Spyware popup always showing up | Web Browsers | Nibble Guru - Tech Support, Computer Help, Tech Help | Get you FREE help on all the web browsers over there including the popular ones like Microsoft Internet Explorer, Netscape Navigator, Netscape Communicator, Mozilla, Opera among others.

Nibble Guru - Computing queries demystified

Tuesday, December 02, 2008

Home
My Account / Register
Login / Logout
Post your Problem!
Search

About Us
Contact Us

List Home > Web Browsers > [ Post New Problem ]

Welcome back !

TrackingID :	1867
Posted :	Monday, November 29th, 2004 11:45:16 PM
By :	ckm207

Spyware popup always showing up

Configuration:

i have a winXP prof. laptop with 2.4ghz, 512mb ram.i scanned it with hijack this n this is what the log file looked like.

Logfile of HijackThis v1.98.2
Scan saved at 10:42:23 AM, on 11/30/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\\\\WINDOWS\\\\System32\\\\smss.exe
C:\\\\WINDOWS\\\\SYSTEM32\\\\winlogon.exe
C:\\\\WINDOWS\\\\system32\\\\services.exe
C:\\\\WINDOWS\\\\system32\\\\lsass.exe
C:\\\\WINDOWS\\\\system32\\\\svchost.exe
C:\\\\WINDOWS\\\\System32\\\\svchost.exe
C:\\\\WINDOWS\\\\system32\\\\spoolsv.exe
C:\\\\WINDOWS\\\\System32\\\\DVDRAMSV.exe
C:\\\\WINDOWS\\\\System32\\\\nvsvc32.exe
C:\\\\Program Files\\\\Analog Devices\\\\SoundMAX\\\\SMAgent.exe
C:\\\\Program Files\\\\CheckPoint\\\\SecuRemote\\\\bin\\\\SR_WatchDog.exe
C:\\\\WINDOWS\\\\System32\\\\svchost.exe
C:\\\\Program Files\\\\TOSHIBA\\\\TME3\\\\Tmesbs32.exe
C:\\\\WINDOWS\\\\wanmpsvc.exe
C:\\\\Program Files\\\\CheckPoint\\\\SecuRemote\\\\bin\\\\SR_Service.exe
C:\\\\WINDOWS\\\\Explorer.EXE
C:\\\\Program Files\\\\CheckPoint\\\\SecuRemote\\\\bin\\\\SR_GUI.exe
C:\\\\Program Files\\\\ltmoh\\\\Ltmoh.exe
C:\\\\Program Files\\\\Synaptics\\\\SynTP\\\\SynTPLpr.exe
C:\\\\Program Files\\\\Synaptics\\\\SynTP\\\\SynTPEnh.exe
C:\\\\WINDOWS\\\\System32\\\\TPWRTRAY.EXE
C:\\\\Program Files\\\\TOSHIBA\\\\TOSHIBA Controls\\\\TFncKy.exe
C:\\\\Program Files\\\\Toshiba\\\\ConfigFree\\\\NDSTray.exe
C:\\\\Program Files\\\\TOSHIBA\\\\TME3\\\\TMESBS32.EXE
C:\\\\Program Files\\\\TOSHIBA\\\\Wireless Hotkey\\\\TosHKCW.exe
C:\\\\WINDOWS\\\\System32\\\\TFNF5.exe
C:\\\\Program Files\\\\TOSHIBA\\\\TouchED\\\\TouchED.Exe
C:\\\\Program Files\\\\Common Files\\\\Logitech\\\\QCDriver3\\\\LVCOMS.EXE
C:\\\\Program Files\\\\Logitech\\\\ImageStudio\\\\LogiTray.exe
C:\\\\Program Files\\\\Common Files\\\\Real\\\\Update_OB\\\\realsched.exe
C:\\\\WINDOWS\\\\System32\\\\rundll32.exe
C:\\\\WINDOWS\\\\System32\\\\oacmwo.exe
C:\\\\WINDOWS\\\\System32\\\\ezSP_Px.exe
C:\\\\WINDOWS\\\\System32\\\\00THotkey.exe
C:\\\\WINDOWS\\\\system32\\\\RAMASST.exe
C:\\\\WINDOWS\\\\System32\\\\wuauclt.exe
C:\\\\Program Files\\\\Winamp\\\\winamp.exe
C:\\\\toshiba\\\\ivp\\\\ism\\\\ivpsvmgr.exe
C:\\\\DOCUME~1\\\\Kittu\\\\LOCALS~1\\\\Temp\\\\mkpg.dat
C:\\\\Program Files\\\\Yahoo!\\\\Messenger\\\\ymsgr_tray.exe
C:\\\\Documents and Settings\\\\Kittu\\\\Desktop\\\\HijackThis.exe

R1 - HKCU\\\\Software\\\\Microsoft\\\\Internet Explorer\\\\Main,Search Bar = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\\\\Program Files\\\\DAP\\\\DAPBHO.dll
O2 - BHO: MultiMPPObj Class - {002EB272-2590-4693-B166-FBD5D9B6FEA6} - C:\\\\WINDOWS\\\\multimpp.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\\\Program Files\\\\Adobe\\\\Acrobat 5.0\\\\Reader\\\\ActiveX\\\\AcroIEHelper.ocx
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\\\\Program Files\\\\NewDotNet\\\\newdotnet6_38.dll
O2 - BHO: (no name) - {D3B426AD-2302-43A3-9203-336E93B12E43} - C:\\\\WINDOWS\\\\System32\\\\pknh.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\\\\WINDOWS\\\\system32\\\\msdxm.ocx
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\\\\Program Files\\\\DAP\\\\DAPIEBar.dll
O4 - HKLM\\\\..\\\\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\\\\..\\\\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\\\\..\\\\Run: [LtMoh] C:\\\\Program Files\\\\ltmoh\\\\Ltmoh.exe
O4 - HKLM\\\\..\\\\Run: [SynTPLpr] C:\\\\Program Files\\\\Synaptics\\\\SynTP\\\\SynTPLpr.exe
O4 - HKLM\\\\..\\\\Run: [SynTPEnh] C:\\\\Program Files\\\\Synaptics\\\\SynTP\\\\SynTPEnh.exe
O4 - HKLM\\\\..\\\\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\\\\..\\\\Run: [TFncKy] TFncKy.exe /Type 28
O4 - HKLM\\\\..\\\\Run: [NDSTray.exe] \\\"C:\\\\Program Files\\\\Toshiba\\\\ConfigFree\\\\NDSTray.exe\\\"
O4 - HKLM\\\\..\\\\Run: [TMESBS.EXE] C:\\\\Program Files\\\\TOSHIBA\\\\TME3\\\\TMESBS32.EXE /Client
O4 - HKLM\\\\..\\\\Run: [TosHKCW.exe] \\\"C:\\\\Program Files\\\\TOSHIBA\\\\Wireless Hotkey\\\\TosHKCW.exe\\\"
O4 - HKLM\\\\..\\\\Run: [TFNF5] TFNF5.exe
O4 - HKLM\\\\..\\\\Run: [TouchED] C:\\\\Program Files\\\\TOSHIBA\\\\TouchED\\\\TouchED.Exe
O4 - HKLM\\\\..\\\\Run: [Pinger] C:\\\\toshiba\\\\ivp\\\\ism\\\\pinger.exe
O4 - HKLM\\\\..\\\\Run: [TSysSMon] c:\\\\toshiba\\\\sysstability\\\\tsyssmon.exe /detect
O4 - HKLM\\\\..\\\\Run: [LVCOMS] C:\\\\Program Files\\\\Common Files\\\\Logitech\\\\QCDriver3\\\\LVCOMS.EXE
O4 - HKLM\\\\..\\\\Run: [LogitechGalleryRepair] C:\\\\Program Files\\\\Logitech\\\\ImageStudio\\\\ISStart.exe
O4 - HKLM\\\\..\\\\Run: [LogitechImageStudioTray] C:\\\\Program Files\\\\Logitech\\\\ImageStudio\\\\LogiTray.exe
O4 - HKLM\\\\..\\\\Run: [TkBellExe] \\\"C:\\\\Program Files\\\\Common Files\\\\Real\\\\Update_OB\\\\realsched.exe\\\" -osboot
O4 - HKLM\\\\..\\\\Run: [New.net Startup] rundll32 C:\\\\PROGRA~1\\\\NEWDOT~1\\\\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\\\\..\\\\Run: [DownloadAccelerator] C:\\\\PROGRA~1\\\\DAP\\\\DAP.EXE /STARTUP
O4 - HKLM\\\\..\\\\Run: [hpedhqqycsu] C:\\\\WINDOWS\\\\System32\\\\oacmwo.exe
O4 - HKLM\\\\..\\\\Run: [ezShieldProtector for Px] C:\\\\WINDOWS\\\\System32\\\\ezSP_Px.exe
O4 - HKLM\\\\..\\\\Run: [00THotkey] C:\\\\WINDOWS\\\\System32\\\\00THotkey.exe
O4 - HKLM\\\\..\\\\Run: [satmat] C:\\\\WINDOWS\\\\satmat.exe
O4 - Startup: Webshots.lnk = C:\\\\Program Files\\\\Webshots\\\\WebshotsTray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\\\\Program Files\\\\Logitech\\\\Desktop Messenger\\\\8876480\\\\Program\\\\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\\\\Program Files\\\\Microsoft Office\\\\Office10\\\\OSA.EXE
O4 - Global Startup: RAMASST.lnk = C:\\\\WINDOWS\\\\system32\\\\RAMASST.exe
O8 - Extra context menu item: &Download with &DAP - C:\\\\PROGRA~1\\\\DAP\\\\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\\\\PROGRA~1\\\\DAP\\\\dapextie2.htm
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\\\\PROGRA~1\\\\DAP\\\\DAP.EXE
O9 - Extra button: Corel Network monitor worker - {C6E0E098-91CE-4C55-814C-EA342147A2DA} - (no file)
O9 - Extra \\\'Tools\\\' menuitem: Corel Network monitor worker - {C6E0E098-91CE-4C55-814C-EA342147A2DA} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\\\\PROGRA~1\\\\Yahoo!\\\\MESSEN~1\\\\YPager.exe
O9 - Extra \\\'Tools\\\' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\\\\PROGRA~1\\\\Yahoo!\\\\MESSEN~1\\\\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\\\Program Files\\\\Messenger\\\\MSMSGS.EXE
O9 - Extra \\\'Tools\\\' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\\\Program Files\\\\Messenger\\\\MSMSGS.EXE
O9 - Extra button: Corel Network monitor worker - {C6E0E098-91CE-4C55-814C-EA342147A2DA} - (no file) (HKCU)
O9 - Extra \\\'Tools\\\' menuitem: Corel Network monitor worker - {C6E0E098-91CE-4C55-814C-EA342147A2DA} - (no file) (HKCU)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O12 - Plugin for .mpg: C:\\\\Program Files\\\\Internet Explorer\\\\PLUGINS\\\\npqtplugin3.dll
O12 - Plugin for .pdf: C:\\\\Program Files\\\\Internet Explorer\\\\PLUGINS\\\\nppdf32.dll
O12 - Plugin for .spop: C:\\\\Program Files\\\\Internet Explorer\\\\Plugins\\\\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products Installer Start) - http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O17 - HKLM\\\\System\\\\CCS\\\\Services\\\\Tcpip\\\\..\\\\{E975A1A8-3677-49D7-9BDB-7C959A8FCEC1}: NameServer = 202.88.156.6,202.88.130.67
O20 - AppInit_DLLs: PAVWAIT.DLL

plz help

Operating System : microsoft windows xp prof
CPU/Processor : intel pentium 4 2.4 MHz
RAM : ddr sdram Actual:512 MB
Partition Details : only 1 partition of 30gb
CD Drive : combo
Mouse : laptop
Keyboard : laptop
Joystick : na
Printer : na
Scanner : na

Related Problems :

Comments :

Re: Spyware popup always showing up by Anonymous Ghost on November 30th, 2004 05:56:37 AM
the simplest thing to do (also all i can think of right this moment) is to uninstall the Spyware program, then install it again.

Related Problems :

List Home > Web Browsers > [ Post New Problem ]