# Solved: Wireless Router problem



## sueb_51 (May 13, 2004)

Hi all! having a problem here with trying to set up 2 computers via Belkin wireless g router 802.11g. I had it connected some time ago to the same computer with no problem. This time the router is connected to a computer with Vista, which i totally hate lol. Anyways i lost the cd for the router and when i installed the wireless card in the other computer it says excellent signal, connected and status good, only problem is that i can't get online. I know it is a ip addy problem but i have no clue how to do any of that. Can i still set this up without the Belkin cd?? any help would be appreciated. thanx. Oh by the way when i go to their website i didn't c anything to download there for help in vista. The other computer is running xp.


----------



## MN_N8VTech (Jun 7, 2001)

You dont neccessarily need the cd. Does the XP computer get internet? And is that computer wired or wireless? Also, when you set up the router originally did you put any security on it at all?


----------



## sueb_51 (May 13, 2004)

Actually it did have a 26 digit security wep code that i had to put on the other computer. But this is a different computer so i don't know how to get the wep key for it to function properly. The host computer is the vista and the xp is the other. so no i don't have access yet on the xp one.


----------



## sueb_51 (May 13, 2004)

i got the wep code when i ran the cd for the router, that's why i don't know how to get it lol


----------



## bearone2 (Jun 4, 2004)

whether thru the utility for the adapter or windows, you need to setup the same encryption on the adapter as in the setup for the router.


----------



## sueb_51 (May 13, 2004)

oooook i have no clue how to do that


----------



## MN_N8VTech (Jun 7, 2001)

There are a couple options to get the wep key. It appears you're using WEP with 128 bit encryption so be sure you're choosing that in the wireless connection on the XP machine when you get that far. (If it asks for that)
You can either reset the router, which may not be advisable if youre not overly familiar with how to set things up, or...for most Belkins you should be able to access the router by typing in the address in your browser- 192.168.2.1 and then click submit (shouldnt have a username or password set up, unless youve set one up initially)
Try that and let me know.


----------



## sueb_51 (May 13, 2004)

yes i get that far where it asks for it lol. and when i type the address in the browser 192.168.2.1 it goes to the sympatico screen on this computer. it shows the ip addy and stuff, but i don't know how to do anything here lol. hope this makes scense


----------



## MN_N8VTech (Jun 7, 2001)

Ok, Sypatico I assume is your internet service provider? They must use a router/modem with that local IP. To get your routers gateway go to the computer that works (Vista?) and go into command prompt, at the prompt type in ipconfig /all and look for the default gateway, use that IP address to type in your browser to log into the router.


----------



## sueb_51 (May 13, 2004)

ok i'll give it a try, sorry for being a pain, it was soooooo easy last time lol


----------



## sueb_51 (May 13, 2004)

omg i don't even know how to get to the prompt on vista!!! there is no run lol


----------



## MN_N8VTech (Jun 7, 2001)

Isnt Vista fun??? just click in the search bar right avove the start icon and start typing command, itll magically appear in the list


----------



## sueb_51 (May 13, 2004)

actually no it isn't lol but anyways wow. i did that and it appeared and went away just as fast lol now what


----------



## MN_N8VTech (Jun 7, 2001)

it shouldnt go away, it should be listed in the list above where you were typing. Otherwise click on programs (or however its worded, cant remember) and itll be in there somewhere.


----------



## sueb_51 (May 13, 2004)

this is weird!!! it is in the start menu,and elsewhere lol, but when i click on it it opens then closes just as fast


----------



## sueb_51 (May 13, 2004)

this would be sooooo much easier to access a wep code lol


----------



## sueb_51 (May 13, 2004)

i'm sorry but i have found it in a few places but when i click on it it closes as fast as it opens


----------



## MN_N8VTech (Jun 7, 2001)

Thats a problem. Historically a virus could cause that. Havent heard of any known issues doing that with Vista yet. If you want to make life alot easier you could reset the router. Be aware, if you do this you wont have any security on it, it will be wide open, therefore if you are in a populated area you may not want to do this, or else get it secured asap after reset.


----------



## sueb_51 (May 13, 2004)

and how do i do that


----------



## MN_N8VTech (Jun 7, 2001)

First be sure you are comfortable with setting it all back up, it will not be secure so anyone can access your wireless. As far as resetting it goes, on the back there should be a reset button which is slightly recessed. Belkin may provide you with assistance in setting it back up, maybe. 1 800 2BELKIN x2263 (not sure if this is fee based)


----------



## sueb_51 (May 13, 2004)

Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\futureshop>config /all
'config' is not recognized as an internal or external command,
operable program or batch file.

C:\Users\futureshop>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Jims
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : no-domain-set.bellcanada

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : no-domain-set.bellcanada
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ether
net Controller
Physical Address. . . . . . . . . : 00-19-21-54-9C-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::59d6:4e61:bbd8:ced0%7(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 16, 2007 6:03:59 PM
Lease Expires . . . . . . . . . . : Thursday, July 19, 2007 6:03:59 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 184555809
DNS Servers . . . . . . . . . . . : 192.168.2.1
192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection*:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4136:e37a:ee:2ab:3f57:fdf5(Preferr
ed)
Link-local IPv6 Address . . . . . : fe80::ee:2ab:3f57:fdf5%9(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 2:

Connection-specific DNS Suffix . : no-domain-set.bellcanada
Description . . . . . . . . . . . : isatap.no-domain-set.bellcanada
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.10%10(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.2.1
192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Users\futureshop>
ok i managed to get this far lol now what


----------



## sueb_51 (May 13, 2004)

whooops sorry i forgot i disconnected the router lol. i'm gonna give it another shot in a bit and i will get back to u


----------



## MN_N8VTech (Jun 7, 2001)

I apologize for not asking this sooner but, when you said this router was connected before, was that at the location youre at now or at a different location? Once you plug in your router try putting in the IP address again of 192.168.2.1 in the address bar. and tell me if you get a username/password box.


----------



## sueb_51 (May 13, 2004)

funny i was just telling my daughter that u might have got confused lol. actually it was connected to another computer. i'll do that shortly and get back to u


----------



## MN_N8VTech (Jun 7, 2001)

I understood another computer but were you using this router in another location, such as; have you moved since it was last hooked up?


----------



## sueb_51 (May 13, 2004)

oh sorry, yes we have moved to another location about an hour away


----------



## MN_N8VTech (Jun 7, 2001)

Ok,thats what I was wondering. So you have internet service through a different company now?


----------



## sueb_51 (May 13, 2004)

no same internet provider just different area code and phone number


----------



## MN_N8VTech (Jun 7, 2001)

Ok, when you use that IP address in the address bar do you still get sympatico? Or Belkin login?


----------



## sueb_51 (May 13, 2004)

the last time i tried it with the router connected i get sympatico, but i'm gonna try it again


----------



## sueb_51 (May 13, 2004)

yes i still get the sympatico screen:
Modem Status 


Connection 
ADSL connection: UP (Fast-G.DMT) 
Internet connection: UP 



Connection Information 
IP Address: 69.158.21.239 
Subnet Mask: 255.255.255.255 
DNS Server Address #1: 207.164.234.193 
DNS Server Address #2: 206.47.244.55 
Modem IP Address: 192.168.2.1 


System Summary 
System Type: SpeedStream 4200-Series 
Config Part #: 003-y093-G05 
Firmware Part #: 004-D240-A3S 
MAC Address: 00:0B:23:E3:C8:A4 



that is what comes up


----------



## MN_N8VTech (Jun 7, 2001)

Ok, youre modem has the same local IP as your router, so you will need to unplug the router from the modem so that you can log into the router and not the modem. Once inside the router interface you will need to change the local IP address of the router to something besides 192.168.2.1, maybe 192.168.0.1


----------



## MN_N8VTech (Jun 7, 2001)

Have you asked your internet provider if they will assist you in setting up the router via telephone? Some will, some wont


----------



## sueb_51 (May 13, 2004)

ok now how do i log into the router, sorry i'm clueless here


----------



## MN_N8VTech (Jun 7, 2001)

Once you unplug the cable between the modem and the router then refresh internet explorer with that IP address and you should get a belkin login which may just be a box with "username" "password". Once youve logged into the router you will need to look for the local IP addres and change it.


----------



## sueb_51 (May 13, 2004)

ok i'll give it a shot and get back to u, thanx for being so patient.


----------



## sueb_51 (May 13, 2004)

ok i did that and put the other ip addy in there and it just keeps saying page cannont be displayed, so i guess i'm doing something wrong here. should i just have the cable from the computer going into the router but not the modem


----------



## MN_N8VTech (Jun 7, 2001)

Correct, to get into the router you should only have a cable from the router to the computer, no modem until you get the local IP changed inside the router.


----------



## sueb_51 (May 13, 2004)

then type 192.168.0.1 ?? just to make sure


----------



## MN_N8VTech (Jun 7, 2001)

let me clarify 1 thing first, did you have the modem connected to the router before and then the computer plugged into the router? And it worked like that, at this location? Or it hasnt worked when using the router? Only the modem.


----------



## MN_N8VTech (Jun 7, 2001)

No, once you have the computer only plugged into the router and the modem removed, then 192.168.2.1 should get you into the router, once in that interface you need to change the local IP address so it is anything different than 192.168.2.1 (make sure you write down what you change it to) something like 192.168.0.1 or 192.168.1.1, do you understand?


----------



## sueb_51 (May 13, 2004)

yes i did. lol i was getting a great signal and connection from the router on the other computer but not internet


----------



## MN_N8VTech (Jun 7, 2001)

Ok, that makes sense, you would get a signal but no internet, proceed with the other steps


----------



## sueb_51 (May 13, 2004)

ok i gotcha i think lol


----------



## sueb_51 (May 13, 2004)

ok i did that and it still says webpage cannot be displayed


----------



## MN_N8VTech (Jun 7, 2001)

What did you change the local IP address of the router to?
Were you on a screen that said Belkin?


----------



## sueb_51 (May 13, 2004)

ummmm no. i unplugged the modem and typed in 192.168.2.1 and it kept saying webpage cannot be displayed


----------



## MN_N8VTech (Jun 7, 2001)

Ok, after you unplug the modem and you only have the computer plugged into the router go to ipconfig /all again like you did before, it will show you an IP address and default gateway, the default gateway is the IP youll use to get to the router, but with all the given info up to now it should be 192.168.2.1, but it may not. If not Im confused why it wont work.


----------



## sueb_51 (May 13, 2004)

ok thanx


----------



## MN_N8VTech (Jun 7, 2001)

You are PLUGGING into the router as your trying the steps correct? not trying to connect with the wireless? You need to be plugged in to get it all configured.


----------



## sueb_51 (May 13, 2004)

lol ya i am. daughter needed the puter for a sec, gonna try it now.


----------



## sueb_51 (May 13, 2004)

i did what u said over and over again, and it keeps saying webpage cannont be displayed


----------



## MN_N8VTech (Jun 7, 2001)

what did you get for the gateway when you did ipconfig /all? After you plugged into the router


----------



## sueb_51 (May 13, 2004)

192.168.2.1


----------



## MN_N8VTech (Jun 7, 2001)

do you know if you have internet explorer 6 or 7?


----------



## sueb_51 (May 13, 2004)

explorer 7


----------



## MN_N8VTech (Jun 7, 2001)

okkk, you probably wont be able to access the IP address with IE 7


----------



## MN_N8VTech (Jun 7, 2001)

Do you use firefox? That would be easiest but you can change a setting in IE7 to allow it.


----------



## sueb_51 (May 13, 2004)

i don't think so


----------



## JohnWill (Oct 19, 2002)

Start, Run, CMD

IPCONFIG

Take the address of the Default Gateway and put it in the address bar of IE. IE7 is fine for this, I have no problem accessing a variety of router brands in the lab here with IE7.


----------



## sueb_51 (May 13, 2004)

Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\futureshop>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : no-domain-set.bellcanada
Link-local IPv6 Address . . . . . : fe80::59d6:4e61:bbd8:ced0%7
IPv4 Address. . . . . . . . . . . : 192.168.2.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1

Tunnel adapter Local Area Connection*:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:4136:e38c:24a5:3c3:3f57:fdf5
Link-local IPv6 Address . . . . . : fe80::24a5:3c3:3f57:fdf5%9
Default Gateway . . . . . . . . . : ::

Tunnel adapter Local Area Connection* 2:

Connection-specific DNS Suffix . : no-domain-set.bellcanada
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.10%10
Default Gateway . . . . . . . . . :

C:\Users\futureshop>
this is what comes up and the 192.168.2.1 is what i have been putting in


----------



## sueb_51 (May 13, 2004)

ok this still is working for me


----------



## JohnWill (Oct 19, 2002)

*Is* working, or *isn't* working?


----------



## sueb_51 (May 13, 2004)

ooops sorry not working. I just tried it again and i can go online here which i couldn't before if the router was connected. when i go into connections there is a pic of a router there, but i don't know if it is working or not.lol


----------



## JohnWill (Oct 19, 2002)

If you can go on-line, what is not working?


----------



## sueb_51 (May 13, 2004)

right now the router is connected, but i still can't connect to the internet on the other computer. has excellent strength and status is goood and says connected but no internet cause i need that wep key that i had to begin with, hope this makes scense. i don't have the cd that came with the router


----------



## sueb_51 (May 13, 2004)

sorry i should have clarified that it is the computer connected to the router that i am able to go online


----------



## sueb_51 (May 13, 2004)

i have been searching the Belkin website and others but i still can't figure this out


----------



## sueb_51 (May 13, 2004)

can somebody help me here please


----------



## JohnWill (Oct 19, 2002)

Try disabling encryption on the router to see if you can get it working that way, then enable encryption as a separate step.


----------



## sueb_51 (May 13, 2004)

i'm sorry i have noooooo clue how to do that


----------



## JohnWill (Oct 19, 2002)

Since you never actually told us the exact model of Belkin you have, it's hard to say.


----------



## sueb_51 (May 13, 2004)

sorry its a F5D7230-4 wireless G router Belkin


----------



## JohnWill (Oct 19, 2002)

Access the Belkin web based setup by typing 192.168.0.1 in the address bar of IE. When you access the wireless configuration page, it should look a lot like this, you want to pick the "Disabled" option and save the settings.


----------



## sueb_51 (May 13, 2004)

ok when i type that in there i get mywebsearch page not the belkin setup


----------



## JohnWill (Oct 19, 2002)

I checked your IPCONFIG, try 192.168.2.1


----------



## sueb_51 (May 13, 2004)

ok am i just to have the router plugged in and not the modem here


----------



## sueb_51 (May 13, 2004)

i just keep getting webpage cannot be displayed. be alot easier here if i was familar with vista


----------



## JohnWill (Oct 19, 2002)

You need the router connected directly to the computer you're trying to access it with.


----------



## sueb_51 (May 13, 2004)

that is what i have been doing over and over again allllll day


----------



## JohnWill (Oct 19, 2002)

Start, Run, CMD to open a command prompt:

Type the following command:

*IPCONFIG /ALL*

Right click in the command window and choose *Select All*, then hit *Enter*.
Paste the results in a message here.

If you are on a machine with no network connection, use a floppy, USB disk, or a CD-RW disk to transfer a text file with the information to allow pasting it here.


----------



## sueb_51 (May 13, 2004)

Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\futureshop>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Link-local IPv6 Address . . . . . : fe80::59d6:4e61:bbd8:ced0%7
IPv4 Address. . . . . . . . . . . : 192.168.2.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1

Tunnel adapter Local Area Connection*:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Tunnel adapter Local Area Connection* 2:

Connection-specific DNS Suffix . : Belkin
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.2%10
Default Gateway . . . . . . . . . :

C:\Users\futureshop>
this is what came up when it said the router was connected.


----------



## JohnWill (Oct 19, 2002)

IPCONFIG /ALL, you missed the /ALL


----------



## sueb_51 (May 13, 2004)

Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\futureshop>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Jims
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ether
net Controller
Physical Address. . . . . . . . . : 00-19-21-54-9C-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::59d6:4e61:bbd8:ced0%7(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, July 20, 2007 9:08:32 AM
Lease Expires . . . . . . . . . . : Monday, August 26, 2143 3:37:43 PM
Default Gateway . . . . . . . . . : 192.168.2.1
 DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 184555809
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection*:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 2:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.3%10(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Users\futureshop>
sorry about that


----------



## sueb_51 (May 13, 2004)

hey john did u desert me lol.


----------



## sueb_51 (May 13, 2004)

i was talking to a few people and they told me i didn't quite word my problem correctly to u. so i will try again. it seems like a really simple thing to do turned into a disater for me lol. first of all i am new to vista which i hate already which doesn't help. ok here is the problem. The computer that i want to connect the router to is running Vista via ethernet. I have another computer with a wireless card running win xp. I some how managed to get online with the xp computer yesterday but this one ( vista was not online). i am really unsure of all this isp stuff so if maybe u could give me step by step instructions i might be able to figure this all out. i did manage to get into the Belkin web page, but i had nooooo clue what to do when i got there, so i would like to start fresh. thanx


----------



## JohnWill (Oct 19, 2002)

Try these simple tests.

Start, Run, CMD to open a command prompt:

PING 216.109.112.135

Tell us the results.

PING yahoo.com

Tell us the results.


----------



## sueb_51 (May 13, 2004)

it says not regognized as an internal or external command for both


----------



## sueb_51 (May 13, 2004)

i'm still here lol


----------



## JohnWill (Oct 19, 2002)

Well, you have bigger issues if they're not recognized. Are you SURE you typed it correctly?


----------



## sueb_51 (May 13, 2004)

ok we are talking when i don't have the router plugged in here right?? just to be sure????


----------



## sueb_51 (May 13, 2004)

ok i just found something out here. somebody downloaded network magic on here and it says connected away from home network!!!! I don't know how to delete it. when i try it says i need to be an administrator which i am on this computer, but it don't work. could that be the problem??


----------



## sueb_51 (May 13, 2004)

keep in mind its win vista


----------



## sueb_51 (May 13, 2004)

ok here is what comes up when i type 192.168.2.1 in the browser on the vista machine to which i am running the modem. then we can start from there k 
Modem Status 


Connection 
ADSL connection: UP (Fast-G.DMT) 
Internet connection: UP 



Connection Information 
IP Address: 69.158.26.71 
Subnet Mask: 255.255.255.255 
DNS Server Address #1: 207.164.234.193 
DNS Server Address #2: 206.47.244.55 
Modem IP Address: 192.168.2.1 


System Summary 
System Type: SpeedStream 4200-Series 
Config Part #: 003-y093-G05 
Firmware Part #: 004-D240-A3S 
MAC Address: 00:0B:23:E3:C8:A4


----------



## sueb_51 (May 13, 2004)

yes i did


----------



## sueb_51 (May 13, 2004)

ive searched the belkin website over and over again, but all the support seems to be or the other os, not vista. i reset the modem and would like to start from scratch here. I can get into the setup page for Belkin now, but have no clue what to do


----------



## sueb_51 (May 13, 2004)

can somebody help me here??? i can get into the belkin setup page and need to know what to do.


----------



## katt2 (Jul 25, 2007)

On your Router box did it come with with a customer service number. I use a d link with network magic and have no problems but i can go into my d link router and change the settings and in my network magic it gives me the ip for mine and i go in an change my password and such.


----------



## sueb_51 (May 13, 2004)

thats the problem i don't have the box or the setup cd


----------



## katt2 (Jul 25, 2007)

Okay well try this then
dont no if it will work tho but i would think most routers work the same way
you say that network magic is on there now right
fire up network magic
Go to network map
in the front page you will see your router listed there
mine says wireless router dlink click on your router name
and it opens another window
on your wireless router it will say
tasks details and allerts
go to details and scroll down
find were it says ip address 
right under internet ip address

on that ip address click on it and it should take you to your router setup or page and then you can log into your settings. most use Admin and keep password blank if you havent already secured it. hope that this helps. if at least you get into there maybe you can find a phone number if that doesnt work .

found this page with phone numbers for Belkin
http://www.belkin.com/support/phonenumbers.asp?pge=coni
maybe this will help aswell


----------



## sueb_51 (May 13, 2004)

thanx for your help, but the problem i am having is i don't know where to put the ip addy. sorry i have no clue. I can get into the belkin setup page every time now, but i have no idea what to click on once i get in there, or where to put any info.


----------



## katt2 (Jul 25, 2007)

did you see in my above post there was a link for some phone numbers right at the bottom maybe try that and see if they can guide you along from there. kat2


----------



## sueb_51 (May 13, 2004)

yes i did and i got put on hold for over an hour, so i'm gonna give it another shot. anybody else here have the same router maybe??


----------



## sueb_51 (May 13, 2004)

acaCandy where r u lol i need your help here


----------



## ~Candy~ (Jan 27, 2001)

Hi Sue, just found your email in the junk folder, you sent it to the wrong address 

Can you give me a brief over view of the thread so I don't have to start with page 1


----------



## sueb_51 (May 13, 2004)

Hi Candy welcome back!! ok here goes lol. I have a belkin F5D7230-4 wireless G router. I'm trying to connect it to the hubbys computer which is running Vista. I have no clue in anything with vista lol. I lost the original cd that came with the router. This is a different computer that i want to connect it tooo. By the sounds of the help here my problem seems to be with the ip addy. I can get into the Belkin setup page, but from there i have no clue what to do. I don't know anything about ip addy's. would sure appreciate your help. I think JohnWills patience ran out with me lol. sorry bout that John. I just need plain english instructions lol.


----------



## ~Candy~ (Jan 27, 2001)

I think you need to start over from square 1.

How do you connect to the internet? Cable? DSL? Can you connect just one computer that way, without the router?


----------



## sueb_51 (May 13, 2004)

I connect through DSL on the Vista computer without the router.


----------



## ~Candy~ (Jan 27, 2001)

Great.

Ok, so let's do this.

The cable that comes out of the back of the Vista computer (probably blue or yellow) --- plug that into a port on the router, NOT THE WAN PORT, one of the others.

Then, you'll need additional cables. A short one from the DSL modem to the router WAN PORT is best.

So, it will look like this:

Cable from DSL MODEM to WAN PORT on router.......cable from VISTA COMPUTER to another input on router.

Turn off the DSL MODEM AND THE ROUTER.....leave them off for 5 minutes.

Turn them back on, and see if you can still connect with the VISTA computer.


----------



## ~Candy~ (Jan 27, 2001)

I skimmed through a bit of the thread, and saw something that seemed to indicate that the modem and the router were the same IP address? 

If that is the case, we may need to change the IP address of the modem, as that would be the easiest at this point, since you can connect.


----------



## sueb_51 (May 13, 2004)

ya thats what johnwill said to, but i didn't know what to do lol


----------



## ~Candy~ (Jan 27, 2001)

You can access the modem setup page, right? By typing the IP address into a web browser window? Just look around in it for options to change the IP address.

Go back to his post and see if you can get that done.


----------



## sueb_51 (May 13, 2004)

ok i'll give it a shot


----------



## ~Candy~ (Jan 27, 2001)

If you see an option there for remote access, you might want to enable that......as admin (or a moderator here) we can see your IP address, and we've been working together long enough that I know you trust me  so, I might be able to log into it and change things


----------



## sueb_51 (May 13, 2004)

that would be great Candy, and yes i trust u lol. i'm just gonna hook the router up now and c what happens.


----------



## JohnWill (Oct 19, 2002)

Maybe I'll log in too.


----------



## ~Candy~ (Jan 27, 2001)

Well, there you have it, I trust JohnWill too


----------



## sueb_51 (May 13, 2004)

well i went into the modem setup up and there is no place to change the ip addy, so i guess we gotta go with the remote access if i can figure out how to do that on vista lol. why do they have to make everything so difficult here. i'll be back later to see if u are here, and sure John u can join in the more the merrier


----------



## sueb_51 (May 13, 2004)

I was just doing some looking around in device mgr and I noticed that there is a yellow mark through a 6T04 network adapter, what is this??


----------



## JohnWill (Oct 19, 2002)

You can ignore that. You might want to simply disable the 6TO4 adapter in Device Manager. This is a known Vista bug and happens on many configurations for reasons apparently Microsoft hasn't figured out yet.


----------



## JohnWill (Oct 19, 2002)

BTW, be sure you have changed the user name and password for the router before enabling remote administration. Then when you send Candy the go to see if she can configure it, you'll need to include those. You don't want random hackers logging in with the router defaults and changing your configuration! 

I'll be gone on vacation until the 14th, so I won't be around for this party.


----------



## sueb_51 (May 13, 2004)

ok i disabled . is it the modem or router ip addy i need to change?? seems like this should be such a easy thing to do, tooo bad i don't know how to do either lol


----------



## sueb_51 (May 13, 2004)

tooo bad john it mght be a goood pary lol


----------



## sueb_51 (May 13, 2004)

but thanx soooo much for being so patient, i'm sure i'll talk to u soooon


----------



## ~Candy~ (Jan 27, 2001)

Also, under remote management, I'll need to know what port number shows there. It should be something like 80 or 88.


----------



## ~Candy~ (Jan 27, 2001)

Ok, I just went back and read the entire thread and am still a bit confused.

You have one computer that is working and is able to connect to the internet using the same modem? Correct?

And you can connect this same working computer to the router, router connected to modem, and you can still connect to the internet? Correct?


----------



## sueb_51 (May 13, 2004)

ummmm no lol. as soon as I connect to the router i can't go online, as soon as i disconnect the router i can get back online again, thats why i'm so confused


----------



## ~Candy~ (Jan 27, 2001)

Ok, so BOTH COMPUTERS can connect to the internet without the router in the equation.


----------



## sueb_51 (May 13, 2004)

yes they both can connect to the internet without the router. I know i can figure out the xp one if I can get the vista up and running with the router.


----------



## sueb_51 (May 13, 2004)

i figured I better work on the vista first seeing how it is the one connected to the router


----------



## ~Candy~ (Jan 27, 2001)

Ok, you said you could get to the router page now, correct? With the modem disconnected probably.


----------



## ~Candy~ (Jan 27, 2001)

http://www.belkin.com/support/dl/P74559-B_F5D7230-4v7_man.pdf

Go to LAN SETTINGS and there you should be able to change the IP address of the router.


----------



## sueb_51 (May 13, 2004)

yes with the modem disconnected i can access the belkin setup. ok what do i change the ip address to???. i think i tried doing that before but i don't remember what it said.


----------



## ~Candy~ (Jan 27, 2001)

It says 192.168.2.1 right now....we have to change it to something else.

Try 192.168.0.1

Be sure to APPLY changes.


----------



## ~Candy~ (Jan 27, 2001)

Also, what modem do you have? Sorry if you said that already....but, I think if it's acting like a router and has a setting for DHCP, we need to disable that in one place or the other.....where did JOHNWILL GO?  He's probably packing


----------



## sueb_51 (May 13, 2004)

the modem is Speedstream 4200 and i'm sure JOHNWILL hitailed outta here real quick before the party lol and I tried changing the ip address in the lan settings and clicked on changes but nothing happened


----------



## ~Candy~ (Jan 27, 2001)

When you say nothing happened, did you log out?


----------



## sueb_51 (May 13, 2004)

Ok i take that back. i'm online now with the router on the vista


----------



## sueb_51 (May 13, 2004)

your soooooo smart candy, now what do i do for the xp machine?? first i have to reinstall the wireless card i guess eh


----------



## ~Candy~ (Jan 27, 2001)

JohnWill will be sooooo proud of me 

Just plug the XP computer into the router and you might restart it for good measure.

EDIT: I see you said wireless card....you should just have to plug it in and it should be recognized, then go from there.


----------



## sueb_51 (May 13, 2004)

just for the record here is the ipconfig /all does it look right??
Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\futureshop>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Jims
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ether
net Controller
Physical Address. . . . . . . . . : 00-19-21-54-9C-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::59d6:4e61:bbd8:ced0%7(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, August 04, 2007 3:48:20 PM
Lease Expires . . . . . . . . . . : Tuesday, September 10, 2143 10:22:51 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 184555809
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 2:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.2%10(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Users\futureshop>


----------



## sueb_51 (May 13, 2004)

ummm the xp is wireless lol but it picked up wireless signals left and right before. and JohnWill should be proud of u lol


----------



## sueb_51 (May 13, 2004)

i knew it would take YOU to help me once again thanx a million


----------



## ~Candy~ (Jan 27, 2001)

sueb_51 said:


> ummm the xp is wireless lol but it picked up wireless signals left and right before. and JohnWill should be proud of u lol


What you want to do, is make YOUR router the default signal.

I'm sure you haven't assigned a name to it yet, but you need to do so.

Then on the wireless you'll put that name in as a new wireless connection and select it for default. You'll also want to password protect it. In the router setup, there should be an option to NOT BROADCAST the ID.....once you have things set up and running correctly, you should choose that option.

Also, you mentioned that you had WEP enabled before, I don't do that on mine, but, it's highly recommended by the JOHNWILL'S of the world


----------



## ~Candy~ (Jan 27, 2001)

sueb_51 said:


> i knew it would take YOU to help me once again thanx a million


Well, I can't take all the credit, as what we did was already suggested way earlier in this thread. I just know how to break it down and communicate with YOU


----------



## sueb_51 (May 13, 2004)

ya like in plain english for dumb people like me eh lmao. i'm gonna go try that now, and i'll let u know how i make out k. thanx Candy not marking this solved til i'm online with the other computer k?


----------



## ~Candy~ (Jan 27, 2001)

Wouldn't dream of it  and YOU ARE NOT DUMB --- so stop that!!!!


----------



## sueb_51 (May 13, 2004)

ya ask John's opinion on that one lol


----------



## ~Candy~ (Jan 27, 2001)

He's a man, his opinion doesn't count


----------



## sueb_51 (May 13, 2004)

ok now i'm gonna go onto the xp computer, i thought i already had it but not that easy as usual lol


----------



## sueb_51 (May 13, 2004)

and y0our right his opinion doesn't count lol


----------



## ~Candy~ (Jan 27, 2001)

Where did you go????????? 

Any luck yet?


----------



## sueb_51 (May 13, 2004)

sorry, i got online for like 3 min on the xp, then the vista computer went offline and i had to do a system restore just to get back online. it wasn't recognizing the modem at all!! i gotta make some dinner here, but i'll keep you posted


----------



## ~Candy~ (Jan 27, 2001)

You shouldn't have had to do a system restore.

The XP computer MAY have been trying to use the same IP address as the Vista computer, a reboot on the machines should fix that problem.

You've posted a variety of IP config /all, you can see how the IP address of the local computers change.


----------



## sueb_51 (May 13, 2004)

now when i try to connect the xp computer i'm getting an error msg about a hidden firewall blocking http. how do i fix that.


----------



## ~Candy~ (Jan 27, 2001)

Sorry for the delay in replying, Sunday is my "FLEA MARKET" day  Found a wireless router for $5 :up: 


What is the EXACT message.

What type of firewall program do you have installed on the XP computer?


----------



## sueb_51 (May 13, 2004)

i didn't know there was one besides the windows one


----------



## sueb_51 (May 13, 2004)

i'll try it again to get the exact msg


----------



## ~Candy~ (Jan 27, 2001)

If you have something like ZoneAlarm, or a Norton Internet Security package running, those can interfere.

If you can download HIJACK THIS on the working computer, save it to a floppy or cd, and install it on the non working computer, scan it, and then get us a copy of the scan log, we can see what may be the problem.

Another thing you CAN TRY....start his computer, tap the F8 key, start in safe mode WITH NETWORKING.......see if you can get on the internet that way....I know Norton doesn't load that way, not sure about ZoneAlarm or others.


----------



## sueb_51 (May 13, 2004)

well i'm on the xp machine now, only took a week lol. this computer has major problems going on here. Its my daughters and she sent it into the shop for a video card upgrade. while it was there the guy called her and told her that it crashed on him!! he basically built another computer with crap in it. anyways every time i reboot it. i get a msg, that windows has recovered from a serious error. every time. do u want me to send u a hjt??


----------



## ~Candy~ (Jan 27, 2001)

You're on the XP MACHINE NOW     YEAH   



Go ahead and post a hijack this log, although it sounds more like a hardware issue to me.



Please remember to post the exact error messages, as that sometimes can narrow down the problem.


----------



## sueb_51 (May 13, 2004)

Logfile of HijackThis v1.99.1
Scan saved at 10:05:52 PM, on 8/5/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\Windows12.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MSI\Common\RaUI.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jemi\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.techguy.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SYSTEM] winmgrd.exe
O4 - HKLM\..\Run: [Windows modez Verifier] Windows12.exe
O4 - HKLM\..\RunServices: [SYSTEM] winmgrd.exe
O4 - HKLM\..\RunServices: [Windows modez Verifier] Windows12.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SYSTEM] winmgrd.exe
O4 - HKCU\..\RunServices: [SYSTEM] winmgrd.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1185079246593
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

I just now got back here, i keep having to click on refresh and wait awhile. here's what the msg said:

C:\Windows\minidump\min.080507.dmp
C:\Docume 1\Jemi\Locals 1\temp\Wer1.tmp.dir00\sysdata.xml
I don't even have a virus scanner on here yet


----------



## ~Candy~ (Jan 27, 2001)

Why does that computer not have any service packs installed?


----------



## ~Candy~ (Jan 27, 2001)

And no virus program that I can see offhand


----------



## ~Candy~ (Jan 27, 2001)

I don't read the logs very well, but a quick google search found this info on one entry in the 04 startup items 

http://www.bleepingcomputer.com/startups/Windows12.exe-19028.html


----------



## ~Candy~ (Jan 27, 2001)

Sue, I don't see ANY log readers on line right now, so, I may not be able to get anyone until morning. I'll report the post.....maybe one of the UK guys will see it before the U.S. people log back in.......


----------



## sueb_51 (May 13, 2004)

haven't been online long enough to put anything on it. my daughter was just playing games and hadn't gone online.


----------



## sueb_51 (May 13, 2004)

alright thanx alot Candy. i'm gonna hit the hay i think. had enough for today lol. thanx again


----------



## ~Candy~ (Jan 27, 2001)

Well, I would try to get at least SP1 installed and then post another log for the log people. DO NOT install service pack 2 yet, as you do have baddies that need to be addressed first.


----------



## sueb_51 (May 13, 2004)

when she first took the computer in to that idiot, it had xp service pk 2 on it. and alot of other goood programs.


----------



## cybertech (Apr 16, 2002)

I don't see any anti-virus software running. 
Load AVG http://free.grisoft.com/freeweb.php/doc/2/ it's free.

You need to go *here* and install "Service Pack 1" This will patch numerous security holes in IE and Windows. As your machine stands now it is wide open to attack from all sorts of nasties. You need to get these updates before we proceed or we will be wasting our time.

*DO NOT* install Service pack 2 yet. If you install SP 2 on an infected machine it will cause serious problems. Just get Service Pack 1 installed. After you get SP1 installed, restart your computer. Come back here and post the new Hijack This log.


----------



## sueb_51 (May 13, 2004)

ok thanx. but i know it will take me a long time


----------



## cybertech (Apr 16, 2002)

That's ok!


----------



## ~Candy~ (Jan 27, 2001)

Thanks Debi :up:


----------



## ~Candy~ (Jan 27, 2001)

sueb_51 said:


> when she first took the computer in to that idiot, it had xp service pk 2 on it. and alot of other goood programs.


I hope she didn't pay him too much  I also hope that he used HER INSTALL cd and didn't put a pirated version of Windows on the machine.


----------



## sueb_51 (May 13, 2004)

He didn't have her cd so that is probably what he did. We have the oringinal one here. anyways i managed to install avast and service pack 1. here's the log
Logfile of HijackThis v1.99.1
Scan saved at 1:08:47 PM, on 8/6/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MSI\Common\RaUI.exe
C:\Documents and Settings\Jemi\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.techguy.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SYSTEM] winmgrd.exe
O4 - HKLM\..\Run: [Windows modez Verifier] Windows12.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [SYSTEM] winmgrd.exe
O4 - HKLM\..\RunServices: [Windows modez Verifier] Windows12.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SYSTEM] winmgrd.exe
O4 - HKCU\..\RunServices: [SYSTEM] winmgrd.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1185079246593
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe


----------



## cybertech (Apr 16, 2002)

Download *SDFix* and save it to your Desktop.

Double click *SDFix.exe* and it will extract the files to %systemdrive% 
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in *Safe Mode* by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press *Enter*.
Choose your usual account.

 Open the extracted SDFix folder and double click *RunThis.bat* to start the script. 
 Type *Y* to begin the cleanup process.
 It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. 
 Press any Key and it will restart the PC. 
 When the PC restarts the Fixtool will run again and complete the removal process then display *Finished*, press any key to end the script and load your desktop icons.
 Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as *Report.txt* 
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
 Finally paste the contents of the Report.txt back on the forum with a new HijackThis log


----------



## sueb_51 (May 13, 2004)

sorry for taking so long, having a hard time here


----------



## sueb_51 (May 13, 2004)

SDFix: Version 1.96

Run by Jemi on Mon 08/06/2007 at 04:50 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\MAS9.EXE - Deleted
C:\WINDOWS\SYSTEM32\WMUPD3~1.EXE - Deleted
C:\WINDOWS\system32\i - Deleted
C:\WINDOWS\system32\TFTP180 - Deleted
C:\WINDOWS\system32\TFTP1916 - Deleted
C:\WINDOWS\system32\TFTP2092 - Deleted
C:\WINDOWS\system32\TFTP2244 - Deleted
C:\WINDOWS\system32\TFTP2720 - Deleted
C:\WINDOWS\system32\TFTP2860 - Deleted
C:\WINDOWS\system32\TFTP3532 - Deleted
C:\WINDOWS\system32\TFTP3600 - Deleted
C:\WINDOWS\system32\TFTP3764 - Deleted
C:\WINDOWS\system32\TFTP4048 - Deleted
C:\WINDOWS\system32\TFTP800 - Deleted
C:\WINDOWS\system32\TFTP940 - Deleted
C:\WINDOWS\system32\Windows12.exe - Deleted

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

C:\WINDOWS\wuauapl.exe
C:\WINDOWS\system32\winmgrd.exe
C:\jemies fi;es\Jamie\Local Settings\Temp\BIT66.tmp

Finished 
Logfile of HijackThis v1.99.1
Scan saved at 4:59:09 PM, on 8/6/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MSI\Common\RaUI.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Jemi\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.techguy.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1185079246593
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe


----------



## cybertech (Apr 16, 2002)

*Run HJT again and put a check in the following:*

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

*Close all applications and browser windows before you click "fix checked".*

Please *download* the *OTMoveIt by OldTimer*.

 *Save* it to your *desktop*.
 Please double-click *OTMoveIt.exe* to run it.
*Copy the file paths below to the clipboard* by highlighting *ALL* of them and *pressing CTRL + C* (or, after highlighting, right-click and choose copy):

*C:\WINDOWS\wuauapl.exe
C:\WINDOWS\system32\winmgrd.exe
*

 Return to OTMoveIt, right click on the *"Paste List of Files/Folders to be moved"* window and choose *Paste*.
Click the red *Moveit!* button.
Close *OTMoveIt*
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose *Yes.*

Please download *ATF Cleaner* by Atribune. 
*This program is for XP and Windows 2000 only*
 
Double-click *ATF-Cleaner.exe* to run the program. 
Under *Main* choose: *Select All* 
Click the *Empty Selected* button. 

Click *Exit* on the Main menu to close the program.

*Download and scan with* *SUPERAntiSpyware* Free for Home Users
Double-click *SUPERAntiSpyware.exe* and use the default settings for installation. 
An icon will be created on your desktop. Double-click that icon to launch the program. 
If asked to update the program definitions, click "*Yes*". If not, update the definitions before scanning by selecting "*Check for Updates*". (_If you encounter any problems while downloading the updates, manually download and unzip them from here._) 
Under "*Configuration and Preferences*", click the *Preferences* button. 
Click the *Scanning Control* tab. 
Under *Scanner Options* make sure the following are checked _(leave all others unchecked)_:
_Close browsers before scanning._ 
_Scan for tracking cookies._ 
_Terminate memory threats before quarantining._

Click the "*Close*" button to leave the control center screen. 
Back on the main screen, under "*Scan for Harmful Software*" click *Scan your computer*. 
On the left, make sure you check *C:\Fixed Drive*. 
On the right, under "*Complete Scan*", choose *Perform Complete Scan*. 
Click "*Next*" to start the scan. Please be patient while it scans your computer. 
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "*OK*". 
Make sure everything has a checkmark next to it and click "*Next*". 
A notification will appear that "_Quarantine and Removal is Complete_". Click "*OK*" and then click the "*Finish*" button to return to the main menu. 
If asked if you want to reboot, click "*Yes*". 
To retrieve the removal information after reboot, launch SUPERAntispyware again.
_Click *Preferences*, then click the *Statistics/Logs* tab._ 
_Under Scanner Logs, double-click *SUPERAntiSpyware Scan Log*._ 
_If there are several logs, click the current dated log and press *View log*. A text file will open in your default text editor._ 
*Please copy and paste the Scan Log results in your next reply with a new hijackthis log.*

Click *Close* to exit the program.


----------



## sueb_51 (May 13, 2004)

ok i'm working on it


----------



## sueb_51 (May 13, 2004)

toook a long time but here it is:
Logfile of HijackThis v1.99.1
Scan saved at 9:53:20 PM, on 8/6/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MSI\Common\RaUI.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Jemi\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.techguy.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1185079246593
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/06/2007 at 09:44 PM

Application Version : 3.9.1008

Core Rules Database Version : 3259
Trace Rules Database Version: 1270

Scan type : Complete Scan
Total Scan Time : 01:13:18

Memory items scanned : 328
Memory threats detected : 0
Registry items scanned : 3807
Registry threats detected : 0
File items scanned : 38025
File threats detected : 2

Adware.Starware
C:\JEMIES FI;ES\JAMIE\LOCAL SETTINGS\TEMP\TEMPORARY INTERNET FILES\CONTENT.IE5\7HK3QXFB\ENTERTAINMENT[1].EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{6EFA68F4-03F8-4AD9-89FD-18F5A3AB6942}\RP58\A0020476.EXE


----------



## sueb_51 (May 13, 2004)

Also how do i change the settings on the proxy and firewall???? i'm trying to connect to msn mgr?


----------



## ~Candy~ (Jan 27, 2001)

Let's wait on doing that, until we know that your log is clean. It looks pretty good to me, but, again, as I said, that isn't my area of expertise 

You'll also need to get SP2 installed....but, do nothing until you hear from Debi.


----------



## sueb_51 (May 13, 2004)

ok sounds like a plan. I just mentioned about the proxy and firewall settings because i keep getting boooted offline on the xp computer, so it makes it kind of difficult burning all these programs on the vista computer.


----------



## ~Candy~ (Jan 27, 2001)

If you can get online, then it shouldn't be a firewall issue.

With MSN messenger, you do have to have certain ports open on the router. You can do that by going to the setup page and looking around for settings.

The manual for the router, available at the Belkin website should outline setup issues.

Also, I believe you have to tell the Windows firewall to allow it, but, I think it normally prompts you to allow it when you first try to use it.......


----------



## sueb_51 (May 13, 2004)

ok thanx, should i still wait to download the sp2?


----------



## ~Candy~ (Jan 27, 2001)

I don't see cybertech, but, I think it should be ok.


----------



## sueb_51 (May 13, 2004)

ok i got it on here but this is soooooooooooo slow. wanna do a remote


----------



## ~Candy~ (Jan 27, 2001)

How much ram do you have? And better yet, how much do you think it had BEFORE it went in for repair  I had a friend send his into a shop and they decided he really didn't need the second 512 meg ram chip  Couldn't prove that it was in there, but, I had worked on it previously, so I KNEW IT WAS 

And have you rebooted?

Do you have remote desktop enabled?


----------



## sueb_51 (May 13, 2004)

yes i did reboot and the same guy was supposed to have upgraded to 256ram from 128. and how do i turn on remote destop enabled lol


----------



## sueb_51 (May 13, 2004)

i only know how to do that through msn mgr


----------



## ~Candy~ (Jan 27, 2001)

Right click on my computer from the start menu, then go to properties....that will show the ram.....actually 256 ram with xp is still a bit low....things aren't going to run at super speed. You'll want to limit your start up items for sure.

How about posting another log?

As for remote desktop, I don't have time to do that now, but, it's under start, programs, accessories, and you have to allow it through the Windows firewall too, and I think you have to port forward to 3389 in the router settings.


----------



## cybertech (Apr 16, 2002)

Log looks fine. I would suggest to uninstall SUPERAntiSpyware now since you have Ad-Aware 2007.


----------



## ~Candy~ (Jan 27, 2001)

cybertech said:


> Log looks fine.


*whew* I was hoping I wouldn't be in trouble for service pack 2


----------



## cybertech (Apr 16, 2002)

I'm not going there! You indicated you wanted the malware gone and it looks like it is. The problem with the update to SP2 may be the validation! 

Sounds like the key would need to be changed.


----------



## sueb_51 (May 13, 2004)

not going where lol. r u talking about a remote assistance?? if u are i meant for Candy. I appreciate alll your help. I think now the problem is with the router setup. thanx sooooo much for your help and time.


----------



## sueb_51 (May 13, 2004)

should i mark this solved now??


----------



## ~Candy~ (Jan 27, 2001)

I think she already downloaded and installed it. If the cd key needs to be changed, all we need to do is phone either MS, or the computer manufacturer, been there done that on one of my installs.


----------



## ~Candy~ (Jan 27, 2001)

sueb_51 said:


> should i mark this solved now??


You were typing while I was talking, naughty girl......

I'd still like to see a new hijack this log, just in case you have loaded up the startup items, also, did you uninstall the program that Debi mentioned? And did you check on the ram?


----------



## sueb_51 (May 13, 2004)

no i don't need to change the key thank god lol. and this computer is soooooo slow i'm sorry Candy i can't tell if u r typing or not. it took me half hour to get back here. It won't let me uninstall that program either. 
Logfile of HijackThis v1.99.1
Scan saved at 9:47:00 PM, on 8/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MSI\Common\RaUI.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Jemi\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.techguy.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.2:80
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1185079246593
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe


----------



## sueb_51 (May 13, 2004)

how do i check the ram


----------



## ~Candy~ (Jan 27, 2001)

Uninstall the program in safemode, and take this out of startup

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

Use start, run msconfig, startup tab and uncheck it there.

To check ram, as I said above, right click on my computer on the start menu, then go to properties.


----------



## sueb_51 (May 13, 2004)

I managed to uninstall the program last night and did what u said. and it says 1.60 ghz 256 MB of ram


----------



## sueb_51 (May 13, 2004)

the xp computer is like running in sloooooowww motion


----------



## ~Candy~ (Jan 27, 2001)

Does it run any faster if you start it in safemode with networking?

Also, can you check the bios temperatures?


----------



## sueb_51 (May 13, 2004)

ok how do i check the bios temps? and i haven't tried it in safemode, i got the program uninstalled before i got your msg last night


----------



## ~Candy~ (Jan 27, 2001)

When the computer starts up, there is a key to hit for bios, it should normally scroll across the start up screen, it's probably F1 or F2, or maybe DEL


----------



## sueb_51 (May 13, 2004)

sorry took me all that time to do it lol 
CPU TEMP =38/100F
M/B TEMP = 33/91F


----------



## ~Candy~ (Jan 27, 2001)

Well, those are good temps. Can you post another Hijack This log.......

And then be sure to test in safe mode with networking to see if it runs any faster.


----------



## sueb_51 (May 13, 2004)

ok prolly take me a bit lol


----------



## sueb_51 (May 13, 2004)

Logfile of HijackThis v1.99.1
Scan saved at 2:08:33 PM, on 8/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Jemi\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.techguy.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.2:80
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1185079246593
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Oh wow!!!!! this is soooooooo fast in safemode!!!!!


----------



## ~Candy~ (Jan 27, 2001)

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

Uncheck those programs from starting up.....the same way you did the other one.


----------



## sueb_51 (May 13, 2004)

do u need another hjt??


----------



## ~Candy~ (Jan 27, 2001)

I'm afraid to ask 

How is it running?

Still slow?


----------



## sueb_51 (May 13, 2004)

yes very. but very fast in safemode lol


----------



## ~Candy~ (Jan 27, 2001)

Dang it....there isn't anything else we can take out of startup 

But, just for fun, take the remaining (04) items from your hijack this log and disable them for a test.....if it's still slow, put them back and we'll have to punt


----------



## sueb_51 (May 13, 2004)

ok lol


----------



## ~Candy~ (Jan 27, 2001)

Oh, you probably NEED the wireless utility, but, for now, take it out too, if you can't connect to the internet, PUT IT BACK FIRST


----------



## sueb_51 (May 13, 2004)

well it let me connect lol but it is still in slow motion. i'm back in safemode


----------



## ~Candy~ (Jan 27, 2001)

With NOTHING in the (04) startups?


----------



## sueb_51 (May 13, 2004)

just keeps doing the same thing!!


----------



## sueb_51 (May 13, 2004)

why does it work in safemode?? just curious


----------



## sueb_51 (May 13, 2004)

I have to figure out how to put the security for the belkin i just ran adaware and it found lots!! i saved the log if u want to c it


----------



## ~Candy~ (Jan 27, 2001)

Well, I'm thinking now, it's probably a driver issue, as just the BASIC drivers load in safe mode....I think I may need to call in someone else to assist......I normally just do a reformat and new install to fix these issues


----------



## ~Candy~ (Jan 27, 2001)

Adaware is always going to find things, so I don't think I'd be concerned about that.

Put your virus program back to startup though.


----------



## sueb_51 (May 13, 2004)

ok i'm gonna try and figure out the security for the router i guess. gotta make dinner. thanx for spending sooooo much time with me today. do u think it would make any difference with the security on or no??


----------



## ~Candy~ (Jan 27, 2001)

Nope, no difference at all


----------



## sueb_51 (May 13, 2004)

don't know if that makes me feel better or not lol. whats the diff using it in safemode anyways


----------



## sueb_51 (May 13, 2004)

I ran the Kaspersky scanner last night and it found a trojan:

C:\SDFix\backups\backups.zip\backups\Window12.exe Backdoor.Win32.gen
and also another thing showed up

C:\SDFix\backups\backups.zip
how do i remove them??


----------



## sueb_51 (May 13, 2004)

hello anybody there


----------



## ~Candy~ (Jan 27, 2001)

Yes, remove the backups.


----------



## ~Candy~ (Jan 27, 2001)

Can you go into device manager and see if there is any hardware there listed with an exclamation mark?


----------



## sueb_51 (May 13, 2004)

ok i managed to remove the backups. The only thing in device mgr with an exclamation mark is a universal serial bus (usb) controller. and when my daughter got her computer back the guy had a piece of tape over it and said not to use it lol


----------



## sueb_51 (May 13, 2004)

i'm still running in safe mode


----------



## ~Candy~ (Jan 27, 2001)

sueb_51 said:


> ok i managed to remove the backups. The only thing in device mgr with an exclamation mark is a universal serial bus (usb) controller. and when my daughter got her computer back the guy *had a piece of tape over it and said not to use it *lol


Why not? Maybe we need to find this guy and beat the crap out of him 

Can you restart in normal mode and post another hijack this log, then check device manager again to see if we can't get that usb driver updated.


----------



## sueb_51 (May 13, 2004)

Ya he ripped my hubby off enough times before. He was pretty mad when he heard she went back to the guy. I think he just screwed up her computer and threw together another one. and he is famous for stealing gooooood parts outta peoples computers tooo. but anyways i'll try and c if i can get another hjt for u.


----------



## sueb_51 (May 13, 2004)

prolly be awhile lol


----------



## ~Candy~ (Jan 27, 2001)

If she just recently paid him and used a credit card, I'd cancel the payment.

If we can't figure out what is creating this problem, are you up for a clean installation using HER correct install disk?


----------



## sueb_51 (May 13, 2004)

sure am, and just for the record she only paid him 20 bucks lol. he was only supposed to be replacing the video card so she told him that 20 was all he was getting lol
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:31:39 PM, on 8/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSI\Common\RaUI.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.2:80
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1185079246593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1186628289843
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 4548 bytes


----------



## sueb_51 (May 13, 2004)

ok i updated the usb


----------



## ~Candy~ (Jan 27, 2001)

O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

Do you know what that is?

I'd like you to uncheck it for now.....


----------



## ~Candy~ (Jan 27, 2001)

sueb_51 said:


> ok i updated the usb


So, now we have no exclamation marks in device manager?


----------



## sueb_51 (May 13, 2004)

nope lol


----------



## sueb_51 (May 13, 2004)

to both questions and i'm backin safemode


----------



## ~Candy~ (Jan 27, 2001)

Did you uncheck the item, after that, try normal mode.....is normal mode still slow?


----------



## ~Candy~ (Jan 27, 2001)

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

Uncheck that too.

Or disable as stated here:

http://www.castlecops.com/s1033-dumprep_0_kdumprep_0_u.html


----------



## sueb_51 (May 13, 2004)

ok i


----------



## sueb_51 (May 13, 2004)

ok i did that


----------



## ~Candy~ (Jan 27, 2001)

And we're still slow in normal mode?


----------



## sueb_51 (May 13, 2004)

oh yes lol really slow i'm back in safemode


----------



## sueb_51 (May 13, 2004)

I don't understand how fast it is in safemode


----------



## ~Candy~ (Jan 27, 2001)

Well, unless anyone else has any better ideas, I'm out of them.......let me see if Rog is online.


----------



## ~Candy~ (Jan 27, 2001)

I don't see ANY people I consider hardware people  

If you wanna wait, that is fine.....or if you want to format and do a clean install, be sure you have all of the driver disks handy.


----------



## sueb_51 (May 13, 2004)

my daughter wants to keep all the pics and files she has on here. i have no clue how to do that. and i have NOOO disks for any drivers either


----------



## ~Candy~ (Jan 27, 2001)

I thought the guy at the PC store formatted and installed his copy of windows? Am I confused now? There shouldn't be that much on it, but, in any event, she should back up anything important to her on cds, or external media.


----------



## sueb_51 (May 13, 2004)

Acually can't i just burn them all to a cd?? i'm not sure about he drivers what to do though


----------



## sueb_51 (May 13, 2004)

oh sorry. she told him she wanted to keep all her files and info so he said he copied it and then put it back on the computer if that makes scence


----------



## sueb_51 (May 13, 2004)

ok well i'm gonna go burn all the stuff she wants then. will u still be here for a bit????


----------



## ~Candy~ (Jan 27, 2001)

Yeah, I'll be hanging out........I'd be leery if he copied ALL of her files back...since he appears to be incompetent  Hopefully he did...........


----------



## sueb_51 (May 13, 2004)

ya i checked and the ones she wanted were here so i copied them. she would have killed him if she lost all her pics lol. anyways i'm going to try the reinstall today


----------



## ~Candy~ (Jan 27, 2001)

Ok, best of luck, I'll be in and out today.


----------



## sueb_51 (May 13, 2004)

thanx u know i'll need it lol. i'm just reading a site about doing the recovery trip from the cd, but i will let u know how i make out k? thanx again for everything. should i just mark this solved and post a new thread if i have problems (which i will lol)?


----------



## sueb_51 (May 13, 2004)

Hey Candy!!! Just wanted to let you know that everything turned out ok for a change. I'm on the xp puter now and am just downloading some things for her. The modem connected sooooooo fast. So i guess it was something wrong that that idiot did. thanx soooooo much to u and Debi for helpming me. I know i am a pain. so i'm gonna mark this solved and thanx again. you rule as usual Candy!!!!!


----------



## ~Candy~ (Jan 27, 2001)

You're welcome. Glad the reinstall went smoothe


----------



## sueb_51 (May 13, 2004)

guess i forgot to mark it solved eh lmao dumb Canuck


----------



## ~Candy~ (Jan 27, 2001)

Eh?


----------



## ~Candy~ (Jan 27, 2001)

Also, make sure you get a virus program installed.

AVG is a good one, and it's free.


----------



## ~Candy~ (Jan 27, 2001)

cybertech said:


> I don't see any anti-virus software running.
> Load AVG http://free.grisoft.com/freeweb.php/doc/2/ it's free.
> 
> You need to go *here* and install "Service Pack 1" This will patch numerous security holes in IE and Windows. As your machine stands now it is wide open to attack from all sorts of nasties. You need to get these updates before we proceed or we will be wasting our time.
> ...


Here is the link for it again.


----------



## cybertech (Apr 16, 2002)

:up: 

You're welcome!


----------



## sueb_51 (May 13, 2004)

I put Avast back on it. i hate AVG. but ya eh. thanx again u2. all is still running well and i have most of the programs reinstalled as well as all the updates.


----------



## ~Candy~ (Jan 27, 2001)

:up:


----------



## cybertech (Apr 16, 2002)

Make sure you have a good system restore point!


----------



## ~Candy~ (Jan 27, 2001)

Should be one before SP2, and before the next program you installed


----------

