Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popup problems!


  • Please log in to reply
1 reply to this topic

#1 jadavault

jadavault

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:31 PM

Posted 21 May 2005 - 10:55 PM

One of my friends got onto my computer the other day and surfed around on some sketchy sites while I was away. Now i've got a plethora of popup problems and i've tried spybot search n destroy, ad-aware etc. Nothing seems to be working. I'll give you the hijack scan's report and would absolutely appreciate assistance in this matter!

Logfile of HijackThis v1.99.1
Scan saved at 8:52:46 PM, on 5/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Creative\USB SBAudigy2 NX\DVDAudio\CTDVDDet.EXE
C:\Program Files\Creative\USB SBAudigy2 NX\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\exp.exe
C:\WINDOWS\system32\wintask.exe
C:\WINDOWS\system32\vmmzvl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\pppoms.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
c:\windows\system32\evyusg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\poslbmsg.exe
C:\Program Files\Dell\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Dell\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FYI\khgronlxqg.exe
C:\hijackthis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe


Please reply to this message directly or to my email at (email address removed by OT to protect privacy)

Thank you for your time,

Jon DaVault

Edited by OldTimer, 21 May 2005 - 11:42 PM.


BC AdBot (Login to Remove)

 


m

#2 picard_uk

picard_uk

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Local time:10:31 PM

Posted 21 May 2005 - 11:50 PM

Hi jadavault,

Welcome to the forums.

It's never a good idea to post your e-mail address in open forums such as this! Spambots regularly trawl through forums and suddenly "You've got mail"

You seem to have posted an incomplete HiJackThis log. Can you please repost the full log?


picard.
Every day's a school day.

ASAP Proud member since 2005 Alliance of Security Analysis Professionals




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users