Hardware and Software
>
Microsoft Windows
>
Viruses, Spyware and other Nasties
>
Popup problems (inc. 'Hijack This' log)
Have something to say? Contribute New Article Reply to this Article Popup problems (inc. 'Hijack This' log)
It's annoying me to hell.
Any help would be appreciated.
Logfile of HijackThis v1.99.1
Scan saved at 18:01:30, on 11/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\TrayIcon.exe
C:\Internet\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\PROGRA~1\SPYCLE~1\SpyWatcher.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Documents and Settings\Christopher\Local Settings\Application Data\09936aa7.exe
C:\DOCUME~1\CHRIST~1\MYDOCU~1\STEM32~1\mmc.exe
C:\WINDOWS\DOBE~1\EXPLOR~1.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Music\Winamp\winamp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis.exe
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {48114CDF-97B9-43D8-9F31-48231F809B15} - blank (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [DisplayTrayIcon] C:\WINDOWS\System32\TrayIcon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Internet\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [09936aa7.exe] C:\WINDOWS\System32\09936aa7.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [Spy Watcher] "C:\PROGRA~1\SPYCLE~1\SpyWatcher.exe" -S
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [09936aa7.exe] C:\Documents and Settings\Christopher\Local Settings\Application Data\09936aa7.exe
O4 - HKCU\..\Run: [Iwar] "C:\DOCUME~1\CHRIST~1\MYDOCU~1\STEM32~1\mmc.exe" -vt yax
O4 - HKCU\..\Run: [Dccnyhrh] C:\WINDOWS\DOBE~1\EXPLOR~1.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00000000-0000-0000-0000-100000000003} - <a href="http://code.trasferimento.biz/l/f5f6892667d9a747475aaef7ce9e81d6_35.exe">http://code.trasferimento.biz/l/f5f6892667d9a747475aaef7ce9e81d6_35.exe</a>
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - <a href="http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab">http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab</a>
O16 - DPF: {1DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) - <a href="http://www.activeworlds.com/products/ActiveWorldsDownload.cab">http://www.activeworlds.com/products/ActiveWorldsDownload.cab</a>
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - <a href="http://musicmix.messenger.msn.com/Medialogic.CAB">http://musicmix.messenger.msn.com/Medialogic.CAB</a>
O16 - DPF: {38D63471-E630-4492-A986-B8C48B79F2F8} (CVideoEgg_ActiveXCtl Object) - <a href="http://update.videoegg.com/wintel/VideoEggPublisher.exe">http://update.videoegg.com/wintel/VideoEggPublisher.exe</a>
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - <a href="http://by102fd.bay102.hotmail.msn.com/resources/MsnPUpld.cab">http://by102fd.bay102.hotmail.msn.com/resources/MsnPUpld.cab</a>
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - <a href="http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab">http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab</a>
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - <a href="http://207.226.177.98/gba2338.exe">http://207.226.177.98/gba2338.exe</a>
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: wuaclt.dll
O20 - Winlogon Notify: rqrsp - C:\WINDOWS\System32\rqrsp.dll (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exeThis article has been dead for over three months
You
© 2012 DaniWeb® LLC
