Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

can't stop annoying popups


  • Please log in to reply

#1
Major_Canadian

Major_Canadian

    New Member

  • Member
  • Pip
  • 2 posts
hi, it's a great thing that there are so many out there that are willing to help. here is my hijack file. i'm experiencing some annoying popups that i can't seem to stop, i've stopped some processes that i determined were spyware, through searching the google, yet, i still can't seem to stop the popups, please help.....

Logfile of HijackThis v1.99.1
Scan saved at 5:38:17 PM, on 7/19/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Common Files\services.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Common Files\services.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijack this\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitewvn32.exe
O4 - HKLM\..\Run: [pDDp3ft] C:\WINDOWS\hevgnqa.exe
O4 - HKLM\..\Run: [version] C:\WINDOWS\System32\Qjyqwx.exe
O4 - HKLM\..\Run: [secure] C:\WINDOWS\System32\Mtxqap.exe
O4 - HKLM\..\Run: [Ofwlqufx] C:\Program Files\Lvnyh\Pcaiu.exe
O4 - HKLM\..\Run: [xGdwn] C:\WINDOWS\awyaajjk.exe
O4 - HKLM\..\Run: [rnnele5b] C:\WINDOWS\System32\rnnele5b.exe
O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} - http://www.180search...com/180saax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zon...ot.cab31267.cab
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
  • 0

Advertisements


#2
andydf

andydf

    Visiting Staff

  • Visiting Consultant
  • 1,660 posts
Hi ,

I'm working on your log, as soon as another staff member reviews it I'll post a reply. :tazz: Thank you for your patience.

Regards,

Andydf
  • 0

#3
Major_Canadian

Major_Canadian

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
thanks andy df. i do know a fair amount about computers, and have many of my friends that have computer problems that they always want me to fix, like driver issues, and reformatting, and they always seem to want stuff done right away, so, understanding patience in this is something i really understand.

it seems like there are oodles of people that generally have the same problems with spyware, and malware, is there any type of chat designed to help people better understand the spybot logs, i do a little, but, i could use some people to chat with to better my understanding.

again, thanks for the help....
  • 0

#4
andydf

andydf

    Visiting Staff

  • Visiting Consultant
  • 1,660 posts
Hi
Major Canadian

We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft...p1/default.mspx
Apply the update, reboot, and post a fresh Hijack This log.

To answer your question, you could sign up to help, or try the 'live chat' link in the top right of every page.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP