Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't get rid of pop up ads on IE


  • This topic is locked This topic is locked

#1
prgaudette

prgaudette

    Member

  • Member
  • PipPip
  • 14 posts
Logfile of HijackThis v1.99.1
Scan saved at 8:59:17 PM, on 4/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Centerbeam\AgentSrv.EXE
C:\WINDOWS\System32\basfipm.exe
C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\mobile automation\rstate.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\r_server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\PROGRA~1\MOBILE~1\rstate.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
c:\program files\mobile automation\rsstatus.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\lexpps.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\eFax Messenger 3.5\J2GDllCmd.exe
C:\Program Files\eFax Messenger 3.5\J2GTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Documents and Settings\pgaudette\My Documents\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mychartone.ch...sg/default.aspx
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mychartone.ch...sg/default.aspx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [Mobile Automation Agent] c:\PROGRA~1\MOBILE~1\rstate.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: eFax DllCmd 3.5.lnk = C:\Program Files\eFax Messenger 3.5\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 3.5.lnk = C:\Program Files\eFax Messenger 3.5\J2GTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: help.centerbeam.com
O15 - Trusted Zone: http://lic.music.msn.com
O15 - Trusted Zone: http://music.msn.com
O15 - Trusted Zone: *.chartone.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {2F5B39C5-C6F5-447A-A946-48B382C53985} - http://www.pacimedia...ll/pcs_0026.exe
O16 - DPF: {3AC3D009-2E89-4F1E-9F51-04D4FBD50122} (Shoretel SClientInstall) - http://sj-juno-06/sh...ientInstall.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1109885123266
O16 - DPF: {712362BF-E411-4F43-99D2-EB15F80AF1DB} (MsneDiag Class) - http://entimg.msn.co...snediag2729.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc4.webresp...t/TLIEFlash.CAB
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://www.chartvau.../js/capicom.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - file://E:\AUTORUN\Flash\swflash.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - http://entimg.msn.co...snmusax2729.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = CORP.CHARTONEINC.COM
O17 - HKLM\Software\..\Telephony: DomainName = CORP.CHARTONEINC.COM
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = CORP.CHARTONEINC.COM
O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\jt4m07h1e.dll (file missing)
O20 - Winlogon Notify: Hints - C:\WINDOWS\system32\gp20l3fm1.dll
O20 - Winlogon Notify: SharedDLLs - C:\WINDOWS\system32\MISIGN32.DLL
O23 - Service: Connected Agent Service (AgentSrv) - Connected Corporation - C:\Program Files\Centerbeam\AgentSrv.EXE
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe
O23 - Service: BES Client (BESClient) - BigFix Inc. - C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Mobile Automation Agent (MobileAutmationAgentService) - Mobile Automation, Inc. - c:\program files\mobile automation\rstate.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe" /service (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe


This topic is now closed. User is being helped here

Edited by g2i2r4, 06 May 2005 - 01:29 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP