Spyware I cannot remove!

G

Guest

I have some spyware/adware on my PC and despite using various methods I cannot find the offending file or files to remove it. One of the pop-up's is 'trafficmarketplace' i think.
Some help would be gratefully received, here is list of my running processes and other stuff from Hijack This:

Running processes
C:\WINDOWS\System32\smss.ex
C:\WINDOWS\system32\winlogon.ex
C:\WINDOWS\system32\services.ex
C:\WINDOWS\system32\lsass.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\System32\svchost.ex
C:\WINDOWS\system32\spoolsv.ex
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.ex
C:\Program Files\Alwil Software\Avast4\aswUpdSv.ex
C:\Program Files\Alwil Software\Avast4\ashServ.ex
C:\WINDOWS\System32\CTsvcCDA.ex
C:\Program Files\Executive Software\Diskeeper\DkService.ex
C:\WINDOWS\System32\nvsvc32.ex
C:\WINDOWS\System32\SLEE503.ex
C:\WINDOWS\System32\svchost.ex
C:\WINDOWS\Explorer.EX
C:\WINDOWS\System32\CTHELPER.EX
C:\WINDOWS\System32\DSentry.ex
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.ex
C:\WINDOWS\System32\rundll32.ex
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.ex
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.ex
C:\WINDOWS\System32\RunDll32.ex
C:\Program Files\Logitech\MouseWare\system\em_exec.ex
C:\Program Files\PestPatrol\PPControl.ex
C:\PROGRA~1\PESTPA~1\PPMemCheck.ex
C:\PROGRA~1\PESTPA~1\CookiePatrol.ex
C:\WINDOWS\System32\RUNDLL32.EX
C:\WINDOWS\System32\ctfmon.ex
C:\Program Files\Digital Line Detect\DLG.ex
E:\Shareaza\Shareaza.ex
C:\Program Files\Internet Explorer\IEXPLORE.EX
E:\My Shared Folder\Utilities\Hijack this\HijackThis.ex

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blan
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blan
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blan
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.bbc.co.uk
R3 - URLSearchHook: (no name) - - (no file
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dl
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dl
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dl
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EX
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DL
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.ex
O4 - HKLM\..\Run: [GLDStart] C:\Program Files\GLDirect\gldirect.exe -filterstar
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartu
O4 - HKLM\..\Run: [nwiz] nwiz.exe /instal
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.ex
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Ex
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.ex
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.ex
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.ex
O4 - HKLM\..\Run: [Acronis Popup Blocker] RunDll32.exe C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL,Ru
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.ex
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.ex
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.ex
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.ex
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarIni
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.ex
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autochec
O4 - Global Startup: Digital Line Detect.lnk =
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/300
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Acronis Pop-up Blocker (HKLM)
O9 - Extra 'Tools' menuitem: Acronis Pop-up Blocker (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/13b7245d22c23f6a7b01/netzip/RdxIE601.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38064.4492708333
O16 - DPF: {CC110316-5BE7-4AAA-AEDD-1A5B147BE34C} (MyWebOperator Class) - http://198.143.27.21/dialer_loader/uk.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
 
P

Paul

Just what have you done? You make no mention of using
Ad-aware or Spybot. If you haven't used these, do a web
search for both of these free downloadable programs and
run them both.

-----Original Message-----
I have some spyware/adware on my PC and despite using
Click to expand...
various methods I cannot find the offending file or files
to remove it. One of the pop-up's is 'trafficmarketplace'
i think.
Some help would be gratefully received, here is list of
Click to expand...
my running processes and other stuff from Hijack This:-
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2 \schedul2.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\SLEE503.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Acronis\Schedule2 \schedhlp.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\PestPatrol\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
E:\Shareaza\Shareaza.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\My Shared Folder\Utilities\Hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet
Click to expand...
Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Click to expand...
Page = http://www.bbc.co.uk/
R0 - HKLM\Software\Microsoft\Internet
Click to expand...
Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL, (Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Click to expand...
Page_bak = http://www.bbc.co.uk/
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB- 00C04FD64497} - (no file)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-
Click to expand...
DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-
Click to expand...
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0
\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-
Click to expand...
001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-
Click to expand...
B674-4EDF86E7E1DF} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-
UP~1.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32 \DSentry.exe
O4 - HKLM\..\Run: [GLDStart] C:\Program
Click to expand...
Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4 \ashDisp.exe
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] C:\Program
Click to expand...
Files\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [Acronis Popup Blocker] RunDll32.exe C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL,Run
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1 \PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1 \CookiePatrol.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32 \ctfmon.exe
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program
Click to expand...
Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Acronis Pop-up Blocker (HKLM)
O9 - Extra 'Tools' menuitem: Acronis Pop-up Blocker (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2}
Click to expand...
(EARTPatchX Class) -
http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE
Click to expand...
Class) - http://software-
dl.real.com/13b7245d22c23f6a7b01/netzip/RdxIE601.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B}
Click to expand...
(GSDACtl Class) -
http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61}
Click to expand...
(HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004033001/housecall.ant
ivirus.com/housecall/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243}
Click to expand...
(SecureLogin.SecureControl) -
http://secure2.comned.com/signuptemplates/ActiveSecurity.ca
b
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update
Click to expand...
Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl
..CAB?38064.4492708333
O16 - DPF: {CC110316-5BE7-4AAA-AEDD-1A5B147BE34C}
Click to expand...
(MyWebOperator Class) -
http://198.143.27.21/dialer_loader/uk.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
Click to expand...
(Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swf
lash.cab
 
M

MAP

I see that you have pest patrol this is a very good
spyware removal program,is it up to date?
This is the wrong forum for your hijack this log,the
correct forum is at the bottom of my post.Good Luck

http://www.safer-networking.org/ Spybot
www.javacoolsoftware.com/sbdownload.html
http://www.wilderssecurity.net/spywareguard.html
http://www.lavasoft.de/ Ad-aware
http://www.merijn.org/downloads.html (CWS)cool web
shedder and hijack this
www.spywareinfo.com/forums/

-----Original Message-----
I have some spyware/adware on my PC and despite using
Click to expand...
various methods I cannot find the offending file or files
to remove it. One of the pop-up's is 'trafficmarketplace'
i think.
Some help would be gratefully received, here is list of
Click to expand...
my running processes and other stuff from Hijack This:-
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2 \schedul2.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\SLEE503.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Acronis\Schedule2 \schedhlp.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\PestPatrol\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
E:\Shareaza\Shareaza.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\My Shared Folder\Utilities\Hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet
Click to expand...
Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet
Click to expand...
Explorer\Main,Start Page = http://www.bbc.co.uk/
R0 - HKLM\Software\Microsoft\Internet
Click to expand...
Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL, (Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet
Click to expand...
Explorer\Main,Start Page_bak = http://www.bbc.co.uk/
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0- 99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-
Click to expand...
DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-
Click to expand...
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0
\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-
Click to expand...
001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-
Click to expand...
B674-4EDF86E7E1DF} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-
UP~1.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32 \DSentry.exe
O4 - HKLM\..\Run: [GLDStart] C:\Program
Click to expand...
Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4 \ashDisp.exe
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service]
Click to expand...
C:\Program Files\Common Files\Acronis\Schedule2
\schedhlp.exe
O4 - HKLM\..\Run: [Acronis Popup Blocker] RunDll32.exe C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL,Run
O4 - HKLM\..\Run: [TrojanScanner] C:\Program
Click to expand...
Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1 \PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1 \CookiePatrol.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32 \ctfmon.exe
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program
Click to expand...
Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft
Click to expand...
Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Acronis Pop-up Blocker (HKLM)
O9 - Extra 'Tools' menuitem: Acronis Pop-up Blocker (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2}
Click to expand...
(EARTPatchX Class) -
http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE
Click to expand...
Class) - http://software-
dl.real.com/13b7245d22c23f6a7b01/netzip/RdxIE601.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B}
Click to expand...
(GSDACtl Class) -
http://launch.gamespyarcade.com/software/launch/alaunch.ca
b
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61}
Click to expand...
(HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004033001/housecall.an
tivirus.com/housecall/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243}
Click to expand...
(SecureLogin.SecureControl) -
http://secure2.comned.com/signuptemplates/ActiveSecurity.c
ab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F}
Click to expand...
(Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuct
l.CAB?38064.4492708333
O16 - DPF: {CC110316-5BE7-4AAA-AEDD-1A5B147BE34C}
Click to expand...
(MyWebOperator Class) -
http://198.143.27.21/dialer_loader/uk.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
Click to expand...
(Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/sw
flash.cab
 
R

Rick

Have you tried Webroots Spy Sweeper. Its free to try out and works pretty
good.

Rick

westie said:
I have some spyware/adware on my PC and despite using various methods I
Click to expand...
cannot find the offending file or files to remove it. One of the pop-up's is
'trafficmarketplace' i think.
Some help would be gratefully received, here is list of my running
Click to expand...
processes and other stuff from Hijack This:-
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\SLEE503.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\PestPatrol\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
E:\Shareaza\Shareaza.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\My Shared Folder\Utilities\Hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.bbc.co.uk/
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Click to expand...
Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [GLDStart] C:\Program
Click to expand...
Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [Acronis Popup Blocker] RunDll32.exe C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL,Run
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program Files\Spybot - Search &
Click to expand...
Destroy\SpybotSD.exe" /autocheck
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Acronis Pop-up Blocker (HKLM)
O9 - Extra 'Tools' menuitem: Acronis Pop-up Blocker (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/13b7245d22c23f6a7b01/netzip/RdxIE601.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243}
Click to expand...
(SecureLogin.SecureControl) -
http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38064.4492708333
O16 - DPF: {CC110316-5BE7-4AAA-AEDD-1A5B147BE34C} (MyWebOperator Class) - http://198.143.27.21/dialer_loader/uk.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Click to expand...
Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
 
A

AnnonUser

I see that you have Shareaza. As long as you continue to use P2P,
you're going to hve problems.
I have some spyware/adware on my PC and despite using various methods I cannot find the offending file or files to remove it. One of the pop-up's is 'trafficmarketplace' i think.
Some help would be gratefully received, here is list of my running processes and other stuff from Hijack This:-

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\SLEE503.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\PestPatrol\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
E:\Shareaza\Shareaza.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\My Shared Folder\Utilities\Hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.bbc.co.uk/
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [GLDStart] C:\Program Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [Acronis Popup Blocker] RunDll32.exe C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL,Run
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Acronis Pop-up Blocker (HKLM)
O9 - Extra 'Tools' menuitem: Acronis Pop-up Blocker (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/13b7245d22c23f6a7b01/netzip/RdxIE601.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38064.4492708333
O16 - DPF: {CC110316-5BE7-4AAA-AEDD-1A5B147BE34C} (MyWebOperator Class) - http://198.143.27.21/dialer_loader/uk.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Click to expand...
 
K

kimmy

westie said:
I have some spyware/adware on my PC and despite using various methods
I cannot find the offending file or files to remove it. One of the
pop-up's is 'trafficmarketplace' i think. Some help would be
gratefully received, here is list of my running processes and other
stuff from Hijack This:-
Click to expand...
HijackThis can fix your problems. You should post the entire log to
http://www.spywareinfo.com/forums/index.php?showforum=30 where you will get
better help than here.
 
C

CoBRa

Usally, P2P programs includes spyware programs. And this may be a DLL file.
Use a process viewer and look at them which process uses CPU regular. If you
don't know do you installed it, it can be a spyware program.

haber iletisinde þunlarý said:
Have you tried Webroots Spy Sweeper. Its free to try out and works pretty
good.

Rick


cannot find the offending file or files to remove it. One of the pop-up's is
'trafficmarketplace' i think.
processes and other stuff from Hijack This:-
Click to expand...
_{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -
(no file) C:\Program
Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
Click to expand...
{E24AD748-155E-4254-B674-4EDF86E7E1DF} -
C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [GLDStart] C:\Program
Click to expand...
Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [Acronis Popup Blocker] RunDll32.exe C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL,Run
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program Files\Spybot - Search &
Click to expand...
Destroy\SpybotSD.exe" /autocheck
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Acronis Pop-up Blocker (HKLM)
O9 - Extra 'Tools' menuitem: Acronis Pop-up Blocker (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/13b7245d22c23f6a7b01/netzip/RdxIE601.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
Click to expand...
http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housec
all/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243}
Click to expand...
(SecureLogin.SecureControl) -
http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
Click to expand...
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38064.449270
8333
O16 - DPF: {CC110316-5BE7-4AAA-AEDD-1A5B147BE34C} (MyWebOperator
Click to expand...
Class) -
http://198.143.27.21/dialer_loader/uk.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Click to expand...
Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Nt Authority System Please Help!! 0
IE redirection problem 2
PLEASE HELp.. i can not get rid of this bug on my computer 2
Problems with pops ups 6
sharedobj.dll errors 1
IE 8 won't start 2
Desktop Icons Missing at startup 7
WinVir 5

Top