Annoying..Plz Help. - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 05-23-2005, 12:53 AM   #1 (permalink)
Monster Techie
 
majistic's Avatar
 
Join Date: May 2004
Posts: 1,434
Default Annoying..Plz Help.

I get these pop ups that claim to be from windows to me..It says that I may have registry problems, or corrupted files in my registry etc...I think its just adware and they are trying to get me to click ok so I can get another virus or something, I ran spybot,spyware doctor,adaware,registry mechanic and its still here...so here is my hijack this log file..

Logfile of HijackThis v1.99.1
Scan saved at 9:49:29 PM, on 5/22/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe -silent
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - http://files.member.yahoo.com/dl/installs/sbc/yinst.cab
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Im using Windows XP Pro...any help would be appreciated..thanks
__________________

__________________
majistic is offline  
Old 05-23-2005, 01:24 AM   #2 (permalink)
Monster Techie
 
majistic's Avatar
 
Join Date: May 2004
Posts: 1,434
Default



like this crap
__________________

__________________
majistic is offline  
Old 05-23-2005, 01:30 AM   #3 (permalink)
Monster Techie
 
majistic's Avatar
 
Join Date: May 2004
Posts: 1,434
Default

__________________
majistic is offline  
Old 05-23-2005, 12:05 PM   #4 (permalink)
Junior Techie
 
Join Date: Jan 2004
Posts: 56
Default

try closing aim.exe........a wild guess
saravanakumar is offline  
Old 05-23-2005, 03:49 PM   #5 (permalink)
Ultra Techie
 
Join Date: Apr 2005
Posts: 720
Default

Go to Run, type services.msc, and go to messenger, is that disabled, completely, if it isn't, then disable it.

-SkyHi
SkyHi is offline  
Old 05-23-2005, 03:56 PM   #6 (permalink)
Master Techie
 
Join Date: Jul 2004
Posts: 2,932
Default

Yer first pic has a clear indicator in it that it's not from MS. But, if you really want to, you can follow their adware scam to www.registryfixpro.com



Time to scan for spyware, adware, viruses and all the rest. Check your services using msconfig.msc to see if anything funny is sitting there.
__________________

-----------------------------------------------
Don\'t hate the player...Hate the game...
ShoobieRat is offline  
Old 05-23-2005, 04:01 PM   #7 (permalink)
Monster Techie
 
Join Date: Jan 2005
Posts: 1,100
Send a message via AIM to Blitze105 Send a message via Yahoo to Blitze105
Default

http://www.techist.com/showthread.php?threadid=53623
There are some online scans listed there, try them.

Maybe using a restore point would help, i cannot see your pictures so... i don't know if it is real or not. If it isn't, the restore point will not help.

The online scans, adware personal, spybot, or even microsoft antispyware should fix your problem. Or atleast be able to tell us what is causing your problem and then some one (prolly me ) will help you in fixing it manually.
__________________
I'm Forgetful! so if i stop posting on something that i was helping you with... PM me or IM me
yahoo and aol: blitze105
you can always IM or PM me if i offend you as well, i will edit the post if i have.
Blitze105 is offline  
Old 05-23-2005, 10:43 PM   #8 (permalink)
Monster Techie
 
majistic's Avatar
 
Join Date: May 2004
Posts: 1,434
Default

I think that spybot got it.
__________________
majistic is offline  
Old 05-23-2005, 10:51 PM   #9 (permalink)
Chillin Techie
 
Join Date: Nov 2004
Location: USA
Posts: 11,861
Default

Quote:
Originally posted by SkyHi
Go to Run, type services.msc, and go to messenger, is that disabled, completely, if it isn't, then disable it.

-SkyHi
follow this advice so it won't happen again.
__________________
The Ultimate Hard Drive Utility PowerMax 4.23. (It now has the ability to clean a Boot Sector virus on the quick erase option.)
The best browser Netscape 8
Have you accidently delete something? Look here (trial. the better one) and here(free)
EricB is offline  
Old 05-23-2005, 10:58 PM   #10 (permalink)
Monster Techie
 
majistic's Avatar
 
Join Date: May 2004
Posts: 1,434
Default

I did disable it.
__________________

__________________
majistic is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 11:52 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.