Archived from groups: microsoft.public.win98.gen_discussion (
More info?)
"pabearmvp" wrote:
> Running Spybot?
>
http://www.safer-networking.org/en/faq/24.html
>
> Courtesy of MVP Ramesh:
>
> To restore missing tabs, open Registry Editor and go to these
> locations:
>
> [HKEY_CURRENT_USERSoftwarePoliciesMicrosoftInternet
> Explorer Control
> Panel]
>
> [HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftInternet
> Explorer Control
> Panel]
>
> Disable the restrictions by typing the values to "0" for the
> relevant keys.
> By trying the manual procedure, you are just making the tabs
> visible and not
> removing the parasites. [See below.]
>
> Or, "Remove IE Restrictions & Restore Missing tabs". Download
> the REG fix
> and double-click it:
>
http://windowsxp.mvps.org/reg/IE_reset_restrictions.reg
>
> Help with Hijackware
>
http://aumha.org/a/parasite.htm
>
http://aumha.org/a/quickfix.htm
>
http://mvps.org/winhelp2002/unwanted.htm
>
http://inetexplorer.mvps.org/Darnit.htm
>
http://www.mvps.org/sramesh2k/Malware_Defence.htm
> http://defendingyourmachine.blogspot.com/
> --
> ~Robear Dyer (PA Bear)
> MS MVP-Windows (Shell, IE/OE) & Security
>
> Mastering Newsgroups in Outlook Express
>
http://www.microsoft.com/windows/ie/community/columns/newsgroups.mspx
>
> Cynindesign wrote:
> > Win98SE
> >
> > The first odd thing I was noticing I could view this
> particular site's
> > flash samples on the web, everything played perfectly, but
> on my
> > system the main flash movie that played the others remained
> blank.
> > First noticed this behavior about a week ago.....then it
> occurred to
> > me that perhaps it's something in my security settings and
> went to
> > Tools -> Internet Options and I WAS LOCKED OUT!!! I got
> this error
> > message: "This operation has been cancelled due to
> restrictions in
> > effect on this computer. Pleas contact your system
> > administrator......What's causing this and what do I do, I'm
> current
> > in security updates, ran Ad-ware, ran CWSShredder and it's
> still doing
> > it.
> >
> > TIA, Cyn
No NoBrowserOptions in registry, downloaded Spybot1.3, been running
1.2, found a few more that ad-ware didn’t find. Spybot running in the
default mode.
Downloaded hyjackthis, I used the google toolbar, but I’ve not noticed
and yahoo features that I see here, any who, here’s the log from
hijack, please let me know, thanks, Cyn:
Logfile of HijackThis v1.98.2
Scan saved at 9:06:31 AM, on 3/26/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\WINDOWS\NECUTRAY.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\USBMONIT.EXE
C:\PROGRAM FILES\D-LINK\AIR UTILITY\AIRCFG.EXE
C:\PROGRAM FILES\ALPHA NETWORKS\ANIWZCS SERVICE\WZCSLDR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MAILWASHER PRO\MAILWASHER.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
F:\DOWNLOAD\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default)
=
http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugin
s%5CSBWeb_01.src");
(C:\WINDOWS\Application
Data\Mozilla\Profiles\default\jx8oczwu.slt\prefs.js)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} -
C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar2.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- F:\PROGRAM FILES\ADOBE\ACROBAT
5.0\ACROBAT\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: Trellian Toolbar -
{71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program
Files\TRELLIAN\ToolBar\toolbar.dll
O3 - Toolbar: &Yahoo! Companion -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM
FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O3 - Toolbar: Norton AntiVirus -
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Gene USB Monitor]
C:\WINDOWS\SYSTEM\USBMonit.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\PROGRAM
FILES\D-LINK\AIR UTILITY\AIRCFG.EXE
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha
Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [TrueVector]
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common
Files\Symantec Shared\ccSetMgr.exe"
O4 - HKCU\..\Run: [VCatch] C:\PROGRAM FILES\COMMONSEARCH\VCATCH
PREMIUM\VCATCHPRE.EXE
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Acrobat Assistant.lnk = F:\Program
Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control
Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control
Panel present
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: &WordWeb... -
res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: &Add animation to IncrediMail Style Box
- F:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM
FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM
FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM
FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English -
res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\PROGRAM
FILES\COMMON FILES\SOURCETEC\SWF CATCHER\InternetExplorer.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD}
- C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O9 - Extra ’Tools’ menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM
FILES\YAHOO!\MESSENGER\YHEXBMES0411.DLL
O9 - Extra button: Sothink SWF Catcher -
{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\PROGRAM FILES\COMMON
FILES\SOURCETEC\SWF CATCHER\InternetExplorer.htm
O9 - Extra ’Tools’ menuitem: Sothink SWF Catcher -
{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\PROGRAM FILES\COMMON
FILES\SOURCETEC\SWF CATCHER\InternetExplorer.htm
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {F5C90925-ABBF-4475-88F5-8622B452BA9E} (Compaq System Data
Class) -
http://www29.compaq.com/falco/SysQuery.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) -
http://www5.incredimail.com/contents/setup/downloader_sp1/imloader.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class)
-
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) -
http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl
Class) -
http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
--
Posted using the
http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL:
http://www.windowsforumz.com/General-Discussion-blue-change-internet-options-ftopict349492.html
Visit Topic URL to contact author (reg. req'd). Report abuse:
http://www.windowsforumz.com/eform.php?p=1101029