Pop ups not going away ,did about everything

By smazz
Feb 7, 2006
  1. Ok, This is what I did to get rid of the pop ups ,I ran spy bot ,adware,trojan remover,anti malware,virus scans,xoftspy.I ran them in normal and in safe mode.They all found plenty of infections or problems .But I still have annoying pop ups about 1 every couple of minutes.I nevr had this problem until about 2 weeks ago.I use slimbrowser ,or Ie and I still get the pop ups in slimbrowser.
    But they pop up as IE browser .I also get wierd pop ups that just look like a small picture all advertisments.I did a system restore .Here is the log from Hijack this.If anyone can read this and let me know what is what ,and what to look for,or fix .Hope someone can help
    Thanks, Sal,

    Logfile of HijackThis v1.99.1
    Scan saved at 4:40:10 PM, on 2/6/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragService.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Weather Watcher\ww.exe
    C:\Program Files\WordWeb\wweb32.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe
    C:\Documents and Settings\Linda M\My Documents\downsave\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
    O4 - HKCU\..\Run: [Sabre Site Services] C:\SABRE\Apps\ATS\SSSClnt.EXE
    O4 - Global Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Worldspan Filter Agent.lnk = C:\wspan\swgw\FilterAgent.exe
    O4 - Global Startup: Ashampoo Magic Defrag.lnk = C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe
    O8 - Extra context menu item: Html To Image - C:\Program Files\Html To Image\menu.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra button: PopStop - {20988EDF-4CB5-4083-9829-262BBFD0CD52} - E:\programs reinstall\PopStop\PopStop.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
    O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
    O15 - Trusted Zone: http://*
    O15 - Trusted Zone: http://*
    O16 - DPF: {03DF0933-6E10-4D32-9835-B9A815622831} (WSSystemInfo Class) -
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
    O16 - DPF: {2D36AF92-04D3-11D8-B719-0000865F231B} (TMinReq Class) -
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
    O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
    O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
    O16 - DPF: {7B72C3FC-34B5-4504-B4BE-EB38971A0888} (WSFileIO Class 3) -
    O16 - DPF: {8D33B6F0-1E74-419C-BBEF-D00E976A3A5D} (WSFileIO Class 2) -
    O16 - DPF: {9145A52A-9B22-4858-AEE7-74D6C7D3F366} (BrowserConfig Class) -
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) -
    O16 - DPF: {D4233B6D-88A0-11D3-BC29-400011500032} (WspGoCal Class) -
    O16 - DPF: {F2C74EB6-1E7C-44A1-8EBA-CEDB52D47108} -
    O20 - Winlogon Notify: Group Policy - C:\WINDOWS\system32\ir0ul5d91.dll
    O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragService.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...