Sponsored By

mee

Members
  • Content Count

    4
  • Joined

  • Last visited

About mee

  • Rank
    Member
  1. Thanks Efwis. I'll leave as is. No sense fixing something that isn't broken. Sorry that I posted my log in two places (also posted it over in Hijack This Logs forum) but wasn't sure where you wanted it. Also, sorry about getting your ID wrong. Thanks again.
  2. I already had Hijack This on my PC. Here is the results of the scan I just did. Logfile of HijackThis v1.99.0 Scan saved at 11:48:19 AM, on 1/9/2005 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MPREXE.EXE C:\PROGRAM FILES\ESET\NOD32KRN.EXE C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\ESET\NOD32KUI.EXE C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Zone Labs Client] "C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE" O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Program Files\Eset\nod32krn.exe" O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service O4 - Startup: BHODemon 2.0.lnk.disabled O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O16 - DPF: {99B42120-6EC7-11CF-A6C7-00AA00A47DD2} (Label Object) - http://activex.microsoft.com/controls/iexp...x86/ielabel.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security1.norton.com/sa/common/common/bin/cabsa.cab O16 - DPF: {340FBD92-B7BB-11D2-8299-00104B27F81B} (ScanCtl Class) - http://outpost.zdnet.com/updates/resources/updates.cab O16 - DPF: {978C9E23-D4B0-11CE-BF2D-00AA003F40D0} (Microsoft Forms 2.0 Label) - http://activex.microsoft.com/activex/controls/mspert10.cab O16 - DPF: {2C52AF58-B9B1-11D5-9DF6-00508B755B44} (AXClientUtil2 Control) - http://www.smartforce.com/v2.1/application...XClientUtil.cab O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab O20 - AppInit_DLLs: Disabled
  3. Yes C:\Program Files\Viewpoint\Viewpoint Media Player does exist on my computer.
  4. PestPatrol flags some files in the C:\Program Files\Viewpoint\Viewpoint Media Player folder and several associated registry entries on my PC as the Viewpoint Toolbar spyware. However, neither AdAware nor Spybot SD scans report any problem. Doing a Google Search on Viewpoint Media Player results in many sites that say Viewpoint Media Player is indeed spyware. It comes bundled with Adobe Atmosphere, which is apparently how it ended up on my machine. No Viewpoint products appear in my control panel's Add/Remove Programs list but the Adobe Atmosphere player is on the list of programs that can be uninstalled. Should I try and remove Viewpoint or leave well enough alone? If I do attempt a removal, should I first uninstall the Adobe Atmosphere player and then use PestPatrol to cleanup anything left behind?