Please report all spam threads, posts and suspicious members. We receive spam notifications and will take immediate action!
Results 1 to 5 of 5

Thread: bloody IE




  1. #1

    Default bloody IE

    hey guys! the last few days I've been going slowly insane when I'm browsing as I get random web pages popping up while I'm try to load pages or just surf!!!! I'm not using a pop up killer but have run adaware and various anti trojan and vrus programs and come up with zippo! any ideas? sys specs in sig
    64/3500+ | Gigabyte K8NS Ultra 939 | Gainy 6800 GS golden sample using 71.20 and DX 90c| 1Gb Geil PC3200 | WD 120Gb 7200rpm 8mb buffer | XP Pro + SP1 | Pioneer DVD burner dual layer | Antec 480 watt truepower wrapped in a Enermax 710B case | Dell 21" Trinitron.....etc

  2. #2
    Join Date
    Mar 2004
    Location
    NY
    Posts
    489

    Default Re: bloody IE

    Post a hijackthis log and follow this guide

    http://www.schadentech.com/Malware/spyware.htm

  3. #3

    Default Re: bloody IE

    Logfile of HijackThis v1.97.7
    Scan saved at 8:20:51 AM, on 11/1/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\System32\nvraidservice.exe
    C:\INTERNET\AVG\avgcc32.exe
    C:\Internet\ZoneAlarm\ZoneAlarm\zlclient.exe
    C:\WINDOWS\TBPanel.exe
    C:\Internet\Avast\ashDisp.exe
    C:\Internet\Avast\ashmaisv.exe
    C:\Drivers\Logitech\MouseWare\system\em_exec.exe
    C:\Internet\Avast\aswUpdSv.exe
    C:\Internet\Avast\ashServ.exe
    C:\INTERNET\AVG\avgserv.exe
    C:\Drivers\HP 3100\jsdaemon.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\ET4\ET4Tray.EXE
    C:\Temp\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.au/
    O1 - Hosts: 69.20.16.183 auto.search.msn.com
    O1 - Hosts: 69.20.16.183 search.netscape.com
    O1 - Hosts: 69.20.16.183 ieautosearch
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
    O4 - HKLM\..\Run: [AVG_CC] C:\INTERNET\AVG\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Internet\ZoneAlarm\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [EasyTuneIV] C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\ET4\update.exe
    O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [avast!] C:\Internet\Avast\ashDisp.exe
    O4 - HKLM\..\Run: [ashMaiSv] C:\Internet\Avast\ashmaisv.exe
    O4 - HKLM\..\Run: [VBundleOuterDL] C:\Program Files\VBouncer\BundleOuter.EXE
    O4 - Global Startup: DllCmd32.lnk = C:\Drivers\HP 3100\DLLCMD32.EXE
    O4 - Global Startup: Logitech Desktop Messenger.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\XP Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\XPOFFI~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
    O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/downlo...22/wmv9VCM.CAB
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
    O16 - DPF: {DDFFA75A-E81D-4454-89FC-B9FD0631E726} - http://www.zestyfind.com/app/DS4/DS4.cab
    64/3500+ | Gigabyte K8NS Ultra 939 | Gainy 6800 GS golden sample using 71.20 and DX 90c| 1Gb Geil PC3200 | WD 120Gb 7200rpm 8mb buffer | XP Pro + SP1 | Pioneer DVD burner dual layer | Antec 480 watt truepower wrapped in a Enermax 710B case | Dell 21" Trinitron.....etc

  4. #4
    Join Date
    Mar 2004
    Location
    NY
    Posts
    489

    Default Re: bloody IE

    Why do you have both AVG and Avast? Isn't Avast another anti-virus app? I don't suggest having 2 at the same time. If you want a good free Av app try AntiVir That is the best free one you can get. Uninstall the other ones as Avast is a system recource hog and AVg has a terrible detection rate. AntiVir has a better detection rate then both.

    Now remove all of the following

    O1 - Hosts: 69.20.16.183 auto.search.msn.com
    O1 - Hosts: 69.20.16.183 search.netscape.com
    O1 - Hosts: 69.20.16.183 ieautosearch
    O4 - HKLM\..\Run: [VBundleOuterDL] C:\Program Files\VBouncer\BundleOuter.EXE
    O16 - DPF: {DDFFA75A-E81D-4454-89FC-B9FD0631E726} - http://www.zestyfind.com/app/DS4/DS4.cab
    That shoudl solve your problems

  5. #5

    Default Re: bloody IE

    thanks mate! I owe ya a beer! ;)
    64/3500+ | Gigabyte K8NS Ultra 939 | Gainy 6800 GS golden sample using 71.20 and DX 90c| 1Gb Geil PC3200 | WD 120Gb 7200rpm 8mb buffer | XP Pro + SP1 | Pioneer DVD burner dual layer | Antec 480 watt truepower wrapped in a Enermax 710B case | Dell 21" Trinitron.....etc

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •