Re: Spyware

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Jim Byrd (jrbyrd_at_spamlessadelphia.net)
Date: 11/18/04

• Next message: siljaline: "Re: Restricted Sites"
• Previous message: Maguire110: "Script Error"
• In reply to: PA Bear: "Re: Spyware"
• Next in thread: PA Bear: "Re: Spyware"
• Reply: PA Bear: "Re: Spyware"
• Messages sorted by: [ date ] [ thread ]

---

Date: Wed, 17 Nov 2004 16:42:49 -0800

I agree, definitely not ready for prime time - identifies a lot of pretty
well know stuff as "nasties" which is going to lead many to delete
erroneously. For example, found the following on mine:

      O4 - HKLM\..\RunOnce: [MigrateMMDrivers] rundll32.exe
mmsys.cpl,mmseRunOnce
      Nasty The entered application MigrateMMDrivers was identified:
Rundll32. Hit rate: 20 % (result) Must be fixed!

???? Multi-media Properties ????

      O4 - Global Startup: Quick Tray.lnk = E:\Misc\QUIKTRAY.EXE
      Nasty The entered application 'Quick Tray.lnk (QUIKTRAY.EXE)' was
identified: 'Aim Quick Start (Aim.exe)'. Hit rate: 33 % (result) Must be
fixed!

I could understand Unknown on this one, as it's a small, not too well known
utility.

      O4 - Global Startup: TASKMGR.EXE.lnk = E:\WINNT\system32\TASKMGR.EXE
      Nasty The entered application 'TASKMGR.EXE.lnk (TASKMGR.EXE)' was
identified: 'Taskmgr (Taskmgr.exe )'. Hit rate: 16 % (result) Must be
fixed!

???? Task Manager ????

      O8 - Extra context menu item: &Web Search - E:\WINNT\WEB\selsearch.htm
      Nasty The entry &Web Search has been identified as nasty.

???? Yahoo Home Page Search ????

      O8 - Extra context menu item: BabelFish Translate... -
http://www.gingell.com/iesearch/babelfish.html
      Nasty The entry BabelFish Translate... has been identified as nasty.

???? BabelFish ?????

      O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} -
res://E:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM (file missing)
      Unnecessarily Unknown buttons or entries in the 'Extras'-menu should
be fixed. To be fixed if the entry 'ieSpell ' is unknown.
      Unnecessary (deactivated) entry that can be fixed.
        O9 - Extra 'Tools' menuitem: ieSpell -
{0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://E:\Program
Files\ieSpell\iespell.dll/SPELLCHECK.HTM (file missing)
      Unnecessarily Unknown buttons or entries in the 'Extras'-menu should
 be fixed. To be fixed if the entry 'ieSpell ' is unknown.
      Unnecessary (deactivated) entry that can be fixed.
        O9 - Extra button: (no name) -
{1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://E:\Program
Files\ieSpell\iespell.dll/SPELLOPTION.HTM (file missing)
      Unnecessarily Unknown buttons or entries in the 'Extras'-menu should
be fixed. To be fixed if the entry '' is unknown.
      Unnecessary (deactivated) entry that can be fixed.
        O9 - Extra 'Tools' menuitem: ieSpell Options -
{1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://E:\Program
Files\ieSpell\iespell.dll/SPELLOPTION.HTM (file missing)
      Unnecessarily Unknown buttons or entries in the 'Extras'-menu should
be fixed. To be fixed if the entry 'ieSpell Options ' is unknown.
      Unnecessary (deactivated) entry that can be fixed.

These are only unnecessary in the Analyzer's opinion. Since I use them to
check spelling on IE forms, I kinda' think they're necessary, at least for
me.

      O10 - Unknown file in Winsock LSP: e:\program files\google\google
desktop search\googledesktopnetwork1.dll
      Nasty This entry should not be fixed! Your best bet to repair it is
to try the LSPFix from Cexx.org or Spybot S&D from Kolla.de. Check your
hard disc drive with Spybot S&D from Kolla.de or LSPFix from Cexx.org.
        O10 - Unknown file in Winsock LSP: e:\program files\google\google
desktop search\googledesktopnetwork1.dll
      Nasty This entry should not be fixed! Your best bet to repair it is
to try the LSPFix from Cexx.org or Spybot S&D from Kolla.de. Check your
hard disc drive with Spybot S&D from Kolla.de or LSPFix from Cexx.org.
        O10 - Unknown file in Winsock LSP: e:\program files\google\google
desktop search\googledesktopnetwork1.dll
      Nasty This entry should not be fixed! Your best bet to repair it is
to try the LSPFix from Cexx.org or Spybot S&D from Kolla.de. Check your
hard disc drive with Spybot S&D from Kolla.de or LSPFix from Cexx.org.
        O10 - Unknown file in Winsock LSP: e:\program files\google\google
desktop search\googledesktopnetwork1.dll
      Nasty This entry should not be fixed! Your best bet to repair it is
to try the LSPFix from Cexx.org or Spybot S&D from Kolla.de. Check your
hard disc drive with Spybot S&D from Kolla.de or LSPFix from Cexx.org.

?????? Google Desktop Search ??????

-- 
Please respond in the same thread.
Regards, Jim Byrd, MS-MVP
In news:%237PcmjPzEHA.2012@TK2MSFTNGP15.phx.gbl,
PA Bear <PABear@mvps.org> typed:
> It's not very useful IMO:
>
> <paste>
> C:\WINDOWS\RUNDLL32.EXE
>
> Nasty   running process. (RUNDLL32.EXE)
>
> This process is not running from the System32 folder as it is
> supposed to be.   This entry is not running from the System32 folder,
> so it is probably nasty.
> </paste>
>
> Now what?  This isn't an entry which can be "fixed" with HT.
>
> oops!! wrote:
>> Have you tried this online HJT log analyser?
>>
>> http://www.hijackthis.de/index.php?langselect=english
>>
>> Zee
>>
>>
>> "siljaline" <siljaline@nospam.com> wrote in message
>> news:eLlyr3OzEHA.2572@tk2msftngp13.phx.gbl...
>>> "EmilyBean" wrote:
>>>> My laptop is really messed up, I ran adaware this morning and it
>>>> seems like the main thing is "myway" but who knows. It seems to
>>>> have uninstalled my norton, and it won't let me install again. It
>>>> also crashes my ICQ. I had the "mysearch" toolbar show up which I
>>>> have gotten rid of. I've ran adaware and quarantined everything it
>>>> found but nothing has changed. I also did a system restore to a
>>>> few days ago but that didn't change it either. I don't want to
>>>> have to reformat since I just had the same problem on my PC a week
>>>> ago and I had to reformat that. (laptop is XP)
>>>
>>> Run 'HijackThis', FAQ & info here:
>> http://mvps.org/winhelp2002/unwanted.htm
>>> Post your log here: http://forum.aumha.org/viewforum.php?f=30
>>>
>>> Silj
>>>
>>> --
>>> siljaline
>>>
>>> MS - MVP Windows (IE/OE) 2003/04 AH-VSOP
>>> ________________________________________
>>> Security Tools Updates
>>> http://forum.aumha.org/viewforum.php?f=31
>>>
>>> (Reply to group, as return address
>>> is invalid - that we may all benefit)

---

---

---

• Next message: siljaline: "Re: Restricted Sites"
• Previous message: Maguire110: "Script Error"
• In reply to: PA Bear: "Re: Spyware"
• Next in thread: PA Bear: "Re: Spyware"
• Reply: PA Bear: "Re: Spyware"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.inetexplorer.ie6.browser  > 2004-11