Jump to content


Photo

Help Pls- Annoying popups


  • Please log in to reply
1 reply to this topic

#1 Vamshi

Vamshi

    Member

  • New Member
  • Pip
  • 2 posts

Posted 04 August 2004 - 12:30 PM

Am getting too many popups and am not able proceed with my work.
Following is my HijackThis log. Pls tell me what is wrong.
Logfile of HijackThis v1.98.0
Scan saved at 12:25:04 PM, on 8/4/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\VirusScan\avsynmgr.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\ePOAgent\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\oracle\ora81\BIN\TNSLSNR.exe
c:\oracle\ora81\bin\ORACLE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\CCM\CcmExec.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ePOAgent\UpdaterUI.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\SysAI\SysAI.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Common Files\Network Associates\McShield\mcshield.exe
C:\Program Files\TextPad 4\TextPad.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\EditPlus 2\editplus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\vatmakur\Desktop\HijackThis.exe


O2 - BHO: (no name) - {00000000-0000-0000-BFA1-D7EE6696B865} - C:\WINDOWS\System32\icdd7ee6.dll
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\Program Files\SysAI\AproposPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar_en_2.0.111-big.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar_en_2.0.111-big.dll
O3 - Toolbar: (no name) - {EFEE6B59-ADDB-40eb-BA2C-AF860F5B42B5} - C:\WINDOWS\System32\readdb40.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\ePOAgent\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [000hpdllhost] C:\WINDOWS\System32\hpdllhost.exe
O4 - HKLM\..\Run: [readdb40] rundll32.exe C:\WINDOWS\System32\readdb40.dll,EnableRunDLL32
O4 - HKLM\..\Run: [icdd7ee6] rundll32.exe C:\WINDOWS\System32\icdd7ee6.dll,EnableRunDLL32
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nssysconf] C:\WINDOWS\kbwdjal.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar_en_2.0.111-big.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar_en_2.0.111-big.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar_en_2.0.111-big.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar_en_2.0.111-big.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar_en_2.0.111-big.dll/cmtrans.html
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.andhrajyo...er/tdserver.cab
O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestat...ab?ver=1,1,0,30
O16 - DPF: {5E943D9C-F8DC-4258-8E3F-A61BB3405A33} (ZingBatchAXDwnl Class) - http://www.imagestat...ion=4,3,2,20802
O16 - DPF: {95EEE69E-27B4-4D13-BD32-766617A16909} (NDTVVideo.MPlayer) - http://www.ndtv.com/...TVseekvideo.CAB
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://matrixone.we...bex/ieatgpc.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.c...ebio5_1_5_0.cab

#2 dave38

dave38

    Devout Murphyite!

  • Emeritus
  • PipPipPipPipPip
  • 8,508 posts

Posted 04 August 2004 - 04:19 PM

From Control Panel>Add/Remove Programs, uninstall Apropos, if listed.

Have Hijack This fix all of the following by placing a check in the appropriate boxes and hitting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

O2 - BHO: (no name) - {00000000-0000-0000-BFA1-D7EE6696B865} - C:\WINDOWS\System32\icdd7ee6.dll
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\Program Files\SysAI\AproposPlugin.dll

O3 - Toolbar: (no name) - {EFEE6B59-ADDB-40eb-BA2C-AF860F5B42B5} - C:\WINDOWS\System32\readdb40.dll

O4 - HKLM\..\Run: [000hpdllhost] C:\WINDOWS\System32\hpdllhost.exe
O4 - HKLM\..\Run: [readdb40] rundll32.exe C:\WINDOWS\System32\readdb40.dll,EnableRunDLL32
O4 - HKLM\..\Run: [icdd7ee6] rundll32.exe C:\WINDOWS\System32\icdd7ee6.dll,EnableRunDLL32
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [nssysconf] C:\WINDOWS\kbwdjal.exe

Reboot and delete

files
C:\WINDOWS\System32\hpdllhost.exe
C:\WINDOWS\System32\readdb40.dll
C:\WINDOWS\System32\icdd7ee6.dll
C:\WINDOWS\kbwdjal.exe

folders
C:\Program Files\AutoUpdate

These may be hidden files. See HERE for how to show hidden files.

Please post a followup Hijack this log, and say if your problems persist.
Be wary of strong drink. It may make you shoot at tax collectors, and miss!
Please support SWI forum




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button