Pop-ups Even after a cleaning - Geeks to Go Forums

Jump to content

Log in Register Register Malware removal guide How it works

Pop-ups Even after a cleaning Had some malware/trojans cleaned them up using help from previous thre

#1 SilenTia

  • Group: Member
  • Posts: 1
  • Joined: 18-June 07

Posted 25 June 2007 - 05:04 PM

Hi, I was wondering if someone could help me with my issue. For a few days every time I connect to the internet and as I am disconnecting from the internet I get a windows explorer pop-up with various advertisements, heh might be worth noting I actually do not use IE for my surfing I use firefox. I have checked through my start up programs and I had ssqpp.exe starting up, a quick search on google I found out some info about this being stubborn malware and how to remove it. However after following the instructions and it appearing removed I am still getting the pop ups, I have included my hijackthis log in the hope someone can tell me what I am missing and help me with my problem smile.gif

Logfile of HijackThis v1.99.1
Scan saved at 7:01:17 PM, on 25/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Silentia\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Silentia\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Silentia\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Silentia\Program Files\IP Monitor\IPMonSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\SilenTia\Program Files\VNC4\WinVNC4.exe
C:\WINDOWS\Explorer.EXE
C:\SilenTia\PROGRA~1\IPMONI~1\IPMonitor.exe
C:\Silentia\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\SilenTia\PROGRA~1\ICQ\ICQ.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\SilenTia\Program Files\Yahoo\Messenger\YahooMessenger.exe
C:\SilenTia\Program Files\mIRC\mirc.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\SilenTia\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\SilenTia\PROGRA~1\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [IP Monitor] C:\SilenTia\PROGRA~1\IPMONI~1\IPMonitor.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\Silentia\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\hvommcjp.dll",realset
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IP Monitor] C:\SilenTia\Program Files\IP Monitor\IPMonitor.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\SilenTia\Program Files\RegistryBooster 2\RegistryBooster.exe /S
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\SilenTia\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\SilenTia\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1167702009171
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1167702001171
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Silentia\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Silentia\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Silentia\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: IP Monitor Network Address Monitor (IP Monitor) - Barefoot Productions, Inc. - C:\Silentia\Program Files\IP Monitor\IPMonSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\SilenTia\Program Files\VNC4\WinVNC4.exe" -service (file missing)

Share this topic:


Page 1 of 1