| |
| |||||||
| Desktop Computers Hardware components for stationary PCs: Audio and Video, Monitors, Motherboards, Networking, Peripherals, Processors, RAM, Storage deivces, and Optical devices . |
 |
| | LinkBack | Thread Tools |
02-06-2007, 05:04 PM
| |||
| |||
| Spyware Hi everyone, First time poster, so don't tear me down! -or try to. I am looking to destroy the popnav popup. I have been quite successful in other endeavours, but this one has eluded me. Any help, and I owe you a beer...or appreciation. -Bill I have some spyware I am trying to destroy. Here is the log frm a win2k machine using hijackthis: Logfile of HijackThis v1.97.7 Scan saved at 10:01:40 AM, on 3/4/2004 Platform: Windows 2000 SP3 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Looking for POPVAV!! Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\Ati2evxx.exe C:\PROGRA~1\Grisoft\AVG6\avgserv.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\System32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\atiptaxx.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\QuickTime\qttask.exe C:\WINNT\System32\iefeatures.exe C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe C:\Program Files\Accord\SmartWorks 2.0 - Personal Edition Project Planner\server\Swserver.exe C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE C:\WINNT\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Administrator.PUNZAK\Desktop\HijackThis.e xe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http://SERVER:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = ;<local> O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {D319662B-D5BF-4538-ADF3-8D3E36362608} - C:\Documents and Settings\All Users\Application Data\X0ff\X0ff.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MSVersion] C:\WINNT\system32\internetfeatures.exe O4 - HKLM\..\Run: [iefeatures] C:\WINNT\System32\iefeatures.exe O4 - HKLM\..\Run: [FZC] C:\WINNT\FZC.exe O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP O4 - HKLM\..\Run: [DGJNQT] C:\WINNT\DGJNQT.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: SmartWorks Server.lnk = C:\Program Files\Accord\SmartWorks 2.0 - Personal Edition Project Planner\server\Swserver.exe O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - https://www.comfortsite.com/EBiz/App...Apps/msrdp.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...790.2457407407 O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll O16 - DPF: {ABD45F35-2E4C-44C0-A075-6EF1DE75398E} (accel Class) - http://www.riversoftware.net/x0ff.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (&Yahoo! Companion) - http://us.dl1.yimg.com/download.yaho...bio5_1_1_0.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Punzak.com O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Punzak.com O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Punzak.com      |
|
02-06-2007, 05:04 PM
| ||
| |
|
| Bookmarks |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| possible spyware? | Casper34 | Windows Vista | 9 | 07-21-2008 02:50 PM |
| spyware | Randy | Windows Vista | 2 | 05-06-2008 10:05 PM |
| Spyware | fvghjk | Windows XP | 4 | 05-03-2008 01:20 PM |
| What's the Snag Behind the Spyware.(spyware) | spyware.blockers@gmail.com | Windows XP | 1 | 04-05-2008 06:40 AM |
| Spyware | sunshine48091 | Windows XP | 9 | 01-16-2008 01:50 PM |
| New To Technology Questions? | Do You Need Help with Your Computer or Device? | Do You Need Help with this site? |
