Jump to content

Very annoying popup.

Ellhound

By Ellhound
in Tech and Computers

 Share

Recommended Posts

Ellhound

Ellhound

Posted
Posted

First, i tried adaware and spybot sd, both find nothing, so i thought id post hijackthis log here, and see if you guys have any idea:

 

 

 

 

 

 

 

Logfile of HijackThis v1.99.1

 

 

 

Scan saved at 23:29:18, on 29-10-2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\TGTSoft\StyleXP\StyleXPService[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT[Caution: ExecutableFile]

 

 

 

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp[Caution: ExecutableFile]

 

 

 

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC[Caution: ExecutableFile]

 

 

 

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\rundll32[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\SOUNDMAN[Caution: ExecutableFile]

 

 

 

C:\Program Files\Logitech\iTouch\iTouch[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]

 

 

 

C:\Program Files\Logitech\MouseWare\system\em_exec[Caution: ExecutableFile]

 

 

 

C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\RUNDLL32[Caution: ExecutableFile]

 

 

 

C:\Program Files\Razer\razerhid[Caution: ExecutableFile]

 

 

 

C:\Program Files\D-Tools\daemon[Caution: ExecutableFile]

 

 

 

D:\Steam\Steam[Caution: ExecutableFile]

 

 

 

C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\TGTSoft\StyleXP\StyleXP[Caution: ExecutableFile]

 

 

 

C:\Program Files\Razer\razerofa[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

 

 

 

C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\MOZILL~1\FIREFOX[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

D:\programs\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

 

 

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

 

 

 

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

 

 

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

 

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install

 

 

 

O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [soundMan] SOUNDMAN[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile] /Consumer

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

 

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\razerhid[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon[Caution: ExecutableFile]" -lang 1033

 

 

 

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig[Caution: ExecutableFile] /auto

 

 

 

O4 - HKCU\..\Run: [steam] D:\Steam\\Steam[Caution: ExecutableFile] -silent

 

 

 

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background

 

 

 

O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP[Caution: ExecutableFile] -Hide

 

 

 

O4 - HKCU\..\Run: [ctfmon[Caution: ExecutableFile]] C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

 

 

 

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer[Caution: ExecutableFile]

 

 

 

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire[Caution: ExecutableFile]

 

 

 

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

 

 

 

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

 

 

 

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab

 

 

 

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

 

 

 

O20 - Winlogon Notify: SharedDLLs - C:\WINDOWS\system32\lvj4091qe.dll

 

 

 

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt[Caution: ExecutableFile]

 

 

 

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache[Caution: ExecutableFile]" -k runservice (file missing)

 

 

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT[Caution: ExecutableFile]

 

 

 

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp[Caution: ExecutableFile]

 

 

 

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog[Caution: ExecutableFile]

 

 

 

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService[Caution: ExecutableFile]

 

 

 

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC[Caution: ExecutableFile]

darksigjd4.jpg

[Ellhound JR][Combat [bleep]][138][200M Attack XP][134/200M Hitpoints XP][250+ jad kills][ <!-- m -->http://www.ellhound.com<!-- m -->]

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept