[Show all top banners]

houstonweb
Replies to this thread:

More by houstonweb
What people are reading
Subscribers
:: Subscribe
Back to: Kurakani General Refresh page to view new replies
 PC EXPERT!!popup problem HELP!!!
[VIEWED 4439 TIMES]
SAVE! for ease of future access.
Posted on 06-14-06 10:18 AM     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

hello,
i'm having severe pop-up problem. I've tried software such as ad-aware, symantec antivirus, Prevx1 but didn't help much. I am posting the logfile of HIJACKTHIS please help



KLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [keyboard] C:\\keyboard25.exe
O4 - HKLM\..\Run: [defender] C:\\defender23a.exe
O4 - HKLM\..\Run: [mvclgt] C:\WINNT\System32\nextgv.exe reg_run
O4 - HKLM\..\Run: [PrevxOne] C:\Program Files\Prevx1\PXConsole.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Ncr] C:\Program Files\Panasonic\NCR2\ncrcore.exe
O4 - HKCU\..\Run: [jrjnh] C:\WINNT\System32\nextgv.exe reg_run
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nesunee.mht!http://adgate.info/zscript/yea.chm::/recife.exe
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - ms-its:mhtml:file://c:\nesuned.mht!http://adgate.info/zscript/dra.chm::/3138302D2D2D.exe
O16 - DPF: {5526B4C6-63D6-41A1-9783-0FABF529859A} (mm06ocx.mm06ocxf) - ms-its:mhtml:file://c:\nesunem.mht!http://adgate.info/zscript/mma.chm::/joysavsht.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137790862062
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137794483812
O16 - DPF: {87BE3784-6977-4E84-AA08-55A96B9CEAC5} (Bl_camera Control) - http://192.168.0.253/bl_camera.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{56A1A60A-E865-43BD-8DB1-5E6C0E255B24}: NameServer = 66.80.130.23,64.7.11.2
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {624A3CDB-8C0A-4902-8480-191582C8498E} - (no file)
O20 - Winlogon Notify: NavLogon - C:\WINNT\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINNT\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache2 - Unknown owner - C:\Program Files\xampp\apache\bin\apache.exe" -k runservice (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: mysql - Unknown owner - C:\Program Files\xampp\mysql\bin\mysqld-nt.exe" "--defaults-file=C:\Program Files\xampp\mysql\bin\my.cnf" mysql (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: winupd - Unknown owner - C:\WINNT\winupd.exe (file missing)
 
Posted on 06-14-06 10:57 AM     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Run Adaware and Spybot in Safe Mode
 
Posted on 06-14-06 11:05 AM     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Download Mozilla firefox browser and use it not IE.That will help a lot.
 
Posted on 06-14-06 11:23 AM     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

man i fixed it.

they had html/javascript file in folders like accessories and common files. and they had it set those pages as desktop web startup items.
 
Posted on 06-14-06 11:24 AM     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

ImI bro, running away frm problem is not a solution :P
 
Posted on 06-14-06 11:31 AM     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Good for you!
i was just trying to tell you that most of the spyware and adware or compatible with IE .
Since , Mozilla firefox has lot of built in security features .It might help.
You got it fixed. Good.
 
Posted on 06-14-06 11:37 AM     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 
 


Please Log in! to be able to reply! If you don't have a login, please register here.

YOU CAN ALSO



IN ORDER TO POST!




Within last 90 days
Recommended Popular Threads Controvertial Threads
TPS Re-registration case still pending ..
Toilet paper or water?
Mamta kafle bhatt is still missing
ढ्याउ गर्दा दसैँको खसी गनाउच
Tourist Visa - Seeking Suggestions and Guidance
Problems of Nepalese students in US
I hope all the fake Nepali refugee get deported
Are Nepalese cheapstakes?
and it begins - on Day 1 Trump will begin operations to deport millions of undocumented immigrants
From Trump “I will revoke TPS, and deport them back to their country.”
wanna be ruled by stupid or an Idiot ?
Sajha Poll: Who is your favorite Nepali actress?
अरुणिमाले दोस्रो पोई भेट्टाइछिन्
To Sajha admin
seriously, when applying for tech jobs in TPS, what you guys say when they ask if you have green card?
Travel Document for TPS (approved)
MAGA denaturalization proposal!!
How to Retrieve a Copy of Domestic Violence Complaint???
Nepali Psycho
advanced parole
NOTE: The opinions here represent the opinions of the individual posters, and not of Sajha.com. It is not possible for sajha.com to monitor all the postings, since sajha.com merely seeks to provide a cyber location for discussing ideas and concerns related to Nepal and the Nepalis. Please send an email to admin@sajha.com using a valid email address if you want any posting to be considered for deletion. Your request will be handled on a one to one basis. Sajha.com is a service please don't abuse it. - Thanks.

Sajha.com Privacy Policy

Like us in Facebook!

↑ Back to Top
free counters