Proxy Desktop

  • Thread starter Thread starter T.L. \(Tim\) Donnelly
  • Start date Start date
T

T.L. \(Tim\) Donnelly

Can someone point me in the direction of information regarding Microsoft's
Proxy Desktop? My desktop has become very unstable, and the only way I can
get it to work correctly is to have the defaults set for appearance and
folder options. Additionally, whenever I shutdown my machine, Proxy Desktop
will not respond and I must cancel it via the pop-up. I would like to know
more about this component, especially how one goes about getting at any
properties associated with it. Ultimately, if I can disable many of it's
purported "rich features" I could regain control over my desktop. Thx.
 
Try clearing Launch Folder Windows In Seperate Process. It is probably a program you've installed doing it as the only function call that mentions PD is one for a program to tell if it's in IE or Explorer, but only if explorer in in one process.
 
Thanks. Will run with that for a while and see what happens. What about
the "Folder Options>>General>>Browse Folders>>Open each folder in its own
window"? Does this play into the mix, or is it a Non-Contributor to the
issue?

So, is this a Vendor problem with PD?

Try clearing Launch Folder Windows In Seperate Process. It is probably a
program you've installed doing it as the only function call that mentions PD
is one for a program to tell if it's in IE or Explorer, but only if explorer
in in one process.
 
That just contols how windows open. They are all in the same process. There is one or two processes.
1 x All Explorer - Start, Desktop, Taskbar and open folder windows
or
1x Start, Desktop, Taskbar
1x All open folder windows
 
The type of program that would use this API call would often, but not always, be spywear.

--
----------------------------------------------------------
'Not happy John! Defending our democracy',
http://www.smh.com.au/articles/2004/06/29/1088392635123.html

That just contols how windows open. They are all in the same process. There is one or two processes.
1 x All Explorer - Start, Desktop, Taskbar and open folder windows
or
1x Start, Desktop, Taskbar
1x All open folder windows
 
I have run Ad-ware 6 RefFile 01r334 24.07.2004 - No Hits
I have run SysBot - Search and Destroy Detection Rules 2004-07-09 - No Hits
I have run Bazooka v1.12 with latest updates - One hit on MS Media Player
GUID
PestControl Scan came up negative.

Perhaps you could help me decide what to do next.

My "Hijack This" shows:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://news.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://w3.ibm.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://w3.ibm.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = http=CookieCop:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *windowsupdate*
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection -
{4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
D:\Spybot\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper -
{601ED020-FB6C-11D3-87D8-0050DA59922B} - D:\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program files\google\googletoolbar_en_2.0.111-big.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar_en_2.0.111-big.dll
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [ISAM SMT Service] "C:\Program Files\C4ebreg\isamsmt.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32
C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program
Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [QCWLICON] C:\Program
Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [C4EBReg] "C:\Program Files\c4ebreg\c4ebreg.exe" /q
O4 - HKLM\..\Run: [ISSI EZUpdate Service] "c:\sdwork\issimsvc.exe"
O4 - HKLM\..\Run: [CookieCop] D:\COOKIE~1\COOKIE~1.EXE
O4 - HKLM\..\Run: [CookieWall] D:\CookieWall\cookie.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control
Panel\atiptaxx.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\RunOnce: [NetVC - restore VNIC]
"C:\PROGRA~1\AT&TNE~1\\NetVC.exe" -reset att_avpnnic
O4 - HKCU\..\Run: [IBM RecordNow!] IBM RecordNow!
O4 - HKCU\..\RunOnce: [NetSP - restore database] "C:\Program Files\AT&T
Network client\NetSP.exe" -show
O4 - Startup: SpywareGuard.lnk = D:\SpywareGuard\sgmain.exe
O4 - Startup: Webshots.lnk = D:\Webshots\Launcher.exe
O4 - Global Startup: Candle Corporation VPN Client.lnk = C:\Program
Files\Candle Corporation\VPN Client\ipsecdialer.exe
O4 - Global Startup: Integrity Client.lnk = C:\Program Files\Zone
Labs\Integrity Client\iclient.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft
Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft
Office\Office\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program
files\google\GoogleToolbar_en_2.0.111-big.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program
files\google\GoogleToolbar_en_2.0.111-big.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program
files\google\GoogleToolbar_en_2.0.111-big.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program
files\google\GoogleToolbar_en_2.0.111-big.dll/cmsimilar.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
D:\AIM\aim.exe
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no
file)
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: Sametime Meeting Room Client ST31 -
https://www-1.ibm.com/sametime/stmeetingroomclient/STMeetingRoomClient.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13}
(PPSDKActiveXScanner.MainScreen) -
http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {45874228-A445-40DC-962B-EC15559B1741} (Siebel Option Pack for IE
7.5.3) -
http://candlecrm.candle.com/callcenter/16168/applets/SiebelOptionPack.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) -
http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {7261EE42-318E-490A-AE8F-77649DBA1ECA} (JNILoader Control) -
https://www-1.ibm.com/sametime/stmeetingroomclient/STJNILoader.cab
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) -
https://www.pc.ibm.com/egather/IbmEgath.cab
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} (LNWebAssist Class) -
http://w3.ibm.com/bluepages/scripts/lnwebassist.cab

BHODemon shows something suspect that I will have to research.

BHODemon 2.0.0.13 Report File:
D:\BHODemon 2\tfswshx_BHODemonInfo.txt

Legal Copyright: Copyright © 2002 Sonic Solutions
Desc: tfswshx.dll - Hewlett-Packard/Veritas DLA software
Clsid: {5CA3D70E-1895-11CF-8E15-001234567890}
DLL Path: C:\WINDOWS\system32\dla\tfswshx.dll
Modified Date: Wednesday, March 12, 2003 01:03:00
Created Date: Friday, July 23, 2004 13:09:27
File Description: Direct Access Component
Company Name: Sonic Solutions
Enabled?: Yes
Size (bytes): 98,356
MD5 Checksum: 46261a5430d810803c7132a2c5e3401b
Status: Investigating



The type of program that would use this API call would often, but not
always, be spywear.

--
----------------------------------------------------------
'Not happy John! Defending our democracy',
http://www.smh.com.au/articles/2004/06/29/1088392635123.html

That just contols how windows open. They are all in the same process. There
is one or two processes.
1 x All Explorer - Start, Desktop, Taskbar and open folder windows
or
1x Start, Desktop, Taskbar
1x All open folder windows
 
Back
Top