spyware problems

Computing.Net > Forums > Windows XP > spyware problems

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Click here to start participating now! Also, check out the New User Guide.

spyware problems

Name: plur
Date: March 17, 2004 at 22:49:28 Pacific
OS: WindowsXP
CPU/Ram: AMD Athlon 1gig

Comment:

i used adaware and spywareblaster which did some but i heard about hijack so i tried it and a bunch of stuff came up and it said to ask an expert so any help would be greatly appreciated!!
Logfile of HijackThis v1.97.7
Scan saved at AM 12:27:26, on 3/18/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\LEXBCES.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Free Surfer\fs20.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Dudez\ProtoWall.exe
C:\Documents and Settings\Jeremy Brandt\My Documents\dockkker\YzDock.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\TorrentStorm\TorrentStorm.exe
C:\Program Files\TorrentStorm\Downloader\bts589.exe
C:\Program Files\TorrentStorm\Downloader\bts589.exe
C:\Program Files\TorrentStorm\Downloader\bts589.exe
C:\Program Files\TorrentStorm\Downloader\bts589.exe
C:\Program Files\TorrentStorm\Downloader\bts589.exe
C:\Program Files\TorrentStorm\Downloader\bts589.exe
C:\Program Files\TorrentStorm\Downloader\bts589.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\Jeremy Brandt\My Documents\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R3 - Default URLSearchHook is missing
O1 - Hosts: hometown.aol.com 205.188.226.153
O1 - Hosts: www.3gforfree.com 128.121.51.239
O1 - Hosts: www.3gupload.com 64.5.58.166
O1 - Hosts: www.3gupload.com 64.5.58.166
O1 - Hosts: www.3gupload.com 64.5.58.166
O1 - Hosts: hometown.aol.com 205.188.226.153
O1 - Hosts: www.computing.net 216.235.147.35
O1 - Hosts: www.crackspider.de 81.173.5.200
O1 - Hosts: puzzlemaker.com 63.240.215.74
O1 - Hosts: cgi.ebay.com 66.135.192.135
O1 - Hosts: home.hccnet.nl 62.251.0.15
O1 - Hosts: www.fandango.com 216.178.160.43
O1 - Hosts: www.freetranslation.com 207.228.216.170
O1 - Hosts: members.lycos.nl 212.78.204.20
O1 - Hosts: launch.yahoo.com 63.250.215.235
O1 - Hosts: www.freedict.com 81.4.115.54
O1 - Hosts: matrixm.com 38.144.107.132
O1 - Hosts: my.screenname.aol.com 205.188.145.185
O1 - Hosts: www.stileproject.com 69.31.98.161
O1 - Hosts: www.subprofile.com 216.127.76.132
O1 - Hosts: www.suprnova.org 213.158.119.12
O1 - Hosts: suprnovaforums.com 66.243.176.10
O1 - Hosts: community.webshots.com 128.242.104.138
O1 - Hosts: yourdictionary.com 66.45.104.150
O1 - Hosts: www.zeropaid.com 207.158.50.108
O1 - Hosts: antivirus.vt.edu 198.82.161.210
O1 - Hosts: consumptionjunction.com 66.115.191.143
O1 - Hosts: www.mugshots.org 216.218.248.132
O1 - Hosts: la.private.amsterdamxxx.com 63.208.234.244
O1 - Hosts: www.pretweb.nl 62.212.77.215
O1 - Hosts: stileporn.com 69.31.98.187
O1 - Hosts: www.stileproject.com 69.31.98.161
O1 - Hosts: www.stileproject.com 69.31.98.161
O1 - Hosts: thevidvault.com 69.31.98.190
O1 - Hosts: www.thongjury.com 216.216.32.194
O1 - Hosts: www.totse.com 64.71.159.243
O1 - Hosts: www.drinksmixer.com 69.57.144.50
O1 - Hosts: www.drinksmixer.com 69.57.144.50
O1 - Hosts: www.geocities.com 66.218.77.68
O1 - Hosts: www.dancesafe.org 209.237.231.200
O1 - Hosts: www.dancesafe.org 209.237.231.200
O1 - Hosts: www.dancesafe.org 209.237.231.200
O1 - Hosts: www.drinkoftheweek.com 216.218.225.250
O1 - Hosts: www.erowid.org 209.237.226.90
O1 - Hosts: www.bluelight.nu 80.69.65.16
O1 - Hosts: www.edifyingspectacle.org 69.73.155.21
O1 - Hosts: www.21century-mp3.com 81.173.5.31
O1 - Hosts: crazymp3s.org 69.44.57.112
O1 - Hosts: www.mp3mediaworld.net 213.239.164.102
O1 - Hosts: www.mp3-albums.com 216.66.20.109
O1 - Hosts: www.music-madness.net 213.239.164.20
O1 - Hosts: www.simplemp3s.com 66.79.168.160
O1 - Hosts: www.supermusic.nu 213.239.164.105
O1 - Hosts: www.attws.com 63.241.204.91
O1 - Hosts: cingular.com 170.35.228.233
O1 - Hosts: www.sprintpcs.com 65.174.43.36
O1 - Hosts: www.verizonwireless.com 162.115.163.100
O1 - Hosts: www.dvdrhelp.com 66.17.140.17
O1 - Hosts: cdcovers.cc 212.179.35.98
O1 - Hosts: homepage.mac.com 17.250.248.34
O1 - Hosts: www.vcdhelp.com 66.17.140.17
O1 - Hosts: www.dvdrhelp.com 66.17.140.17
O1 - Hosts: www.dvdrhelp.com 66.17.140.17
O1 - Hosts: www.dvdrhelp.com 66.17.140.17
O1 - Hosts: www.dvdrhelp.com 66.17.140.17
O1 - Hosts: www.pillreports.com 80.69.65.251
O1 - Hosts: www.dvdrhelp.com 66.17.140.17
O1 - Hosts: www.dvdrhelp.com 66.17.140.17
O1 - Hosts: www.vcdhelp.com 66.17.140.17
O1 - Hosts: pcpc.idv.tw 211.78.38.196
O1 - Hosts: andr.net 195.161.113.90
O1 - Hosts: www.astalavista.com 80.237.203.14
O1 - Hosts: bestserials.com 81.173.5.198
O1 - Hosts: www.crackportal.com 81.173.5.207
O1 - Hosts: www.cracksearch.ws 209.237.241.30
O1 - Hosts: www.crackz.ws 65.110.41.180
O1 - Hosts: www.cracks.st 81.173.5.201
O1 - Hosts: www.deluxserials.com 81.173.5.201
O1 - Hosts: homepage.ntlworld.com 62.253.162.12
O1 - Hosts: www.ircspy.com 216.240.137.102
O1 - Hosts: mscracks.com 81.173.5.198
O1 - Hosts: return.crack.cd 195.161.114.142
O1 - Hosts: www.serials.ws 195.161.112.29
O1 - Hosts: fastcrackz.com 216.65.112.254
O1 - Hosts: tmpgenc.plus.v2.53.35.130.by.mp.cracks.lomalka.ru 195.161.114.141
O1 - Hosts: www.webattack.com 69.28.135.160
O1 - Hosts: www.cracks.am 217.64.35.211
O1 - Hosts: crackspider.net 81.173.5.200
O1 - Hosts: www.crackheaven.com 81.173.5.203
O1 - Hosts: www.angelfire.com 209.202.218.12
O1 - Hosts: www.digitalblasphemy.com 161.58.2.153
O1 - Hosts: www.mota.ru 217.23.157.137
O1 - Hosts: members.freewebs.com 38.144.96.13
O1 - Hosts: www.81x.com 66.45.58.246
O1 - Hosts: www.themexp.org 216.19.208.6
O1 - Hosts: www.wincustomize.com 66.54.81.61
O1 - Hosts: www.boners.com 69.22.154.122
O1 - Hosts: www.ebaumsworld.com 66.197.74.57
O1 - Hosts: www.ebaumsworld.com 66.197.74.57
O1 - Hosts: www.funnypics.com 64.202.167.129
O1 - Hosts: www.dagsylad.com 82.32.120.49
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D4F3-F66DA787AD2D} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [freesurfer] C:\Program Files\Free Surfer\fs20.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ProtoWall] C:\Program Files\Dudez\ProtoWall.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\PROGRA~1\INTERN~2\IEExt.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Free Surfer (HKLM)
O9 - Extra 'Tools' menuitem: Free Surfer (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/0251f502ac7d00/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37865.9608217593
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {DDFFA75A-E81D-4454-89FC-B9FD0631E726} - http://www.bundleware.com/L2M.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/ym/yiebio5_1_6_0.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} - http://by7fd.bay7.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/dlaccell.CAB
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
~Jemz
Instant Messanger~ ijeremy
Email~ jerbrandts@yahoo.com

Sponsored Link

Ads by Google

Response Number 1

Name: virii_25
Date: March 17, 2004 at 23:18:54 Pacific

Reply:

Download and install Ad-Aware program to remove any datamining, aggressive advertising, and tracking components.
download Ad-Aware free from:
http://www.lavasoftusa.com/support/download/

Response Number 2

Name: rc
Date: March 18, 2004 at 00:56:44 Pacific

Reply:

It is good that you ran adaware and spybot. The biggest problem I see is the torrent storm downloader stuff. I think it is for a screensaver but it also comes with popups advertiseing. just uninstall it through IT'S OWN uninstaller program. If one is not available then use windows add/remove program to uninstall.
There are some other stuff that i see including some porn ads that may also include pop ups advertising. As you may have these things on your system on purpose then I think that you should take a look at this web site and READ IT and it will help you figure out what is what and explain what to do to get them removed and how to back-up your system before doing the cleaning.
http://www.spywareinfo.com/~merijn/htlogtutorial.html#r

Hope this helped,
rc

Sponsored Link

Ads by Google

message.sprintpcs.com Lexmark 2600 mac ksolay.ax kstvtune.ax www.11a.nu/ibios.htm files xp download RPCSS.EXE advertising center uninstall Shockwave ActiveX Control swdir.dll 64.59.144.90 74-0495-01	e7400 vt nvcpl 65.55.158.80 Happy sankranti/pongal http://crackspider.net/ internet download manager detected that is registry keys 216.133.243.28 195.54.122.198 sstray.exe/r dumprep 0 k internet download manager detected that is registry keys
See More

shortcut key to show hidd...

memory parity error

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Windows XP Forum Home

Sponsored links

Ads by Google

Results for: spyware problems

Spyware problem, AdAware won't run

Summary

www.computing.net/answers/windows-xp/spyware-problem-adaware-wont-run/147431.html

spyware problem?

Summary

www.computing.net/answers/windows-xp/spyware-problem/101378.html

bho & spyware problems

Summary

www.computing.net/answers/windows-xp/bho-amp-spyware-problems/106977.html

From the Geek Dictionary
CIRC - Stands for Can it run Crysis? This is the standard by which all new hardwar...

Ask a Question!

Weekly Poll
Do you think Comcast should have bought NBC?

Poll Finishes In 2 Days.
Discuss in The Lounge
Poll History

Recent Posts
Speaker Watt Help

Fdisk which one

ok to delete wipefs.tmp folder?

Displaying a webpage, in a webpage

Unlocking writed files

All Awaiting Reply

Tom's News
AT&T Cracking Down on Cell Data Usage

Mobile Devices with Multi-Core Processors by 2013

Publishers Team Up to Take on Amazon

Google Goggles to Be Released on Other Platforms

Pictured: The U.S. Air Force's PS3 Cluster Set-up

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE