Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Help with spyware
Search Topic:
Uniqs:
181		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Administrator privileges for TurboTax?!?! »
« Spyware problems  
AuthorAll Replies


vinnienap
Premium
join:2001-12-20
Boston, MA

Help with spyware

I've been having a problem for the past week that's been driving me crazy. I'm getting tons and tons of pop ups even though I have a pop up blocker (Google toolbar). I've run Ad-aware several times to get rid of the spyware which looks like "adware-apropos", but it keeps coming back. I've also run a virus scan using McAfee without luck. Below is a copy of my log file from Hijack-This. Any help would be appreciated. Thanks. Vinnie

Logfile of Hijack-This v1.97.7
Scan saved at 4:47:57 PM, on 3/29/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\WEBSVR\SYSTEM\INETSW95.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\HPSJVXD.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PRECISIONSCAN\PRECISIONSCAN\HPLAMP.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\TRAY REMOTE AUDIO\SOFT ACID SAFE.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\SYSAI\SYSAI.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACRORD32.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\37B9XI5W\HIJACKTHIS[1].EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = »boston.com/
F1 - win.ini: run=hpfsched
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\PROGRAM FILES\WS_FTP PRO\WSBHO2K0.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\PROGRAM FILES\SYSAI\PLG0\APROPOSPLUGIN.DLL
O2 - BHO: (no name) - {AC370082-6A71-0594-5627-5902B832E49A} - C:\PROGRAM FILES\AMOKPOKE\PROGRAM FOR.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: RefresherBand Class - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\PROGRA~1\YREFRE~1\YREFRE~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Ref Shim Dale - {DE355185-4856-D050-F54C-E3771DBA2933} - C:\PROGRAM FILES\AMOKPOKE\PROGRAM FOR.DLL
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [Microsoft WebServer] C:\Program Files\WebSvr\System\svctrl /init
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [HPSCANMonitor] C:\WINDOWS\SYSTEM\hpsjvxd.exe
O4 - HKLM\..\Run: [HP Lamp] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [Internet Hole] C:\PROGRA~1\TRAYRE~1\Soft Acid Safe.exe
O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\MCAFEE.COM\SHARED\MCAPPINS.EXE /v=3 /cleanup
O4 - HKLM\..\RunServices: [Microsoft WebServer] C:\Program Files\WebSvr\System\inetsw95.exe -w3svc
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: AIM (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - »download.macromedia.com/pub/shoc···lash.cab
O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - »bin.McAfee.com/molbin/Shared/Com···tl32.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - »download.weatherbug.com/minibug/···ller.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - »download.McAfee.com/molbin/Share···wFld.cab
O16 - DPF: {D30CAFF0-087B-11D3-82D8-006094695CEC} (McAfee PC Clinic FaManager Class) - »download.McAfee.com/molbin/Clini···actl.cab
O16 - DPF: {23047A90-8511-11D2-87A5-20C252C10000} (McAfee Clinic TreeView Class) - »download.McAfee.com/molbin/Shared/MGTree.cab
O16 - DPF: {CDB74794-A3BA-4733-B6F6-59BF16D6C15A} (McAfee Smart Shop - Update Class) - »download.McAfee.com/molbin/mcaen···tshp.cab
O16 - DPF: {4AE3239D-18C5-11D3-9634-0060080A3AB6} (McAfee PC Clinic System Information Class) - »download.McAfee.com/molbin/Clini···comp.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - »www.live365.com/players/play365.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - »download.macromedia.com/pub/shoc···r/sw.cab
O16 - DPF: {71CA4411-45EC-4608-B9D7-6D4B6A9D1BB4} (Attenza System Profiler) - »service.dell.com/dell/SystemProfiler.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - »support.dell.com/us/en/systempro···fLcd.CAB
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - »www.parentwatch.com/content/demo/push.cab
O16 - DPF: {9F0F185C-B50B-11D2-B53F-00A0C98684AC} (McAfee PC Clinic OilChange Class) - »download.McAfee.com/molbin/OilCh···_new.cab
O16 - DPF: {13E39F7E-FDA8-11D2-99DC-00C04FF40D52} (McAfee OilChange Multi-Product Support Filter) - »download.McAfee.com/molbin/OilCh···Filt.cab
O16 - DPF: {BF31FA5E-AE8A-11D2-A1BD-0800300004C2} (McAfee PC Clinic Internet Class) - »download.McAfee.com/molbin/Share···_new.cab
O16 - DPF: {06D5218D-079C-11D3-B2D1-00A0C98684AC} (McAfee Hardware Finder Control) - »download.McAfee.com/molbin/clini···info.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - »www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - »a1540.g.akamai.net/7/1540/52/200···ller.exe
O16 - DPF: {AB85162E-6822-11D5-ADA7-00504D00002A} (NavalStar_Setup.Setup) - »www.netnaru.net/navalstar/ENaval···etup.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - »bin.McAfee.com/molbin/shared/mci···sctl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - »download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (Web Camera Server Control) - »130.191.117.248/wg_webeye.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) - »autos.msn.com/Components/Ocx/Ext···side.cab
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} (IEAnimBehaviorFactory Class) - »download.microsoft.com/download/···orun.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - »v4.windowsupdate.microsoft.com/C···92824074
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - »cs6.chat.sc5.yahoo.com/v43/yacscom.cab
O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - »www.pulse3d.com/players/english/···xWin.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - »das.microsoft.com/activate/cab/x···SAct.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - »download.microsoft.com/download/···9VCM.CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - »bin.McAfee.com/molbin/shared/mcg···dmgr.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - »aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {1DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) - »www.activeworlds.com/products/Ac···load.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - »office.microsoft.com/officeupdat···opuc.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - »www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {E6EB803E-DD89-11D3-80C4-0050DA2E09D0} (LightSurfUploadCtl Class) - »picturecenter.kodak.com/activex/···trol.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - »plazacam.bu.edu/activex/AxisCamControl.cab
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} - »download.microsoft.com/download/···avax.CAB
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - »h30043.www3.hp.com/hpdj/en/check···.cab?315
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - »ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} (CPostLaunch Object) - »www2.verizon.net/update/msnwebin···bIns.CAB
to forum · permalink · · 2004-03-29 16:57:50 · Reply to this


Zupe
Premium,MVM
join:2001-11-29
New York, NY
clubs:
said by vinnienap See Profile:
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\PROGRAM FILES\SYSAI\PLG0\APROPOSPLUGIN.DLL

O2 - BHO: (no name) - {AC370082-6A71-0594-5627-5902B832E49A} - C:\PROGRAM FILES\AMOKPOKE\PROGRAM FOR.DLL

O3 - Toolbar: Ref Shim Dale - {DE355185-4856-D050-F54C-E3771DBA2933} - C:\PROGRAM FILES\AMOKPOKE\PROGRAM FOR.DLL

O4 - HKLM\..\Run: [Internet Hole] C:\PROGRA~1\TRAYRE~1\Soft Acid Safe.exe

O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - »download.weatherbug.com/minibug/···ller.cab

O16 - DPF: {AB85162E-6822-11D5-ADA7-00504D00002A} (NavalStar_Setup.Setup) - »www.netnaru.net/navalstar/ENaval···etup.CAB

O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (Web Camera Server Control) - »130.191.117.248/wg_webeye.cab

O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - »www.pulse3d.com/players/english/···xWin.cab
Hi,

Please first unzip Hijack This to a folder of its own (ex. C:\HJT) as it can't make backups when run from a temp directory or zip file.

After doing that, please reboot to Safe Mode and delete the following files:

C:\PROGRAM FILES\SYSAI (entire folder)
C:\PROGRAM FILES\AMOKPOKE (entire folder)
C:\PROGRAM FILES\TRAY REMOTE AUDIO (entire folder)

While still in Safe Mode, with all browser windows closed, rescan with Hijack This, put checks next to all the items I quoted above that remain and click "Fix Checked". Reboot to normal mode, scan again with Hijack This and post a new log here.
--
Brain: Pinky, are you pondering what I'm pondering?
Pinky: I think so, Brain, but "Snowball for Windows"?
to forum · permalink · · 2004-03-29 18:54:39 · Reply to this


vinnienap
Premium
join:2001-12-20
Boston, MA

 Thanks Zupe, OK, I did what you asked and here is the new log:

Logfile of HijackThis v1.97.7
Scan saved at 8:42:44 PM, on 3/29/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\WEBSVR\SYSTEM\INETSW95.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\HPSJVXD.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PRECISIONSCAN\PRECISIONSCAN\HPLAMP.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = »boston.com/" >searchexe.com/passthrough/index.···ton.com/
F1 - win.ini: run=hpfsched
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\PROGRAM FILES\WS_FTP PRO\WSBHO2K0.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: RefresherBand Class - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\PROGRA~1\YREFRE~1\YREFRE~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [Microsoft WebServer] C:\Program Files\WebSvr\System\svctrl /init
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [HPSCANMonitor] C:\WINDOWS\SYSTEM\hpsjvxd.exe
O4 - HKLM\..\Run: [HP Lamp] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [Microsoft WebServer] C:\Program Files\WebSvr\System\inetsw95.exe -w3svc
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: AIM (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - »download.macromedia.com/pub/shoc···lash.cab
O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - »bin.mcafee.com/molbin/Shared/Com···tl32.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - »download.mcafee.com/molbin/Share···wFld.cab
O16 - DPF: {D30CAFF0-087B-11D3-82D8-006094695CEC} (McAfee PC Clinic FaManager Class) - »download.mcafee.com/molbin/Clini···actl.cab
O16 - DPF: {23047A90-8511-11D2-87A5-20C252C10000} (McAfee Clinic TreeView Class) - »download.mcafee.com/molbin/Shared/MGTree.cab
O16 - DPF: {CDB74794-A3BA-4733-B6F6-59BF16D6C15A} (McAfee Smart Shop - Update Class) - »download.mcafee.com/molbin/mcaen···tshp.cab
O16 - DPF: {4AE3239D-18C5-11D3-9634-0060080A3AB6} (McAfee PC Clinic System Information Class) - »download.mcafee.com/molbin/Clini···comp.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - »www.live365.com/players/play365.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - »download.macromedia.com/pub/shoc···r/sw.cab
O16 - DPF: {71CA4411-45EC-4608-B9D7-6D4B6A9D1BB4} (Attenza System Profiler) - »service.dell.com/dell/SystemProfiler.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - »support.dell.com/us/en/systempro···fLcd.CAB
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - »www.parentwatch.com/content/demo/push.cab
O16 - DPF: {9F0F185C-B50B-11D2-B53F-00A0C98684AC} (McAfee PC Clinic OilChange Class) - »download.mcafee.com/molbin/OilCh···_new.cab
O16 - DPF: {13E39F7E-FDA8-11D2-99DC-00C04FF40D52} (McAfee OilChange Multi-Product Support Filter) - »download.mcafee.com/molbin/OilCh···Filt.cab
O16 - DPF: {BF31FA5E-AE8A-11D2-A1BD-0800300004C2} (McAfee PC Clinic Internet Class) - »download.mcafee.com/molbin/Share···_new.cab
O16 - DPF: {06D5218D-079C-11D3-B2D1-00A0C98684AC} (McAfee Hardware Finder Control) - »download.mcafee.com/molbin/clini···info.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - »www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - »a1540.g.akamai.net/7/1540/52/200···ller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - »bin.mcafee.com/molbin/shared/mci···sctl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - »download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) - »autos.msn.com/Components/Ocx/Ext···side.cab
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} (IEAnimBehaviorFactory Class) - »download.microsoft.com/download/···orun.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - »v4.windowsupdate.microsoft.com/C···92824074
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - »cs6.chat.sc5.yahoo.com/v43/yacscom.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - »das.microsoft.com/activate/cab/x···SAct.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - »download.microsoft.com/download/···9VCM.CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - »bin.mcafee.com/molbin/shared/mcg···dmgr.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - »aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {1DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) - »www.activeworlds.com/products/Ac···load.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - »office.microsoft.com/officeupdat···opuc.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - »www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {E6EB803E-DD89-11D3-80C4-0050DA2E09D0} (LightSurfUploadCtl Class) - »picturecenter.kodak.com/activex/···trol.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - »plazacam.bu.edu/activex/AxisCamControl.cab
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} - »download.microsoft.com/download/···avax.CAB
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - »h30043.www3.hp.com/hpdj/en/check···.cab?315
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - »ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} (CPostLaunch Object) - »www2.verizon.net/update/msnwebin···bIns.CAB
to forum · permalink · · 2004-03-29 20:57:02 · Reply to this


Zupe
Premium,MVM
join:2001-11-29
New York, NY
clubs:
said by vinnienap See Profile:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = »boston.com/" >searchexe.com/passthrough/index.···ton.com/
With all windows closed, check this item in Hijack This and click Fix Checked, then rescan to make sure it's gone.
--
Brain: Pinky, are you pondering what I'm pondering?
Pinky: I think so, Brain, but "Snowball for Windows"?
to forum · permalink · · 2004-03-30 09:46:09 · Reply to this


vinnienap
Premium
join:2001-12-20
Boston, MA		 Removed that line and all seems to be working great now. Thanks so much for your help.
to forum · permalink · · 2004-03-30 09:56:31 · Reply to this


Zupe
Premium,MVM
join:2001-11-29
New York, NY
clubs:

 Good to hear

To reduce the chances of future spyware/hijacking problems, please follow the suggestions here: »www.computercops.biz/postt7736.html
--
Brain: Pinky, are you pondering what I'm pondering?
Pinky: I think so, Brain, but "Snowball for Windows"?
to forum · permalink · · 2004-03-30 10:02:04 · Reply to this


dewrod14

join:2002-02-21
Reading, PA		reply to vinnienap
You can also goto www.webroot.com and use there spy sweeper program. It works much better then adaware.
to forum · permalink · · 2004-03-30 10:55:27 · Reply to this


ahulett
Life Without Walls
Premium
join:2003-02-02
Bellevue, WA
2 edits		reply to vinnienap
Hrm....
to forum · permalink · · 2004-03-30 12:19:02 · Reply to this

TeMerc

join:2004-01-22
Phoenix, AZ

reply to dewrod14
Ok, I couldn't stand by and let ya slam AdAware. Even tho I have SpySweeper too, they both will catch quite a bit, each, having their own pluses and minuses. I like the AdWatch feature in AdAwarePlus, keeps an eye on registry changes, SpySweeper has no option for that. Both are good, and I'm happy with em. And at least AdAware basic is free, with SpySweeper only a 30 day trial.:D
--
Remember............You can NEVER be OVERPROTECTED!!
to forum · permalink · · 2004-03-30 12:28:16 · Reply to this


vinnienap
Premium
join:2001-12-20
Boston, MA		 In the process of checking out all the recommendations as we speak. Still working great!
to forum · permalink · · 2004-03-30 14:40:08 · Reply to this
Forums » Up and Running » Security » SecurityAdministrator privileges for TurboTax?!?! »
« Spyware problems  

Saturday, 28-Nov 07:00:19 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [121] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [96] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [71] TiVo Sees Record Customer Losses
· [69] In-Flight Internet Headed For Bumpy Landing?
· [66] Verizon CEO: Hulu Will Be Dead Soon
· [62] Thanksgiving Open Thread
· [51] Weekend Open Thread
· [40] EFF Wages War On Fine Print
Most people now reading
· Windows 7 boot manager editing questions [Microsoft Help]
· [Newsgroups] Newzleech down? [Filesharing Software]
· What is the spell hit cap for a lvl 80 full arcane spec mage [World of Warcraft]
· [ PVP] 3.2 DK PvP D/W Spec... [World of Warcraft]
· HOW-TO: QoS and Tomato (fixes "choppy voice") [MagicJack]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Backstab vs screws (not which to use) [Home Repair & Improvement]
· Is Gear Score now the new requirement to get pug invite? [World of Warcraft]
· Why not just turn off the ignition? [Automotive]
· Nvidia Forceware for Windows XP\2000\03 195.62 [Software]