Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations sizbut on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hijackthis Log, Plz Advise Pop-up Problem

Status
Not open for further replies.
cyta001

cyta001

Programmer
Jan 15, 2004
1
US
Hello,
Having popup/crashing/redirect problems. This is the hijackthis log from today. Thank you in advance!!!

Logfile of HijackThis v1.97.7
Scan saved at 3:08:21 PM, on 1/15/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
C:\WINNT\System32\svchost.exe
C:\PVSW\BIN\W3SQLMGR.EXE
C:\PVSW\BIN\NTBTRV.EXE
C:\PVSW\BIN\NTDBSMGR.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PWORKS\PWSvr\PWSvr.exe
C:\Program Files\Common Files\slmss\slmss.exe
C:\Program Files\ClearSearch\Loader.exe
C:\WINNT\mwsvm.exe
C:\PROGRA~1\AUTOUP~1\AUTOUP~1.EXE
C:\DOCUME~1\ADMINI~1\APPLIC~1\qpcllpro.exe
C:\QBOOKSW\Components\QBAgent\qbdagent2002.exe
C:\WINNT\system32\RUNDLL32.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Wlj1.exe
C:\Program Files\AdDestroyer\AdDestroyer.exe
C:\Program Files\VBouncer\VirtualBouncer.exe
C:\Program Files\AproposClient\Apropos.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\explorer.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = wabu.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\Program Files\AproposClient\AproposPlugin.dll
O2 - BHO: (no name) - {63B78BC1-A711-4D46-AD2F-C581AC420D41} - C:\WINNT\system32\btiein.dll
O2 - BHO: (no name) - {87f5a710-5e12-4f3f-9421-bd7857826818} - C:\DOCUME~1\ADMINI~1\APPLIC~1\rtqubrhckie.dll
O2 - BHO: Clear Search - {947E6D5A-4B9F-4CF4-91B3-562CA8D03313} - C:\Program Files\ClearSearch\IE_ClrSch.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: llprprmlybl - {33522dfe-148f-4454-be53-51b207c25fb0} - C:\DOCUME~1\ADMINI~1\APPLIC~1\rtqubrhckie.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PWSvr] C:\PWORKS\PWSvr\PWSvr.exe
O4 - HKLM\..\Run: [stcloader] C:\WINNT\system32\stcloader.exe
O4 - HKLM\..\Run: [slmss] C:\Program Files\Common Files\slmss\slmss.exe
O4 - HKLM\..\Run: [ClrSchLoader] C:\Program Files\ClearSearch\Loader.exe
O4 - HKLM\..\Run: [Mwsvm] C:\WINNT\mwsvm.exe
O4 - HKLM\..\Run: [absr] C:\WINNT\mwsvm.exe
O4 - HKLM\..\Run: [AutoUpdater] C:\PROGRA~1\AUTOUP~1\AUTOUP~1.EXE
O4 - HKLM\..\Run: [oohckt] C:\DOCUME~1\ADMINI~1\APPLIC~1\qpcllpro.exe -QuieT
O4 - HKLM\..\Run: [winactive] C:\Program Files\Window Active\winactive.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: Practice Works Server.lnk = C:\PWORKS\PWSvr\PWSvr.exe
O4 - Startup: AdDestroyer.lnk = C:\Program Files\AdDestroyer\AdDestroyer.exe
O4 - Startup: Virtual Bouncer.lnk = C:\Program Files\VBouncer\VirtualBouncer.exe
O4 - Global Startup: QuickBooks 2002 Delivery Agent.lnk = C:\QBOOKSW\Components\QBAgent\qbdagent2002.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inetadpt.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} (IELoaderCtl Class) - O16 - DPF: {13197ACE-6851-45C3-A7FF-C281324D5489} - O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - O16 - DPF: {26E8361F-BCE7-4F75-A347-98C88B418322} - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
 
Sort by date Sort by votes
Why are you using a program you don't know what to do with?
Run AdAware or similar and let it clean up your PC.

Marc
If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all. Please specify details.
Free Tip: The F1 Key does NOT destroy your PC!
 
Upvote 0 Downvote
See also the FAQ, that's what they are here for: faq608-4650

Marc
If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all. Please specify details.
Free Tip: The F1 Key does NOT destroy your PC!
 
Upvote 0 Downvote

cyta001,

Follow this FAQ first faq608-4650 and then IF the problem still persists post another Hijack This! log.

Cheers.
 
Upvote 0 Downvote

Oops. Sorry marcs41. You were faster on the keyboard than I was. :~/

Cheers.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Deniall
  • Locked
  • Question
Problem accessing Eng-Tips website 1
Replies
7
Views
1K
Deniall
Deniall
Karen H Rozanski
  • Locked
  • Question
No Call pilot after wifi updated
Replies
1
Views
218
xwb
xwb
MeGustaXL
  • Locked
  • Question
IE11 - Country Problems
Replies
1
Views
252
Diancecht
Diancecht
buddy83
  • Locked
  • Question
Problem with HTTPS sites
Replies
2
Views
176
ChrisHirst
ChrisHirst
goombawaho
  • Locked
  • Question
Javascript error in Internet Explorer after upgrade to Windows 10
Replies
4
Views
260
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top