• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

HUGE spyware problem! Help!!

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
autoMATTic said:
Post a printscreen of the next pop up you get so we can see the type of window its in.
Click to expand...

here u go:

popup3.bmp


popup2.bmp
 
Those arent Window Messenger windows but Internet Explorer. I would Delete cookies and temp internet files. Run CWS SHreddar and ad aware. Then I would Download Firefox and make that my default browser.
Also did you download any off those annoying programs and are still using them that have spyware built in like kazaa, or any GAIM programs, or those annoying weathercast programs, if so I would uninstall them.
 
you may not like this answer but. I fixed a friends computer that did the same. I hade to write down every spyware it found, search it online, and go program by program removing files, registry entries. But if you really wan't to end this all, the be all end all is a format.
 
You all are just doing the run around when all pollux needs to do is...

POST THE HIJACKTHIS LOG!

BTW, I'm not sure which approach you are taking to skin the windows in that way, but it could likely be part of your spyware problem.

automattic: He is already running firefox - first post. ;)
 
Last edited:
IMOG said:
You all are just doing the run around when all pollux needs to do is...

POST THE HIJACKTHIS LOG!
Click to expand...

here:
 

Attachments

  • hijackthis.txt
    6.8 KB · Views: 51
you need to get rid of the bozm6ca.exe processes running... Those are exe's running from a temp directory, with what appears to be a randomly generated filename (filename not recognized on google). Those are coming from somewhere not good... Looking further at log currently.

Stylexp.exe is spyware related, and I believe anything from tgtsoft is probably evil. A lot of this customization stuff is malware.

Remove these:
R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310}_ - (no file)
O2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll
(this is not malware related, but I hate the radio toolbar thing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll
O4 - HKLM\..\Run: [BozM6cA.exe] C:\windows\temp\BozM6cA.exe
O4 - HKLM\..\Run: [BozM6cA] C:\windows\temp\BozM6cA.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

Conclusion:

You are infected with New.Net Searchbar.

I didn't find anything else specifically from what I looked up, but you should be able to remove everything I listed without messing anything up too bad.
 
Last edited:
thanks. i removed them all except stylexp. are there any other safe and free utilities i can use to configure my xp theme?
 
Uninstall style XP. It is the problem.

Have you run spybot S&D and adaware with the latest updates? Run them again, then restart, then report your hijackthis log again so we can see if anything is coming back.
 
Last edited:
You must install stylexp from the utility, or it will recreate itself. You should also delete those files which the registry entries are pointing to, that were reported by hijackthis. Disabling system restore and going through safemode for all of this is also a good idea.
 
I believe it does also. Most all of that stuff is junk... Doesn't windowblinds come from stardock?

Stardock is really terrible.

Is skinning your windows really that important? :)

There is probably something that is safe, I believe there is something that patches a theme file which just allows you to add more themes, but uses the standard windows display properties appearances tool. It doesn't come with any spyware loaded application.
 
IMOG said:
I believe it does also. Most all of that stuff is junk... Doesn't windowblinds come from stardock?

Stardock is really terrible.

Is skinning your windows really that important? :)

There is probably something that is safe, I believe there is something that patches a theme file which just allows you to add more themes, but uses the standard windows display properties appearances tool. It doesn't come with any spyware loaded application.
Click to expand...

where can i get that? also, even after removing stylexp, im still getting those pop-ups. im think im just going to back up my files on dvdr's and reformat.
 
thanks. i removed them all except stylexp. are there any other safe and free utilities i can use to configure my xp theme?
Click to expand...

Wow i did not realize style was spyware- what a bunch of scumbags!
----


I dont customize with style xp by the way. I make an unattended install cd. You need to download a patched uxtheme.dll, replace it in the i386 folder and wite the .theme files. You can now select style xp themes under the normal themes menu for windows. No software required :)
Of course, you have to format and use the unattended.
More detailed info at mnfn.org.
 
You can patch uxtheme.dll from within windows... it doesn't have to be done from an install CD if that was what you were saying, I'm not sure.

Now that you have uninstalled stylexp, you should be able to perform all of the scans with adaware, spybot, and hijackthis and actually be able to permanently remove the problems.

Or you can reinstall because it may be quicker.
 
if you dont have a software firewall get one it might give you an idea what is trying to access the net and you can shut them down one a a time. I know if I drop the firewall in the family computer stuff starts poping up. I dont know what I block but I defiently block something.

Also this may be the best and easy solution. Back up everything you want to save and just reformated you computer. That solution prouble the easiest and the one with the fewest headarchs
 
you know I have always wondered, itsn't spyware, malware, ect illegal? I mean it is a program being installed on your computer with out your consent???
 
ashenfang said:
you know I have always wondered, itsn't spyware, malware, ect illegal? I mean it is a program being installed on your computer with out your consent???
Click to expand...

In reality, alot of it is installed when you install other programs, or browse certain websites, and that user agreement flashes on the screen, you know, the one no one reads and everyone clicks "Yes!" to.

There are laws currently being developed to make it "illegial" but most of the companies are overseas anyway, and how effective has the anti-spam law been? i still get upwards of 100 spam msg's a day.
 
You must log in or register to reply here.

Similar threads

W
I got real bad Adware whats the best option ?
Replies
4
Views
812
RGone
RGone
Z
Help me OC'ing i5-2500k to get it stable
Replies
2
Views
1K
deathman20
deathman20
c627627
How I modded my Windows 10 installation - How (not) to install Windows 10
Replies
2
Views
9K
c627627
c627627
Lochekey
Benching Guide for Beginners
Replies
18
Views
5K
Johan45
Johan45
c627627
Notepad with Spell Checker already added in!
Replies
2
Views
4K
c627627
c627627
Back