45000ad
2006-05-01, 04:27
I have aboutblank and lots of popups appear on my com. anyone can help me?
Hijackthis log if you need it
Logfile of HijackThis v1.99.1
Scan saved at 10:10:53 AM, on 5/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
H:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\svchost.exe
H:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
h:\program files\mcafee.com\agent\mcagent.exe
H:\WINDOWS\system32\dcomcfg.exe
H:\WINDOWS\SOUNDMAN.EXE
h:\progra~1\mcafee.com\vso\mcvsescn.exe
H:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
H:\PROGRA~1\mcafee.com\mps\mscifapp.exe
H:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\DAP\DAP.EXE
H:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
H:\Program Files\MessengerPlus! 3\MsgPlus.exe
H:\Jared\total recorder\TotRecSched.exe
H:\Program Files\Common Files\Real\Update_OB\realsched.exe
H:\Program Files\QuickTime\qttask.exe
H:\Program Files\SpyCatcher\DeleteSatellite.exe
H:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
H:\Program Files\GetRight\getright.exe
H:\Program Files\SpyCatcher\Scheduler daemon.exe
H:\Program Files\GetRight\getright.exe
H:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
H:\Program Files\Internet Explorer\iexplore.exe
H:\WINDOWS\system32\atmclk.exe
h:\PROGRA~1\mcafee.com\agent\McDash.exe
h:\program files\mcafee.com\shared\mghtml.exe
H:\stuff\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = H:\
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.singnet.com.sg:8080
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - H:\WINDOWS\system32\hpAC2E.tmp
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - h:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "h:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "h:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] h:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] H:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] H:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] h:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] H:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] H:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup
O4 - HKLM\..\Run: [DownloadAccelerator] "H:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [PCSuiteTrayApplication] H:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] H:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "H:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TotalRecorderScheduler] "H:\Jared\total recorder\TotRecSched.exe"
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GhostSurfDelSatellite] "H:\Program Files\SpyCatcher\DeleteSatellite.exe"
O4 - HKLM\..\RunOnce: [GhostSurfDelSatellite] "H:\Program Files\SpyCatcher\DeleteSatellite.exe" nowait
O4 - HKCU\..\Run: [MSKAGENTEXE] H:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - Startup: Scheduler.lnk = H:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = H:\Program Files\GetRight\getright.exe
O8 - Extra context menu item: Download with GetRight - H:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - H:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {203D6E22-5469-4CF8-9AD8-69211D01F7F2} (CNeoInstallShieldX Object) - http://www.nbaseball.com/gClient/dis.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3C403675-B43C-410B-BF56-D4D1FB68356C} (ActiveXPortal Control) - http://72.29.80.113/OCX/gwnet.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-au/4,0,0,90/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139831362669
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B905F63D-7489-4B3D-9B62-49A1B8647E2A} (HgPluginJP21 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP21.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-au/1,0,0,23/mcgdmgr.cab
O16 - DPF: {EF98AF7B-1F54-4079-91BC-3996DEABA45A} (Sinstaller Class) - http://www.cursorcafe.com/bin/cursorcafe.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - 0 - (no file)
O20 - Winlogon Notify: gdiwxp - H:\WINDOWS\SYSTEM32\gdiwxp.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - h:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - H:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - h:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - H:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - H:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
Hijackthis log if you need it
Logfile of HijackThis v1.99.1
Scan saved at 10:10:53 AM, on 5/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
H:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\svchost.exe
H:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
h:\program files\mcafee.com\agent\mcagent.exe
H:\WINDOWS\system32\dcomcfg.exe
H:\WINDOWS\SOUNDMAN.EXE
h:\progra~1\mcafee.com\vso\mcvsescn.exe
H:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
H:\PROGRA~1\mcafee.com\mps\mscifapp.exe
H:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\DAP\DAP.EXE
H:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
H:\Program Files\MessengerPlus! 3\MsgPlus.exe
H:\Jared\total recorder\TotRecSched.exe
H:\Program Files\Common Files\Real\Update_OB\realsched.exe
H:\Program Files\QuickTime\qttask.exe
H:\Program Files\SpyCatcher\DeleteSatellite.exe
H:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
H:\Program Files\GetRight\getright.exe
H:\Program Files\SpyCatcher\Scheduler daemon.exe
H:\Program Files\GetRight\getright.exe
H:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
H:\Program Files\Internet Explorer\iexplore.exe
H:\WINDOWS\system32\atmclk.exe
h:\PROGRA~1\mcafee.com\agent\McDash.exe
h:\program files\mcafee.com\shared\mghtml.exe
H:\stuff\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = H:\
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.singnet.com.sg:8080
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - H:\WINDOWS\system32\hpAC2E.tmp
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - h:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "h:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "h:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] h:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] H:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] H:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] h:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] H:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] H:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup
O4 - HKLM\..\Run: [DownloadAccelerator] "H:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [PCSuiteTrayApplication] H:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] H:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "H:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TotalRecorderScheduler] "H:\Jared\total recorder\TotRecSched.exe"
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GhostSurfDelSatellite] "H:\Program Files\SpyCatcher\DeleteSatellite.exe"
O4 - HKLM\..\RunOnce: [GhostSurfDelSatellite] "H:\Program Files\SpyCatcher\DeleteSatellite.exe" nowait
O4 - HKCU\..\Run: [MSKAGENTEXE] H:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - Startup: Scheduler.lnk = H:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = H:\Program Files\GetRight\getright.exe
O8 - Extra context menu item: Download with GetRight - H:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - H:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {203D6E22-5469-4CF8-9AD8-69211D01F7F2} (CNeoInstallShieldX Object) - http://www.nbaseball.com/gClient/dis.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3C403675-B43C-410B-BF56-D4D1FB68356C} (ActiveXPortal Control) - http://72.29.80.113/OCX/gwnet.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-au/4,0,0,90/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139831362669
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B905F63D-7489-4B3D-9B62-49A1B8647E2A} (HgPluginJP21 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP21.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-au/1,0,0,23/mcgdmgr.cab
O16 - DPF: {EF98AF7B-1F54-4079-91BC-3996DEABA45A} (Sinstaller Class) - http://www.cursorcafe.com/bin/cursorcafe.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - 0 - (no file)
O20 - Winlogon Notify: gdiwxp - H:\WINDOWS\SYSTEM32\gdiwxp.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - h:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - H:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - h:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - H:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - H:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe