16 replies to this topic

[Pretzels]

STOPZilla is a virus included with malware, adware, and spyware DO NOT DOWNLOAD THIS PROGRAM!!
I have have a number of people tell me about the problems they have had after installing this malicious software! I had it on my computer and Bitdefender 9, as well as spysweeper and spybpot search and destroy found it to be malware. I downloaded the program directly from STOPzilla's website!! It is against the law to infect peoples computers with a virus just to get them to buy a upgraded version of your sofware. I how the People at STOPzilla Know this?

Anyways, I wanted to post to let everyone know that anyone who vouches for stopzilla is mostlikely employed by them or too dumb to realize that its a virus.

[cnm]

Stopzilla is award-winning software and there are no reports I've seen (other than yours) that it is in any way malware. Sophos does say that it monitors browser activity and pops up ads - http://www.sophos.co.../stopzilla.html- but they seem to be alone in finding this.

What exactly did you conclude that it had infected you with? What led you to implicate Stopzilla? Do you have log(s) showing what you found?

[Elendil]

Well... I would say that StopZilla is adware and false-postive savy. Recently, I reformatted my computer, updated it, and armed it with AVG, Ewido Anti-Spyware, Ad-Aware SE, Spybot S&D, etc. Then, I tried StopZilla's trial version and its shields went wild on a machine that I know is perfectly fine. Every second, it would pop-up with warnings of a malware attempt. In total, it stopped at malware attack #260. I know this is BS because Sunbelt Firewall is detecting anything attempting to run without my permission and Ewido, Spyware Guard, and AVG aren't seeing anything funny with their shields and like I said, my machine is already clean.

[Pretzels]

//-----------------------------------------------------------------
//
// Product: BitDefender 9 Standard
// Version: 9.5
//
// Created on: 09/07/2006 12:27:41
//
//-----------------------------------------------------------------


Virus Statistics

Scan path : C:\Program Files\Common Files\STOPzilla!\SZScnSvc.dll
Folders : 0
Files : 1
Archives : 0
Packed files : 0
Identified viruses : 0
Infected files : 0
Warnings : 0
Suspect files : 1
Disinfected files : 0
Deleted files : 0
Copied files : 1
Moved files : 0
Renamed files : 0
I/O errors : 0
Scan time : 00:00:01
Scan speed (files/sec) : 1

Virus definitions : 432831
Scan plugins : 15
Archive plugins : 42
Unpack plugins : 5
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[ ] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Virus scan options
[X] Enable warnings
[X] Enable heuristics
[X] Show all files in log
[X] Report file: C:\Program Files\Softwin\BitDefender9\Logs\vscan_1152473261.log


Summary:

C:\Program Files\Common Files\STOPzilla!\SZScnSvc.dll Suspect: Generic.Malware.PV.C9539674
C:\Program Files\Common Files\STOPzilla!\SZScnSvc.dll Copied

Scanned files

C:\Program Files\Common Files\STOPzilla!\SZScnSvc.dll Suspect: Generic.Malware.PV.C9539674
C:\Program Files\Common Files\STOPzilla!\SZScnSvc.dll Copied

[cnm]

Those are things that StopZilla quarantined, right?

[Pretzels]

I dont know how Stopzilla would have quarentined anything, i never ran it, after installing it i got pop ups from virus scanner telling me of problems with the program so i tried to delete it the only thing left is that single file and i cannot delete it! it is making me so mad. I never even ran stopzilla once, unless it does backround scanning and quarentined something while scanning in backround for that breif moment. I dont know maybe its a flase positive but i cannot delete it and i cannot delete some of the registry files associated with it. If it was a quarentine file why does it have a dll ext?

Edited by Pretzels, 09 July 2006 - 02:22 PM.

[Pretzels]

I downloaded the program again for the sake of checking, I downloaded it straight from www.Stopzilla.com and i ran a check on it again using Bit defender. The same file that is in question; that is, the file i cannot delete or change or move comes up again when scanning the installer.

Summary:

C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZScnSvcDll Suspect: Generic.Malware.PV.C9539674
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZScnSvcDll Copy failed





//-----------------------------------------------------------------
//
// Product: BitDefender 9 Standard
// Version: 9.5
//
// Created on: 09/07/2006 15:07:24
//
//-----------------------------------------------------------------


Virus Statistics

Scan path : C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi
Folders : 0
Files : 200
Archives : 3
Packed files : 3
Identified viruses : 0
Infected files : 0
Warnings : 0
Suspect files : 1
Disinfected files : 0
Deleted files : 0
Copied files : 0
Moved files : 0
Renamed files : 0
I/O errors : 0
Scan time : 00:00:07
Scan speed (files/sec) : 28

Virus definitions : 432959
Scan plugins : 15
Archive plugins : 42
Unpack plugins : 5
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[ ] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Virus scan options
[X] Enable warnings
[X] Enable heuristics
[X] Show all files in log
[X] Report file: C:\Program Files\Softwin\BitDefender9\Logs\vscan_1152482844.log


Summary:

C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZScnSvcDll Suspect: Generic.Malware.PV.C9539674
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZScnSvcDll Copy failed

Scanned files

C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB) OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3BaseDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3Win32Dll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3UIDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3InetDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3SvcDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3HooksDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3VFSDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3DBA OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3XDataDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS39XLdrDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>PSAPIDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZOptionsExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZKGSys OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZBaseDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZDBFSLDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZCfgSvcDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZPeekDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZProbeDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZSnsrSvDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZScnSvcDll Suspect: Generic.Malware.PV.C9539674
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZScnSvcDll Copy failed
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZJusticeDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZLegacyDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZSvcHostDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZSchSvcDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZBlkLstExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZEventLogExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZUIResDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZHistUIDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZHistoryDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZSetupWizardExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZServerExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZStumpDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZStumpExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZExitDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZPAHostDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZTrgSSDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZExtrSSDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZQrntnDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>ZillaData OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>UserData OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>UpdateRsf OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>UpdateRsf=>zilla.targets.meta OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>UpdateRsf=>zilla.targets OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZCompanionExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZCompanionCoreDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZCmpnSysAdvCfgDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZCmpnInfoDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZCmpnSupportDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZQuarantineExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZUndeleteExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>StopzillaExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3CmdDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3CoreDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3HttpDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3HookDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3MSIXDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3XMLDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3NetDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3PerstDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>IS3Sys32Dll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZSvcDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZCoreDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZFrameDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZIEBHODll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZMFCDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZBHOCoreDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZPRODll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SWin32ZSys OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SnoreWav OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>RoarWav OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/#SYSTEM OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/BLACK_LIST_Functions.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Viewing_the_BLACK_LIST.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Exit_STOPzilla.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Main_Menu.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/E-mail_Support.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Live_Online_Chat.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Telephone_Support.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Context-Sensitive_Help.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Be_Part_of_the_Solution.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/How_STOPzilla_Works.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/System_Requirements.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/BLACK_LIST_Sort_Menu.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/The_End_User_Licensing_Agreement_(EULA).htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/24_7.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/24_7.htm=>(JAVASCRIPT 1) OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/24_7.htm=>(JAVASCRIPT 2) OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/24_7.htm=>(JAVASCRIPT 3) OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Setting_BASIC_OPTIONS.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Upgrades.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Updates.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Why_STOPzilla.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Support_Tab.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Options_Tab.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/General_Tab.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Tools_Menu.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Blocking_Pop-ups.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Blocking_Spyware.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/What_is_the_BLACK_LIST.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Removing_STOPzilla.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Installing_STOPzilla.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/What_are_ADVANCED_OPTIONS.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/What_is_Spyware.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/The_STOPzilla_Setup_Wizard.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Purchasing_Options.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Removing_Spyware.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Spyware_Severity.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Register_now.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Spyware_Alert.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Detected_Threats.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Registration_Form.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/DEMO_Versions.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Terms_&_Conditions_for_Services.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/System_Tray_Icon.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Anti-Phishing.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/True_Real-Time_Protection.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Registration_Keys.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Popup_Viewer.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Removing_Allowing_Threats.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/What_is_Crimeware.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Phishing_Alerts.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/How_Phishing_Protection_Works.htm OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/bullet_1.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/bullet_2.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/eHelp.xml OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/RoboHHRE.lng OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/whmsg.js OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/whproxy.js OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/whtopic.js OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/whtopic.js=>(JAVASCRIPT 13) OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/whutils.js OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/whver.js OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/STOPzilla_43_Help.glo OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/STOPzilla_43_Help.brs OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/#BSSC OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/default.css OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/default_ns.css OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Register.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/LiveChatWindow.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/PopupViewer.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/ExitStopzilla.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/RestartWindow.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Relaunch.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/ActionLog3.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/help_icon.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/RunWizardIcon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/BLACKLISTicon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Check UpdatesIcon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Tools-Menu.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/ClearHistoryIcon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/RegisterNow.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/ReturnDefaultsIcon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/EULA.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/ViewAdvancedOpsIcon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/BLACKLIST-menu.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/NagScreen.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Datafileicon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Options-tab.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/ADD_RemovePrograms.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/ClearCookiesIcon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/General-tab.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Supporttab.jpg OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Basic-Options-Screen.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/FolderIcon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/SZ_Red.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/ThreatMgr.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Support.jpg OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/BLACKLIST-Sort.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/DetectThreat1.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/BLACKLIST.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Alert_Starware.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/GoldKey.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Basic-Options.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/Black-Right-Click.gif OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/RegentryIcon.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/CloseWindow.png OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/STOPzilla_43_Help.hhc OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/STOPzilla_43_Help.hhk OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/ehlpdhtm.js OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/#WINDOWS OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/#IVB OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/$WWKeywordLinks/BTree OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/$WWKeywordLinks/Data OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/$WWKeywordLinks/Map OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/$WWKeywordLinks/Property OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/$WWAssociativeLinks/Property OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/$OBJINST OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/$FIftiMain OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/#IDXHDR OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/#TOPICS OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/#URLTBL OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/#URLSTR OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>STOPzillaHelpChm=>/#STRINGS OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>SZDxScanCoreDll OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>DiagScanExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded CAB)=>MiniScanExe OK
C:\Documents and Settings\Josh\Local Settings\Temp\STOPzilla!\SZProBase.msi=>(Embedded EXE) OK


Here is a Hyjack this log

Logfile of HijackThis v1.99.1
Scan saved at 3:31:21 PM, on 7/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Intel\IDU\awServ.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Intel\IDU\iptray.exe
C:\Program Files\Intel\IDU\awtray.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\WINDOWS\system32\BelkinMonitor.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\System32\vmnat.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\vmnetdhcp.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\program files\softwin\bitdefender9\bdmcon.exe
c:\program files\softwin\bitdefender9\bdlite.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Softwin\BitDefender9\bdlite.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Josh\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 0.0.0.0:80
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [ipTray.exe] "C:\Program Files\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [awTray.exe] "C:\Program Files\Intel\IDU\awtray.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Belkin 11Mbps Wireless Desktop Network Card Monitor.lnk = C:\WINDOWS\system32\BelkinMonitor.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1143069820609
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Program Files\Intel\IDU\awServ.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\System32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\System32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)




Hopefully this will help determine whats going on on my computer and if its all in my head.

Edited by Pretzels, 09 July 2006 - 04:40 PM.

[AndyManchesta]

I have to agree that StopZilla would not be a scanner I would recommend but that is just myown opinion, maybe they are award winning but I do remember when it was promoted heavily by malware through pop ups & re-directs which I appreciate is not fully their fault and is more because of their affiliate schemes but it is enough reason for me not to want to use it .

http://www.castlecop...xlist-1202.html
http://www.castlecop...xlist-1299.html

Note* Although the ActiveX components are rated as unwanted above, the same site shows the pop up blocker and services as legitimate.

Then there is components listed as 'Open To Debate'

http://www.castlecop...3-ZILLAbar.html

EDIT: The CastleCops links above have been changed to show its now legitimate

My view is with it only having a 15 day trial then you needing to pay $29.95 to use it then its not something I would recommend as there is plenty of free alternatives around that would provide the same protection. The 15 day trial is also abit deceiving as it will not remove the items it detects unless you pay them even while its in the trial period, it does however quarantine them so it does still provide protection but then if you try to close the quarantine it displays info that the items will stay on the machine unless you pay. If you try to remove them then again it suggests you pay, Uninstalling StopZilla also opened their site for feedback and generated pop ups for other products such as GoToMyPc which seemed to be another 'free' trial.

Overall its protection seems good and it did detect alot of the junk I just quickly tried it with (Although it thinks a look2me installer is cmdService)

Here's a couple of user reviews of the program (there is three pages of reviews which you can view by clicking the 'Showing' button on the bottom right of the page)

http://www.download....4-10462544.html


I do not agree that they would install any form of malware onto a system and Im sure they would do a good job of removing what they can detect if you payed them.

Here's the VirusTotal results for the file you are concerned about

STATUS: FINISHEDComplete scanning result of "SZProBase.msi", received in VirusTotal at 07.10.2006, 08:06:06 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.09.2006 no virus found
Authentium 4.93.8 07.07.2006 no virus found
Avast 4.7.844.0 07.07.2006 no virus found
AVG 386 07.07.2006 no virus found
BitDefender 7.2 07.10.2006 Generic.Malware.PV.C9539674
CAT-QuickHeal 8.00 07.10.2006 no virus found
ClamAV devel-20060426 07.10.2006 no virus found
DrWeb 4.33 07.09.2006 no virus found
eTrust-InoculateIT 23.72.64 07.09.2006 no virus found
eTrust-Vet 12.6.2291 07.07.2006 no virus found
Ewido 3.5 07.09.2006 no virus found
Fortinet 2.77.0.0 07.10.2006 no virus found
F-Prot 3.16f 07.07.2006 no virus found
F-Prot4 4.2.1.29 07.07.2006 no virus found
Ikarus 0.2.65.0 07.07.2006 no virus found
Kaspersky 4.0.2.24 07.10.2006 no virus found
McAfee 4802 07.07.2006 no virus found
Microsoft 1.1481 07.10.2006 no virus found
NOD32v2 1.1651 07.08.2006 no virus found
Norman 5.90.23 07.07.2006 no virus found
Panda 9.0.0.4 07.09.2006 Suspicious file
Sophos 4.07.0 07.10.2006 no virus found
Symantec 8.0 07.10.2006 no virus found
TheHacker 5.9.8.171 07.10.2006 no virus found
UNA 1.83 07.08.2006 no virus found
VBA32 3.11.0 07.09.2006 no virus found
VirusBuster 4.3.7:9 07.09.2006 no virus found

Aditional Information
File size: 4239360 bytes
MD5: b61ea2217484e9609d21a83ec2e2a2eb
SHA1: 05246e58eb21feb349ef039a004861d5b6ab9ec7

That is really something StopZilla will have to resolve with BitDefender as its clearly not infected.

Hope that helps

Andy

Edited by AndyManchesta, 23 December 2006 - 02:35 PM.

[Swandog46]

YAY heuristic false positives

[Pretzels]

Yes, i have checked with many different anti-spyware/adware and anti-virus programs, including f-sevure, and avg free as well as ewido anti-spyware I did not find a single problem listed in any of those programs with the file so i guesss it is simply bitdefender detecting something wrong with it due to a possible false positive... or is it?????? maybe bitdefender is the only program cleaver enough to catch them doing there durty work!!! LOL im just kidding, its most likely just a problem that can be fixed in a simple update. Anyways thanks for all the help and thankyou for having patience and understanding with me and my ranting and raving.

[hpo56]

i also think that stopzilla is a virus/spyware and contains alot of viruses. and the popups it blocks im not sure but i think its stopzilla thats launching those popups. and ive formatted my laptop 4 times and everytime i had stopzilla on it and now im guessing that stopzilla is a virus and they just want your its probably all fake that stopzilla is helping you and is #1 because norton is the #1 most trusted

[sugardaddy28]

i also think that stopzilla is a virus/spyware and contains alot of viruses. and the popups it blocks im not sure but i think its stopzilla thats launching those popups. and ive formatted my laptop 4 times and everytime i had stopzilla on it and now im guessing that stopzilla is a virus and they just want your its probably all fake that stopzilla is helping you and is #1 because norton is the #1 most trusted

Yes Stopzilla is malware also right now im infected where every 5-10 min pop-ups start coming and stopzilla is the main perpetrator. They infect you so youl buy there software

[Jess Kalish]

STOPzilla is not malware. It has received numerous awards for technical excellence. Norton is flagging our DLL. This is a false positive. Norton IS2007. How can I be so sure? I am the director of communications at iS3, maker of STOPzilla. If you call Norton, they will verify this.

[Nemesis6]

If I remember correctly, your software is advertised through spy/adware. That's not the markings of a legit program.

[nverhom]

i too was once a stopzilla suporter....my subscription ran out after 4 yrs of great service....however upon paying them 39.95 to reinstall the program on my computer the problems began...it tried to to change my home with secure32 and local pages....i sent my hjt this to a computer expert and he said to try to delete anything with secure 32 in my logs which i couldt...however upon removing stopzilla the secure 32 disappeared...also upon deletion i would get could not intiallize szprobase which would not let me uninstall sz.however going to sz suppoert they gave me 2 programs which finally deleted stopzilla

[emrick]

i too was once a stopzilla suporter....my subscription ran out after 4 yrs of great service....however upon paying them 39.95 to reinstall the program on my computer the problems began...it tried to to change my home with secure32 and local pages....i sent my hjt this to a computer expert and he said to try to delete anything with secure 32 in my logs which i couldt...however upon removing stopzilla the secure 32 disappeared...also upon deletion i would get could not intiallize szprobase which would not let me uninstall sz.however going to sz suppoert they gave me 2 programs which finally deleted stopzilla

I tried to remove it also and got the same result as you did. What programs did you use? are they something that you can post here for download?
Thanks

[PCCare247]

• Stopzilla Scans quickly. Ok in malware-removal testing.
• Offers Internet Explorer specific pop-up blocking and phishing protection.
• Free tech support by phone, e-mail, or live chat.
• But So-so performance protecting a clean system.
• It allows several rootkits and Trojan horses to install.
• The phishing protection is significantly less effective than what's built into IE and Firefox.

- PCCare247