Whenever I start Mozilla Firefox, I get a random IE pop-up. But that's the *only* time I get any pop-ups. I ran adaware and spybot but that didn't fix anything. I attached my HijackThis log for good measure. Thanks!
Annoying pop-up when Firefox starts
- Thread starter mintyfresh
- Start date
- Status
Please follow the instructions in the sticky thread at the top of the forum, with the title Follow these instructions BEFORE posting your HJT log.
Only THEN please post your HJT log as a .TXT attachment, as per the instructions in that thread.
Regards,
Spike
Only THEN please post your HJT log as a .TXT attachment, as per the instructions in that thread.
Regards,
Spike
I ran Trend Micro Housecall and BitDefender and deleted everything I could. CWShredder found nothing. I'm still having the same problem. Attached is the Ewido report and newest HijackThis report.
Reboot into Safe Mode, disable system restore, and show all hidden files and folders
Open TaskManager, and end process (if present) for...
once start.exe
Ref Cool.exe
Run HJT, and fix the following...
O4 - HKLM\..\Run: [amenlocksthirdspam] C:\Documents and Settings\All Users\Application Data\BoltMp3AmenLocks\once start.exe
O4 - HKCU\..\Run: [way jump] C:\DOCUME~1\namsel\APPLIC~1\BOWSLO~1\Ref Cool.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
ALL 016 entries
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sophos Agent - Unknown owner - C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe" -service -name Agent (file missing)
O23 - Service: Sophos AutoUpdate Agent - Unknown owner - C:\Program Files\Sophos\Remote Management System\AutoUpdateAgentNT.exe" -service -name ALC (file missing)
O23 - Service: Sophos Message Router - Unknown owner - C:\Program Files\Sophos\Remote Management System\RouterNT.exe" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194 (file missing)
Open My Computer/explorer, and delete the following files/directories (in bold)...
C:\DOCUME~1\namsel\APPLIC~1\BOWSLO~1\
C:\Documents and Settings\All Users\Application Data\BoltMp3AmenLocks\
Re-enable system restore, and reboot to normal mode.
If the file c:\progra~1\intern~1\iexplore.exe is in the directory it says there, and NOT in C:\Program Files\Internet Explorer\iexplore.exe, it may need to be fixed and deleted too.
You should also install a firewall. - ZoneAlarm or Sunbelt Kerio[/b] are good choices.
Open TaskManager, and end process (if present) for...
once start.exe
Ref Cool.exe
Run HJT, and fix the following...
O4 - HKLM\..\Run: [amenlocksthirdspam] C:\Documents and Settings\All Users\Application Data\BoltMp3AmenLocks\once start.exe
O4 - HKCU\..\Run: [way jump] C:\DOCUME~1\namsel\APPLIC~1\BOWSLO~1\Ref Cool.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
ALL 016 entries
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sophos Agent - Unknown owner - C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe" -service -name Agent (file missing)
O23 - Service: Sophos AutoUpdate Agent - Unknown owner - C:\Program Files\Sophos\Remote Management System\AutoUpdateAgentNT.exe" -service -name ALC (file missing)
O23 - Service: Sophos Message Router - Unknown owner - C:\Program Files\Sophos\Remote Management System\RouterNT.exe" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194 (file missing)
Open My Computer/explorer, and delete the following files/directories (in bold)...
C:\DOCUME~1\namsel\APPLIC~1\BOWSLO~1\
C:\Documents and Settings\All Users\Application Data\BoltMp3AmenLocks\
Re-enable system restore, and reboot to normal mode.
If the file c:\progra~1\intern~1\iexplore.exe is in the directory it says there, and NOT in C:\Program Files\Internet Explorer\iexplore.exe, it may need to be fixed and deleted too.
You should also install a firewall. - ZoneAlarm or Sunbelt Kerio[/b] are good choices.
Thank you! It worked wonderfully 
- Status
Similar threads
Latest posts
-
Fallout TV show secures second season after stellar debut- dirtyferret replied
-
Russia-backed hacking group suspected of attack on US water system- JESUSxISxLORD replied
-
Apple is rolling out AirPlay support for TVs in hotel rooms
- Cal Jeffrey replied