Home > Hijackthis Log > HijackThis Log: Pop Up Problem

HijackThis Log: Pop Up Problem

RE: Hijackthis Log, Plz Advise Pop-up Problem Marcs41 (IS/IT--Management) 16 Jan 04 03:19 No problem, that happens. Several functions may not work. In the 'System Restore' window,click 'Create a Restore Point' button,then click 'Next'. Flrman1, May 22, 2004 #6 Flrman1 Joined: Jul 26, 2002 Messages: 46,329 You have a new variant of the peper trojan. http://splodgy.org/hijackthis-log/hijackthis-log-i-think-i-have-a-problem.php

ComboFix 08-07-05.1 - Frank 2008-07-07 15:59:25.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.548 [GMT -4:00] Running from: C:\Documents and Settings\Frank\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Frank\Desktop\WinXP_EN_PRO_BF.EXE * Created a new Join thousands of tech enthusiasts and participate. Close all Browser windows, Click ''Check for Problems'', Put a check in every entry Spybot Search & Destroy flags with a red exclamation mark and click ''Fix Selected Problems'' , Then Double click DeFogger to run the tool. https://www.bleepingcomputer.com/forums/t/397008/popup-problems-hijackthis-log-inside/

Choose one to keep and uninstall the other. How to start your computer in safe mode First in safe mode click on My Computer. Flrman1, May 22, 2004 #13 BuzzKiD Thread Starter Joined: Jan 8, 2004 Messages: 47 Okay i did all that except when i restarted into safe mode i couldnt find: dp-him.exe to

It is a simple procedure that will only take a few moments of your time. Vundo Variant/Rel. Close Box Join Tek-Tips Today! Now i just get regular trojans like i said a couple of times a day.

Download both of these for added protection: SPYWAREBLASTER & SPYWAREGUARD, here: http://www.javacoolsoftware.com/spywareblaster.html Then, after rebooting, please post another log Cookiegal, May 22, 2004 #2 BuzzKiD Thread Starter Joined: Jan 8, Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

These will be hidden files so before you look for them Go to Start > Search and under "More advanced search options". http://www.wilderssecurity.com/threads/popup-problem-hijackthis-log-included.39621/ ENGINEERING.com Eng-Tips Forums Tek-Tips Forums Search Posts Find A Forum Thread Number Find An Expert Resources Jobs Log In Join INTELLIGENT WORK FORUMSFOR COMPUTER PROFESSIONALS Log In Come Join Us!

See if one of the randiomly named files is listed in running processes. Follow all the instructions exactly. When the tool is finished, it will produce a report for you. iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe O23 - Service: ATI Smart - Unknown owner

Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) O2 - BHO: (no name) - {06A1F910-762A-4660-B534-55B82571851C} - C:\WINDOWS\system32\ddcYolih.dll O2 - BHO: (no name) Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_1us.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Cookiegal, May 22, 2004 #4 BuzzKiD Thread Starter Joined: Jan 8, 2004 Messages: 47 I ran the programs and i downloaded the trojan uninstallar and it ran for like half a Copy and paste the list from the Peper.txt file here , along with another Hijack This log.

TechSpot is a registered trademark. news Deckard's System Scanner v20071014.68 Run by Frank on 2008-07-03 19:12:32 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 No, create an account now. Close Reply To This Thread Posting in the Tek-Tips forums is a member-only feature.

But the popups and trojans just keep coming. I have to use a different computer to do this now because the other one shuts off the internet browser every time i go to this site. Please don`t post your own virus/spyware problems in this thread. http://splodgy.org/hijackthis-log/hijackthis-log-can-someone-help-me-with-my-problem.php All rights reserved.

Therefore, uninstall all but one AntiVirus application using the Add or Remove Programs in the Control Panel before posting your logs. Yes, my password is: Forgot your password? Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Hijackthis Log - Popup Problem Started by cwguth , Mar 13 2007 09:10 AM Prev Page 2 of 2 1 2 This topic is locked 17 replies to this topic #16

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://c:\program Click on the View tab and make sure that "Show hidden files and folders" is checked. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: (no Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll R3 - URLSearchHook: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file) O2 - BHO: &Yahoo!

In the window that appears,enter a description,then click on 'Create',then click 'Close'. Cancel Red Flag SubmittedThank you for helping keep Tek-Tips Forums free from inappropriate posts.The Tek-Tips staff will check this out and take appropriate action. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-07-03 19:14:51 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16674) Boot check my blog Click here to Register a free account now!

Then my entire homepage just went blank two of the four times i turned it on so i had to use CTRL ALT DELETE to log out. When finished go to the C:\drpeper folder and locate the peper.txt file. Please re-enable javascript to access full functionality. Companion) - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/yiebio5_1_1_0.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab BuzzKiD, May 22, 2004 #1 Sponsor Cookiegal

Back to top #4 Ai_Tak Ai_Tak Advanced Member Members 1372 posts Posted 10 February 2007 - 12:45 AM submit:C:\Documents and Settings\Phalanx\Application Data\ROADSI~1\oncelist.exeandC:\Documents and Settings\Phalanx\Application Data\LIESAM~1\show film.exeandC:\Documents and Settings\All Users\Application Data\grimbikepokewait\2 ante.exetohttp://www.virustota.../en/indexx.htmland