Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [FIXED] HijackThis

[Fixed] Hijackthis! Logs - [FIXED] HijackThis posted in the Security & Safety forums; Hello, I am not the greatest hijackthis reader in the world but for some reason cannot find where my pop-up's are coming from. Am a descent pc tech but again ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 2 1 2 >
  #1  
Old 10-09-2005
Bronze Member
  
Join Date: Oct 2005
Location: Illinios
Posts: 17
Fi_Bi_Ill - See this Members User comments on their Profile page
Default [FIXED] HijackThis
Hello,
I am not the greatest hijackthis reader in the world but for some reason cannot find where my pop-up's are coming from. Am a descent pc tech but again can't figure this one out.

Logfile of HijackThis v1.99.1
Scan saved at 3:41:42 PM, on 10/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
F:\Program Files\Executive Software\Diskeeper\DkService.exe
F:\PROGRA~1\Grisoft\AVG7\avgcc.exe
F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
F:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
F:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.e xe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
G:\docs\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [DiskeeperSystray] "F:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "F:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunServer] F:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O8 - Extra context menu item: &ieSpell Options - res://F:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://F:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - F:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Last edited by ladygreenwitch; 10-11-2005 at 12:47 AM. Reason: FIXED
  #2  
Old 10-09-2005
Hengis's Avatar
PCHF Founder & Owner
My PC
 
Join Date: Jan 2004
Location: Berkshire, England
Posts: 11,090
PC Experience: Always learning
Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page
Send a message via Skype™ to Hengis
Default
Welcome to PCHF

One of our great PC Security Techs will be along shortly to look at this for you


__________________
> Pre-Work > System File Checker
> Did we help you? If we did, please consider A Donation
  #3  
Old 10-09-2005
Bronze Member
  
Join Date: Oct 2005
Location: Illinios
Posts: 17
Fi_Bi_Ill - See this Members User comments on their Profile page
Default
Thanks For the welcome Hengis.. Will be patiently waiting.
  #4  
Old 10-09-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,044
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
Youre log looks perfect What kind of popups do you get?


You can always let Ewido have a go at it:

Download [Ewido Security Suite]
  • Install Ewido Security Suite.
  • When installing, under Additional Options uncheck Install background guard and Install scan via context menu
  • Launch Ewido, there should be a big "E" icon on your desktop, double-click it.
  • The program will prompt you to update click the "OK" button
  • The program will now go to the main screen
  • You will need to update Ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Click on Start
  • The update will start and a progress bar will show the updates being installed.*
  • After the updates are installed, exit ewido.
Once the updates are installed do the following:
  • If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.
  • Reboot into Safe Mode, restart your computer, tap the F8* key. Use your up arrow key to highlight Safe Mode, then hit enter.
Close all open windows/programs/folders and then run Ewido.* Have nothing else open while ewido performs its scan!
  • Click on Scanner , Settings
  • Under "How to scan" all boxes should be selected
  • Under "Possibly unwanted software" all boxes should be selected
  • Under "What to scan" select scan every file
  • Click OK, Complete system scan
  • Let the program scan the machine
  • If ewido finds anything, it will pop up a notification.*
NOTE:* We have been finding some cases of false positives with the new version of Ewido, so you need to step through the fixes one-by-one.* If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, AOL, pcAnywhere and the game "Risk" have been flagged.* In particular, watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives) select "none" as the action.*

DO NOT check "Perform action with all infections."* If you are unsure of an entry, select "none" for the time being.* We will see that in the log when you post it later and let you know if ewido needs to be run again.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report.

Click Save report. Save the report to your desktop, exit ewido


Note:

If during your scan Ewido "crashes" or "hangs", please try scanning again. Before running the scan, click on 'Scanner' (the 3rd bar from the top on the left) and Choose 'Settings'. Uncheck 'Scan in NTFS Alternate Data Streams' as this can cause problems in overly infected systems. Click 'OK' and run a new scan.


Comments on this post
Fi_Bi_Ill comments:
__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -
  #5  
Old 10-09-2005
Bronze Member
  
Join Date: Oct 2005
Location: Illinios
Posts: 17
Fi_Bi_Ill - See this Members User comments on their Profile page
Default
Thanks for the "perfect reply" Joe5.. Tried Ewido, and it came up with a couple tracking cookies thats about it. I know I have messenger turned off. I use some other program's that I had to remove from the log due to thier purposes. But there not spyware related, there tracking program's for my job. Will keep checking my reg for thing's. All pop-up's are being blocked by IE, but they always get through, and there's alot of em. Let me turn on ZA's pop up control, (forgot it had it).
  #6  
Old 10-09-2005
Hengis's Avatar
PCHF Founder & Owner
My PC
 
Join Date: Jan 2004
Location: Berkshire, England
Posts: 11,090
PC Experience: Always learning
Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page
Send a message via Skype™ to Hengis
Default
Have you looked at turning the messenger service off in Services?

Right click on "My Computer" > manage > services and applications > services > messenger service > disable it.


__________________
> Pre-Work > System File Checker
> Did we help you? If we did, please consider A Donation

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 1 of 2 1 2 >

Bookmarks

« [FIXED] Making Sure | [Pending] Checkup »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
[Clean]My Hijackthis log .... RobMatthews [Fixed] Hijackthis! Logs 4 09-05-2005 03:17 AM
[Fixed] My HijackThis Log ClareB [Fixed] Hijackthis! Logs 1 07-28-2005 10:34 PM
[CLEAN] hijackthis log jnickfab [Fixed] Hijackthis! Logs 1 05-09-2005 11:15 PM

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 06:24 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top
Bad Credit Personal Loans
Get free quotes on bad credit loans, home equity loans, personal loans, and mortgages.

Consolidation
Consolidation advice from Moneyexpert.

Problem Mortgage
Problem mortgage? Let Ocean Finance help.