spyware and viruses keep returning

[dpkkk]

this is really driving me crazy! i use antivirus and spyware programs to get rid of the mess and they still keep coming back and infecting my pc. they happen all at once and without any warning

here is a partial list of the offenders (some of which are in my hijack log found at bottom of this post) in no particular order:

180 solutions
powerscan
your site bar
ist service
sidefind
web-rebates
internet optimizer
sais
actalert
quicktime
vvsn
adult sites, free adult content (favorites folder)

some are automatically installed without my permission (ie. quicktime, web-rebates). spybot search and destroy is constantly warning me of registry entries but i cant deny them fast enough. browserhelpers, etc.

i just cant seem to get rid of them, even after fixing and deleting the infected files. its a never ending vicious cycle. in fact after i deleted some files using my antivirus program i ran hijackthis and they are still on my computer.

sometimes all this crazy stuff ends up crashing my computer. i have to delete a bunch of files do a whole lot of ctrl-alt-dels, and edit my startup folder. one annoying entry there is ist svc or ist service. what the heck is that??

ie browser windows also keep popping up out of nowhere, one was a screensaver site but was a blank page. thank goodness i have a popup stopper or my screen would be all full of browser windows.

i dont know what to do. im contantly deleting and uninstalling stuff that i never downloaded or wanted in the first place. how i do i stop the harassment permanently?

Logfile of HijackThis v1.98.2
Scan saved at 12:30:56 AM, on 11/9/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\YTRAYMAGICLITE\YTRAYMAGIC.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ISTSVC\ISTSVC.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\MSGTAG STATUS\MSGTAGSTATUS.EXE
C:\PROGRAM FILES\SOFTWARE BY DESIGN\STAYLIVE.EXE
C:\PROGRAM FILES\WINKEY\WINKEY.EXE
C:\PROGRAM FILES\DOUBLEDESKTOP\DD.EXE
C:\PROGRAM FILES\KIRYSTECH2K\KCPUCOOLER\KCPUCOOLER.EXE
C:\PROGRAM FILES\RESIZEENABLE\RESIZEENABLERUNNER.EXE
C:\PROGRAM FILES\MOUSEAWAY\MOUSEAWAY.EXE
C:\PROGRAM FILES\ONTRACK\SYSTEMSUITE\MXTASK.EXE
C:\PROGRAM FILES\EPROMPTER\EPROMPTER.EXE
C:\PROGRAM FILES\CLICKOFF\CLICKOFF.EXE
C:\PROGRAM FILES\ONTRACK\SYSTEMSUITE\mxecp16.exe
C:\PROGRAM FILES\GREENBROWSER 2.3\GREENBROWSER.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_p...unt_id=1000766
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_p...unt_id=1000766
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.slotch.com/?&account_id=1000766
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_p...unt_id=1000766
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://trafficg.com/hps.php?member=trafg
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Explorer
R3 - Default URLSearchHook is missing
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\PROGRA~1\YOURSI~1\YSB.DLL (file missing)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\RunServices: [YTrayMagic Lite 1] C:\PROGRAM FILES\YTRAYMAGICLITE\YTRAYMAGIC.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSGTAG] "C:\PROGRAM FILES\MSGTAG STATUS\MSGTAGSTATUS.EXE" /startup
O4 - Startup: Stay Live 2000.lnk = C:\Program Files\Software by Design\StayLive.exe
O4 - Startup: WinKey.lnk = C:\Program Files\WinKey\WinKey.exe
O4 - Startup: DoubleDesktop.lnk = C:\Program Files\DoubleDesktop\dd.exe
O4 - Startup: KCPUCooler.lnk = C:\Program Files\KirysTech2k\KCPUCooler\KCPUCooler.exe
O4 - Startup: ResizeEnableRunner.lnk = C:\Program Files\ResizeEnable\ResizeEnableRunner.exe
O4 - Startup: MouseAway.lnk = C:\Program Files\MouseAway\MouseAway.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Startup: Ontrack SystemSuite 2000 Task Manager.lnk = C:\Program Files\Ontrack\SystemSuite\mxtask.exe
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: ClickOff.lnk = C:\Program Files\ClickOff\Clickoff.exe
O8 - Extra context menu item: For&msAgent - C:\Download ZIP\agent.html
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\PROGRAM FILES\SIDEFIND\SIDEFIND.DLL (file missing)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {FDE6B956-B80A-4578-9A10-4C24609412F1} - http://access.gamezdump.com/output/0.../fullgames.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} - https://media.pineconeresearch.com/A...oadcontrol.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...99/mcfscan.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) -
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/...sb_regular.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} - http://www.pestscan.com/scanner/axscanner.cab
O21 - SSODL: grwTv - {1D6115E9-B7CB-BF43-2355-CB2258468DC6} - C:\WINDOWS\SYSTEM\KDMQJ.DLL

[photolady]

If you're using IE there are some settings that need turning off in order that "things" don't install on their own. On the menu bar, click on "Tools" then go to "Internet Options" then the Advanced tab, scroll to these two entries and uncheck them. "Enable Install on Demand (Internet Explorer)" and Enable Install on Demand (other)" That should stop the stuff from installing on your computer without your permission. Usually you'll get a prompt where you can tell it yes or no. Then download and install SpywareBlaster which blocks spyware. I use it, I have it installed on both of my daughter's computers, my brother uses it. And I install it on any computer I work on that has been infected with spyware. Get the download from the link below:

http://www.javacoolsoftware.com/spywareblaster.html

After you've installed it, update it and enable protection then close it out. Spywareblaster works in the background you never have to do anything to it, except update it weekly.