Jump to content


Photo

Popups


  • Please log in to reply
1 reply to this topic

#1 Saskia

Saskia

    Member

  • New Member
  • Pip
  • 1 posts

Posted 28 July 2004 - 06:13 PM

Can someone help me with this...

For a week now i have this problem, and its driving me total nuts!
first of all i run on my computer the programs (Ad-aware 6.0)
(Spy Sweeper) and (Aluria's Spyware Eliminator) and the last day's
i get this.....when i go on the net!... POPUPS! never had those popup before
i run every two day's all 3 programs and they find nothing...? can some help me out with this...

Kind Regards
Saskia.


Ad-watch Logfile, exported on 29-7-2004
Total number of events:4
===============================================
28-7-2004 21:26:22 - Popup blocked (ttp://ads.addynamix.com/creative/2-2128367-2-16548-24173-1091042782 - Microsoft Internet Explorer)
Internet Explorer event
Parentprocess:iexplore.exe
"ttp://ads.addynamix.com/creative/2-2128367-2-16548-24173-1091042782 - Microsoft Internet Explorer"
Handle:2630486980
Classname:IEFrame

28-7-2004 21:26:22: Popup blocked: "ttp://ads.addynamix.com/creative/2-2128367-2-16548-24173-1091042782 - Microsoft Internet Explorer"

===============================================
28-7-2004 23:20:41 - Popup blocked (ttp://ads.addynamix.com/creative/2-2128367-2-16766-24252-1091049641 - Microsoft Internet Explorer)
Internet Explorer event
Parentprocess:iexplore.exe
"ttp://ads.addynamix.com/creative/2-2128367-2-16766-24252-1091049641 - Microsoft Internet Explorer"
Handle:2630486980
Classname:IEFrame

28-7-2004 23:20:41: Popup blocked: "ttp://ads.addynamix.com/creative/2-2128367-2-16766-24252-1091049641 - Microsoft Internet Explorer"

===============================================
29-7-2004 0:09:33 - Popup blocked (ttp://banners.pennyweb.com/E1/C16716/ifrcr_E1_C16716-3/creative.html?pw_click=ttp://ads.addyn - Microsoft Internet Explorer)
Internet Explorer event
Parentprocess:explorer.exe
"ttp://banners.pennyweb.com/E1/C16716/ifrcr_E1_C16716-3/creative.html?pw_click=ttp://ads.addyn - Microsoft Internet Explorer"
Handle:2496137932
Classname:IEFrame

29-7-2004 0:09:33: Popup blocked: "ttp://banners.pennyweb.com/E1/C16716/ifrcr_E1_C16716-3/creative.html?pw_click=ttp://ads.addyn - Microsoft Internet Explorer"

===============================================
29-7-2004 0:50:40 - Popup blocked (ttp://webpdp.gator.com/4/message/446/pip/PluginPageJuly04.html?q=cD0xNiZkPTE5NDcxJmVsPTEmdz1RU - Microsoft Internet Explorer)
Internet Explorer event
Parentprocess:msconfig.exe
"ttp://webpdp.gator.com/4/message/446/pip/PluginPageJuly04.html?q=cD0xNiZkPTE5NDcxJmVsPTEmdz1RU - Microsoft Internet Explorer"
Handle:2496143564
Classname:IEFrame

29-7-2004 0:50:39: Popup blocked: "ttp://webpdp.gator.com/4/message/446/pip/PluginPageJuly04.html?q=cD0xNiZkPTE5NDcxJmVsPTEmdz1RU - Microsoft Internet Explorer"

===============================================


Logfile of HijackThis v1.98.0
Scan saved at 1:03:55, on 29-7-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Smtray.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\NuCam\CamCheck\CamCheck.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\COMPAQ\CPQINET\CPQInet.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\vamaqx.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe
C:\WINDOWS\twain_32\SiPix\SCBlink2\Srvany.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\twain_32\SiPix\SCBlink2\USBPNP.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Aluria Software\ASE\ASE Scheduler.exe
C:\Program Files\ImageFox\ImageFox.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\Program Files\Norton Internet Security\ATRACK.EXE
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\JGsoft\EditPadLite\EditPad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\interweb\LOCALS~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.home.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presar...=search&ap=b204
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.home.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
F1 - win.ini: load=tcp32ss.exe
O2 - BHO: FlpLauncher Class - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program Files\E-Book Systems\FlipAlbum 5 Pro\FpLaunch.dll
O2 - BHO: (no name) - {4A8C6E73-BC1B-21C8-D056-64550DA02F6E} - C:\WINDOWS\System32\tfhd.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Smapp] Smtray.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CamCheck] C:\Program Files\NuCam\CamCheck\CamCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - HKCU\..\Run: [Ahaa] C:\Documents and Settings\interweb\Application Data\lmca.exe
O4 - HKCU\..\Run: [Cocmtm] C:\WINDOWS\System32\vamaqx.exe
O4 - Startup: ASE Scheduler.lnk = C:\Program Files\Aluria Software\ASE\ASE Scheduler.exe
O4 - Startup: ImageFox.lnk = C:\Program Files\ImageFox\ImageFox.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Agenda-herinneringen.lnk = ?
O4 - Global Startup: Reality Fusion GameCam SE.lnk = ?
O4 - Global Startup: Register Intellihance Pro 4.0.lnk = C:\Program Files\Extensis\Intellihance Pro 4.0\Register Intellihance Pro 4.0.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: ChatSpace Java Client 2.1.0.90L - http://64.85.20.117:...a/cs4msl090.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...ry/msgrchkr.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse....iveX/winrep.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...StatsClient.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.syma...n/bin/cabsa.cab

#2 mmxx66

mmxx66

    The SWI drummer

  • Retired Staff
  • PipPipPipPipPip
  • 4,412 posts

Posted 04 September 2004 - 12:18 PM

Sorry for the delay, if you still have problems post a fresh log please




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button