My son has screwed up my browser and I have more spyware than a warez site!!!

I have run spybot, adaware, cwshredder and nothing has worked.

The bloody thing keeps redirecting me to another site whilst surfing and stuff. This is really pissing me off.

below is my hijackthis log.....it looks full of junk but I am worried about what to delete and what not to.

I need help from someone who really knows their stuff, cos I dont want to have to reformat if I can avoid it.

Logfile of HijackThis v1.98.2
Scan saved at 23:35:15, on 18/10/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ntl\broadband medic\bin\mpbtn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\j2re1.4.2_05\bin\javaw.exe
C:\Program Files\Crazy Browser\Crazy Browser.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.plovnpuigvoybtuqk.com/1vPjbcz_9GN1mcFDVoGFdrkU9vpPEuHMUZWtw10Hl/ymJKWVZUkUikY_t4/eIwsB.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {A35B2803-21D7-934C-8231-C201EFC45411} - C:\DOCUME~1\Sara\APPLIC~1\MFCDBO~1\support up.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Road Lite Inter For] C:\Documents and Settings\All Users\Application Data\Burn1RoadLite\blah name.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian\PeerGuardian_1.99b_pr14-3.exe
O4 - HKCU\..\Run: [Junk win] C:\DOCUME~1\Sara\APPLIC~1\PILETE~1\Option Hope Rdr.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.slotch.com
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictivetechnologies.net/DM0/cab/nce9rck.cab

if you can make it to the site....
try this :
http://www.pestscan.com/
by the ppl that made pest patrol
a fairly nice anti-spyware IMO
turn off system restore as well,
cuz even if you do get it deleted...
it may bring itself back
(you can turn restore back on after you get the system clean and rebooted)

-edit-
i have pest patrol corp if you need it, but...
i no longer use Klite (or ANY kazaa for that matter) :P
but if you have BT or slsk, we can make it happen :)

-edit again-
and get spywareblaster (http://www.javacoolsoftware.com/sbdownload.html) too
keeps shit from loading in the first place :)

-edit again- (damn i am getting stupid) :P
delete all the dowloaded program files in IE
it may help, and if you happen to need something you dowloaded later
(say a plugin from a website or somethin) IE will re-dl em no prob
in IE, go to tools > internet options > settings > view objects
and delete all that shit

-edit AGAIN- (for the umpteeth time) :lol:
and after you get it all cleaned...
clean your registry, at this point its probably gonna be hard to screw somthing up too bad
regseeker (http://www.hoverdesk.net/freeware.htm) is a decent free reg cleaner

first go to control panel>add\remove programs and see what programs are there that look suspicious and uninstall them (ones you aren't sure about you can search for on google)
then run a spyware scanner (i see you have spybot).

Fix the following with hijackthis!:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.plovnpuigvoybtuqk.com/1v...Y_t4/eIwsB.html
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.slotch.com

then the following look suspiscious but i can't find them on google so im not certain:
O4 - HKCU\..\Run: [Junk win] C:\DOCUME~1\Sara\APPLIC~1\PILETE~1\Option Hope Rdr.exe
O4 - HKLM\..\Run: [Road Lite Inter For] C:\Documents and Settings\All Users\Application Data\Burn1RoadLite\blah name.exe

then restart and it should be fixed.

Hello!

Also you should delete and fix the following:

O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictivetechnologies.ne...cab/nce9rck.cab


C:\Program Files\Messenger Plus! 3\MsgPlus.exe

This one should be deleted manually and then check again with HJT to see if it has appeared again if not the thats good!. How to delete it and a descripton of what it is can be found here http://www.giantcompany.com/antispyware/research/spyware/spyware-Messenger-Plus!.aspx

Hello!

Also you should delete and fix the following:

O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictivetechnologies.ne...cab/nce9rck.cab


C:\Program Files\Messenger Plus! 3\MsgPlus.exe

This one should be deleted manually and then check again with HJT to see if it has appeared again if not the thats good!. How to delete it and a descripton of what it is can be found here http://www.giantcompany.com/antispyware/research/spyware/spyware-Messenger-Plus!.aspx

messenegr plus isn't spyware...it installs some if you chose to in the install but the acutal program is not spyware and chances are if it's sara's kids that downlaoded that program they will download it again.

messenegr plus isn't spyware...it installs some if you chose to in the install but the acutal program is not spyware and chances are if it's sara's kids that downlaoded that program they will download it again.
Hello!

Yes that is true but chances are that they did install the spyware. She can always reinstall it properly without the spyware to make sure that it is not there. The bundled spyware that might be installed now is C2Media which is also known as LOP.com. How to remove it is described at the link!. After removal reinstallation can be made by Sara and make sure that the bundled shit is not installed!. But one thing that I notice know is that I said that the item should not appear in HJT and that is ofcourse wrong since the actual program is not harmfull so it should not be deleted in HJT!. here is the info from the site:

According to Messenger Plus!'s website you can install the software without the AdWare.

Quote for removing AdWare:
"Go in Add/Remove Programs and double click on "Messenger Plus!" (or click on Remove)

The "Messenger Plus! - Setup" is now displayed. Click on the Uninstall button. After a couple of seconds, the program will ask you if you want to keep your preferences, it is suggested to say "Yes" if you plan to reinstall Messenger Plus! in the future (this question is not related to the sponsor program).

The sponsor screen is now displayed (if you don't see it, search for it in your Task Bar). To prove that someone is currently reading the screen, you have to type the code that is displayed.

If you entered the code properly, the program will ask you to confirm that you want to uninstall. You must answer "Yes" to this question, else, you won't have another chance of uninstalling.

To complete the uninstallation, follow the instructions that are displayed (the first one is to close all your Internet Explorer windows, that's very important). When everything is complete, restart your computer and, voila!"

From the FAQ:
"Messenger Plus! comes with an optional sponsor program. This program will show ads from time to time on your computer, add a search bar in Internet Explorer and may change your start page. In NO case this sponsor is mandatory or dangerous. If you don't want it, simply refuse the sponsor agreement during the setup and you will never hear about it again. If you installed the sponsor by error, just uninstall Messenger Plus! (it will trigger the sponsor uninstall program), reboot your computer, and reinstall without the sponsor if you want to continue to use Messenger Plus!.

Important: if you wish to get rid of the sponsor program, you must uninstall Messenger Plus! from the Add/Remove Programs window. If you start deleting files on your own you will prevent a full system restore as some of the files copied by the sponsor are backups of your original configuration files."
Advise: Keep This software is not necessarily adware. However, it does install other adware programs as well as perform potential hazardous actions on your computer. In either case this software is not to be trusted. - Since this application gives you the option to not install the adware that comes bundled, we recommend ignoring it.

Author: Patchou
Author URL: http://www.msgplus.net (http://www.msgplus.net/)
Author description: "Messenger Plus is designed to enhance MSN Messenger and Windows Messenger by adding a lot of new features directly into its interface. With Messenger Plus, you can automatically log your instant messages and encrypt them to text files, customize your user interface, create shortcuts to hide or lock Messenger on your station (useful for school or work usage), use IRC commands, customize the appearance of your messages, create text aliases, and play sounds. All the features are accessible in new menus of various Messenger windows, and you can set your options in a brand-new Preferences panel

Hi Sara, you have a lop infection.
Lop comes bundled with Messenger Plus! 3.

I recommend uninstalling Messenger Plus! 3 in add/remove programs. If you insist on using it, uninstall for now, clean out lop then reinstall with all the "extras" unchecked on the installer.

Download this LOP uninstaller http://lop.com/new_uninstall.exe
Close other programs and run it to remove LOP.

I will include the entries for lop to be fixed in hijackthis, fix any that remain after running the uninstaller.

Create a new folder in your program files and move hijackthis.exe inside it.
Backups made of the lines fixed will be placed there.

Scan with hijackthis and place a checkmark at the following lines:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.plovnpuigvoybtuqk.com/1v...Y_t4/eIwsB.html

O2 - BHO: (no name) - {A35B2803-21D7-934C-8231-C201EFC45411} - C:\DOCUME~1\Sara\APPLIC~1\MFCDBO~1\support up.exe

O4 - HKLM\..\Run: [Road Lite Inter For] C:\Documents and Settings\All Users\Application Data\Burn1RoadLite\blah name.exe

O4 - HKCU\..\Run: [Junk win] C:\DOCUME~1\Sara\APPLIC~1\PILETE~1\Option Hope Rdr.exe

O4 - HKCU\..\Run: [Junk win] C:\DOCUME~1\Sara\APPLIC~1\PILETE~1\Option Hope Rdr.exe

O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.slotch.com

O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictivetechnologies.ne...cab/nce9rck.cab

the following lines are optional to fix if you choose:

O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE<--Reminder to register Creative Labs SoundBlaster Live! cards, not needed

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"<-- fix if you decide to get rid of it
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart<-- same as above

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE<--Resource hog that launches common MS Office components to help speed up the launch of Office programs. Not needed to start office.


Close all browsers and open windows and click "fix checked"


Reboot to safemode
Restart the computer,as soon as the BIOS has finished loading, begin tapping the F8 key .
Continue to do so until the Windows Advanced Options menu appears.
Using the arrow keys, scroll to and select Safemode, then press Enter.

Some files and folders may be hidden , change these settings to show them.
Open Windows Explorer & Go to Tools > Folder Options.
Click on the View tab
Place a checkmark at "Show hidden files and folders"
Uncheck "Hide protected operating system files"
Uncheck "hide extensions for known file types"
click "Apply to all folders"
Click "Apply" then "OK"

Delete the following files and folders marked in bold

C:\DOCUME~1\Sara\APPLIC~1\MFCDBO~1<-- this is a shorthand version of the file path, its at C:\Documents and Settings\Sara\Application Data\, Delete the folder name that starts with MFCDBO

C:\DOCUME~1\Sara\APPLIC~1\PILETE~1\In your applications folder again, delete the folder that starts with PILETE

C:\Documents and Settings\All Users\Application Data\Burn1RoadLite\<-- delete the folder

Reboot, scan with hijackthis and post a fresh log.

Ok...thanks everyone...am gonna give these suggestions a go and will let you know how I get on.... :)

So far so good....seems like you guys have sorted it for me....thanks again.... :) :) :)



here's my new hijackthis log...

Logfile of HijackThis v1.98.2
Scan saved at 23:18:54, on 20/10/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\PeerGuardian\PeerGuardian_1.99b_pr14-3.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ntl\broadband medic\bin\mpbtn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HJT\HijackThis.exe
C:\WINDOWS\System32\wuauclt.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian\PeerGuardian_1.99b_pr14-3.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

looks fine now.

so everything works ok now? :)

If you (and your kids of course) are running Internet Explorer you may want to try using a little freeware title called "Browser Hijacker Blaster" It will help you avoid problems in the future.

It's freely available here...

http://www.wilderssecurity.net/bhblaster.html

Otherwise you may look into using a different, more secure browser. I use Mozilla Firefox but there are others.

Good luck...

Hi Sara, your log looks clean, no more lop! :)

You really should try to visit windows update and install all critical updates.

Also, consider installing the following free programs to help protect your system.
Once installed, they don't need to be running to protect, just open and update spywareblaster every few weeks.


SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) - Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.


IE-SPYAD (https://netfiles.uiuc.edu/ehowes/www/resource.htm)is a Registry file (IE-ADS.REG) that adds a long list of sites and domains associated with known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer.

Blocking Unwanted Parasites with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

I use crazybrowzer but the kids have continued to use IE....must remind myself to tell them not to...

As for updates, I had a problem installing sp2 as my erm...my xp pro... ;)

So I dl and burned to disc and its just showing as an iso....must have done something dumb.....must get round to it I guess.....my comp keeps trying to install sp2 from winupdate...but as it only gets so far and then tells me off...I am a bit stuck until I can dl another copy (deleted the original in reformat).

Just a little side note...crazybrowzer is no better than internet explorer...it is based on the same core...it only has more features but it still has all of the security downfalls...i would suggest you give firefox a try...it has no connection to IE and it is a very secure browser in my opinion.

http://www.mozilla.org/products/firefox/

I'd suggest firefox too but I would advise not geting 1.0pr cos I had oodles of trouble with it and ended up going back to the previous release

I use crazybrowzer but the kids have continued to use IE....must remind myself to tell them not to...

As for updates, I had a problem installing sp2 as my erm...my xp pro... ;)

So I dl and burned to disc and its just showing as an iso....must have done something dumb.....must get round to it I guess.....my comp keeps trying to install sp2 from winupdate...but as it only gets so far and then tells me off...I am a bit stuck until I can dl another copy (deleted the original in reformat).
Sara, if I've read between the lines properly ;)

You need to change your XP Product Key, SP2 will then install. It should install using a key valid for SP1 but it seems yours is not.

SP2 is not necessary at this point, in my opinion, but if you want to install it then I can certainly send you the neccesary stuff to change your key, or at least point you in the right direction.

Also I may as well add my two pence with the browser issue. Dump CrazyBrowser and install Firefox.

Sara, after choosing an alternative browser just make it the default and delete all shortcuts to IE.

TweakUI(available at the Microsoft website) will allow you to remove the IE icon from your desktop.

regards,

You still have to use IE ocassionally as some sites will not work with Firefox(small percentage)...and also to download windows updates...but Firefox has extentions to open IE and to download updates using Firefox.