Minor Ad-Ware problem that's driving me batty! - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: Minor Ad-Ware problem that's driving me batty!

  1. #11
    Member
    Join Date
    Feb 2005
    Posts
    60
    i'm also going to give Microsoft's program a go. Perhaps all those false positives will work in my favor.

  2. #12
    Member
    Join Date
    Feb 2005
    Posts
    60
    so as an update - ran Microsoft's product and it found absolutely nothing on my machine - but the problem's still there.


    One interesting thing i found was that it's specific to my profile on this pc - logging in under other profiles i'm not having the same issue. I went through and cleaned out my cookies and temp directory, but that hasn't helped.

  3. #13
    Senior Member
    Join Date
    Jul 2004
    Posts
    469
    That is a very good fact that you found there. Since it only does it on your profile, we can compare yours with the others and find out what is causing it. Grab a this and run it. Find out what DLLs are links to explorer and iexplore and then compare them to those that are running under another profile. I'll bet that one of those DLLs is your culprit.

  4. #14
    Member
    Join Date
    Feb 2005
    Posts
    60
    thanks zENGER! I'll get back to you in a bit.

  5. #15
    Member
    Join Date
    Feb 2005
    Posts
    60
    okay - so here's what i got....

    i ran the APM on the local admin profile first, and got a bunch of dlls.

    There were several that were not in common with the results from my personal profile.

    The dll (in iexplore) that stands out is actxproxy.dll

    if i unload it from iexplore.exe - the adware goes away. if i reload it, and refresh my browser - or jsut leave it alone. it comes back.

    one curious thing which i haven't been able to replicate - At one point there were several Java dlls in my iexplore list. When i unloaded the first one - the browser shut down, and when i reopened it the adware was gone entirely. I think i might have to wait for Java to reload all that stuff back.

    i don't think it's the actxproxy by itself tho - because the file hasn't been modified since 2004, and was created on that same date. Also if i go in to the local admin profile and load the dll into iexplore there it doesn't replicate the problem.

    So i'm not sure.

    As far as the explorer.exe module nothing additional in my personal profile that's not in the local admin profile.

  6. #16
    Senior Member
    Join Date
    Jul 2004
    Posts
    469
    I'm curious if you mispelled that or it its right. I did a google search for the file in question, and came across various references. In particular I found that actxprxy.dll (without the o) is a part of activeX. Here is a link: http://www.liutilities.com/products/...rary/actxprxy/ .

  7. #17
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Just a question here.

    Did you try doing the search the way you normally do, ( I assume using the search button ) then type in the URL for Yahoo so you go directly to the to the Yahoo page, then try the same search?

    Is there a difference?
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  8. #18
    Member
    Join Date
    Feb 2005
    Posts
    60
    actually i normally search directly from the yahoo page itself. so all of this is happening when i go to www.yahoo.com and start searching from there. or if i go to www.google.com and search from there.


    and zENGER - yes - i did misspell it - no "o" in the actual file name. I'll have a look at the link.

  9. #19
    Member
    Join Date
    Feb 2005
    Posts
    60
    hey guess what? I downloaded Ewido's security suite and ran it - it found a couple of false positives but also some other cookies that it found to be spyware. I then ran the latest version of CrapCleaner - manually selected which cookies i want to keep, deleted all registry issues, and cleaned out temp files and such, and it seems my problem is finally gone.


    Let's see what happens in the next couple of days.

  10. #20
    Junior Member
    Join Date
    Jul 2005
    Posts
    1
    I had a virus with the exact same symptoms (redzip an uspiral added to search results). Like Tryska, I ran Ewido and got it to go away. I didn't need to run CrapCleaner. I did need to reboot, though. The files Ewido said were infected:

    C:\W2KSRV\system32\PROXYCFG.EXE -> Heuristic.Win32.Hijacker1

    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1C955F3B-5B32-4393-A05D-24B4970CD2A1} -> Dialer.Generic

    C:\W2KSRV\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.RiskWare.Downloader.PopCap.a

    My apologies if it is bad form to bump a 2-month old thread here, but since I found the help here useful, I wanted to add my experience in case it helped the next person Googling for a solution.

    -Erik
    *DROD: Journey to Rooted Hold* - a puzzling game of dungeon exploration - caravelgames.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •