Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zillapopupkiller controls proxy


  • This topic is locked This topic is locked
22 replies to this topic

#1 KSLowe

KSLowe

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 03 August 2004 - 11:50 PM

Have to edit prefs every time I open Netscape....
have run HJT many times I did the fix the first time & that line doesn't come back
'it was "Zillapopupkiller 8100 r1"
new HJT log from tonight

Logfile of HijackThis v1.98.0
Scan saved at 10:46:36 PM, on 8/3/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\PhotoWorks\PhotoWorks Digital Partner\Acquire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\AT&T\WnClient\Programs\WNConnect.exe
C:\PROGRA~1\AT&T\WnClient\Programs\WNCSMS~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Kay Lowe\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/isapi.dll?c=s&htx=...eid=zwcD&_lin=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.worldnet.att.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.cnn.com/"); (C:\Documents and Settings\Kay Lowe\Application Data\Mozilla\Profiles\default\safh54ao.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_06.src"); (C:\Documents and Settings\Kay Lowe\Application Data\Mozilla\Profiles\default\safh54ao.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SideStep Browser Helper - {08351226-6472-43BD-8A40-D9221FF1C4CE} - C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper\CCHelper.dll
O2 - BHO: CSMHelperObj Class - {0F660F64-F4C9-477F-8529-44181B717472} - C:\Program Files\AT&T\WnClient\Programs\CSMBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Pa&nicware Pop-Up Stopper - {7E82235C-F31E-46CB-AF9F-1ADD94C585FF} - C:\Program Files\Panicware\Pop-Up Stopper\pstopper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar2.dll
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - Startup: PhotoWorks Acquire.lnk = C:\Program Files\PhotoWorks\PhotoWorks Digital Partner\Acquire.exe
O4 - Startup: PhotoWorks Upload Scheduler.lnk = C:\Program Files\PhotoWorks\PhotoWorks Digital Partner\PhotoWorksWiz.exe
O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\windows\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\windows\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://c:\windows\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AnyWho - {0264505A-6793-44E0-AC75-9DCE3B13185C} - C:\Program Files\AT&T\WnClient\Programs\AnyWho.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.worldnet.att.net
O16 - DPF: {0837121A-6472-43BD-8A40-D9221FF1C4CE} (SideStep IE Inst) - http://download.sidestep.com/get/k00719/sb026.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://mirror.worldwinner.com/games/v40/fr...ll/freecell.cab
O16 - DPF: {7B461720-5910-45A3-B617-3B53A972F209} (Pixami-PhotoWorks Upload UI Control) - http://services.photoworks.com/Pixami/PixamiSFWUploader.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://mirror.worldwinner.com/games/v40/sol/sol.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://mirror.worldwinner.com/games/v40/ti...ty/tilecity.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_03) -
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://mirror.worldwinner.com/games/v41/golfsol/golfsol.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{26431A29-2E56-45C0-B324-923198EFC7E8}: NameServer = 204.127.160.2 12.102.240.2

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,536 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:58 PM

Posted 04 August 2004 - 10:02 AM

You are currently using hijackthis from a temp directory. This can cause problems. Please create a directory on your c: drive called c:\hijackthis and download and unzip hijackthis into that directory. Run the program from that directory from now on.

For a tutorial on how to use HijackThis please see the following link:

Using HijackThis to Remove Spyware, Browser Hijackers, and Dialers

I want you to fix some of those entries. Please do the following:

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then click the Fix button
O2 - BHO: SideStep Browser Helper - {08351226-6472-43BD-8A40-D9221FF1C4CE} - C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
O16 - DPF: {0837121A-6472-43BD-8A40-D9221FF1C4CE} (SideStep IE Inst) - http://download.sidestep.com/get/k00719/sb026.cab


Reboot your computer to go back to normal mode and post a new log.

Also tell us how everything is running now

#3 KSLowe

KSLowe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 04 August 2004 - 11:42 PM

I fixed those lines....but SideStep is a tool I use for searching travel deals etc...I also put HJT in a new folder & ran it again I will post this new log

Logfile of HijackThis v1.98.0
Scan saved at 10:41:04 PM, on 8/4/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\PhotoWorks\PhotoWorks Digital Partner\Acquire.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Kay Lowe\Local Settings\Temp\Temporary Directory 3 for hijackthis.zip\HijackThis.exe
C:\Documents and Settings\Kay Lowe\My Documents\New Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/isapi.dll?c=s&htx=...eid=zwcD&_lin=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.worldnet.att.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.cnn.com/"); (C:\Documents and Settings\Kay Lowe\Application Data\Mozilla\Profiles\default\safh54ao.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_06.src"); (C:\Documents and Settings\Kay Lowe\Application Data\Mozilla\Profiles\default\safh54ao.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper\CCHelper.dll
O2 - BHO: CSMHelperObj Class - {0F660F64-F4C9-477F-8529-44181B717472} - C:\Program Files\AT&T\WnClient\Programs\CSMBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Pa&nicware Pop-Up Stopper - {7E82235C-F31E-46CB-AF9F-1ADD94C585FF} - C:\Program Files\Panicware\Pop-Up Stopper\pstopper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar2.dll
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - Startup: PhotoWorks Acquire.lnk = C:\Program Files\PhotoWorks\PhotoWorks Digital Partner\Acquire.exe
O4 - Startup: PhotoWorks Upload Scheduler.lnk = C:\Program Files\PhotoWorks\PhotoWorks Digital Partner\PhotoWorksWiz.exe
O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\windows\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\windows\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://c:\windows\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AnyWho - {0264505A-6793-44E0-AC75-9DCE3B13185C} - C:\Program Files\AT&T\WnClient\Programs\AnyWho.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.worldnet.att.net
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://mirror.worldwinner.com/games/v40/fr...ll/freecell.cab
O16 - DPF: {7B461720-5910-45A3-B617-3B53A972F209} (Pixami-PhotoWorks Upload UI Control) - http://services.photoworks.com/Pixami/PixamiSFWUploader.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://mirror.worldwinner.com/games/v40/sol/sol.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://mirror.worldwinner.com/games/v40/ti...ty/tilecity.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_03) -
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://mirror.worldwinner.com/games/v41/golfsol/golfsol.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{26431A29-2E56-45C0-B324-923198EFC7E8}: NameServer = 204.127.129.4 12.102.244.4

No change on the proxy issue...remember this is Netscape I'm having this problem on...I was able to edit the proxy settings on IE & that stayed in there..
Anyway thanks fo your help let me know what's next :thumbsup:

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,536 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:58 PM

Posted 05 August 2004 - 09:38 AM

Well there is nothing in the log that is a problem. So you open up Netscape and each time there is a proxy set there?

#5 KSLowe

KSLowe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 05 August 2004 - 11:29 PM

YUP....every time I open Netscape I have to "edit preferences" to direct connect to internet
It always has manual proxy configuration checked with HTTP :Zillapopupkiller port 8100-R1
I always delete it & check the direct connect choice
but it is gone again each time I reopen Netscape
Thanks

#6 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:06:58 PM

Posted 05 August 2004 - 11:45 PM

I had the exact same thing occur to me in late June, KS, and did the same work around, only I had just installed Mozilla 1.7, not Netscape (though they are very similar) I even posted this, elsewhere:

In the case of a user (myself) and a freeware publisher/distributer (Zillasoft) I'm not sure who's to blame for my problems. The products were downloaded and installed. Thet seemed to me to be unnecessary within a brief period of time. In fact, significant changes to the operation of Mozilla tied to internet proxy issues began. I decided to uninstall them and experienced unusual difficulty in doing so.

Strange modifications involving my recycle bin, changes in user identity, Anti-virus Group Free Edition language file corruption (which led to another oddity when I decided to uninstall AVG in response to this...it produced an opportunity to uninstall a different program...Adobe Photoshop...instead).

In order to connect with any site at all, because of the "proxy configuration" error message at startup of Mozilla, I found I could go to the toolbar... Edit>Prefs>Advanced and reset it to "Direct Connect to the internet instead of the Proxy Connect which indicated the ZillaPopupKiller on port 8100. This change would'nt stick, though. I tried about:config editting, and had sucess in other user modification entries, but not those dealing with ZillaPopupKiller.

Would you please evaluate Zillasoft products so at least I do not harbor ill feelings towards a company if indeed those products work as they are supposed to. I can assume responsibility for my own errors, as I'm sure I may have over-reacted to the persistance of the changes to browser behavior.


--------------------
"...and struggling to comprehend it no matter how many letters of the alphabet are convincingly rearranged"

Did you install their "Datanuker, too?

I am not qualified to guide you through the required fix, so please understand I'm posting just to let you know you're not the Lone Ranger. I am also wishing I had a definate answer to my question. :thumbsup:
patiently patrolling, plenty of persisant pests n' problems ...

#7 KSLowe

KSLowe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 06 August 2004 - 12:11 AM

No I will not ever use Zillasoft of any kind !!! This has become a nightmare !!
I read your posts but was unable to see what corrected the proxy issue..I have seen a couple other reports of the same trouble on computercops & searches using "Zillapopupkiller" but no one has found a concrete fix for the proxy trouble...
Don't blame yourself or your lack of experience it is neither,
I will keep trying to rid myself of this "demon" !!

Edited by KSLowe, 06 August 2004 - 12:12 AM.


#8 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,536 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:58 PM

Posted 06 August 2004 - 08:37 AM

Could you please download, unzip and run:

http://www.dougknox.com/xp/utils/StartupTracker3.zip

Copy the contents of what it shows here.

#9 KSLowe

KSLowe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 06 August 2004 - 06:58 PM

Here ya go...

8/6/2004 5:57:07 PM

-- Registry --
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

No Items Found

-- Registry --
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

BCMSMMSG BCMSMMSG.exe
Microsoft Works Update DetectiC:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
NAV Agent C:\PROGRA~1\NORTON~1\navapw32.exe
IntelliType "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
POINTER point32.exe
WinampAgent "C:\Program Files\Winamp\Winampa.exe"
AdaptecDirectCD "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
TkBellExe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
SunJavaUpdateSched C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

-- Registry --
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

No Items Found

-- Start Menu - Current User --
DESKTOP.INI
PhotoWorks Acquire.lnk
PhotoWorks Upload Scheduler.lnk

-- Start Menu - All Users --
DESKTOP.INI

-- Disabled Items --
No Items Found

-- Registry - Shell Value - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon --
Explorer.exe

-- Running Processes --
System Idle Process
System
smss.exe \SystemRoot\System32\smss.exe
CSRSS.EXE C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe winlogon.exe
SERVICES.EXE C:\WINDOWS\system32\services.exe
lsass.exe C:\WINDOWS\system32\lsass.exe
SVCHOST.EXE C:\WINDOWS\system32\svchost -k rpcss
SVCHOST.EXE C:\WINDOWS\System32\svchost.exe -k netsvcs
SVCHOST.EXE C:\WINDOWS\System32\svchost.exe -k NetworkService
SVCHOST.EXE C:\WINDOWS\System32\svchost.exe -k LocalService
SPOOLSV.EXE C:\WINDOWS\system32\spoolsv.exe
alg.exe C:\WINDOWS\System32\alg.exe
Navapsvc.exe "C:\Program Files\Norton AntiVirus\navapsvc.exe"
SVCHOST.EXE C:\WINDOWS\System32\svchost.exe -k imgsvc
MsPMSPSv.exe C:\WINDOWS\System32\MsPMSPSv.exe
explorer.exe C:\WINDOWS\Explorer.EXE
BCMSMMSG.exe "C:\WINDOWS\BCMSMMSG.exe"
WkUFind.exe "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
Navapw32.exe "C:\PROGRA~1\NORTON~1\navapw32.exe"
type32.exe "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
point32.exe "C:\Program Files\Microsoft Hardware\Mouse\point32.exe"
winampa.exe "C:\Program Files\Winamp\Winampa.exe"
Directcd.exe "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
realsched.exe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
jusched.exe "C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe"
SpySweeper.exe "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
Ymsgr_tray.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe -ymsgr
Acquire.exe "C:\Program Files\PhotoWorks\PhotoWorks Digital Partner\Acquire.exe"
WNConnect.exe "C:\Program Files\AT&T\WnClient\Programs\WNConnect.exe"
WNCSMS~1.EXE C:\PROGRA~1\AT&T\WnClient\Programs\WNCSMS~1.EXE -Embedding
iexplore.exe "C:\Program Files\Internet Explorer\iexplore.exe"
Netscp.exe "C:\Program Files\Netscape\Netscape\Netscp.exe"
StartupTracker3.exe "C:\Documents and Settings\Kay Lowe\Local Settings\Temp\Temporary Directory 2 for StartupTracker3.zip\StartupTracker3.exe"
wmiprvse.exe C:\WINDOWS\System32\wbem\wmiprvse.exe

-- Running Services --

Name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService

Name: ALG
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Internet Connection Firewall
Startup Mode: Manual
Run from: C:\WINDOWS\System32\alg.exe

Name: AudioSrv
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: CryptSvc
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: Dhcp
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Dnscache
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k NetworkService

Name: ERSvc
Description: Allows error reporting for services and applictions running in non-standard environments.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Eventlog
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\services.exe

Name: EventSystem
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: helpsvc
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: HidServ
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: lanmanserver
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: lanmanworkstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: LmHosts
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService

Name: navapsvc
Description: Handles Norton AntiVirus Auto-Protect events.
Startup Mode: Auto
Run from: C:\Program Files\Norton AntiVirus\navapsvc.exe

Name: Netman
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Nla
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: PlugPlay
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\services.exe

Name: PolicyAgent
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\lsass.exe

Name: ProtectedStorage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\lsass.exe

Name: RasMan
Description: Creates a network connection.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: RpcSs
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost -k rpcss

Name: SamSs
Description: Stores security information for local user accounts.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\lsass.exe

Name: Schedule
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: seclogon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: SENS
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: SharedAccess
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: ShellHWDetection
Description:
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Spooler
Description: Loads files to memory for later printing.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\spoolsv.exe

Name: srservice
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: SSDPSRV
Description: Enables discovery of UPnP devices on your home network.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService

Name: stisvc
Description: Provides image acquisition services for scanners and cameras.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k imgsvc

Name: TapiSrv
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: TermService
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Themes
Description: Provides user experience theme management.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: TrkWks
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: uploadmgr
Description: Manages synchronous and asynchronous file transfers between clients and servers on the network. If this service is stopped, synchronous and asynchronous file transfers between clients and servers on the network will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: w32time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService

Name: winmgmt
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: WMDM PMSP Service
Description:
Startup Mode: Auto
Run from: C:\WINDOWS\System32\MsPMSPSv.exe

Name: wuauserv
Description: Enables the download and installation of critical Windows updates. If the service is disabled, the operating system can be manually updated at the Windows Update Web site.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: WZCSVC
Description: Provides automatic configuration for the 802.11 adapters
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

#10 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,536 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:58 PM

Posted 07 August 2004 - 11:57 AM

Run spybot and ad-aware...make sure you update them first and see if they find anything

#11 KSLowe

KSLowe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 07 August 2004 - 02:44 PM

Adaware didn't find anything , but I can't get it to update...I have 5.8 but I have tried several times to add update & it just doesn't load the new updates ???
But here's the log from today
Started file scan
==================

File scan result:
Suspicious files found:0



Scanning finished
==================
Suspicious modules found:0
Suspicious keys found : 0
Suspicious folders found:0
Suspicious files found:0
=========================
Components ignored:0

HitBox: Tracking cookie (Mozilla: default) (Cookie, nothing done)


HitBox: Tracking cookie (Mozilla: default) (Cookie, nothing done)


HitBox: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Mozilla: default) (Cookie, nothing done)


Avenue A, Inc.: Tracking cookie (Mozilla: default) (Cookie, nothing done)


DoubleClick: Tracking cookie (Mozilla: default) (Cookie, nothing done)


DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-21-3683679437-951796526-1614765859-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3


--- Spybot - Search && Destroy version: 1.3 ---
2004-07-09 Includes\Cookies.sbi
2004-07-28 Includes\Dialer.sbi
2004-07-27 Includes\Hijackers.sbi
2004-07-27 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-07-27 Includes\Malware.sbi
2004-07-09 Includes\Revision.sbi
2004-07-02 Includes\Security.sbi
2004-07-27 Includes\Spybots.sbi
2004-07-28 Includes\Tracks.uti
2004-07-27 Includes\Trojans.sbi

#12 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,536 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:58 PM

Posted 08 August 2004 - 02:40 PM

Within netscape click on the Help menu and then select About Plug-ins.

Tell me what plugins you have installed

#13 KSLowe

KSLowe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 08 August 2004 - 02:58 PM

Installed plug-ins
Find more information about browser plug-ins at Netscape.com.
Help for installing plug-ins is available from plugindoc.mozdev.org.
Java Plug-in

File name: NPJava11.dll
Java Plug-in 1.4.2_04 for Netscape Navigator (DLL Helper)

MIME Type Description Suffixes Enabled
application/x-java-applet;version=1.1.1 Java Applet Yes
application/x-java-bean;version=1.1.1 JavaBeans Yes
application/x-java-applet;version=1.1 Java Applet Yes
application/x-java-bean;version=1.1 JavaBeans Yes
application/x-java-applet Java Applet Yes
application/x-java-bean JavaBeans Yes
Java Plug-in

File name: NPJava12.dll
Java Plug-in 1.4.2_04 for Netscape Navigator (DLL Helper)

MIME Type Description Suffixes Enabled
application/x-java-applet;version=1.2 Java Applet Yes
application/x-java-bean;version=1.2 JavaBeans Yes
application/x-java-applet;version=1.1.3 Java Applet Yes
application/x-java-bean;version=1.1.3 JavaBeans Yes
application/x-java-applet;version=1.1.2 Java Applet Yes
application/x-java-bean;version=1.1.2 JavaBeans Yes
Java Plug-in

File name: NPJava13.dll
Java Plug-in 1.4.2_04 for Netscape Navigator (DLL Helper)

MIME Type Description Suffixes Enabled
application/x-java-applet;version=1.3.1 Java Applet Yes
application/x-java-bean;version=1.3.1 JavaBeans Yes
application/x-java-applet;version=1.4 Java Applet Yes
application/x-java-bean;version=1.4 JavaBeans Yes
application/x-java-applet;version=1.4.1 Java Applet Yes
application/x-java-bean;version=1.4.1 JavaBeans Yes
Java Plug-in

File name: NPJava14.dll
Java Plug-in 1.4.2_04 for Netscape Navigator (DLL Helper)

MIME Type Description Suffixes Enabled
application/x-java-applet;version=1.4.2 Java Applet Yes
application/x-java-bean;version=1.4.2 JavaBeans Yes
Java Plug-in

File name: NPJava32.dll
Java Plug-in 1.4.2_04 for Netscape Navigator (DLL Helper)

MIME Type Description Suffixes Enabled
application/x-java-applet;version=1.3 Java Applet Yes
application/x-java-bean;version=1.3 JavaBeans Yes
application/x-java-applet;version=1.2.2 Java Applet Yes
application/x-java-bean;version=1.2.2 JavaBeans Yes
application/x-java-applet;version=1.2.1 Java Applet Yes
application/x-java-bean;version=1.2.1 JavaBeans Yes
Java Plug-in

File name: NPJPI142_04.dll
Java Plug-in 1.4.2_04 for Netscape Navigator (DLL Helper)

MIME Type Description Suffixes Enabled
application/x-java-applet;jpi-version=1.4.2_04 Java Applet Yes
application/x-java-bean;jpi-version=1.4.2_04 JavaBeans Yes
Java Plug-in

File name: NPOJI610.dll
Java Plug-in 1.4.2_04 for Netscape Navigator (DLL Helper)

MIME Type Description Suffixes Enabled
application/x-java-vm Java Virtual Machine for Netscape Yes
MetaStream 3 Plugin

File name: npViewpoint_03000F10.dll
MetaStream 3 Plugin r4

MIME Type Description Suffixes Enabled
application/x-mtx MetaStream Plugin File mtx Yes
RealArcade NS Plugin

File name: npgcplug.dll
1.2.0.503

MIME Type Description Suffixes Enabled
[*] RealArcade NS Plugin File * Yes
Mozilla ActiveX control and plugin support

File name: npmozax.dll
Mozilla ActiveX control and plugin module

MIME Type Description Suffixes Enabled
application/x-oleobject ActiveX *.ocx Yes
application/oleobject ActiveX *.ocx Yes
Mozilla Default Plug-in

File name: npnul32.dll
Default Plug-in

MIME Type Description Suffixes Enabled
* Mozilla Default Plug-in * Yes
McAfee Clinic

File name: NPMGWRAP.DLL
McAfee Clinic Activator Plugin (1,0,0,5)

MIME Type Description Suffixes Enabled
application/x-mc-activator McAfee Clinic Activator mcp Yes
Shockwave Flash

File name: npswf32.dll
Shockwave Flash 6.0 r79

MIME Type Description Suffixes Enabled
application/x-shockwave-flash Macromedia Flash movie swf Yes
application/futuresplash FutureSplash movie spl Yes
RealJukebox NS Plugin

File name: nprjplug.dll
RealJukebox Netscape Plugin

MIME Type Description Suffixes Enabled
none RealJukebox NS Plugin File none Yes
RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)

File name: nppl3260.dll
RealPlayer™ LiveConnect-Enabled Plug-In

MIME Type Description Suffixes Enabled
audio/x-pn-realaudio-plugin RealPlayer™ as Plug-in rpm Yes
RealOne Player Version Plugin

File name: nprpjplug.dll
6.0.11.847

MIME Type Description Suffixes Enabled
application/vnd.rn-realplayer-javascript RealOne Player Javascript Plugin .rpj Yes
Microsoft® DRM

File name: npdrmv2.dll
DRM Netscape Network Object

MIME Type Description Suffixes Enabled
application/x-drm-v2 Network Interface Plugin nip Yes
Microsoft® DRM

File name: npwmsdrm.dll
DRM Store Netscape Plugin

MIME Type Description Suffixes Enabled
application/x-drm Network Interface Plugin nip Yes
Adobe ESD Manager Plugin

File name: NPAdbESD.dll
Adobe ESD Version Manager 1.0

MIME Type Description Suffixes Enabled
application/aom-getversion Adobe Download Manager Version Files aomver Yes
Adobe Acrobat

File name: nppdf32.dll
Adobe Acrobat Plug-In Version 5.10 for Netscape

MIME Type Description Suffixes Enabled
application/pdf Acrobat pdf Yes
MediaForge ~Mirage Plugin

File name: npmirage.dll
~Mirage 4.3.51.0 Plugin for MediaForge Projects

MIME Type Description Suffixes Enabled
mforge/x-mirage Mirage Project mfg Yes
Windows Media Player Plug-in Dynamic Link Library

File name: npdsplay.dll
Npdsplay dll

MIME Type Description Suffixes Enabled
application/asx Media Files * Yes
video/x-ms-asf-plugin Media Files * Yes
application/x-mplayer2 Media Files * Yes
video/x-ms-asf Media Files asf,asx,* Yes
video/x-ms-wm Media Files wm,* Yes
audio/x-ms-wma Media Files wma,* Yes
audio/x-ms-wax Media Files wax,* Yes
video/x-ms-wmv Media Files wmv,* Yes
video/x-ms-wvx Media Files wvx,* Yes
HP Peripheral Interrogator

File name: nphppi.dll
nphppi.dll

MIME Type Description Suffixes Enabled
application/x-vnd.hp-hppi HP Peripheral Interrogator Files hppi Yes

Here ya go..many thanks for trying to help me figure this out !!

#14 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,536 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:58 PM

Posted 09 August 2004 - 07:21 AM

From research this is what I have seen people to do to remove this.

Reinstall the program then reset the settings to default values by the button reset before you uninstall the program close all IE and netscape browsers and all tray icons and the program itself then remove it from control panel -->add remove programs --->then select Zilla popup killer

#15 KSLowe

KSLowe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 09 August 2004 - 07:38 PM

AAARRRGGGHHHHH it didn't work !! I thought I did it just as you said the only confusion was the default thing...it doesn't have a reset button... but the add/remove said it was completely removed...which I hadn't gotten before it would always come back with a file it couldn't delete...I even closed & reopened Netscape a few times to see if it would finally go away...no such luck...let me know if there are more specific directions maybe I didn't quit do..
Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users