| View Question |
|
|
 | ||
|
| Subject:
Stop this Pop-Up Program!! Here are my "Hijack This" results...
Category: Computers Asked by: cdn2005-ga List Price: $5.00 |
Posted:
16 Mar 2006 07:13 PST
Expires: 15 Apr 2006 08:13 PDT Question ID: 707976 |
Please help me stop the pop up advertisements running on my computer. I was told to run "Hijack This". The results are below - please give Step by Step instructions of how delete program/file. Logfile of HijackThis v1.99.1 Scan saved at 6:55:08 AM, on 3/16/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe C:\WINDOWS\MXOALDR.EXE C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\WINDOWS\system32\hphmon03.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\MICROS~4\Office\OUTLOOK.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus\OPScan.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe C:\DOCUME~1\Ogonet\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: WTLHelper Object - {6D33B121-5C4C-4450-9D1F-7B67085CC199} - C:\WINDOWS\system32\mljgd.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: mljgd - C:\WINDOWS\system32\mljgd.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe | |
|
| ||
|
| There is no answer at this time. |
| ||
|
| Subject:
Re: Stop this Pop-Up Program!! Here are my "Hijack This" results...
From: mister4u-ga on 16 Mar 2006 07:59 PST |
Here is an analysis f your file http://hijackthis.de/logfiles/1f9c956509f144fb6cb350e52948ead5.html There are a few false positives in the report you'll be able to spot those These are your most likely culprits \PROGRA~1\Dantz\RETROS~1\retrorun.exe BHO: WTLHelper Object - {6D33B121-5C4C-4450-9D1F-7B67085CC199} O20 - Winlogon Notify: mljgd - C:\WINDOWS\system32\mljgd.dll mljgd.dll is definitely malware you can find out how to remove it here http://pcpitstop.invisionzone.com/lofiversion/index.php/t107119.html |
| Subject:
Re: Stop this Pop-Up Program!! Here are my "Hijack This" results...
From: roxrox-ga on 16 Mar 2006 14:57 PST |
I have found that this website http://www.pandasoftware.com/products/activescan A Free website found more malware than my Nortons Professional did! Good luck to you, sigh... |
| Subject:
Re: Stop this Pop-Up Program!! Here are my "Hijack This" results...
From: timusb-ga on 16 Mar 2006 15:45 PST |
Try ewido from http://www.ewido.net/en/download/ It has free trial version and it worked prefectly for me and one of my friend. You may check if it works for you. |
| Subject:
Re: Stop this Pop-Up Program!! Here are my "Hijack This" results...
From: daemon_byte-ga on 17 Mar 2006 05:46 PST |
Firstly I would remove norton because its bloatware that fails to work. Replace the virus scanner with Avast anti virus (free for home use) http://www.avast.com then goto sunbelt-software.com and download counterspy and run it. While its only free for 14 days its excellent software and should remove the problems. |
| Subject:
Re: Stop this Pop-Up Program!! Here are my "Hijack This" results...
From: richard183-ga on 17 Mar 2006 10:05 PST |
Try running Firefox instead of IE. I find it is much better at blocking pop-ups. |
| Subject:
Re: Stop this Pop-Up Program!! Here are my "Hijack This" results...
From: pingersantboi-ga on 23 Mar 2006 07:38 PST |
I recommend to you, 2 solutions, first replace your IE, use Firefox. Second install Avast Antivirus. A firewall is also recommended. |
| Subject:
Re: Stop this Pop-Up Program!! Here are my "Hijack This" results...
From: np4490-ga on 28 Mar 2006 11:21 PST |
When do these popups happen, if it is not when you are using the internet, and you are not using windows xp sp2, then it is probabally a mass messenger, using the windows messaging service, to disable it go to start, run, type in "Services.msc" (without the quotes) and find windows messaging, and double click it, and set the start up to manual, and click stop. This should fix it. Note: This is different from the WINDOWS MESSENGER that comes pre-installed on windows, it is part of the command propt, which can be accessed by Start-run-"CMD" and then type "Net send" then an IP address, and then a message. Hope this helps, Nick |
If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you. |
| Search Google Answers for |
| Google Home - Answers FAQ - Terms of Service - Privacy Policy |