TechSpot

Hijackthis log

By jeffp42
May 27, 2006
  1. I tried running a bunch of the methods from this site though am still having random popups that I can't seem to get rid of. Any help would be appreciated.

    Thanks!
     

    Attached Files:

  2. tomrca

    tomrca TS Rookie Posts: 1,051

  3. Spike

    Spike TS Rookie Posts: 2,371

    That's not the only problem here, unfortunately.

    I'm not feeling too great at the moment with a bit of a stomach cramp which I've had all morning (you probably didn't need to know that, but hey. lol). If nobody else does, I shall take a closer look when I'm feeling a bit better.
     
  4. tomrca

    tomrca TS Rookie Posts: 1,051

    i am a novice on hjt's, but there is a number of adware files in your pc. if i were you run ewido, and select the setting 'scan every file'. then re-post hjt. i am sure that if i am wrong, it won't be long before the big boys have something to say.
    if you have more than one anti-spyware/adware remover, run them, but not at the same time.
     
  5. tomrca

    tomrca TS Rookie Posts: 1,051

    get well soon. hope its not seriouse or prolonged
     
  6. paranoid guy

    paranoid guy TS Rookie Posts: 459

    Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

    Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

    Run a full system scan and delete whatever it finds. It may well be that the infection is resident in one of your restore points. No antivirus programme can delete anything in a restore point. Turning off system restore will delete all your restore points and any infections that are in them.

    Once you`ve done that, follow the instructions below.

    Open task manager and end the following processes (if there)

    thiselt.exe
    ms04378011311.exe
    win3208113113780.exe
    zango.exe
    CCZoop05.exe
    Ssk.exe
    svchostsys.exe

    Click start/run and type regsvr32 /u "C:\Program Files\SurfSideKick 3\SskBho.dll"
    Click start/run and type regsvr32 /u "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll"
    Note the space between the 2 and the forward slash and again between the u and ".

    Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

    R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll

    O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
    O4 - HKLM\..\Run: [pop06apelt] C:\WINNT\thiselt.exe
    O4 - HKLM\..\Run: [TheMonitor] C:\WINNT\CCZoop05.exe
    O4 - HKLM\..\Run: [ms04378011311] C:\WINNT\ms04378011311.exe
    O4 - HKLM\..\Run: [win3208113113780] C:\WINNT\win3208113113780.exe
    O4 - HKLM\..\Run: [zango] "c:\program files\zango\zango.exe"
    O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
    O4 - HKCU\..\Run: [sys_up1] C:\Program Files\Common Files\svchostsys\svchostsys.exe
    O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

    O20 - AppInit_DLLs: repairs303169584.dll

    Reboot into normal mode and turn system restore back on.

    Post a fresh HJT log.

    Regards Howard :haha: -- Howard will be pleased. lol. ...Spike.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.