Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
I've got pokapoka
   
BullGuard Antivirus Forum > General Security > Spyware > I've got pokapoka  
Forum Quick Jump
 
New Topic Post reply to : I've got pokapoka Printable version of : I've got pokapoka
[ << Previous Thread | Next Thread >> ]

joecamel
New Member


Date Joined Oct 2005
Total Posts : 1
  		   Posted 10-28-2005 6:38 (GMT +2)    Quote: I've got pokapokaAlert an admin about: I've got pokapoka
Hi, I've got 3 things I think are spyware on my comp, pokapoka76.exe, ctfmon.exe, and IEXPLORE.EXE. I think poka and IEXPLORE are connected somehow. Here is my HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 12:37:46 AM, on 10/28/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\etb\pokapoka76.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ryan Lacheen\Desktop\hijackthis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WUSB54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv4.exe (file missing)



Any help would be appreciated - thanks in advance!
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 13077
  		   Posted 10-28-2005 7:12 (GMT +2)    Quote: I've got pokapokaAlert an admin about: I've got pokapoka
Hey and welcome smile


Unfortunately, any fix we provide to an unpatched operating system would be waste of time
We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection.
Click here: http://www.microsoft.com/windowsxp/downloads/updates/sp1/network.mspx
Apply the update, reboot, and post a fresh Hijack This log.


Regards - Touch
 
Do not post your log file in a thread started by someone else.
Start a new topic.

Back to Top
 
New Topic Post reply to : I've got pokapoka Printable version of : I've got pokapoka
 
Forum Information
Currently it is Tuesday, October 07, 2008 11:10 AM (GMT +2)
There are a total of 62.550 posts in 15.599 threads.
In the last 3 days there were 15 new threads and 52 reply posts. View Active Threads
Who's Online
This forum has 26663 registered members. Please welcome our newest member, Trickydicky61.
34 Guest(s), 1 Registered Member(s) are currently online.  Details
cmdemp
5 Latest Threads
Win32:trogan (0)07-10-2008 08:03:02 (Trickydicky61)
Pop Up when the System Starts - Suspecting Win32: Trojan-gen{Other} (5)07-10-2008 05:21:03 (Touch)
DCOM Server Process Launcher error (1)07-10-2008 05:18:01 (Touch)
Qhonsvc error probably caused by quick heal (1)07-10-2008 05:13:48 (Touch)
Qhonsvc error probably caused by quick heal (1)07-10-2008 05:13:00 (Touch)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard