1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Please Help! HJT Log

Discussion in 'Virus & Other Malware Removal' started by Leffler01, Sep 16, 2004.

Thread Status:
Not open for further replies.
  1. Leffler01

    Leffler01 Thread Starter

    Joined:
    Jul 30, 2003
    Messages:
    11
    Hi guys, I was wondering if you could lend me a hand here. I usually take care of this stuff myself now, but this is really getting me. I seem to be getting pop-ups, and I have no clue where they're coming from. My HiJackThis log looks clean to me:

    Logfile of HijackThis v1.98.2
    Scan saved at 1:49:46 AM, on 16/09/2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\system32\lexpps.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\AIM95\aim.exe
    C:\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rogers.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [CreateCD50] C:\PROGRA~1\COMMON~1\ADAPTE~1\CreateCD\CREATE~1.EXE -r
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MoneyStartUp] c:\Program Files\Microsoft Money\System\Money Startup.exe
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
    O9 - Extra button: AOL Instant Messenger (TM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll




    I think this is okay? But I'm still getting pop-ups (and no, not the kind from a site). I think, if I remember right, they're coming from something like ads.revenue.net . I also saw a new one for something that started off like A-D-W-A-R-E and continued that way. This ring a bell for anyone? It's weird, if I reboot, as soon as I start Internet Explorer, I'll get one... And then like 15-20 will continue over the next few hours. Then, after that, nothing. It also seems to mess with my system at random times as well, causing it to go very slow (takes like 5secs to find my C: and such when I click "My Computer"). This is a big time nuisance - If anyone here has any info on how to beat this thing, please help me out. Thanks in advance!
     
  2. Chicon

    Chicon

    Joined:
    Jul 29, 2004
    Messages:
    6,650
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/274553

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice