• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
mtnmum

REPOST!!! STUBORN BHO'S AND DPF'S....

6 posts in this topic

I have tried spybot, adaware, Hijack this and others I cannot think of.

I was (at first) getting tons of pop-ups every 5 seconds and I apparently have tons of adware cookies and adware still installed after numerous attemps to get rid of them. I have been receiving help from another forum and it seems we are at a dead end. So any insight would be appreciated. You guys are wonderful.

Hope you can help. Lots of thanks on my end here for your time.

mtnmum

 

 

Logfile of HijackThis v1.97.7

Scan saved at 3:51:09 PM, on 6/9/04

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKUFIND.EXE

C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE

C:\PROGRAM FILES\BELLSOUTH\APPLICATION CENTER\BSNAPPCENTER.EXE

C:\PROGRAM FILES\CLEANMYPC\REGISTRY CLEANER\RCSCHEDULER.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\WINDOWS\SYSTEM\PSTORES.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\HIJACKTHIS\HIJACKTHIS.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://care2.com/

N3 - Netscape 7: user_pref("browser.startup.homepage", "http://bellsouth.net"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\fce6hm5u.slt\prefs.js)

N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\fce6hm5u.slt\prefs.js)

O2 - BHO: (no name) - {EFD440C0-0943-11d3-9D65-00A0CC22CBC4} - C:\WINDOWS\QPHELPER.DLL

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\ACROBAT\ACTIVEX\ACROIEHELPER.OCX

O2 - BHO: (no name) - {15C9938F-CB96-496D-800A-B827F2E34EA1} - C:\PROGRAM FILES\BELLSOUTH INTERNET TOOLS\BLSPC.DLL

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL

O2 - BHO: (no name) - {046D6EA4-15E3-4b27-8010-45BD78A9219E} - (no file)

O2 - BHO: (no name) - {00000000-0000-47c5-A90F-2CDE8F7638DB} - (no file)

O2 - BHO: (no name) - {00000000-0000-0000-BFA1-D7EE6696B865} - (no file)

O2 - BHO: (no name) - {00000000-0000-41a3-98CF-00000000168B} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [bellSouthSyn] C:\Program Files\BellSouth\Application Center\BsnAppCenter.exe /Synchronize

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [bellSouthScheduler] C:\Program Files\BellSouth\Application Center\BsnAppCenter.exe /Scheduler

O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe" /startup

O4 - Startup: ASE Scheduler.lnk = C:\Program Files\Aluria Software\ASE\ASE Scheduler.exe

O8 - Extra context menu item: AltaVista Home - http://jump.altavista.com/avie5/home

O8 - Extra context menu item: AV Search This Term - http://jump.altavista.com/avie5/search

O8 - Extra context menu item: AV Translate this Web Page - http://jump.altavista.com/avie5/babelfish

O8 - Extra context menu item: AV Translate Selection - http://jump.altavista.com/avie5/babelfish

O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html

O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html

O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html

O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html

O9 - Extra 'Tools' menuitem: &AltaVista Home (HKLM)

O9 - Extra button: Translate (HKLM)

O9 - Extra 'Tools' menuitem: AV &Translate (HKLM)

O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL (HKLM)

O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra button: Related (HKLM)

O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)

O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll

O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll

O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll

O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll

O12 - Plugin for .WAV: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8023.8065740741

O16 - DPF: {F5C90925-ABBF-4475-88F5-8622B452BA9E} (Compaq System Data Class) - http://ipgweb.cce.hp.com/bus-nacons/caller/SysQuery.cab

O16 - DPF: {9AF6E7AE-D248-11D2-BFAA-00805F2392C0} (Smi Class) - http://ipgweb.cce.hp.com/bus-nacons/caller/SysQuery.cab

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab

O16 - DPF: {2C8EEB84-6D60-11D4-BD64-0050048A82BF} (eshare communications NetAgent Customer ActiveX Control version 2) - http://tech-a.mhi.aol.com/netagent/objects/custappx2.CAB

O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab

O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} -

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} -

 

<><><><><><><><><><><><><><><><><><><><><><><

These are the stubborn guys that I was talking about:

 

O2 - BHO: (no name) - {046D6EA4-15E3-4b27-8010-45BD78A9219E} - (no file)

O2 - BHO: (no name) - {00000000-0000-47c5-A90F-2CDE8F7638DB} - (no file)

O2 - BHO: (no name) - {00000000-0000-0000-BFA1-D7EE6696B865} - (no file)

O2 - BHO: (no name) - {00000000-0000-41a3-98CF-00000000168B} - (no file)

--------- ------------ ---------- --------- -------------

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} -

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} -

<><><><><><><><><><><><><><><><><><><><><><><><><><

I have tried to kill these guys in safe mode and normal mode . always making sure no programs were running.

Thanks for your help!

 

 

Would I be doing any damage to get rid of the following? (keeping in mind I never use/used "altivista", Live 365 was my husband listening to new wave music):

And what is WKUFIND.exe?

 

N3 - Netscape 7: user_pref("browser.startup.homepage", "http://bellsouth.net"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\fce6hm5u.slt\prefs.js)

N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\fce6hm5u.slt\prefs.js)

 

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

 

O8 - Extra context menu item: AltaVista Home - http://jump.altavista.com/avie5/home

O8 - Extra context menu item: AV Search This Term - http://jump.altavista.com/avie5/search

O8 - Extra context menu item: AV Translate this Web Page - http://jump.altavista.com/avie5/babelfish

O8 - Extra context menu item: AV Translate Selection - http://jump.altavista.com/avie5/babelfish

 

O9 - Extra 'Tools' menuitem: &AltaVista Home (HKLM)

O9 - Extra 'Tools' menuitem: AV &Translate (HKLM)

 

oh,yea- most importantly - thank you.

2nd most importantly- I have used ad-aware and spybot, and others and read the F&Q's.

Share this post


Link to post
Share on other sites

bumping myself up to TRY and GET HELP

!!!!!!!!!!!!!!!!!?????????????????????!!!!!!!!!!!!!

it has been dddddddaaaaaaaayyyyyyyssssssss since I FIRST posted!!!!!!

Share this post


Link to post
Share on other sites

Thankyou so much for a reply. :cool: I did not even expect one. It really had been awhile and what can one do who has a business and relies on their computer. Funds are limited and it is great to get help on issues when possible without spending cash. So I thank you so very much. :hyper:

Even if I can't fix my problems.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0