spyware removal

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.
C

chibear621

Thread Starter
Joined
Jul 8, 2005
Messages
2
I have windows 98 2nd edition
I think I am spyware problems.....I have ran hijackthis....and I am posting the log file.

Logfile of HijackThis v1.99.1
Scan saved at 12:36:00 PM, on 7/8/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON GHOST\GHOSTSTARTSERVICE.EXE
C:\PROGRAM FILES\ROXIO\GOBACK\GBPOLL.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON GHOST\GHOSTSTARTTRAYAPP.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\EN-US\MSNAPPAU.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\ROXIO\GOBACK\GBTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\HT\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [GhostStartService] C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON GHOST\GHOSTSTARTSERVICE.EXE
O4 - HKLM\..\RunServices: [GoBack Polling Service] C:\Program Files\Roxio\GoBack\GBPoll.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [startkey] C:\WINDOWS\SYSTEM\wingate.exe
O4 - Startup: GoBack.lnk = C:\Program Files\Roxio\GoBack\GBTray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.2.2.51/euchre/euchre-ob-assets.cab
O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.2.2.51/mlslots/mlslots-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.2.3.36/waterwheel/waterwheel-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.2.2.51/squelchies/squelchies-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.1.3.21/solitaire2/solitaire2-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.1.3.21/superbingo/superbingo-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.1.3.21/turbo21/turbo21-ob-assets.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.1.3.21/domino/domino-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.2.4.32/sweettooth/sweettooth-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.2.5.28/freecell/freecell-ob-assets.cab
O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.2.3.36/wordjong/wordjong-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.1.3.28/whackdown/whackdown-ob-assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.1.5.21/videoblackjack/videoblackjack-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.2.5.28/worldclass/worldclass-ob-assets.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.1.3.28/pool2/pool-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.2.5.28/peaks/peaks-ob-assets.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://playweb02.pogo.com/game/deluxe/insaniquarium/popcaploader_v6.cab
O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.2.5.28/pinochle/pinochle-ob-assets.cab
O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.1.5.28/jumbee/jumbee-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.2.5.28/flinger/flinger-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.2.0.37/backgammon/backgammon-ob-assets.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.1.5.21/checkers2/checkers-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://game5.pogo.com/applet-6.1.1.29/poppit/poppit-ob-assets.cab
O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.2.1.34/paigow/paigow-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.2.5.28/wordwhomp/wordwhomp-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.1.4.29/drawpoker/drawpoker-ob-assets.cab
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.2.1.27/aces/aces-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://vpoker.pogo.com/applet-6.0.3.28/videopoker2/videopoker-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.2.5.28/mahjong/mahjong-ob-assets.cab
O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.2.5.28/hearts/hearts-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.2.0.30/holdem/holdem-ob-assets.cab
O16 - DPF: Pebble Beach Golf by pogo - http://game1.pogo.com/applet-6.2.1.34/pebble/pebble-ob-assets.cab
O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.2.5.28/spider/spider-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.1.5.21/popfu/popfu-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.2.1.27/gin/gin-ob-assets.cab
O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.2.5.28/canasta/canasta-ob-assets.cab
O16 - DPF: Command and Conquer Comanche by pogo - http://game4.pogo.com/applet-6.1.1.29/ccstrike/ccstrike-ob-assets.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.2.5.28/lottso/lottso-ob-assets.cab
O16 - DPF: Keno by pogo - http://game1.pogo.com/applet-6.1.3.28/keno/keno-ob-assets.cab
O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.2.1.34/blackjack/blackjack-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.2.5.28/poppit2/poppit2-ob-assets.cab
O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.2.5.28/harvest/harvest-ob-assets.cab
O16 - DPF: Chess by pogo - http://game1.pogo.com/applet-6.1.5.21/chess2/chess2-ob-assets.cab
O16 - DPF: NASCAR Web Racing by pogo - http://game1.pogo.com/applet-6.2.0.37/nascar/nascar-ob-assets.cab
O16 - DPF: Showbiz Slots by pogo - http://game1.pogo.com/applet-6.2.0.37/slots/showbiz-ob-assets.cab
O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.2.0.37/videopoker2/doubledeuce-ob-assets.cab
O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.2.1.34/omaha/omaha-ob-assets.cab
O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.2.5.28/spades/spades-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.2.1.41/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo - http://game1.pogo.com/applet-6.2.5.28/piratesgold/piratesgold-ob-assets.cab
O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.2.5.28/cribbage/cribbage-ob-assets.cab
O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.2.5.28/poppazoppa/poppazoppa-ob-assets.cab
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.2.5.28/jigsaw/jigsaw-ob-assets.cab
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Total: 278 (members: 4, guests: 274)
Top