Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need a little help...


  • Please log in to reply
3 replies to this topic

#1 Stubbs

Stubbs

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 17 January 2005 - 03:54 PM

Hello all, what a cool site, I hope you can help me with this:

My desktop is all blue with a message saying that I am an easy target and what have you... when I click a link beneath this message, I am linked to a page by topantispyware... I'd like to get rid of this...

Thanks a million in advance!!

BC AdBot (Login to Remove)

 


#2 Notorious

Notorious

  • Members
  • 345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Amsterdam
  • Local time:07:29 AM

Posted 17 January 2005 - 06:21 PM

Many problems can be fixed by replacing the host file (we have good fix right here check Raw's sig)
Than download few free but very good programs like, SpywareBlaster, SpyBot - Search & Destroy and AdAware
Here are the links to Host file SpywareBlaster Spybot-S&D AdAware
update them, disconnect from the internet and run those programs preferably in safe mode..
If problem still presists, read our tutorial on HijackThis and post the log.. here

Hope this will help.. :thumbsup:
Posted Image

Down in the bayou, Bubba called an attorney and asked, "Is it true they're suin' the cigarette companies for causing people to get cancer?
"Sure is Bubba. But why you asking?"
"Cause what I want to know is, I was thinking, can I sue Budweiser for all them ugly women I've slept with?"

#3 Stubbs

Stubbs
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 18 January 2005 - 11:18 AM

Thanks for your reply!

I followed your advice but it didn't do much, so here's my log:

Logfile of HijackThis v1.99.0
Scan saved at 16:58:59, on 18-01-2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Programmer\Windows NT\TilbehÝr\WORDPAD.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [process.exe] C:\WINDOWS\process.exe
O4 - HKLM\..\Run: [SpyFighterMonitor] "C:\Program Files\SpyFighter\SpyFighterScanner.exe" monitor
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Programmer\Internet Explorer\PLUGINS\nppdf32.dll
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.130/e9xr2.chm::/file.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1103658129560
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotion...ctor/WebSWK.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Sa...G/e-Safekey.cab
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#4 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:06:29 AM

Posted 18 January 2005 - 02:49 PM

Re-post your log in the HJT forum.

There, it will get the attention it deserves.
A member, of the HJT Team, will help you out.
It may take a couple of days to get a response, but, the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member will assume someone is already helping you out, and will not respond. So, just make your post, and let it sit, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users