Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

ads.yieldmanager.com / upspiral


  • Please log in to reply

#1
viralext

viralext

    New Member

  • Member
  • Pip
  • 2 posts
i run the new spyware doctor 4 which has been very successful up to date. lately, however, i have been recieving non-stop pop-ups at the most inconvenient times (games, cd burning, etc). i ran the spyware program in safe mode and then came here. here is my hijackthis log:


Logfile of HijackThis v1.99.1
Scan saved at 05:18 Z, on 9/18/2006
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)

Running processes:
C:\Program Files\Media\Winamp\winampa.exe
C:\Program Files\Utilities\Spyware Doctor\swdoctor.exe
C:\Program Files\Games\Steam\steam.exe
C:\Program Files\Internet\AIM95\aim.exe
C:\Program Files\Utilities\Citrus Alarm Clock\citrusac.exe
C:\Documents and Settings\Administrator\Desktop\rapget111\rapget.exe
C:\Program Files\Media\Winamp\winamp.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\hijackthis\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Utilities\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\UTILIT~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\UTILIT~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Media\Winamp\winampa.exe
O4 - HKLM\..\Run: [Rapget] C:\Documents and Settings\Administrator\Desktop\rapget111\rapget.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Citrus Alarm Clock] C:\Program Files\Utilities\Citrus Alarm Clock\citrusac.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Utilities\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Utilities\Acrobat 7.0\Reader\reader_sl.exe
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O20 - Winlogon Notify: EFS - C:\WINDOWS\SYSTEM32\sclgntfy.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Utilities\ISO Recorder 64\ImapiHelper.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Utilities\Spyware Doctor\sdhelp.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)




its a fairly fresh install of windows although i admit to going to sites capable of giving lots of bad stuff for my computer. the pop-ups continue, mainly ads.yieldmanager.com and upspiral is what spyware doc is telling me. but it varies with a lot more less frequently. i dont see anything i dont recognize really in the log.

help?


-adam
  • 0

Advertisements


#2
viralext

viralext

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
keep in mind, i run 64-bit os

so ewido is not supported

i only mention this because i noticed you tell most visitors to install.

i tried.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP