-E123-42AF-AF16-00A9CD0B06BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll i think they must have something to do with my wireless logitech mouse & keyboard ??? if so any idea what caused so many in my log ???? thansk for any help !!!! SOLVED just to let everyone know that the file above is used by LOGITECH, so if you have the mouse or key board (wireless) you might want to do a HJT and look to see if you have a bunch of these in your log. i had 85 of them. FYI am contacting them to see why !!!
  23. O18 - Protocol: bw+0s - {33AD96E5-E123-42AF-AF16-00A9CD0B06BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll i think they must have something to do with my wireless logitech mouse & keyboard ??? if so any idea what caused so many in my log ???? thansk for any help !!!! SOLVED just to let everyone know that the file above is used by LOGITECH, so if you have the mouse or key board (wireless) you might want to do a HJT and look to see if you have a bunch of these in your log. i had 85 of them. FYI
  24. thanks techie,i downloaded fass so ill play with it & see if i can figure it out. thanks again