If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Spybot and BHO question, running 98-se
Hello,
Maybe I should go to IE newsgroup but I'm running 98-se. I have Spybot and all new updates and Spybot finds only 1 problem which is a false positive that I have already researched (SCC Technology). I have **4 BHO's**, Adobe Acrobat, Yahoo Companion, (I choose to have this toolbar), Pop This... pop-up blocker and my Spybot browser helper. I ran Spybot moments ago, nothing new found. I also ran Anti-Spy, feature of Yahoo toolbar and item found this... *Download Accelerator Plus* w/11 entries in my registry!! I've searched the puter and don't appear to have a program installed associated to these entries?? I'm manually searched too w/view all files turned on, especially C:\Program Files. * Doing a Google search search for this item indeed gives me software and sites for downloading. * I have no entry in msconfig that is new, I can identify all running processes showing up. * I also looked at my add/remove s/w and I have only good programs that I'm absolutely sure about, have been using them for a long time. I actually have all my program installers either on CD or Iomega zip. Is this Spyware, Malware?? I want all traces of it gone, I don't want this program. My question.... How CAN I have 11 entries in my registry and not have a program installed, doesn't make sense to me???? Star |
#2
|
|||
|
|||
Star wrote:
snip Is this Spyware, Malware?? No, but the free version is advertiser supported(displays banner ads), thus it is adware. DAP is a download manager that speeds up file downloads, you might find it listed as DAP in your programs files folder, but it will be listed as Download Accelerator Plus in add/remove programs. It does not install itself on the sly as it is a legitimate program with millions of users, so it would appear at one time it was (or still is) installed on your system. Ad-Aware(anti-adware program) no longer even classifies it as "adware" in the problematic sense as it is truly installed voluntarily, unlike many programs such as the infamous Gator\Gain crap. I want all traces of it gone, I don't want this program. Then you need to remove the entries that you don't want. MM |
#3
|
|||
|
|||
You or someone else using your machine may have installed the 2-week trial
version. Uninstalling it does *not* change your Registry back to its pre-installed state. (cf. http://www.pestpatrol.com/pestinfo/d...rator_plus.asp) At minimum, you'll need both Spybot and Ad-aware, kept fully up-to-date, to identify and help remove most malware, Star. You should be running Spybot v1.3 w/ 20 Aug-04 update installed and Ad-aware SE w/ reffile dated 16 Aug-04 installed. But even they can't catch everything, 24/7. When all else fails, HijackThis (http://www.spywareinfo.com/~merijn/files/HijackThis.exe) is the preferred tool to use. It will help you to both identify and remove any hijackware/spyware. **Post your files to http://forums.spywareinfo.com/ or http://forum.aumha.org/viewforum.php?f=30 for expert analysis, not here.** Help with Hijackware http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://mvps.org/winhelp2002/unwanted.htm http://inetexplorer.mvps.org/Darnit.htm -- IE6-specific newsgroup: news://msnews.microsoft.com/microsof...er.ie6.browser ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE), AH-VSOP Are You Ready for WinXP SP2? http://support.microsoft.com/default...r=windowsxpsp2 What You Should Know About Spyware http://www.microsoft.com/athome/secu...ssoftware.mspx AumHa Forums http://forum.aumha.org Star wrote: Hello, Maybe I should go to IE newsgroup but I'm running 98-se. I have Spybot and all new updates and Spybot finds only 1 problem which is a false positive that I have already researched (SCC Technology). I have **4 BHO's**, Adobe Acrobat, Yahoo Companion, (I choose to have this toolbar), Pop This... pop-up blocker and my Spybot browser helper. I ran Spybot moments ago, nothing new found. I also ran Anti-Spy, feature of Yahoo toolbar and item found this... *Download Accelerator Plus* w/11 entries in my registry!! I've searched the puter and don't appear to have a program installed associated to these entries?? I'm manually searched too w/view all files turned on, especially C:\Program Files. * Doing a Google search search for this item indeed gives me software and sites for downloading. * I have no entry in msconfig that is new, I can identify all running processes showing up. * I also looked at my add/remove s/w and I have only good programs that I'm absolutely sure about, have been using them for a long time. I actually have all my program installers either on CD or Iomega zip. Is this Spyware, Malware?? I want all traces of it gone, I don't want this program. My question.... How CAN I have 11 entries in my registry and not have a program installed, doesn't make sense to me???? Star |
#4
|
|||
|
|||
Hi MM
"Mostly Me (MM)" wrote in message ... Star wrote: snip Is this Spyware, Malware?? No, but the free version is advertiser supported(displays banner ads), thus it is adware. DAP is a download manager that speeds up file downloads, you might find it listed as DAP in your programs files folder, but it will be listed as Download Accelerator Plus in add/remove programs. ** Yahoo anti-spy said it was a BHO, I did more Google searches under BHO's and I found this site, http://www.spyany.com/program/articl...ator_Plus.html I went thru my registry, did not have the keys listed to remove. No DAP is NOT in my programs add/remove, I know every program listed and I know they are safe. I also don't have any running processes in msconfig that I am not confident of, know what they all are, I try to be a smart Windows user. It does not install itself on the sly as it is a legitimate program with millions of users, so it would appear at one time it was (or still is) installed on your system. Ad-Aware(anti-adware program) no longer even classifies it as "adware" in the problematic sense as it is truly installed voluntarily, unlike many programs such as the infamous Gator\Gain crap. Yahoo anti-spy removed the 11 entries. Wow!! I did not install it knowingly, and I do very few downloads period. I'm going to check my download programs files in Windows. I just checked my active-x small programs, I have (7), looked at their properties, they are all safe, I know what they are. Re... the weblink I inserted, I opened Yahoo anti-spy and indeed the keys removed are from DAP, they match up. I believe *all* traces are gone, what do you think?? Star |
#5
|
|||
|
|||
Hi PA Bear
"PA Bear" wrote in message ... You or someone else using your machine may have installed the 2-week trial version. Uninstalling it does *not* change your Registry back to its pre-installed state. (cf. http://www.pestpatrol.com/pestinfo/d...rator_plus.asp) * I'm the ONLY user of this machine. (see all *'s) At minimum, you'll need both Spybot and Ad-aware, kept fully up-to-date, to identify and help remove most malware, Star. You should be running Spybot v1.3 w/ 20 Aug-04 update installed and Ad-aware SE w/ reffile dated 16 Aug-04 installed. * I have a new install of Windows, and Spybot, fully updated, Spybot only finds SCC Technology, false positive. I don't like Ad-aware and don't use it. I do also use Spyware Blaster and it's fully updated. I have Yahoo anti-spy and it was found by Yahoo anti spy and identified as a BHO. * DAP doesn't show up in add/remove programs. I am positive I didn't download DAP, however I acquired a strange BHO, 11 entries that have been removed. But even they can't catch everything, 24/7. When all else fails, HijackThis (http://www.spywareinfo.com/~merijn/files/HijackThis.exe) is the preferred tool to use. It will help you to both identify and remove any hijackware/spyware. **Post your files to http://forums.spywareinfo.com/ or http://forum.aumha.org/viewforum.php?f=30 for expert analysis, not here.** Help with Hijackware http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://mvps.org/winhelp2002/unwanted.htm http://inetexplorer.mvps.org/Darnit.htm -- IE6-specific newsgroup: news://msnews.microsoft.com/microsof...er.ie6.browser * Thanks for the all the above site references. If I have traces of this BHO, I want it gone from my puter. Also, PA Bear, a BHO is different from downloading a program, after the download, you would have to install it?? Just wondering if you have further thoughts, thanks for helping me. I am very cautious, download next to nothing except for updates. Star ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE), AH-VSOP Are You Ready for WinXP SP2? http://support.microsoft.com/default...r=windowsxpsp2 What You Should Know About Spyware http://www.microsoft.com/athome/secu...ssoftware.mspx AumHa Forums http://forum.aumha.org Star wrote: Hello, Maybe I should go to IE newsgroup but I'm running 98-se. I have Spybot and all new updates and Spybot finds only 1 problem which is a false positive that I have already researched (SCC Technology). I have **4 BHO's**, Adobe Acrobat, Yahoo Companion, (I choose to have this toolbar), Pop This... pop-up blocker and my Spybot browser helper. I ran Spybot moments ago, nothing new found. I also ran Anti-Spy, feature of Yahoo toolbar and item found this... *Download Accelerator Plus* w/11 entries in my registry!! I've searched the puter and don't appear to have a program installed associated to these entries?? I'm manually searched too w/view all files turned on, especially C:\Program Files. * Doing a Google search search for this item indeed gives me software and sites for downloading. * I have no entry in msconfig that is new, I can identify all running processes showing up. * I also looked at my add/remove s/w and I have only good programs that I'm absolutely sure about, have been using them for a long time. I actually have all my program installers either on CD or Iomega zip. Is this Spyware, Malware?? I want all traces of it gone, I don't want this program. My question.... How CAN I have 11 entries in my registry and not have a program installed, doesn't make sense to me???? Star |
#6
|
|||
|
|||
Star wrote:
I believe *all* traces are gone, what do you think?? Star Looks like you have it all under control. It will just have to be a mystery as to how they got there in the first place, but the good news is you gave them the boot. MM |
#7
|
|||
|
|||
Star;
I'm such a newbie, I feel like a real 'poseur' even attempting to respond to someone else's a query. Installing and running DAP creates Winzip *files* which don't delete when the DAP unistall is used. These might account for any scanning hits which would be in addition to those remnants actually in your registry as PABear already pointed out. I only mention this in case you find the registry edit doesn't satisfy your; "I want all traces it gone" objective. rooster boundary bay, bc -----Original Message----- Hello, Maybe I should go to IE newsgroup but I'm running 98-se. I have Spybot and all new updates and Spybot finds only 1 problem which is a false positive that I have already researched (SCC Technology). I have **4 BHO's**, Adobe Acrobat, Yahoo Companion, (I choose to have this toolbar), Pop This... pop-up blocker and my Spybot browser helper. I ran Spybot moments ago, nothing new found. I also ran Anti-Spy, feature of Yahoo toolbar and item found this... *Download Accelerator Plus* w/11 entries in my registry!! I've searched the puter and don't appear to have a program installed associated to these entries?? I'm manually searched too w/view all files turned on, especially C:\Program Files. * Doing a Google search search for this item indeed gives me software and sites for downloading. * I have no entry in msconfig that is new, I can identify all running processes showing up. * I also looked at my add/remove s/w and I have only good programs that I'm absolutely sure about, have been using them for a long time. I actually have all my program installers either on CD or Iomega zip. Is this Spyware, Malware?? I want all traces of it gone, I don't want this program. My question.... How CAN I have 11 entries in my registry and not have a program installed, doesn't make sense to me???? Star . |
#8
|
|||
|
|||
Hi Rooster,
That confirms for me... I do have WinZip and a folder that I *USE* for any WinZip downloads. That further confirms for me that I never downloaded this program nor installed it, nor does it show up in add/remove programs. You know for sure that it downloads as a zip file vs. set-up file, have you downloaded it in the past? I went to the link at Amaha.com that PA Bear gave and did the test... nothing was found, I was clean!! Still 11 registry entries for a BHO... seems a little much? Thanks, Star "rooster" wrote in message ... Star; I'm such a newbie, I feel like a real 'poseur' even attempting to respond to someone else's a query. Installing and running DAP creates Winzip *files* which don't delete when the DAP unistall is used. These might account for any scanning hits which would be in addition to those remnants actually in your registry as PABear already pointed out. I only mention this in case you find the registry edit doesn't satisfy your; "I want all traces it gone" objective. rooster boundary bay, bc -----Original Message----- Hello, Maybe I should go to IE newsgroup but I'm running 98-se. I have Spybot and all new updates and Spybot finds only 1 problem which is a false positive that I have already researched (SCC Technology). I have **4 BHO's**, Adobe Acrobat, Yahoo Companion, (I choose to have this toolbar), Pop This... pop-up blocker and my Spybot browser helper. I ran Spybot moments ago, nothing new found. I also ran Anti-Spy, feature of Yahoo toolbar and item found this... *Download Accelerator Plus* w/11 entries in my registry!! I've searched the puter and don't appear to have a program installed associated to these entries?? I'm manually searched too w/view all files turned on, especially C:\Program Files. * Doing a Google search search for this item indeed gives me software and sites for downloading. * I have no entry in msconfig that is new, I can identify all running processes showing up. * I also looked at my add/remove s/w and I have only good programs that I'm absolutely sure about, have been using them for a long time. I actually have all my program installers either on CD or Iomega zip. Is this Spyware, Malware?? I want all traces of it gone, I don't want this program. My question.... How CAN I have 11 entries in my registry and not have a program installed, doesn't make sense to me???? Star . |
#9
|
|||
|
|||
11 entries for this particular BHO is about there, it is supposed to begin
multiple band download threads of files and match all the pieces up and sort all the downloaded fragments into coherent order behind the OS's back, it hooks into a lot of processes. -- Adaware http://www.lavasoft.de spybot http://security.kolla.de AVG free antivirus http://www.grisoft.com Etrust/Vet/CA.online Antivirus scan http://www3.ca.com/securityadvisor/virusinfo/scan.aspx Panda online AntiVirus scan http://www.pandasoftware.com/ActiveScan/ Catalog of removal tools http://www.pandasoftware.com/download/utilities/ Blocking Unwanted Parasites with a Hosts file http://mvps.org/winhelp2002/hosts.htm links provided as a courtesy, read all instructions on the pages before use Grateful thanks to the authors/webmasters "Star" wrote in message ... | Hi Rooster, | That confirms for me... I do have WinZip and a folder that I *USE* for any | WinZip downloads. That further confirms for me that I never downloaded this | program nor installed it, nor does it show up in add/remove programs. You | know for sure that it downloads as a zip file vs. set-up file, have you | downloaded it in the past? | | I went to the link at Amaha.com that PA Bear gave and did the test... | nothing was found, I was clean!! | | Still 11 registry entries for a BHO... seems a little much? | | Thanks, Star | | "rooster" wrote in message | ... | Star; | I'm such a newbie, I feel like a real 'poseur' even | attempting to respond to someone else's a query. | Installing and running DAP creates Winzip *files* | which don't delete when the DAP unistall is used. These | might account for any scanning hits which would be in | addition to those remnants actually in your registry as | PABear already pointed out. I only mention this in case | you find the registry edit doesn't satisfy your; "I want | all traces it gone" objective. | | rooster | boundary bay, bc | | | -----Original Message----- | Hello, | Maybe I should go to IE newsgroup but I'm running 98-se. | I have Spybot and | all new updates and Spybot finds only 1 problem which is | a false positive | that I have already researched (SCC Technology). | | I have **4 BHO's**, Adobe Acrobat, Yahoo Companion, (I | choose to have this | toolbar), Pop This... pop-up blocker and my Spybot | browser helper. | | I ran Spybot moments ago, nothing new found. | | I also ran Anti-Spy, feature of Yahoo toolbar and item | found this... | *Download Accelerator Plus* w/11 entries in my registry!! | | I've searched the puter and don't appear to have a | program installed | associated to these entries?? | I'm manually searched too w/view all files turned on, | especially C:\Program | Files. | | * Doing a Google search search for this item indeed gives | me software and | sites for downloading. | * I have no entry in msconfig that is new, I can identify | all running | processes showing up. | * I also looked at my add/remove s/w and I have only good | programs that I'm | absolutely sure about, have been using them for a long | time. I actually have | all my program installers either on CD or Iomega zip. | | Is this Spyware, Malware?? | | I want all traces of it gone, I don't want this program. | | My question.... How CAN I have 11 entries in my registry | and not have a | program installed, doesn't make sense to me???? | | Star | | | . | | | |
#10
|
|||
|
|||
Star, you should regularly check the Windows\Downloaded Program Files folder,
right-click the entries and choose Properties in order to see what you have installed from the web. Many of these items fall under the category of BHO's. If you had looked there prior to removing the 11 Registry entries with the Yahoo spyware app, you might have seen it listed there. Downloaded Program Files folder contains ActiveX controls, and they can add quite a lot of registry entries, depending on what they do. 11 entries is really not much at all for an ActiveX control or a BHO. BHO's and ActiveX controls can install without your knowledge, especially if you have your browser security setting too low. PA Bear will probably fill you in on preferred security settings in IE, as that is one of his areas of concentration in the IE/OE groups. Download accelerators sometimes install themselves during a download of some other item from a web site. Unless you read the page with the download carefully, you can often miss the "fine print' informing you that you will be downloading with "such and such accelerator". -- Glen Ventura, MS MVP W95/98 Systems http://dts-l.org/goodpost.htm "Star" wrote in message ... Hi PA Bear "PA Bear" wrote in message ... You or someone else using your machine may have installed the 2-week trial version. Uninstalling it does *not* change your Registry back to its pre-installed state. (cf. http://www.pestpatrol.com/pestinfo/d...rator_plus.asp) * I'm the ONLY user of this machine. (see all *'s) At minimum, you'll need both Spybot and Ad-aware, kept fully up-to-date, to identify and help remove most malware, Star. You should be running Spybot v1.3 w/ 20 Aug-04 update installed and Ad-aware SE w/ reffile dated 16 Aug-04 installed. * I have a new install of Windows, and Spybot, fully updated, Spybot only finds SCC Technology, false positive. I don't like Ad-aware and don't use it. I do also use Spyware Blaster and it's fully updated. I have Yahoo anti-spy and it was found by Yahoo anti spy and identified as a BHO. * DAP doesn't show up in add/remove programs. I am positive I didn't download DAP, however I acquired a strange BHO, 11 entries that have been removed. But even they can't catch everything, 24/7. When all else fails, HijackThis (http://www.spywareinfo.com/~merijn/files/HijackThis.exe) is the preferred tool to use. It will help you to both identify and remove any hijackware/spyware. **Post your files to http://forums.spywareinfo.com/ or http://forum.aumha.org/viewforum.php?f=30 for expert analysis, not here.** Help with Hijackware http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://mvps.org/winhelp2002/unwanted.htm http://inetexplorer.mvps.org/Darnit.htm -- IE6-specific newsgroup: news://msnews.microsoft.com/microsof...er.ie6.browser * Thanks for the all the above site references. If I have traces of this BHO, I want it gone from my puter. Also, PA Bear, a BHO is different from downloading a program, after the download, you would have to install it?? Just wondering if you have further thoughts, thanks for helping me. I am very cautious, download next to nothing except for updates. Star ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE), AH-VSOP Are You Ready for WinXP SP2? http://support.microsoft.com/default...r=windowsxpsp2 What You Should Know About Spyware http://www.microsoft.com/athome/secu...ssoftware.mspx AumHa Forums http://forum.aumha.org Star wrote: Hello, Maybe I should go to IE newsgroup but I'm running 98-se. I have Spybot and all new updates and Spybot finds only 1 problem which is a false positive that I have already researched (SCC Technology). I have **4 BHO's**, Adobe Acrobat, Yahoo Companion, (I choose to have this toolbar), Pop This... pop-up blocker and my Spybot browser helper. I ran Spybot moments ago, nothing new found. I also ran Anti-Spy, feature of Yahoo toolbar and item found this... *Download Accelerator Plus* w/11 entries in my registry!! I've searched the puter and don't appear to have a program installed associated to these entries?? I'm manually searched too w/view all files turned on, especially C:\Program Files. * Doing a Google search search for this item indeed gives me software and sites for downloading. * I have no entry in msconfig that is new, I can identify all running processes showing up. * I also looked at my add/remove s/w and I have only good programs that I'm absolutely sure about, have been using them for a long time. I actually have all my program installers either on CD or Iomega zip. Is this Spyware, Malware?? I want all traces of it gone, I don't want this program. My question.... How CAN I have 11 entries in my registry and not have a program installed, doesn't make sense to me???? Star |
Thread Tools | |
Display Modes | |
|
|