Results 1 to 7 of 7

Thread: If you are bored, come look at my hijack this log!

  1. #1
    IROC-Z Man CoolJ's Avatar
    Join Date
    Jul 2000
    Location
    Buffalo,NY
    Posts
    6,825

    If you are bored, come look at my hijack this log!

    I've tried EVERYTHING, and the popups won't stop!



    Logfile of HijackThis v1.99.1
    Scan saved at 12:00:16 PM, on 10/24/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\NavNT\defwatch.exe
    C:\Program Files\NavNT\rtvscan.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\NavNT\vptray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\MsgSys.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Joe\Desktop\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O4 - HKLM\..\Run: [vptray] "C:\Program Files\NavNT\vptray.exe"
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - C:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
    O9 - Extra 'Tools' menuitem: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - C:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    ** Speed 3370(down)/425(up) kbps **
    My IROC-Z28

  2. #2
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    51,053
    Have you given SuperAntispyware a shot? Best free ad/spyware remover there is IMO.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  3. #3
    IROC-Z Man CoolJ's Avatar
    Join Date
    Jul 2000
    Location
    Buffalo,NY
    Posts
    6,825
    ill give it a whirl! Thanks for the reply
    ** Speed 3370(down)/425(up) kbps **
    My IROC-Z28

  4. #4
    IROC-Z Man CoolJ's Avatar
    Join Date
    Jul 2000
    Location
    Buffalo,NY
    Posts
    6,825
    Wow, I didnt even know this forum existed. Sowwy!
    ** Speed 3370(down)/425(up) kbps **
    My IROC-Z28

  5. #5
    Turn off messenger?

    www.grc.com Shoot the messenger program will take care of it
    Kinky is using a feather.
    Perverted is using the whole chicken.

  6. #6
    Dr Tweak mnosteele52's Avatar
    Join Date
    Jul 2001
    Location
    Chesapeake, VA
    Posts
    11,912
    Prior to doing anything XP users MUST disable System Restore!!! You can re enable it after you are clean.

    1. Download, install and run CrapCleaner to remove any temporary and junk files.

    2. Download Ad-Aware SE 1.06 and set it up as shown HERE.

    3. Download SpyBot Search & Destroy 1.4 and set it up as shown HERE.

    4. Download SUPERAntiSpyware, update and do a full system scan.

    5. Download AVG Anti-Spyware 7.5, update and do a full system scan.

    6. Download and run CWShredder.

    7. Do a FREE online virus scan from BitDefender Online Scan and remove all that it finds.

    8. If you aren't currently using a firewall or anti-virus profram then I suggest you install Comodo Firewall and Active Virus Shield - (setup instructions HERE), both are FREE and offer excellent protection.

    9. It is a good idea to use Sysinternal's Autoruns to make sure you have removed all of the malware.

    10. It it also a good idea to run the Winsock Fix to repair your TCP/IP stack. (you will have to redo any tweaks for your connection if this is used)

    11. If after doing ALL of the above and you are still having problems please scan with HijackThis 1.99.1 as shown HERE and post a log here in this forum for us to look at.

    12. Download SpywareBlaster 3.5.1 and set it up as shown HERE to help stay spyware free.

    13. Make sure you have ALL of the latest Windows Updates.

    Help & Tips broadbandnuts.com - CableNut Tcp/Ip Analyzer TCPOptimizer drtweak.com - Dr Tweak

  7. #7
    IROC-Z Man CoolJ's Avatar
    Join Date
    Jul 2000
    Location
    Buffalo,NY
    Posts
    6,825
    Wow, thank you everyone very much! I tried all the programs listed prior to making this thread accept SuperAntiSpyware. I had 90% gone, and was stuck there. Well the SuperAntiSpyware got the rest of it!


    Thanks Again!
    ** Speed 3370(down)/425(up) kbps **
    My IROC-Z28

Similar Threads

  1. Modem Dropping Out...Please Analyze Log
    By RBK2 in forum General Broadband Forum
    Replies: 5
    Last Post: 09-21-06, 07:56 PM
  2. Log entries Linksys WRT54GC ?
    By heywo in forum Wireless Networks & Routers
    Replies: 2
    Last Post: 04-12-06, 03:09 PM
  3. Hijack this log analysis
    By scillye in forum Network Security
    Replies: 2
    Last Post: 02-21-06, 02:57 PM
  4. Hijack This Log?
    By eightisone in forum Network Security
    Replies: 2
    Last Post: 11-22-05, 10:09 AM
  5. Help with hijack log
    By eightisone in forum Network Security
    Replies: 2
    Last Post: 03-10-05, 10:57 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •