Home > Hijackthis Log > Hijackthis Log - Popups Still A Problem

Hijackthis Log - Popups Still A Problem

This is the hijackthis log from today. It should look like this: Double-click on it and when it asks you if you want to merge the contents to the registry, click "Yes" or "OK". Here goes... Pager"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet" "Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp" "updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8 -reboot 1" [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "nvwrsv"="" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "nvwrsv"="C:\\WINDOWS\\system32\\nvwrsv.exe" "rqik"="C:\\PROGRA~1\\COMMON~1\\rqik\\rqikm.exe" "Aida"="\"C:\\Program Files\\rdso\\eetu.exe\" -vt yazr" [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\Run] "nvwrsv"="C:\\WINDOWS\\system32\\nvwrsv.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="ewido shell guard" HKEY_LOCAL_MACHINE\software\microsoft\windows check over here

It can be viewed at the following link: http://www.flickr.co...533919/sizes/l/ Back to top #11 Katana Katana Advanced Member Members 1,523 posts Gender:Male Location:Manchester (UK) Posted 23 February 2009 - 05:38 AM Hmmm annoying VIPRE pop-ups and hijack this logs Started by whazat , Feb 17 2009 05:17 PM This topic is locked 16 replies to this topic #1 whazat whazat New Member Members Please post the logGo to Start->Run and type in notepad and hit OK. Double click combofix.exe & follow the prompts. try this

RE: Hijackthis Log, Plz Advise Pop-up Problem cmeagan656 (TechnicalUser) 15 Jan 04 20:24 Oops. In case you still are unsure on how to create a REG file, please take a look HERE with screenshots. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button. I've never used Vipre, so I don't know how it sets out reports.

Copy & Paste those results and place them in the next post.Please Post logs from the following:new HijackThis LogQoo.txtFindQool TrackQooBlacklightLet us know if any problems persist. Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} I suspect it is a false positive, but let's check the file and make sure.

Take a look at the following thread by RBS it will help you. CAUTION: Do not mouse-click ComboFix's window while it is running. NEXT: Please go to Start -> Search -> All files and folders. http://www.techsupportforum.com/forums/f284/hijackthis-log-pop-ups-and-mal-ware-problem-153479.html Spybot was unable to immunize about half the files.

Powered with <3 from Vanilla & WordPress. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Icrontic › Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra 'Tools' menuitem: Yahoo!

Just tell me what I need to run in order to be better able to follow your instructions. http://www.techspot.com/community/topics/problem-with-popups-hijackthis-log-attached.18695/ Make sure to save it with the quotes. MikeNIke, Oct 10, 2016, in forum: Virus & Other Malware Removal Replies: 0 Views: 214 MikeNIke Oct 10, 2016 Thread Status: Not open for further replies. Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 -

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. http://tcdownload.org/hijackthis-log/hijackthis-log-xp-help.html Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. If it says that the file has been scanned before, please click Reanalyse File Back to top #12 whazat whazat New Member Members 9 posts Posted 23 February 2009 - 06:32 I have clicke out of over a dozen pop-ups just typing this message.

This can be bad if they are malware, so I would like you to re-enable those startup entries. Click Here to join Tek-Tips and talk with other members! If not already selected go to the General tab. http://tcdownload.org/hijackthis-log/hijackthis-log-please-look.html The .cab you uploaded was empty.

Registration on or use of this site constitutes acceptance of our Privacy Policy. Under Startup Selection select "Normal Startup - load all device drivers and services". Back to top #6 whazat whazat New Member Members 9 posts Posted 20 February 2009 - 08:33 PM After 3 attempts we finally have scan log as below: -------------------------------------------------------------------------------- KASPERSKY ONLINE

Please re-enable javascript to access full functionality.

Login _ Social Sharing Find TechSpot on... the root of the popups. Click Apply then OK.Click OK.IMPORTANT: Close all windows and do not open any other windows or programs while ewido is scanning, it may interfere with the scanning proccess. Completion time: 2009-02-19 21:46:29 - machine was rebooted ComboFix-quarantined-files.txt 2009-02-19 11:46:20 Pre-Run: 39,225,163,776 bytes free Post-Run: 40,042,221,568 bytes free 246 --- E O F --- 2009-02-16 21:54:52 Back to top #4

so please let me know Gogo Die Hijacker DieMember ofALLIANCE OF SECURITY ANALYSIS PROFESSIONALSSince 2004Warning My killer dog at work.QUOTEIMPORTANT - Before Posting a HijackThis LogInstructions - on creating a HijackThis Style Default Style Contact Us Help Home Top RSS Terms and Rules Copyright © TechGuy, Inc. Back to top #14 whazat whazat New Member Members 9 posts Posted 25 February 2009 - 04:53 AM please find link to thread post on spykiller: http://thespykiller....17.new.html#new Back to top #15 have a peek at these guys I keep getting multiple notifications mostly for this as well as other dll files - urlmon, png etc as well as other files.

So nice to surf again without spending half my time clicking out of popups. Please thank your helpers and there will always be help here when you need it!======================================================== Back to top #5 JJK-IT JJK-IT Topic Starter Members 4 posts OFFLINE Local time:08:40 PM Simply using a Firewall in its default configuration can lower your risk greatly.

© Copyright 2017 tcdownload.org. All rights reserved.