1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Will someone hlp me get rid of some adware stuff?

Discussion in 'PC hardware help' started by Luid16, Oct 27, 2004.

  1. Luid16

    Luid16 Member

    Joined:
    Oct 26, 2004
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    11
    I think I may have a trojan virus on my computer (Maybe polall1l.exe and others). All I know is that I've scanned my comp with at least five anti-virus programs and parasites aren't totally gone. My start up is still kinda slow AND I can't check my e-mail from home. I got Highjack This and recorded a log. Can someone PLEASE!!! help me fix this problem.

    This is what's on my log:

    Logfile of HijackThis v1.97.7
    Scan saved at 8:37:43 PM, on 10/26/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\HJT\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\TEMP\sp.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\WINDOWS\TEMP\sp.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\WINDOWS\TEMP\sp.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\TEMP\sp.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\WINDOWS\TEMP\sp.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\WINDOWS\TEMP\sp.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
    O2 - BHO: (no name) - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - C:\WINDOWS\SYSTEM\MTC.DLL
    O2 - BHO: (no name) - {CF021F40-3E14-23A5-CBA2-716D74632608} - C:\WINDOWS\SYSTEM\MTC2608.DLL
    O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - (no file)
    O2 - BHO: (no name) - {49FF3509-B212-749B-8753-60550DF2724C} - C:\WINDOWS\SYSTEM\UEJ.DLL
    O2 - BHO: (no name) - {98A59521-2683-11D9-AE62-0080D2A8D311} - (no file)
    O2 - BHO: (no name) - {9EAC0102-5E61-2312-BC2D-444C4C4F5552} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: Search Toolbar - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - C:\WINDOWS\SYSTEM\MTC.DLL
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O9 - Extra button: SideFind (HKLM)
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O15 - Trusted Zone: *.windupdates.com
    O15 - Trusted Zone: *.searchmiracle.com
    O15 - Trusted Zone: *.searchbarcash.com
    O15 - Trusted Zone: *.skoobidoo.com
    O15 - Trusted Zone: *.my-internet.info
    O15 - Trusted Zone: *.flingstone.com
    O15 - Trusted Zone: *.mt-download.com
    O15 - Trusted Zone: *.clickspring.net
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/2719a93360e3715bdf05/netzip/RdxIE601.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {197AB1D7-A7DD-4C86-A938-1FCC0DB21B85} - http://dm.cometsystems.com/dm/dm2_inst.cab
    O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - https://www.plaxo.com/down/release/PlaxoInstall.cab
    O16 - DPF: {CDCC6BE5-720B-488D-A953-047E0598D996} (UpMan Class) - https://www.plaxo.com/activex/plx_upldr.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nosuch.mht!http://www.foxik.com/5/files.chm::/file.exe
    O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
    O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab
    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -

     
  2. ianski7

    ianski7 Guest

    Hey!

    Go to this site and get CCLEANER. It's a great utility!

    http://www.ccleaner.com/

    You need to protect your machine. Do you have the latest updates for O/S and a reliable antivirus utility? If you don't your on borrowed time!

    Thanks To DDP for the cleaner!
     
  3. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,010
    Likes Received:
    77
    Trophy Points:
    128
    also get adaware6 from lavasoft.com free, also free avg6 free version not pay version, is anti virus program i install in over 100 computers & you welcome ianski7
     
  4. Prisoner

    Prisoner Guest

    Hijack this is an amazing utiltiy, I also see you have Spybot search and destroy. Version 1.3 is really good. I don`t see any ovious issues, have you run Norton antivirus or other virus utility.
     
  5. GrandpaBW

    GrandpaBW Active member

    Joined:
    Feb 28, 2004
    Messages:
    3,708
    Likes Received:
    11
    Trophy Points:
    68
    AdAware is great, but the free version does not let you enable the spyware/adware blocker. It still gets on your computer, and you use AdAware to get it off the hard drive, after it is already on the hard drive.

    I finally forked out the money to get the full version, and now, I do not get the spyware/adware on my computer. AdAware blocks it from getting into my system. I would recommend it to everyone.
    _X_X_X_X_X_[small]Bruce Wallace
    Vietnam Vet - 1970 - 1971

    3.06 Ghz Intel P4 CPU
    Asus P4C800-E Deluxe Motherboard
    1Gig Corsair 3200 LLPro DDR Ram
    Plextor PX 708A DVD Burner
    Sony CRX320E DVD 16x + CD-RW 52x24x52 Combo
    ATI Radeon 9700 Pro Video Card
    Audigy2 Platinum[/small]
     
    Last edited: Oct 29, 2004

Share This Page