HI...I have been trying to post my HijackThis log into the
various HijackThis forums, but everytime I receive an
error message. I became a member of all of them, but it's
no use. If anybody could suggest anything here, that would
be greatly appreciated. Thank you.

Logfile of HijackThis v1.97.7
Scan saved at 8:42:05 PM, on 5/6/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ATI2EVAE.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TPPALDR.EXE
C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH
JUKEBOX\PHILIPSREMOTE.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\WINDOWS\TPPSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\TEMP\Q1UUA.EXE
C:\WINDOWS\SYSTEM\IEHOST.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS
SHARED\WKCALREM.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH
JUKEBOX\MM_DIRECTOR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\MY DOCUMENTS\DOWNLOAD\THAONLYACE\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Bar = file://C:\WINDOWS\SYSTEM\SearchBar.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window
Title = Microsoft Internet Explorer provided by SBC Yahoo!
DSL
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-
FD60B590A87D} - C:\PROGRA~1\COMMON~1
\REAL\TOOLBAR\REALBAR.DLL
O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-
A397A8FD8082} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-
29EA915965EC} - (no file)
O4 - HKLM\..\Run: [ScanRegistry]
C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P
NETWORKING\P2P NETWORKING.EXE /AUTOSTART
O4 - HKLM\..\Run: [QuickTime
Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PhilipsRemote] C:\Program
Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe
O4 - HKLM\..\Run: [MMTray] C:\Program
Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6
\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\SYSUPD.EXE
O4 - HKLM\..\Run: [MSNSysRestore]
C:\WINDOWS\SYSTEM\pc32.exe bg
O4 - HKLM\..\Run: [Q1uua] C:\WINDOWS\TEMP\Q1UUA.EXE
O4 - HKLM\..\Run: [Bakra] C:\WINDOWS\SYSTEM\IEHost.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evae.exe
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1
\GRISOFT\AVG6\Avgserv9.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk =
C:\Program Files\Common Files\Microsoft Shared\Works
Shared\wkcalrem.exe
O8 - Extra context menu item: Yahoo! Search -
file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! Dictionary -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: &Sample Toolband Serach -
res://C:\WINDOWS\SYSTEM\ZP.DLL/MENUSEARCH.HTM
O9 - Extra button: AIM (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swf
lash.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P
Installer) -
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E}
(PhotosCtrl Class) -
http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {9CF28A69-7659-4C51-BFD5-9ADE19E19EC3}
(RegConfig Class) -
http://download.yahoo.com/dl/installs/bkm/prod/yregcfg.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A}
(InstallShield International Setup Player) -
http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocache/funwebproducts/CursorM
aniaInitialSetup1.0.0.6.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo!
Audio Conferencing) -
http://jcs.chat.dcn.yahoo.com/v45/yacscom.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D}
(QDiagHUpdateObj Class) -
http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
(Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/
sw.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-
4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update
Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CA
B?38025.6635763889

Adrian, what other screening have you done before this? (What other software
did you use to try to clean the system?) And what is the underlying problem
that prompted you to run the log?

> R3 - Default URLSearchHook is missing

Lately we've been advising everyone to remove this one - one cause can be
some variants of CoolWebSearch, and R3 items usually should be removed
anyway.

> O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-
> 29EA915965EC} - (no file)

This entry is Huntbar! Don't remove it with HijackThis - rather, with all
applications closed, run a newly-updated copy of Ad-Aware. It will clean it
for you. (PS - Huntbar often brings friends!)

The fact that this is present suggests to me that you haven't done the
preliminary cleaning necessary to give us a really meaningful shot at using
this log to best advantage. Please go to http://aumha.org/a/quickfix.htm and
follow out the steps listed there, then post a fresh HijackThis log here.

> O4 - HKLM\..\Run: [Q1uua] C:\WINDOWS\TEMP\Q1UUA.EXE

Whatever this is, you're running it from the Temp folder. Get rid of it.
(Note that the first step in the Quick Fix list above is cleaning the
temporary file caches.)

There are some other suspicious-looking things I'd want to research - but
that's fairly moot until you've done basic cleaning first. OK? I look
forward to seeing your new log afterwards.

--
Jim Eshelman, MS-MVP Windows http://aumha.org/
AumHa Forums: http://forum.aumha.org/
The Parasite Fight: http://aumha.org/a/parasite.htm
Computer Health: http://aumha.org/a/health.htm
Troubleshooting: http://aumha.org/a/tshoot.htm

Well, my initial reason for using the HijackThis program
was because my computer was running terribly slow and some
of my hardware wasn't working. I also did run clean-up
programs before running HIjackThis. The programs I used
included CWShredder, Ad-aware, Spybot, and AVG Anti-virus.
Well here is my new HijackThis log...

Logfile of HijackThis v1.97.7
Scan saved at 6:38:42 PM, on 5/9/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ATI2EVAE.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TPPALDR.EXE
C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\TPPSTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH
JUKEBOX\PHILIPSREMOTE.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM\IEHOST.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS
SHARED\WKCALREM.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH
JUKEBOX\MM_DIRECTOR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\MY DOCUMENTS\DOWNLOAD\THAONLYACE\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Bar = file://C:\WINDOWS\SYSTEM\SearchBar.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page = file:///C:\WINDOWS\s.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window
Title = Microsoft Internet Explorer provided by SBC Yahoo!
DSL
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-
FD60B590A87D} - C:\PROGRA~1\COMMON~1
\REAL\TOOLBAR\REALBAR.DLL
O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-
A397A8FD8082} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-
29EA915965EC} - (no file)
O4 - HKLM\..\Run: [ScanRegistry]
C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P
NETWORKING\P2P NETWORKING.EXE /AUTOSTART
O4 - HKLM\..\Run: [QuickTime
Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PhilipsRemote] C:\Program
Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe
O4 - HKLM\..\Run: [MMTray] C:\Program
Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6
\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\SYSUPD.EXE
O4 - HKLM\..\Run: [MSNSysRestore]
C:\WINDOWS\SYSTEM\pc32.exe bg
O4 - HKLM\..\Run: [Bakra] C:\WINDOWS\SYSTEM\IEHost.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evae.exe
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1
\GRISOFT\AVG6\Avgserv9.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk =
C:\Program Files\Common Files\Microsoft Shared\Works
Shared\wkcalrem.exe
O8 - Extra context menu item: Yahoo! Search -
file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! Dictionary -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: &Sample Toolband Serach -
res://C:\WINDOWS\SYSTEM\ZP.DLL/MENUSEARCH.HTM
O9 - Extra button: AIM (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swf
lash.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P
Installer) -
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E}
(PhotosCtrl Class) -
http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {9CF28A69-7659-4C51-BFD5-9ADE19E19EC3}
(RegConfig Class) -
http://download.yahoo.com/dl/installs/bkm/prod/yregcfg.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A}
(InstallShield International Setup Player) -
http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocache/funwebproducts/CursorM
aniaInitialSetup1.0.0.6.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo!
Audio Conferencing) -
http://jcs.chat.dcn.yahoo.com/v45/yacscom.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D}
(QDiagHUpdateObj Class) -
http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
(Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/
sw.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-
4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update
Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CA
B?38025.6635763889


>-----Original Message-----
>Adrian, what other screening have you done before this?
(What other software
>did you use to try to clean the system?) And what is the
underlying problem
>that prompted you to run the log?
>
>> R3 - Default URLSearchHook is missing
>
>Lately we've been advising everyone to remove this one -
one cause can be
>some variants of CoolWebSearch, and R3 items usually
should be removed
>anyway.
>
>> O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-
>> 29EA915965EC} - (no file)
>
>This entry is Huntbar! Don't remove it with HijackThis -
rather, with all
>applications closed, run a newly-updated copy of Ad-
Aware. It will clean it
>for you. (PS - Huntbar often brings friends!)
>
>The fact that this is present suggests to me that you
haven't done the
>preliminary cleaning necessary to give us a really
meaningful shot at using
>this log to best advantage. Please go to
http://aumha.org/a/quickfix.htm and
>follow out the steps listed there, then post a fresh
HijackThis log here.
>
>> O4 - HKLM\..\Run: [Q1uua] C:\WINDOWS\TEMP\Q1UUA.EXE
>
>Whatever this is, you're running it from the Temp folder.
Get rid of it.
>(Note that the first step in the Quick Fix list above is
cleaning the
>temporary file caches.)
>
>There are some other suspicious-looking things I'd want
to research - but
>that's fairly moot until you've done basic cleaning
first. OK? I look
>forward to seeing your new log afterwards.
>
>--
>Jim Eshelman, MS-MVP Windows http://aumha.org/
>AumHa Forums: http://forum.aumha.org/
>The Parasite Fight: http://aumha.org/a/parasite.htm
>Computer Health: http://aumha.org/a/health.htm
>Troubleshooting: http://aumha.org/a/tshoot.htm
>
>
>.
>

Adrian, did by chance use the online quick-check at
http://aumha.org/a/noads.htm - or the same code as it appears on several
other sites? I ask because it catches some items that the others don't -
including searchbar parasites that your log suggests you might have. I
suggest hitting that page and seeing what it finds, if anything.

In the meantime, I recommend removing the following:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
file://C:\WINDOWS\SYSTEM\SearchBar.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
file:///C:\WINDOWS\s.htm

Also, you have Huntbar:
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)
Rather than removing the above line, attempt to clean this with one of the
other tools. Ad-Aware should have cleaned it - and the
http://aumha.org/a/noads.htm should have detected it. This raises concern,
then, on why Ad-Aware didn't. Did you update each of your tools immediately
before running them? Did you have all other programs shutdown when you ran
them? If not, then please run them again under these conditions. If Huntbar
still isn't cleaned, then by all means remove the above line with
HijackThis.

O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\SYSUPD.EXE
Get rid of this, too! It isn't what it looks like. BTW, it also doesn't go
away easily, so keep an eye out for it returning. Spybot and Ad-Aware both
should have found this (maybe they did and it just came back). You may need
to manually delete the Registry thread HKEY_current_user,software/sysupd to
finish cleaning this up. If it still doesn't clean, boot to Safe Mode and
run HijackThis again to clean this one item.

O8 - Extra context menu item: &Sample Toolband Serach -
res://C:\WINDOWS\SYSTEM\ZP.DLL/MENUSEARCH.HTM
I think this one is part of one of the searchbar parasites - but I can't
find it in any of my references. Checking the page I gave you above (along
with the other tools) is a better guide to whether you have one of these
parasites.

--
Jim Eshelman, MS-MVP Windows http://aumha.org/
AumHa Forums: http://forum.aumha.org/
The Parasite Fight: http://aumha.org/a/parasite.htm

Yes, I did do the online quick-check and nothing was
found. I also updated all of my tools before running them.
However, all of my clean-up programs told me that no
immediate threats were found and that my computer was
clean, but by the looks of it, I guess they were wrong.
I'll fix the problems you pointed out, run the programs
again, and get back to you.
>-----Original Message-----
>Adrian, did by chance use the online quick-check at
>http://aumha.org/a/noads.htm - or the same code as it
appears on several
>other sites? I ask because it catches some items that the
others don't -
>including searchbar parasites that your log suggests you
might have. I
>suggest hitting that page and seeing what it finds, if
anything.
>
>In the meantime, I recommend removing the following:
>R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Search Bar =
>file://C:\WINDOWS\SYSTEM\SearchBar.htm
>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page =
>file:///C:\WINDOWS\s.htm
>
>Also, you have Huntbar:
>O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-
29EA915965EC} - (no file)
>Rather than removing the above line, attempt to clean
this with one of the
>other tools. Ad-Aware should have cleaned it - and the
>http://aumha.org/a/noads.htm should have detected it.
This raises concern,
>then, on why Ad-Aware didn't. Did you update each of your
tools immediately
>before running them? Did you have all other programs
shutdown when you ran
>them? If not, then please run them again under these
conditions. If Huntbar
>still isn't cleaned, then by all means remove the above
line with
>HijackThis.
>
>O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\SYSUPD.EXE
>Get rid of this, too! It isn't what it looks like. BTW,
it also doesn't go
>away easily, so keep an eye out for it returning. Spybot
and Ad-Aware both
>should have found this (maybe they did and it just came
back). You may need
>to manually delete the Registry thread
HKEY_current_user,software/sysupd to
>finish cleaning this up. If it still doesn't clean, boot
to Safe Mode and
>run HijackThis again to clean this one item.
>
>O8 - Extra context menu item: &Sample Toolband Serach -
>res://C:\WINDOWS\SYSTEM\ZP.DLL/MENUSEARCH.HTM
>I think this one is part of one of the searchbar
parasites - but I can't
>find it in any of my references. Checking the page I gave
you above (along
>with the other tools) is a better guide to whether you
have one of these
>parasites.
>
>--
>Jim Eshelman, MS-MVP Windows http://aumha.org/
>AumHa Forums: http://forum.aumha.org/
>The Parasite Fight: http://aumha.org/a/parasite.htm
>
>
>
>.
>