Results 1 to 2 of 2

Thread: Need help getting rid of pop ups

  1. 07-27-2007, 12:39 PM #1
    psych0crusher
    psych0crusher is offline Junior Member
    Join Date
    Jul 2007
    Posts
    1

    Need help getting rid of pop ups

    I ran a scan at houscall.trendmicro.com and there was definate detection bad stuff... I tried to let housecall get rid of it, but the pop-ups are still coming up. Aslo, i remember seeing system32/system.exe being a corrupt file or something when housecall scanned my computer...

    any bit of help would be awesome

    -thanks

    Logfile of HijackThis v1.99.1
    Scan saved at 10:37:30 AM, on 7/27/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\System.exe
    C:\WINDOWS\retadpu616.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\WinPop\winpop.exe
    C:\Program Files\AIM6\aolsoftware.exe
    C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
    C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\david\Desktop\HijackThis.exe

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Microsoft Update Machine] System.exe
    O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu616.exe 61A847B5BBF72814339D284503996897C881250221C8670836 AC4FA7C8833201749139
    O4 - HKLM\..\RunServices: [Microsoft Update Machine] System.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe
    O4 - HKCU\..\Run: [Microsoft Update Machine] System.exe
    O4 - HKCU\..\RunServices: [Microsoft Update Machine] System.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    Reply With Quote Reply With Quote
  2. 07-29-2007, 12:45 PM #2
    pheonix73's Avatar
    pheonix73
    pheonix73 is offline Member
    Join Date
    Jan 2007
    Location
    Edmonton,Alberta,Canada
    Posts
    78
    Firstly,hijack this should not be run from the desktop.Secondly,did you see the read me before posting sticky?If not,please follow all the steps there and post the appropriate logs for the admins to look at.I also notice that you are not running a virus scanner,nor at first glance a firewall.Other than the pop ups,are there any other problem you are experiencing?Also if you can make sure to include your systems resources in your next post,that can rule out any other problems thnigs like that can cause.Do all this and you will be on the road to recovery,just as soon as we know what we're dealing with.Laters .
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules