  |
| ||||||
| General Discussion Kick back and talk about just about anything non wrestling related. You know the drill. |
 |
| | LinkBack | Thread Tools | Display Modes |
07-25-2007, 10:39 PM
| #1 (permalink) | |
| Formerly "Tom Dogg"
Join Date: Feb 2003 Location: New York City
Posts: 11,524
vBookie Cash: 100
Rep Power: 47    | Help!!!! I'm Desperate!!!! Starting about two or three weeks ago, my computer started acting funny. Whenever I browse the Internet (using Firefox), after a little while, I get an Internet Explorer pop-up ad. I close it out, then about 15 seconds later, another one pops up. After closing that one, then I get a Firefox pop-up. Then I close that, and I'm fine for like 10 minutes, upon which the cycle starts again. Also, even when I'm not on the Internet, my comp seems to be going considerably slower. It takes forever for programs to open, if I try to do more than one thing at a time the pc slows to a crawl. I've run like 5 different anti-virus/anti-adware/anti-spyware programs, and nothing has worked....does anybody have any idea what I can do??? | |
|  |
|
07-25-2007, 10:47 PM
| #2 (permalink) |
| Platinum Member Join Date: Jul 2006 Location: Portsmouth, VA
Posts: 1,274
vBookie Cash: 738
Rep Power: 7 gXboxLive Position: 14th | Re: Help!!!! I'm Desperate!!!! This will probably make me look dumb but oh well. Have you tried looking through your program lists just to see if anything new/odd has been added lately? I once had this problem, went on a site and left it there for awhile and a shitload of ads just kept coming for awhile. Eventually it died out after awhile. |
|
| |
|
07-25-2007, 10:49 PM
| #3 (permalink) | |
| Ex-Superstud
Join Date: Sep 2004
Posts: 4,358
vBookie Cash: 100
Rep Power: 25 | Re: Help!!!! I'm Desperate!!!! Download HijackThis - run the program, but don't delete anything. Only post the list of programs that comes up. Secondly, download CC Cleaner. You can run wild with this one ... it's pretty safe. | |
| |
|
07-25-2007, 10:50 PM
| #4 (permalink) | |
|
WC's Resident Samoan
stuntin' is a habit
Join Date: Apr 2006 Location: Wisconsin
Posts: 5,135
vBookie Cash: 100
Rep Power: 46 | Re: Help!!!! I'm Desperate!!!! Genius beat me to it >.< | |
| And I don't think, you see the places inside me that I find you, And I don't know, how we separate the lies here from the truth, And I don't know, how we woke up one day somehow thought we knew, Exactly what we're supposed to do. So leave me, at the Roadside, And hang me, up and out to dry, | ||
|
| |
|
07-25-2007, 10:56 PM
| #5 (permalink) | |
|
WC HOF'er
The Revelator
Join Date: Nov 2004 Location: Washington State
Posts: 15,949
vBookie Cash: 1653
Rep Power: 62 gXboxLive Position: 21st | Re: Help!!!! I'm Desperate!!!! Yup and run all Spybot checks available to you. Something is hiding in your cookies or temp files that is causing this. | |
  | ||
|
| |
|
08-06-2007, 08:28 PM
| #6 (permalink) | |
| Formerly "Tom Dogg"
Join Date: Feb 2003 Location: New York City
Posts: 11,524
vBookie Cash: 100
Rep Power: 47 | Re: Help!!!! I'm Desperate!!!! Ok Terry, here you go: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:43:03 PM, on 8/2/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Link...nk/?linkid=677 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://default-homepage-........com/start.cgi?new-hkcu R3 - URLSearchHook: (no name) - {BC9ED1FD-42B5-1523-7128-86454CDDC322} - C:\WINDOWS\Pgrrdmmf.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: (no name) - SOFTWARE - (no file) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {4A6B6D10-FD82-4B6D-8260-2BC8FAD5CA09} - (no file) O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {8AB3CBD0-9B4A-5078-F2D6-B62CE1E72982} - C:\WINDOWS\Pgrrdmmf.dll O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\sjrkkfug.dll O2 - BHO: Root.CERT - {D6EAC4ED-2842-4FB6-A8B4-B1A300A1F2F9} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\root\root.dll O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\vtuuvvw.dll O2 - BHO: (no name) - {E8A4CD3C-2993-4130-B028-0CC1AC19F7D8} - C:\WINDOWS\system32\mlljk.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: Search - {8D95CC76-1DE1-A3E8-867A-B6C1FF6088D6} - C:\WINDOWS\Pgrrdmmf.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\tmeaydcr.dll",forkonce O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: (no name) - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file) O9 - Extra 'Tools' menuitem: Java - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.ht m (file missing) (HKCU) O15 - Trusted Zone: *.amaena.com O15 - Trusted Zone: *.drivecleaner.com O15 - Trusted Zone: *.errorprotector.com O15 - Trusted Zone: *.errorsafe.com O15 - Trusted Zone: *.imageservr.com O15 - Trusted Zone: *.imagesrvr.com O15 - Trusted Zone: *.systemdoctor.com O15 - Trusted Zone: *.winantispyware.com O15 - Trusted Zone: *.winantivirus.com O15 - Trusted Zone: *.winfixer.com O15 - Trusted Zone: *.amaena.com (HKLM) O15 - Trusted Zone: *.drivecleaner.com (HKLM) O15 - Trusted Zone: *.errorprotector.com (HKLM) O15 - Trusted Zone: *.errorsafe.com (HKLM) O15 - Trusted Zone: *.imageservr.com (HKLM) O15 - Trusted Zone: *.imagesrvr.com (HKLM) O15 - Trusted Zone: *.systemdoctor.com (HKLM) O15 - Trusted Zone: *.winantispyware.com (HKLM) O15 - Trusted Zone: *.winantivirus.com (HKLM) O15 - Trusted Zone: *.winfixer.com (HKLM) O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab O16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} - http://mvnet.xlontech.net/qm/fox/061...ie06101001.cab O20 - Winlogon Notify: mllji - C:\WINDOWS\system32\mllji.dll (file missing) O20 - Winlogon Notify: mlljk - C:\WINDOWS\system32\mlljk.dll O20 - Winlogon Notify: vtuuvvw - C:\WINDOWS\SYSTEM32\vtuuvvw.dll O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\nvglptrp.exe (file missing) O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe -- End of file - 7133 bytes | |
|
| |
|
08-06-2007, 09:49 PM
| #7 (permalink) | |
| Ex-Superstud
Join Date: Sep 2004
Posts: 4,358
vBookie Cash: 100
Rep Power: 25 | Re: Help!!!! I'm Desperate!!!! Close everything but HijackThis. Now remove the following, and reboot... R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://default-homepage-........com/start.cgi?new-hkcu O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.ht m (file missing) (HKCU) O15 - Trusted Zone: *.amaena.com O15 - Trusted Zone: *.drivecleaner.com O15 - Trusted Zone: *.errorprotector.com O15 - Trusted Zone: *.errorsafe.com O15 - Trusted Zone: *.imageservr.com O15 - Trusted Zone: *.imagesrvr.com O15 - Trusted Zone: *.systemdoctor.com O15 - Trusted Zone: *.winantispyware.com O15 - Trusted Zone: *.winantivirus.com O15 - Trusted Zone: *.winfixer.com O15 - Trusted Zone: *.amaena.com (HKLM) O15 - Trusted Zone: *.drivecleaner.com (HKLM) O15 - Trusted Zone: *.errorprotector.com (HKLM) O15 - Trusted Zone: *.errorsafe.com (HKLM) O15 - Trusted Zone: *.imageservr.com (HKLM) O15 - Trusted Zone: *.imagesrvr.com (HKLM) O15 - Trusted Zone: *.systemdoctor.com (HKLM) O15 - Trusted Zone: *.winantispyware.com (HKLM) O15 - Trusted Zone: *.winantivirus.com (HKLM) O15 - Trusted Zone: *.winfixer.com (HKLM) That should fix it. If you're still having problems we can go a little more aggressive. | |
|
| |
|
08-07-2007, 07:58 PM
| #8 (permalink) | |
| Formerly "Tom Dogg"
Join Date: Feb 2003 Location: New York City
Posts: 11,524
vBookie Cash: 100
Rep Power: 47 | Re: Help!!!! I'm Desperate!!!! hmmm...it's made the comp run a little faster, but I still have the problems with the IE pop-ups...we might need to go a little more aggressive... | |
|
| |
|
08-08-2007, 10:01 PM
| #9 (permalink) | |
| Ex-Superstud
Join Date: Sep 2004
Posts: 4,358
vBookie Cash: 100
Rep Power: 25 | Re: Help!!!! I'm Desperate!!!! Remove these as well then ... R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id= O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: (no name) - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file) O9 - Extra 'Tools' menuitem: Java - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing) And fuck... what I didn't realize was that you have trojan installed. First download the fix, at http://www.atribune.org/ccount/click.php?id=4. * Double-click VundoFix.exe to run it. * Click the Scan for Vundo button. * Once it's done scanning, click the Remove Vundo button. * You will receive a prompt asking if you want to remove the files, click YES * Once you click yes, your desktop will go blank as it starts removing Vundo. * When completed, it will prompt that it will reboot your computer, click OK. * Please post the contents of C:\vundofix.txt and a new HiJackThis log in a reply to this thread. | |
|
| |
|
| Thread Tools | |
| Display Modes | |
Linear Mode
| | |||||
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| K-Fed is Desperate | Joseph T. Cool | Entertainment | 8 | 10-13-2006 12:48 PM |
| Desperate Housewives S2, E7 *Requested* | Joseph T. Cool | Television | 0 | 11-21-2005 05:30 PM |
| Desperate Housewives *Spoilers* | Joseph T. Cool | Entertainment | 0 | 07-29-2005 11:23 AM |
