security leak??

[roeo727]

I have attached a log and would like you to look at it. I can't seem to stay 'clean' and was wondering if I need to check different things in my Internet options Security or Advanced tabs. Last night my son was on the computer and when we ran Ad-Adware SE...149 things came up and the computer wouldn't fix them. It just kind of froze on fixing selection. I'll try it again this afternoon, but in the meantime if you could look at this log and let me know what you think, I would sincerely appreciate it.

Logfile of HijackThis v1.98.2
Scan saved at 7:29:02 AM, on 10/16/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESCOMMON FILESSYMANTEC SHAREDSYMTRAY.EXE
C:WINDOW***PLORER.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESVERIZON ONLINEWINPOETWINPPPOVERETHERNET.EXE
C:WINDOWSSYSTEMUSBMONIT.EXE
C:PROGRAM FILESNORTON SYSTEMWORKSNORTON ANTIVIRUSNAVAPW32.EXE
C:PROGRAM FILESNORTON SYSTEMWORKSNORTON UTILITIESNPROTECT.EXE
C:WINDOWSSYSTEMATIPTAXX.EXE
C:PROGRAM FILESWIN COMMWINCOMM.EXE
C:PROGRAM FILESWEB_REBATESWEBREBATES0.EXE
C:PROGRAM FILESWIN COMMWINLOCK.EXE
C:WINDOWSSYSTEMOAEIXA.EXE
C:PROGRAM FILESNORTON SYSTEMWORKSNORTON CLEANSWEEPCSINSM32.EXE
C:Program FilesNorton SystemWorksNorton CleanSweepMonwow.exe
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESWEB_REBATESWEBREBATES1.EXE
C:MY DOCUMENTSROE'S DOCSHIGHJACK THISHIJACKTHIS.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:WINDOWS2_0_1browserhelper2.dll
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:WINDOWSNEM219.DLL
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:WINDOWSSYSTEMMSBE.DLL
O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWStaskmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [a-winpoet-service] "C:Program FilesVerizon OnlineWinPoETwinpppoverethernet.exe"
O4 - HKLM..Run: [Gene USB Monitor] C:WINDOWSSYSTEMUSBMonit.exe
O4 - HKLM..Run: [NAV Agent] C:PROGRA~1NORTON~2NORTON~1NAVAPW32.EXE
O4 - HKLM..Run: [NPROTECT] C:Program FilesNorton SystemWorksNorton UtilitiesNPROTECT.EXE
O4 - HKLM..Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSSYSTEMQTTASK.EXE" -atboottime
O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMON.EXE
O4 - HKLM..Run: [Win Comm] C:PROGRAM FILESWIN COMMWINCOMM.EXE
O4 - HKLM..Run: [WebRebates0] "C:PROGRAM FILESWEB_REBATESWebRebates0.exe"
O4 - HKLM..Run: [rhfmvbfpbh] C:WINDOWSSYSTEMoaeixa.exe
O4 - HKLM..RunServices: [ScriptBlocking] "C:Program FilesCommon FilesSymantec SharedScript BlockingSBServ.exe" -reg
O4 - HKLM..RunServices: [SymTray - Norton SystemWorks] C:Program FilesCommon FilesSymantec SharedSymTray.exe "Norton SystemWorks"
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:Program FilesNorton SystemWorksNorton CleanSweepcsinsm32.exe
O4 - Global Startup: Verizon Online.lnk = C:Program FilesVerizon OnlineVOLSWVerizon Online.exe
O8 - Extra context menu item: Web Rebates - file://C:PROGRAM FILESWEB_REBATESSy1150Tp1150scri1150a.htm
O9 - Extra button: Control Pad - {28D44DAC-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:PROGRAM FILESVERIZON ONLINECONTROLPADMisca_menu.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:PROGRAM FILESAIM95AIM.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O16 - DPF: Yahoo! Gin - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Canasta - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Dominoes - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Chat - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Freecell Solitaire - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Backgammon by pogo - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Backgammon - [Only Registered and Activated Users Can See Links. Click Here To Register...]

Thank you....
Rosemary

[Don77]

Hi Rosemary.
Try running, Ad-aware in safe mode, Be sure and check it for updates prior to booting to safe mode, After you have run it in safe mode and had it fix everything it finds, Run it again in normal mode,
Run Spybot as well, again check for updates prior to running,

Then post back a fresh HJT log please, There are a few things to fix, But please run Ad-aware and Spybot first

[Mobo]

Good Morning roe & Don.
Roe, I'm certain don will have you all fixed up but just incase you aren't sure on safe mode read here: [Only Registered and Activated Users Can See Links. Click Here To Register...]

Also this will help dramatically [Only Registered and Activated Users Can See Links. Click Here To Register...]

[roeo727]

Ok guys....I ran both Ad-Adware SE in safe and normal modes and removed everything. I ran Spybot in both safe and normal modes and nothing came up in either. Here is a new log. Let me know what you think. Thanks.....
P.S. Mobo...thank you for that link for the security settings, that is my next project.

Logfile of HijackThis v1.98.2
Scan saved at 1:38:16 PM, on 10/16/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:PROGRAM FILESCOMMON FILESSYMANTEC SHAREDSYMTRAY.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOW***PLORER.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESVERIZON ONLINEWINPOETWINPPPOVERETHERNET.EXE
C:WINDOWSSYSTEMUSBMONIT.EXE
C:PROGRAM FILESNORTON SYSTEMWORKSNORTON ANTIVIRUSNAVAPW32.EXE
C:PROGRAM FILESNORTON SYSTEMWORKSNORTON UTILITIESNPROTECT.EXE
C:WINDOWSSYSTEMATIPTAXX.EXE
C:PROGRAM FILESWIN COMMWINCOMM.EXE
C:PROGRAM FILESWIN COMMWINLOCK.EXE
C:PROGRAM FILESNORTON SYSTEMWORKSNORTON CLEANSWEEPCSINSM32.EXE
C:Program FilesNorton SystemWorksNorton CleanSweepMonwow.exe
C:WINDOWSSYSTEMWMIEXE.EXE
C:MY DOCUMENTSROE'S DOCSHIGHJACK THISHIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWStaskmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [a-winpoet-service] "C:Program FilesVerizon OnlineWinPoETwinpppoverethernet.exe"
O4 - HKLM..Run: [Gene USB Monitor] C:WINDOWSSYSTEMUSBMonit.exe
O4 - HKLM..Run: [NAV Agent] C:PROGRA~1NORTON~2NORTON~1NAVAPW32.EXE
O4 - HKLM..Run: [NPROTECT] C:Program FilesNorton SystemWorksNorton UtilitiesNPROTECT.EXE
O4 - HKLM..Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSSYSTEMQTTASK.EXE" -atboottime
O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMON.EXE
O4 - HKLM..Run: [Win Comm] C:PROGRAM FILESWIN COMMWINCOMM.EXE
O4 - HKLM..RunServices: [ScriptBlocking] "C:Program FilesCommon FilesSymantec SharedScript BlockingSBServ.exe" -reg
O4 - HKLM..RunServices: [SymTray - Norton SystemWorks] C:Program FilesCommon FilesSymantec SharedSymTray.exe "Norton SystemWorks"
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:Program FilesNorton SystemWorksNorton CleanSweepcsinsm32.exe
O4 - Global Startup: Verizon Online.lnk = C:Program FilesVerizon OnlineVOLSWVerizon Online.exe
O9 - Extra button: Control Pad - {28D44DAC-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:PROGRAM FILESVERIZON ONLINECONTROLPADMisca_menu.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:PROGRAM FILESAIM95AIM.EXE
O16 - DPF: Yahoo! Gin - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Canasta - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Dominoes - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Chat - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Freecell Solitaire - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Backgammon by pogo - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Backgammon - [Only Registered and Activated Users Can See Links. Click Here To Register...]

[Mobo]

Rescan again and insert a check next to each of the following then close all browser windows and click "fix checked"


R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)

O4 - HKLM..Run: [Win Comm] C:PROGRAM FILESWIN COMMWINCOMM.EXE


Now reboot into safe mode, open windows explorer, find then delete:
C:PROGRAM FILESWIN COMM


Reboot normally then update Norton and run a full system scan..

[roeo727]

Ok...I did what you said. Norton came up clean. I did notice that there was a wincomm.lgc file in C:WindowsApplog. Should I delete this file also???? Here's another log:

((((Another question on the security pages that I was reading it says to set the first 2 options in ActiveX section (Download signed and unsigned ActiveX controls) to prompt.....mine is set at aenable for signed and disable for unsigned.....should I definitley change them???))))

Logfile of HijackThis v1.98.2
Scan saved at 3:11:34 PM, on 10/16/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:PROGRAM FILESCOMMON FILESSYMANTEC SHAREDSYMTRAY.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOW***PLORER.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESVERIZON ONLINEWINPOETWINPPPOVERETHERNET.EXE
C:WINDOWSSYSTEMUSBMONIT.EXE
C:PROGRAM FILESNORTON SYSTEMWORKSNORTON ANTIVIRUSNAVAPW32.EXE
C:PROGRAM FILESNORTON SYSTEMWORKSNORTON UTILITIESNPROTECT.EXE
C:WINDOWSSYSTEMATIPTAXX.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESNORTON SYSTEMWORKSNORTON CLEANSWEEPCSINSM32.EXE
C:PROGRAM FILESSPYWAREBLASTERSPYWAREGUARDSGMAIN.EXE
C:Program FilesNorton SystemWorksNorton CleanSweepMonwow.exe
C:PROGRAM FILESSPYWAREBLASTERSPYWAREGUARDSGBHP.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:MY DOCUMENTSROE'S DOCSHIGHJACK THISHIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = [Only Registered and Activated Users Can See Links. Click Here To Register...]
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:PROGRAM FILESSPYWAREBLASTERSPYWAREGUARDDLPROTECT.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWStaskmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [a-winpoet-service] "C:Program FilesVerizon OnlineWinPoETwinpppoverethernet.exe"
O4 - HKLM..Run: [Gene USB Monitor] C:WINDOWSSYSTEMUSBMonit.exe
O4 - HKLM..Run: [NAV Agent] C:PROGRA~1NORTON~2NORTON~1NAVAPW32.EXE
O4 - HKLM..Run: [NPROTECT] C:Program FilesNorton SystemWorksNorton UtilitiesNPROTECT.EXE
O4 - HKLM..Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSSYSTEMQTTASK.EXE" -atboottime
O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMON.EXE
O4 - HKLM..RunServices: [ScriptBlocking] "C:Program FilesCommon FilesSymantec SharedScript BlockingSBServ.exe" -reg
O4 - HKLM..RunServices: [SymTray - Norton SystemWorks] C:Program FilesCommon FilesSymantec SharedSymTray.exe "Norton SystemWorks"
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:Program FilesNorton SystemWorksNorton CleanSweepcsinsm32.exe
O4 - Startup: SpywareGuard.lnk = C:Program FilesSpywareBlasterSpywareGuardsgmain.exe
O4 - Global Startup: Verizon Online.lnk = C:Program FilesVerizon OnlineVOLSWVerizon Online.exe
O9 - Extra button: Control Pad - {28D44DAC-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:PROGRAM FILESVERIZON ONLINECONTROLPADMisca_menu.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:PROGRAM FILESAIM95AIM.EXE
O16 - DPF: Yahoo! Gin - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Canasta - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Dominoes - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Chat - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Freecell Solitaire - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Backgammon by pogo - [Only Registered and Activated Users Can See Links. Click Here To Register...]
O16 - DPF: Yahoo! Backgammon - [Only Registered and Activated Users Can See Links. Click Here To Register...]

Thank you for your help.....

[Mobo]

Thats clean now and as for the active x settings..i would set then as per the tutorial. That way they can be used but it wouls require you clicking yes to do so. Your current setup can hamper some programs from ever running ..

[roeo727]

The tutorial meaning the link entitled "Tighten Security Settings"?? Thanks.

[Mobo]

Yes exactly

[roeo727]

Okie dokie...consider it done.....but the one question that wasn't answered from the last posting is about that Wincomm.lgc ....that is located in C:WindowsAPPLOG.....should it be deleted??? I was thinking it was related to the WinComm.exe file...