Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Ie popups
   
BullGuard Antivirus Forum > General Security > Spyware > Ie popups  
Forum Quick Jump
 
New Topic Locked Topic Printable version of : Ie popups
[ << Previous Thread | Next Thread >> ]

weeleong87
New Member


Date Joined Nov 2005
Total Posts : 17
  		   Posted 7-2-2007 12:10 (GMT +1)    Quote: Ie popupsAlert an admin about: Ie popups
This is my hijack log file

Logfile of HijackThis v1.99.1
Scan saved at 11:58:39 PM, on 7/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\RUNDLLFOROUR.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\d3f41.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\dgd4bs.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\Program Files\Common Files\system\Updaterun.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Documents and Settings\LYM\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ala.union123.com/indaxsx.html
F2 - REG:system.ini: Shell=Explorer.exe webhelp.exe
O2 - BHO: LpkHlpr Class - {00C104F7-0F5C-470C-ABCF-A5B2E70752F1} - C:\WINDOWS\system32\acczixp.dll
O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush.dll
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: ÌÚѶQQ - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\WINDOWS\QQIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ff Class - {FAAAC0F6-94BE-4466-934B-7C53666A2F41} - C:\WINDOWS\system32\9d31.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinForm] C:\WINDOWS\WinForm.exe
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [System] C:\Program Files\Common Files\system\Updaterun.exe
O4 - HKLM\..\Run: [TIMHost] C:\WINDOWS\TIMHost.exe
O4 - HKLM\..\Run: [Microsoft Autorun5] C:\WINDOWS\system32\mosou.exe
O4 - HKLM\..\Run: [Microsoft Autorun9] C:\WINDOWS\system32\Ravasktao.exe
O4 - HKLM\..\Run: [Sysmppcv] C:\WINDOWS\system32\Rundll32.exe "C:\WINDOWS\system32\SysTdSvr.dll",Start
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [Microsoft Autorun12] C:\WINDOWS\system32\nwizzhuxians.exe
O4 - HKLM\..\Run: [Microsoft Autorun7] C:\WINDOWS\system32\nwizqjsj.exe
O4 - HKLM\..\Run: [Microsoft Autorun4] C:\WINDOWS\system32\dllhost32.exe
O4 - HKLM\..\Run: [Microsoft Autorun14] C:\WINDOWS\system32\ztinetzt.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IE Helper] C:\DOCUME~1\LYM\LOCALS~1\Temp\iexplore3.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\ebspi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ebspi.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1175353320876
O17 - HKLM\System\CCS\Services\Tcpip\..\{4BBA7DED-F10C-4121-836F-D24F3EBEEA31}: NameServer = 165.21.83.88 165.21.100.88
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Fax 2Client (ms_2fax) - Unknown owner - C:\WINDOWS\system32\d3f41.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

I ran some of the anti spyware software. But still the problems keep persisting. There are a lot of popups & internet connection is slow. Previously, it resulted in my desktop being all gone, but i managed to get it back. However, the popup problems still persist. Thanks for the help
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 17983
  		   Posted 7-3-2007 6:45 (GMT +1)    Quote: Ie popupsAlert an admin about: Ie popups
Hi weeleong87
 
 
You´ve certainly got some crap there shocked
 
 
First thing to do - install an antivirus program -
 
 

1.      Download AVG Anti-Virus Free Edition

2.      AVG Free Anti-Virus can be downloaded from the AVG website.
3.      Scroll down the page and click Download Free Version. Under the Windows section, click to download the file under AVG Free for Windows installation files. Click OK to save the file to your PC.
4.      Double-click the file you downloaded, and click Next on the welcome screen. Click Accept to agree to the License Agreement. Choose Standard Installation then click Next.
5.      A window will now pop-up if there are any available updates. Click Update to download them. AVG will download and automatically install any updates. Click OK when finished.
6.      Back on the First Run window, click Next to proceed. Leave the Daily Scanning settings as they are and click Next.
7.      You now have the option to perform a scan to test your computer for viruses.
8.      Click Scan computer!
 
Reboot normally -
 
Run these Onlinescans
 http://www.dslreports.com/faq/8993
 
Reboot -
 
Then click here - ->>  Before posting a log 
 
 
 After You have run the scan tools -
 
Reboot normally
 
Post AVG Antispyware log along with hijackthis log, rootchk log
in this thread and tell how things are running
 
 

Do NOT post your problem in someone elses thread.
Start a new topic so that it may receive proper attention. 
 

Back to Top
 

weeleong87
New Member


Date Joined Nov 2005
Total Posts : 17
  		   Posted 7-3-2007 12:48 (GMT +1)    Quote: Ie popupsAlert an admin about: Ie popups
Thanks a lot for the help man. I have decided to reformat my computer. Think this thread could be closed already
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 17983
  		   Posted 7-3-2007 1:39 (GMT +1)    Quote: Ie popupsAlert an admin about: Ie popups
Sounds like a good idea smilewinkgrin




Download AVG first, burn it to a cd, or save to another drive, if You have more than one.


I´ll lock this thread

Do NOT post your problem in someone elses thread.
Start a new topic so that it may receive proper attention. 
 

Back to Top
 
New Topic Locked Topic Printable version of : Ie popups
 
Forum Information
Currently it is Sunday, February 12, 2012 3:03 AM (GMT +1)
There are a total of 82.635 posts in 18.630 threads.
In the last 3 days there were 0 new threads and 5 reply posts. View Active Threads
Who's Online
This forum has 33728 registered members. Please welcome our newest member, uma shankar.
20 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Empty tmp folders (8)11-02-2012 07:43:27 (Andreea-Luciana Ostache)
System Check Virus - Help with Hijack This Log (3)10-02-2012 06:05:26 (Andreea-Luciana Ostache)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard Internet Security