Home > Pop Up > Pop Up Problems / HJT Log

Pop Up Problems / HJT Log

Logfile of HijackThis v1.97.7 Scan saved at 08:55:05, on 31/01/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE I had that problem in the past and after I deleted something called "PowerBar" from my Reg The pop ups we're gone, now I can't find that "PowerBar" again. Jo Reply With Quote 06-16-2005,09:06 PM #2 nyabeargal View Profile View Forum Posts View Blog Entries View Articles Jo Join Date Jun 2005 Location Texas Posts 4 HJT Log for previous You can select "clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on OK.When the scan finishes, click on "Save Report". Source

As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Articles Blogs Advanced Search Forum PC Operating System and Software Troubleshooting and Assistance Windows Huge Pop up problem - Trojan Warning - HJT log attached Custom Search Join the PC homebuilding Instant Internet by FiOS [VerizonFiOS] by Branch946. This is normal.Shortly after two logs will appear: DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the http://www.pcguide.com/vb/showthread.php?38184-Huge-Pop-up-problem-Trojan-Warning-HJT-log-attached

Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Powered by vBulletin Version 4.2.2 Copyright © 2017 vBulletin Solutions, Inc. My daughter would have been upset with me if her AIM didn't work as she expected it to. · actions · 2005-Jul-28 3:55 pm · CalamityJanePremium Memberjoin:2002-08-27Eustis, FL

CalamityJane Premium Member Once in Safe Mode, please double-click on nailfix.cmd that you unzipped earlier.

  1. ctiveX.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?312 O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} (LauncherV1 Class) - http://irc.tapuz.co.il/BlogTVU/launcher.cab O21 - SSODL: SystemCheck - {54645654-2225-4455-44A1-9F4543D34544} - C:\WINDOWS\System32\vbsys.dll Close all browsers and windows except
  2. should I uninstall it or should I do something else?
  3. This site is completely free -- paid for by advertisers and donations.
  4. Please download, install, and update the free version of Ewido trojan scanner: When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".When you run Ewido for
  5. I'm dog tired right now, so may wait until I'm fresh in the morning to avoid mistakes.

Worst ISP experience of my life [TekSavvy] by Aventinus374. No, create an account now. Here's some other info for you. Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Yahoo!

Join our site today to ask your question. Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Yahoo! Viewpoint Manager has built-in bandwidth detection and will pause the download of updates when it senses bandwidth limitations, thereby ensuring the auto-update process does not interfere with the end-user's computer performance.quote:If https://www.bleepingcomputer.com/forums/t/397008/popup-problems-hijackthis-log-inside/ By keeping your AV program updated, you greatly reduce the risk of being infected.

One final question - what does Viewpoint Manager do? To start viewing messages, select the forum that you want to visit from the selection below. Download CCleaner and install, but do not run it yet. This will create a text file.

one of the scumware programs on his list is "NoAdware" which I installed so now (just like he said) I'm asking for advice before I remove it JrzyCrim Mastermind Posts: 2062 Scarlett recommend this forum and told me she always trusts you, so I will too. Thank you. · actions · 2005-Jul-25 11:51 pm · TheJokerMVMjoin:2001-04-26Charlottesville, VA TheJoker MVM 2005-Jul-27 10:01 pm Your log appears free of the Qoologic trojan. C:\WINDOWS\ICONTE~1.TCF* UPX!

Please re-enable javascript to access full functionality. http://cgmguide.com/pop-up/pop-up-and-maleware-problems.php RegisterWhy Register? LoginContact Search Members Ozzu Gallery Ozzu RSS Feeds FAQ The team Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account?

Once again thanks in advance. However, the Panda scan found another. Find The PC Guide helpful? have a peek here at »www.computercops.biz/pos ··· 36-.html · actions · 2005-Jul-27 10:01 pm · ratkinsjoin:2005-07-05Lexington, MA ratkins Member 2005-Jul-28 11:54 am Many thanks for all of your suggestions.

You're welcome! Many thanks! Viewpoint Media Player powers product tours of the Toyota 4Runner and Sony laptop, desktop, and server computing products.What is Viewpoint Manager?Viewpoint Manager (viewmgr.exe) is a component of various Viewpoint products, including

Spyware cleaning programs such as Spybot Search and Destroy and Adaware are a must have for any internet user.

If you're not already familiar with forums, watch our Welcome Guide to get started. Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra Your last log looks clean. This scan can take quite a while to run, so time to go get a drink and a snack....If ewido finds anything, it will pop up a notification.

Please consider a donation to The PC Guide Tip Jar. Viewpoint Media Player is the graphics engine for AOL Instant Greetings, AIM Themes and other popular web applications. All rights reserved. Check This Out Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [DpUtil]

Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.some examples are MRT.EXE NTDLL.DLL.»»»»»»»»»»»»»»»»»»»»»»»» Files found »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Packed files »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»* UPX! To ensure Viewpoint applications remain up-to-date, Viewpoint Manager checks Viewpoint servers for new components every 24 hours without interfering with the user’s online experience.If Viewpoint Manager detects an update on the vSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ...

HijackThis... Post a complaint about malware here!! Below is the new HJT log, appears to have got them this time. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Log

Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin If you are still having problems and you are using the free version of Download Accelerator Plus, please uninstall DAP from your system and fix the following items in Hijack This. See if you can find and remove WeirdOnTheWeb in Add/Remove Programs... Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 gringo_pr gringo_pr Bleepin Gringo Malware Response Team 136,771 posts OFFLINE Gender:Male Location:Puerto rico Local time:12:36

I believe the farmmext.exe process is the culprit but can't get rid of it.