Xlime Internet Explorer Popups - Footslog's Web Boards

For information on how to deal with, and protect your computer, please go down to the bottom of the help desk to the archive section (main page). From there select how to combat Spyware, in this archive there are many tools, which will help you combat this problem. Problems concerning the Windows XP Operating System should go in this forum.

Thread Closed

Email This Page to Someone

Footslog's Web Boards

Windows XP

Xlime Internet Explorer Popups

profile | register | preferences | faq | search

This topic has been transferred to this forum: Cyber safety .

next newest topic | next oldest topic

Author	Topic: Xlime Internet Explorer Popups
Josh1 Administrator	posted February 06, 2005 12:46 AM I am moving your topic you can go to your question here: http://www.footslog.com/board/Forum18/HTML/000454.html ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. [This message has been edited by Josh1 (edited February 06, 2005).] IP: Logged
Josh1 Administrator	posted February 04, 2005 11:43 PM When do they pop up, when you are online? How do you connect dial up or broadband? ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
SoberOber Junior Member	posted February 04, 2005 01:28 AM off the top of my head, party poker, many ads ill get back to you when more occurs IP: Logged
Josh1 Administrator	posted February 03, 2005 11:25 PM Okay now are they popups like when you go to WebPages, or are they different kinds? What do they look like, and say? ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
SoberOber Junior Member	posted February 03, 2005 08:16 PM Yea i tried that spyware removal and it didnt detect anyhting and i still get popups. I only get them the first time i open internet explorer. After i open it and then close the popups they seem to stay gone. IP: Logged
Josh1 Administrator	posted February 02, 2005 11:19 PM I don’t know what this is C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\Ati2evxx.exe I think this may have something to do with a firewall, but I could be wrong. C:\WINDOWS\system32\dla\tfswctrl.exe O23 - Service: ScsiAccess - Unknown - C:\WINDOWS\System32\ScsiAccess.EXE Don’t know what this is either. Have you downloaded the Microsoft Antispyware? You can find it here: http://www.footslog.com/board/Forum18/HTML/000437.html Is your firewall enabled? Run the MS spyware and see what it picks up, and then let us know what happens. ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
SoberOber Junior Member	posted February 02, 2005 10:36 PM I have run every virus and adware software removal program that i could find and still i get pop ups from xlime and other web site monitoring popups. Here is my HiJack this log. The processes that keep coming up and i cant fix are winword.exe, calc.exe, and the pvpngrops or something from kazaa. Hope its not too much info. Heres the hijack log. Logfile of HijackThis v1.99.0 Scan saved at 11:23:18 PM, on 2/2/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\CTSVCCDA.EXE C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\WINDOWS\system32\sstray.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ATI Multimedia\main\launchpd.exe C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe C:\Program Files\ATI Multimedia\MAIN\ATISched.EXE C:\Program Files\Creative\ShareDLL\Mediadet.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\system32\wuauclt.exe C:\My Files\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q= O1 - Hosts file is located at: C:\WINDOWS\nsdb\hosts O2 - BHO: PynixObj Class - {00000000-DD60-0064-6EC2-6E0100000000} - C:\WINDOWS\Pynix.dll O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5AB829ED-CB2D-BC82-7B11-EDDC3F3DBBCB} - C:\WINDOWS\system32\gbesrv.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file) O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT" O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe" O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe O4 - HKCU\..\Run: [ATI Scheduler] C:\Program Files\ATI Multimedia\MAIN\ATISched.EXE O4 - HKCU\..\Run: [Steam] "c:\progra~1\steam\steam.exe" -silent O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Save with Download Manager... - C:\Program Files\J River\Media Jukebox\DMDownload.htm O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE O23 - Service: Kodak Camera Connection Software - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: X10 Device Network Service - Unknown - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing) IP: Logged

All times are CT (US)	next newest topic \| next oldest topic
Administrative Options: Open Topic \| Archive/Move \| Delete Topic
	Hop to:

Contact Us | Footslog Home

The information presented on FootsloG.com is copyrighted as a collective work. FootsloG.com is free for personal use (non-commercial). Any other use FootsloG.com, including copying or reproducing any portion of this web site is strictly prohibited without the express written consent of FootsloG.com. If you have any questions about the usage term please contact us via email: webmaster@footslog.com.

Problems, Knowledge, and Power, powered by intelligent Computing Solutions