Home > Hijackthis Log > Hijackthis Log Pop-ups And Mal-ware Problem

Hijackthis Log Pop-ups And Mal-ware Problem

and nothing. computer seems to run ok,but when infected it ran slow and the HD seemed be thinking too much.Here is the thread I studied - viewtopic.php?f=12&t=38400 I used Ad-aware and my Mcaffe Click the "Settings" tab and then change the recommended action to Quarantine and click Automatically generate report after every scan. so have any clue how to fix this annoying problem??? get redirected here

Edited by MoNsTeReNeRgY22, 23 October 2007 - 08:51 AM. Turn off System Restore and scan again (Windows only) System Restore is a Windows backup feature; it periodically backs up files on your computer in case you need to revert to Install a firewall and antivirus software, ensuring automatic updates are enabled. Login now.

My computer is slow---My Blog---Follow me on Twitter.My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!Asking for help Pager"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet" "Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp" "updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8 -reboot 1" [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "nvwrsv"="" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "nvwrsv"="C:\\WINDOWS\\system32\\nvwrsv.exe" "rqik"="C:\\PROGRA~1\\COMMON~1\\rqik\\rqikm.exe" [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\Run] "nvwrsv"="C:\\WINDOWS\\system32\\nvwrsv.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="ewido shell guard" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Please re-enable javascript to access full functionality. and it's still in the tempfolder.So I strongly advise to unzip/extract hijackthis.zip.Read here how to unzip/extract properly:http://metallica.geekstogo.com/xpcompressedexplanation.htmlCreate a permanent folder and move hijackthis.exe into it.

P&M=GM5472BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dllBHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dllBHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dllBHO: Google Toolbar MalwareRemoval.com provides free support for people with infected computers. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll (file missing)O2 - Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.

Your help would be greatly appreciated,Thanks,MarioHere is the log I had him send me tonight:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:47:06 AM, on 21/10/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Please double-click OTMoveIt.exe to run it.Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy): C:\WINDOWS\system32\rrdwab.dll here is my log from today as requested.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:13:55 PM, on 1/23/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEc:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\WINDOWS\RtHDVCpl.exeC:\WINDOWS\zHotkey.exeC:\WINDOWS\ModPS2Key.exeC:\WINDOWS\System32\rundll32.exeC:\Program https://www.bleepingcomputer.com/forums/t/74204/hijackthis-log-please-help-with-pop-ups/ Then you can have the file open in safe mode, so you can follow the instructions easier.

Place a check (tick) next to the following entries (if present): R3 - Default URLSearchHook is missing O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O3 - Toolbar: Please give me some time to analyze your log, and I will post back with instructions ASAP. Turn on automatic updates for your programmes. This will help us to investigate malware activity and hopefully help prevent it in the future.

I've ran an Ad-Aware scan and it cannot remove my problem.Literally, every four minutes I get pop-ups on my computer. This will create a text file. I have put my computer in safe mode and also enabled hidden files in order to try and delete them to no avail. OK, here’s what we do first.

If it doesnt, there's will be a shortcut on your desktop that you can use to launch it manuallyIn the main window click Preferences to launch the configuration windowUnder the General Get More Info Back to top #7 MagicCaptain MagicCaptain Topic Starter Members 4 posts OFFLINE Local time:12:45 PM Posted 23 October 2007 - 09:51 AM I'm not sure I understand the reply... This lessens the ability of malware to make system-wide changes to your computer. Thanks for your help, Mario Attached Files ComboFix.txt 6.65KB 6 downloads Deckard_s_System_Scanner_Extra.txt 15.29KB 3 downloads Deckard_s_System_Scanner.txt 16.67KB 7 downloads Back to top #6 MoNsTeReNeRgY22 MoNsTeReNeRgY22 1337 Malware Destroyer Members 611 posts

Please check it out and let me know if you see anything that could solve my spyware problem (which is uncontrollable pop-ups). Thanks, Mario Back to top #8 MoNsTeReNeRgY22 MoNsTeReNeRgY22 1337 Malware Destroyer Members 611 posts OFFLINE Gender:Male Location:So Cal Local time:11:45 AM Posted 23 October 2007 - 02:44 PM Hello again Run HJT with no other programmes open(except notepad). useful reference Save it to your desktop.

Our users have told us that they often work.) If clicking a Google search result has redirected you to a suspicious site, please report the suspicious site before trying the anti-spyware We've run AdAware several times and Spybot many times...we ran spybot at boot time too but the problem remains. P&M=GM5472mStart Page = hxxp://www.gateway.com/g/startpage.html ...

Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Reboot into normal mode, turn system restore back on and rehide your protected OS files. Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). NEXT @echo off sc stop DomainService sc delete DomainService sc stop SMX regulator sc delete SMX regulator exit Next you will need to create the batch fix to do that copy P&M=GM5472uInternet Settings,ProxyOverride = ;*.localuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%smSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html ...

If you are still having malware problems, I will be glad to help. Several functions may not work. The log from OTMoveIt. http://newsgrouphosting.com/hijackthis-log/help-with-hijackthis-log.php I followed all other instructions to the letter.

Save it to your desktop. NEXT: Please go to Start -> Search -> All files and folders. Malware Problem - constant pop-ups (HiJackThis log included) Started by Kevin926, Apr 16 2006 12:11 PM This topic is locked 2 replies to this topic #1 Kevin926 Kevin926 Member New Member erm retired!

Performed disk cleanup. -- HijackThis (run as Justin McCormack.exe) ------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 12:09:50 PM, on 4/28/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00