"Old" Msn Popups

Rush2004Rush2004 Newbury
edited September 2004 in Spyware & Virus Removal
Hey,

i just re-formatted today and realised that those annoying MSN pop-ups have started up again hehe, i have asked for a solution on here before but i cant remember the outcome and cant find the thread anywere...

Can anyone help me with this again

Thanks Rush

Comments

  • SpywareShooterSpywareShooter 127.0.0.1
    edited September 2004
    Can you please post a HijackThis log?
  • Rush2004Rush2004 Newbury
    edited September 2004
    SpywareShooter wrote:
    Can you please post a HijackThis log?

    Cheers for the help..

    heres the log :)

    Logfile of HijackThis v1.97.7
    Scan saved at 16:35:11, on 21/09/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Norton Internet Security\NISUM.EXE
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\Norton Internet Security\ccPxySvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Documents and Settings\Rush\My Documents\HijackThis.exe

    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Microsoft Update Machine] Winregs32.exe
    O4 - HKLM\..\Run: [Win32 Configuration] videosd32.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\RunServices: [Microsoft Update Machine] Winregs32.exe
    O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Win32 Configuration] videosd32.exe
    O4 - HKCU\..\Run: [Microsoft Update Machine] Winregs32.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM
  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian
    edited September 2004
    Hello.

    Get rid of:

    O4 - HKLM\..\Run: [Microsoft Update Machine] Winregs32.exe
    O4 - HKLM\..\Run: [Win32 Configuration] videosd32.exe

    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\RunServices: [Microsoft Update Machine] Winregs32.exe
    O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe

    O4 - HKCU\..\Run: [Win32 Configuration] videosd32.exe
    O4 - HKCU\..\Run: [Microsoft Update Machine] Winregs32.exe


    Then, search for, and delete winregs32.exe and videosd32.exe. Chances are, they'll be in C:\WINDOWS\SYSTEM or C:\WINDOWS\....
  • Rush2004Rush2004 Newbury
    edited September 2004
    Thanks m8 :)

    owe u one hehe
  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian
    edited September 2004
    Problems gone?
  • Rush2004Rush2004 Newbury
    edited September 2004
    Yeh i think so, but now ive got the problem of the Old messenger running aswell as the new MSN messenger..

    If you need screenshots i can take some when i get home but im at college atm, anyone know what i mean?

    Cheers again

    Rush :Rocker:

    P.S. - If i remember i asked this aswell and it was solved by typing something into 'Run' and when it loads up you can change the settings from there :p..

    Not 100% tho so i might be wrong, my memory isnt like it used to be lol
  • TroganTrogan London, UK
    edited September 2004
    Rush2004 wrote:
    P.S. - If i remember i asked this aswell and it was solved by typing something into 'Run' and when it loads up you can change the settings from there :p..

    Not 100% tho so i might be wrong, my memory isnt like it used to be lol

    It could be 'msconfig' that you typed in 'run'. That brings up the 'System Configuration Utility.

    Hope i'm right :)
  • Rush2004Rush2004 Newbury
    edited September 2004
    does load up config, but i dont know how to go about stopping these pop-ups, ive done everything mentioned above and still no luck. Next time i get one come up ill post a screenshot..

    Maybe that will help hehe :)

    Anymore idea's?

    Cheers all Rush
  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian
    edited September 2004
    Download the latest version of HJT (1.98.2 - link is in my sig) and post a log with that.
Sign In or Register to comment.