PDA

View Full Version : http://pop.elitemediagroup.net/sixer.php?src=em&rand=0.5311199


SFJenna
2006-06-13, 18:54
This keeps popping up and trying to install a media player. I click no and it won't close. I have to hit control-alt-delete to get it to stop. Spybot and AdAware have not detected it. I have TeaTimer on, pop-up blocker on, blocked it in my privacy sites. Please help!!!! :confused:

SFJenna
tashi
2006-06-13, 19:29
http://forums.spybot.info/showthread.php?p=29041#post29041

Please post all the information requested. Thank you.
SFJenna
2006-06-13, 20:29
Tashi,
Here is the log:
3/29/2006 1:03:52 PM Allowed value "{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}" (new data: "") deleted in ActiveX Distribution Unit!
4/3/2006 9:39:56 AM Allowed value "IntelliPoint" (new data: ""C:\Program Files\Microsoft IntelliPoint\point32.exe"") added in System Startup global entry!
4/4/2006 8:39:56 AM Allowed value "DW4" (new data: "") deleted in System Startup user entry!
4/4/2006 9:35:29 AM Allowed value "DW4" (new data: ""C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"") added in System Startup user entry!
4/4/2006 9:45:55 AM Allowed value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") deleted in Browser Helper Object!
4/4/2006 9:49:32 AM Allowed value "DVDLauncher" (new data: "") deleted in System Startup global entry!
4/4/2006 9:50:08 AM Allowed value "DW4" (new data: "") deleted in System Startup user entry!
4/4/2006 9:50:17 AM Allowed value "Microsoft Location Finder" (new data: "") deleted in System Startup user entry!
4/4/2006 10:23:16 AM Allowed value "*Restore" (new data: "C:\WINDOWS\system32\restore\rstrui.exe -i") added in System Startup global entry!
6/12/2006 10:58:31 AM Denied value "New Program" (new data: "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe") added in System Startup user entry!
6/12/2006 11:26:59 AM Denied value "pop06apelt" (new data: "") deleted in System Startup global entry!
6/12/2006 11:31:30 AM Denied value "pop06apelt" (new data: "") deleted in System Startup global entry!
6/12/2006 12:08:13 PM Denied value "SpybotSnD" (new data: "") deleted in System Startup global entry!
6/12/2006 12:08:35 PM Denied value "{53707962-6F74-2D53-2644-206D7942484F}" (new data: "") deleted in Browser Helper Object!
6/12/2006 12:28:50 PM Allowed value "SpybotSnD" (new data: "") deleted in System Startup global entry!
6/12/2006 12:52:10 PM Allowed value "Search Bar" (new data: "http://g.msn.com/0SEENUS/SAOS11") changed in Browser page!
6/12/2006 12:53:09 PM Allowed value "Search Bar" (new data: "http://g.msn.com/0SEENUS/SAOS02") changed in Browser page!
6/12/2006 1:27:18 PM Allowed value "Search Bar" (new data: "http://g.msn.com/0SEENUS/SAOS07") changed in Browser page!
6/12/2006 1:27:44 PM Allowed value "Search Bar" (new data: "http://g.msn.com/0SEENUS/SAOS13") changed in Browser page!
6/12/2006 1:32:33 PM Allowed value "Search Bar" (new data: "http://g.msn.com/0SEENUS/SAOS05") changed in Browser page!
6/12/2006 1:34:10 PM Allowed value "Search Bar" (new data: "http://g.msn.com/0SEENUS/SAOS01") changed in Browser page!
6/12/2006 2:14:06 PM Allowed value "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (new data: "") added in User-specific browser toolbar!
6/12/2006 2:51:05 PM Allowed value "updateMgr" (new data: ""C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcStd7_0_7 -reboot 1") added in System Startup user entry!
6/12/2006 2:51:09 PM Allowed value "updateMgr" (new data: ""C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcStd7_0_7") changed in System Startup user entry!
6/12/2006 3:06:18 PM Allowed value "ITBarLayout" (new data: "") deleted in User-specific browser toolbar!
6/12/2006 3:06:27 PM Allowed value "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (new data: "") deleted in User-specific browser toolbar!
6/12/2006 3:09:28 PM Allowed value "updateMgr" (new data: ""C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcStd7_0_7 -reboot 1") changed in System Startup user entry!
6/12/2006 3:11:28 PM Allowed value "updateMgr" (new data: ""C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcStd7_0_8") changed in System Startup user entry!
6/12/2006 3:32:31 PM Allowed value "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (new data: "") added in User-specific browser toolbar!
6/12/2006 3:32:32 PM Allowed value "ITBarLayout" (new data: "") added in User-specific browser toolbar!
6/13/2006 8:01:29 AM Allowed value "SpybotSnD" (new data: "") deleted in System Startup global entry!
6/13/2006 8:01:29 AM Allowed value "Search Bar" (new data: "http://g.msn.com/0SEENUS/SAOS01") changed in Browser page!
6/13/2006 8:11:25 AM Allowed value "SpybotSnD" (new data: "") deleted in System Startup global entry!
6/13/2006 8:11:29 AM Denied value "{23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92}" (new data: "") added in Browser Helper Object!
6/13/2006 8:11:35 AM Allowed value "Search Bar" (new data: "http://g.msn.com/0SEENUS/SAOS01") changed in Browser page!
6/13/2006 8:11:40 AM Allowed value "UserInit" (new data: "C:\WINDOWS\system32\userinit.exe,lgpwihx.exe") changed in Winlogon!
6/13/2006 8:11:42 AM Allowed value "Shell" (new data: "Explorer.exe, C:\WINDOWS\system32\alisx.exe") changed in Winlogon!
6/13/2006 8:54:32 AM Allowed value "Start Page" (new data: "http://www.msn.com/") changed in Browser page!
6/13/2006 9:31:02 AM Allowed value "Shell" (new data: "Explorer.exe") changed in Winlogon!
6/13/2006 9:31:06 AM Allowed value "Shell" (new data: "Explorer.exe, C:\WINDOWS\system32\alisx.exe") changed in Winlogon!
6/13/2006 9:37:53 AM Allowed value "MSMSGS" (new data: "") deleted in System Startup user entry!
6/13/2006 9:43:33 AM Allowed value "gpdhy" (new data: "") deleted in System Startup user entry!
6/13/2006 9:43:35 AM Allowed value "SpybotSnD" (new data: "") deleted in System Startup global entry!
6/13/2006 9:43:41 AM Denied value "jtvgxa" (new data: "") deleted in System Startup global entry!
6/13/2006 9:43:42 AM Denied value "Search Bar" (new data: "http://g.msn.com/0SEENUS/SAOS01") changed in Browser page!
6/13/2006 9:43:45 AM Denied value "Start Page" (new data: "http://www.msn.com/") changed in Browser page!
6/13/2006 9:43:47 AM Allowed value "UserInit" (new data: "C:\WINDOWS\system32\userinit.exe,lgpwihx.exe") changed in Winlogon!
6/13/2006 9:43:48 AM Allowed value "Shell" (new data: "Explorer.exe, C:\WINDOWS\system32\alisx.exe") changed in Winlogon!
6/13/2006 9:43:50 AM Allowed value "BootExecute" (new data: "") deleted in Session manager!
6/13/2006 9:43:51 AM Allowed value "ExcludeFromKnownDlls" (new data: "") deleted in Session manager!
6/13/2006 9:44:07 AM Denied value "jtvgxa" (new data: "") deleted in System Startup global entry!
6/13/2006 9:44:11 AM Denied value "jtvgxa" (new data: "") deleted in System Startup global entry!
6/13/2006 9:44:14 AM Denied value "jtvgxa" (new data: "") deleted in System Startup global entry!
6/13/2006 9:44:17 AM Denied value "jtvgxa" (new data: "") deleted in System Startup global entry!
6/13/2006 9:44:21 AM Denied value "jtvgxa" (new data: "") deleted in System Startup global entry!
6/13/2006 9:44:22 AM Allowed value "jtvgxa" (new data: "") deleted in System Startup global entry!
tashi
2006-06-13, 20:32
Need the logs requested. :)
BEFORE you post and who will advise you. Preliminary Steps (http://forums.spybot.info/showthread.php?t=288)

Then a helper will take a look as soon as possible.
SFJenna
2006-06-13, 21:25
Tashi,
It would help if you could tell me how to access the HJT Log. Then I can send this to you.
I realize you are al busy. I appreciate your response.
tashi
2006-06-13, 21:38
The full instructions are in the link I provided.

It might be best for you to wait for your IT person. ;)
LonnyRJones
2006-06-14, 03:15
"It might be best for you to wait for your IT person."

I agree

Its not a good thing to be troubleshooting when panicked.
Ive done that myself and coused more problems that what we were removing.