HELP! - dslreports.com

Author	All Replies
not_stressed join:2003-09-29 Windsor, ON	reply to John2g HELP! Hi! im all stressed and now confuse how to remove this crap spyware from my pc... its slowing down in net service too :[ ive went thru many pages but now im really tired and get read 100s of replies now can any kind person please free me?? can anyone pls post here how i can get rid of it? ive also checked the add/remove stuff in control panel but this anthology or accelaration stuff is not there at all to remove :[ SOMEONE PLEASE HELP! . [text was edited by author 2003-09-29 14:17:08] [text was edited by author 2003-09-29 14:21:56]
	to forum · permalink · · 2003-09-29 14:14:23 ·
John2g Qui Tacet Consentit Premium join:2001-08-10 England	said by not_stressed : Hi! im all stressed and now confuse how to remove this crap spyware from my pc... its slowing down in net service too :[ ive went thru many pages but now im really tired and get read 100s of replies now can any kind person please free me?? can anyone pls post here how i can get rid of it? ive also checked the add/remove stuff in control panel but this anthology or accelaration stuff is not there at all to remove :[ SOMEONE PLEASE HELP! . Have you read the PestPatrol info? I posted a link in the first post in this thread. It tells you what needs removing. HTH. -- Better to remain silent and be thought a fool, than to speak and remove all doubt.
	to forum · permalink · · 2003-09-29 14:39:55 ·
sig Premium join:2001-05-05	reply to not_stressed Adaware and SpyBot Search and Destroy (both free) should remove StopSign. Also, Pest Patrol linked to above said it does also. I imagine they have a free trial evaluation version but don't know if it's limited in function or just to a trial period. Whichever app you choose to install, download the latest updates before you run it.
	to forum · permalink · · 2003-09-29 14:42:55 ·
not_stressed join:2003-09-29 Windsor, ON	Thank you guys but pestpatrol doesnt delete cos its trial version and adaware and spybot deleted them but then that stupid stop sign pops up again ask if i wanna finish my scan also i cant see so many files like it is said in pestpatrol site
	to forum · permalink · · 2003-09-29 15:35:18 ·
CalamityJane Premium,VIP,MVM join:2002-08-27 Eustis, FL	stressed, Please download and run this free program so we can see what is running at startup. HijackThis v1.97 Download Hijack This! »www.tomcoyote.org/hjt/ Unzip, doubleclick HijackThis.exe, and hit "Scan". When the scan is finished, the "Scan" button will change into a "Save Log" button. Press that, save the log, load it in Notepad, and copy its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet. Just post the results of the scan, and someone here can help you determine what is safe to fix. Edit: BTW, Welcome! to DSLR/BBR. -- It takes a disaster to make a woman out of a female Gladiator Security Forum [text was edited by author 2003-09-29 15:44:44]
	to forum · permalink · · 2003-09-29 15:40:36 ·
not_stressed join:2003-09-29 Windsor, ON	thank you!... im downloading it now will you give an update in a few mins.
	to forum · permalink · · 2003-09-29 15:43:52 ·
not_stressed join:2003-09-29 Windsor, ON	FILES.... Logfile of HijackThis v1.97.2 Scan saved at 3:45:36 PM, on 9/29/2003 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\RunDll32.exe C:\WINDOWS\System32\sistray.EXE C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC1.EXE C:\WINDOWS\System32\regsvc32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ACCELE~1\ANTI-V~1\DEFSCA~1.EXE C:\PROGRA~1\ACCELE~1\SYSTEM~1\sys_alert.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\NetAssistant\bin\mpbtn.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Adobe\Acrobat 4.0\Reader\AcroRd32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\PESTPA~1\PPCONT~1.EXE C:\PROGRA~1\PESTPA~1\pestpatrol.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\user\Local Settings\Temp\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = »www.free-popup-killer.com/ie/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = »www.free-popup-killer.com/ie/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = »rd.yahoo.com/customize/ymsgr/def···ahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = »www.free-popup-killer.com/ie/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = »www.free-popup-killer.com/ie/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = »rd.yahoo.com/customize/ymsgr/def···ahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = »rd.yahoo.com/customize/ymsgr/def···ahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Sympatico R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = »www.free-popup-killer.com/ie/?q=%s N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\user\Application Data\Mozilla\Profiles\default\nalb1jz0.slt\prefs.js) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\ycomp5_1_2_0.dll O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\ycomp5_1_2_0.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\sisUSBrg.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC1.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42" O4 - HKLM\..\Run: [MSRegSvc] C:\WINDOWS\System32\regsvc32.exe O4 - HKLM\..\Run: [regsvc32] C:\WINDOWS\System32\regsvc32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [MCCInstall] D:\Intro\AA\MCCInstall\English\MCCInstall.exe -Step=15 O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe" -l O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [WebScan] C:\PROGRA~1\ACCELE~1\ANTI-V~1\DEFSCA~1.EXE -k O4 - HKLM\..\Run: [eanth_critical_update_alert] C:\PROGRA~1\ACCELE~1\SYSTEM~1\sys_alert.exe /Startup O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe O4 - HKCU\..\Run: [Terminate Popup] C:\Program Files\Free-Popup-Killer\fpuk.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NetAssistant.lnk = C:\Program Files\NetAssistant\bin\matcli.exe O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: RealGuide (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: Yahoo! Dominoes - »download.games.yahoo.com/games/c···t4_x.cab O16 - DPF: Yahoo! Hearts - »download.games.yahoo.com/games/c···t0_x.cab O16 - DPF: Yahoo! Literati - »download.games.yahoo.com/games/c···t0_x.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - »www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - »www.ipix.com/viewers/ipixx.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - »download.macromedia.com/pub/shoc···r/sw.cab O16 - DPF: {2119776A-F1AD-4FCD-9548-F1E1C615350C} - »www.stop-sign.com/pub/download/s···cnry.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - »security.symantec.com/sscv6/Shar···niff.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - »download.yahoo.com/dl/installs/yinst.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - »a1540.g.akamai.net/7/1540/52/200···ller.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - »207.188.7.150/189a53781d949391c0···E601.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - »security.symantec.com/sscv6/Shar···absa.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - »v4.windowsupdate.microsoft.com/C···27430556 O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - »us.dl1.yimg.com/download.yahoo.c···0727.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - »download.macromedia.com/pub/shoc···lash.cab O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - »us.dl1.yimg.com/download.yahoo.c···_2_0.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{4FDDC7B7-6D64-4B6A-BDA3-9898E07A44C2}: NameServer = 207.236.176.12 198.235.216.110 O17 - HKLM\System\CS1\Services\Tcpip\..\{4FDDC7B7-6D64-4B6A-BDA3-9898E07A44C2}: NameServer = 207.236.176.12 198.235.216.110
	to forum · permalink · · 2003-09-29 15:48:32 ·
not_stressed join:2003-09-29 Windsor, ON	gosh! what are these files? john thanks for the link... its that crap stuffs help page i suppose
	to forum · permalink · · 2003-09-29 15:50:40 ·


Monday, 23-Nov 01:02:31	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF