Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help with random pop up stuff......


  • Please log in to reply

#1
mad professor

mad professor

    New Member

  • Member
  • Pip
  • 1 posts
I keep having windows poping up that say advertisment and I keep having oinsearch popping up . Adwatch is going nuts and it is driving me up the wall .
I ran Adaware .
I ran spybot.
I tried Panda AV .
I am running AVG7.5 right now .
This stuff keeps going on . Help please .

This is my latest hijack this log .

Logfile of HijackThis v1.99.1
Scan saved at 3:52:00 PM, on 10/23/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\LxrJD31s.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\PRPCUI.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control

Panel\atiptaxx.exe
C:\WINNT\system32\pctspk.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program

Files\NETGEAR\WG511SCU\Utility\Gear511.exe
C:\Program Files\Hewlett-Packard\Digital

Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP

Share-to-Web\hpgs2wnd.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINNT\system32\ICROSO~1\javaw.exe
C:\Program Files\Hewlett-Packard\HP

Share-to-Web\hpgs2wnf.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program

Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go

ogleToolbarNotifier.exe
C:\WINNT\W?nSxS\i?xplore.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrator\My

Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page = http://ar15.com/forums/
R0 - HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) -

{3A369038-28D5-5A07-D6AA-73B5E8C0DDB9} -

C:\WINNT\system32\jrtbm.dll
R3 - URLSearchHook: (no name) -

_{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no

file)
O2 - BHO: HelperObject Class -

{00C6482D-C502-44C8-8409-FCE54AD9C208} -

C:\Program Files\TechSmith\SnagIt 6\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Adobe\Acrobat

5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) -

{3A369038-28D5-5A07-D6AA-73B5E8C0DDB9} -

C:\WINNT\system32\jrtbm.dll
O2 - BHO: (no name) -

{51E02A43-AAD4-C7FE-63C2-07E2F8A4AF29} -

C:\WINNT\system32\bxjnvvc.dll
O2 - BHO: (no name) -

{53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473F7} -

c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio -

{8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: SnagIt -

{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} -

C:\Program Files\TechSmith\SnagIt

6\SnagItIEAddin.dll
O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B18-009027A5CD4F} -

c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Synchronization Manager]

mobsync.exe /logon
O4 - HKLM\..\Run: [CPortPatch]

C:\WINNT\DockQuickInstall\cppch.exe
O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program

Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program

Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI

Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [Ad-watch] "C:\Program

Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [DadApp] C:\Program

Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [AS00_Gear511] C:\Program

Files\NETGEAR\WG511SCU\Utility\Gear511.exe -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck]

C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [CamMonitor] C:\Program

Files\Hewlett-Packard\Digital

Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon]

C:\Program Files\Hewlett-Packard\HP

Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [WinLibUpdate] libupdate.exe
O4 - HKLM\..\Run:

[Ezthemes_WhenUSaveNow_Installer] C:\Program

Files\Ezthemes_WhenUSaveNow_Installer\Ezthemes_Whe

nUSaveNow_Installer.exe
O4 - HKLM\..\Run: [ntdll.dll] "C:\Program

Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program

Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program

Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [AVG7_CC]

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [swg] C:\Program

Files\Google\GoogleToolbarNotifier\1.0.720.3640\Go

ogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aaaa]

"C:\WINNT\system32\ICROSO~1\javaw.exe" -vt tzt
O4 - Global Startup: WinZip Quick Pick.lnk =

C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ieSpell Options -

res://C:\Program

Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling -

res://C:\Program

Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: ieSpell -

{0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} -

C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell -

{0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} -

C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) -

{1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} -

C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options -

{1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} -

C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O12 - Plugin for .spop: C:\Program Files\Internet

Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}

(Windows Genuine Advantage Validation Tool) -

http://go.microsoft....k/?linkid=39204
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C}

-

http://a1540.g.akama.../20060104/qtins

tall.info.apple.com/snape/us/win/QuickTimeInstalle

r.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}

(MUWebControl Class) -

http://update.micros...ftupdate/v6/V5C

ontrols/en/x86/client/muweb_site.cab?1141292438886
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}

(ActiveScan Installer Class) -

http://acs.pandasoft...scan/as5free/as

inst.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{08B86E2E-E805-4

49D-BEED-4B04EE390178}: NameServer = 209.112.160.2

209.112.130.2
O23 - Service: Ati HotKey Poller - Unknown owner -

C:\WINNT\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server

(Avg7Alrt) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) -

GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) -

GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Logical Disk Manager Administrative

Service (dmadmin) - VERITAS Software Corp. -

C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager

(IDriverT) - Macrovision Corporation - C:\Program

Files\Common Files\InstallShield\Driver\11\Intel

32\IDriverT.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown

owner - C:\WINNT\SYSTEM32\LxrJD31s.exe
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP