 |  |  |  |  |  |  |  |
Please Help Me! Please! [HJT Log included]
 |
HiJack log posted at the end! 
I am having so many problems with my computer! All help is deeply appreciated.
The problems are as followed:
1. I am having problems changing my background.
2. Everytime my computer starts, I see a blue screen that says "Disk needs to check files"
but it never completes checking them.
3. I keep getting sound when there are no open windows.
4. My computer runs awfully slow.
Logfile of HijackThis v1.99.1
Scan saved at 5:52:38 PM, on 10/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ewido Anti-Spyware 4.0\guard.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\monnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lexpps.exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - Default URLSearchHook is missing
F3 - REG:win.ini: run=C:\WINDOWS\inet20026\winlogon.exe
O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SysTray] C:\Program Files\mhke.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels8.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [spoolsvv] C:\WINDOWS\System32\spoolsvv.exe
O4 - HKLM\..\Run: [scman] C:\WINDOWS\System32\scman.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [mxhn] C:\WINDOWS\System32\mxhn.exe
O4 - HKLM\..\Run: [mswiz] C:\WINDOWS\System32\mswiz.exe
O4 - HKLM\..\Run: [msgwi] C:\WINDOWS\System32\msgwi.exe
O4 - HKLM\..\Run: [monnt] C:\WINDOWS\System32\monnt.exe
O4 - HKLM\..\Run: [Microsoft standard protector] C:\WINDOWS\inet20026\socks.exe
O4 - HKLM\..\Run: [manmc] C:\WINDOWS\System32\manmc.exe
O4 - HKLM\..\Run: [jssvc23] jsssvc.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [idnt] C:\WINDOWS\System32\idnt.exe
O4 - HKLM\..\Run: [hnmx] C:\WINDOWS\System32\hnmx.exe
O4 - HKLM\..\Run: [hldflbwA] C:\WINDOWS\hldflbwA.exe
O4 - HKLM\..\Run: [dzc6f9ae] RUNDLL32.EXE w81c9161.dll,n 0056f9a90000000381c9161
O4 - HKLM\..\Run: [dput] C:\WINDOWS\System32\dput.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [apiin] C:\WINDOWS\System32\apiin.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [62ad0bc.exe] C:\WINDOWS\System32\62ad0bc.exe
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [PopUpWasher] C:\PROGRA~1\Webroot\POP-UP~1\PopUpWasher.exe
O4 - HKCU\..\Run: [shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00004.exe"
O4 - HKCU\..\Run: [services32] C:\Program Files\Common Files\Windows\mc-110-12-0000140.exe
O4 - HKCU\..\Run: [PopUpWasher] C:\PROGRA~1\Webroot\POP-UP~1\PopUpWasher.exe
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [mrfz] C:\PROGRA~1\COMMON~1\mrfz\mrfzm.exe
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\mc-110-12-0000140.exe
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\owinnrag.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.0.6.4.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/reso...lscbase969.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...66/mcfscan.cab
O20 - AppInit_DLLs: mlan446EC7DB.dll MDT2446EC7DB.dll
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\n64slgh7164.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\Ewido Anti-Spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
I am having so many problems with my computer! All help is deeply appreciated.
The problems are as followed:
1. I am having problems changing my background.
2. Everytime my computer starts, I see a blue screen that says "Disk needs to check files"
but it never completes checking them.
3. I keep getting sound when there are no open windows.
4. My computer runs awfully slow.
Logfile of HijackThis v1.99.1
Scan saved at 5:52:38 PM, on 10/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ewido Anti-Spyware 4.0\guard.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\monnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lexpps.exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - Default URLSearchHook is missing
F3 - REG:win.ini: run=C:\WINDOWS\inet20026\winlogon.exe
O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SysTray] C:\Program Files\mhke.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels8.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [spoolsvv] C:\WINDOWS\System32\spoolsvv.exe
O4 - HKLM\..\Run: [scman] C:\WINDOWS\System32\scman.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [mxhn] C:\WINDOWS\System32\mxhn.exe
O4 - HKLM\..\Run: [mswiz] C:\WINDOWS\System32\mswiz.exe
O4 - HKLM\..\Run: [msgwi] C:\WINDOWS\System32\msgwi.exe
O4 - HKLM\..\Run: [monnt] C:\WINDOWS\System32\monnt.exe
O4 - HKLM\..\Run: [Microsoft standard protector] C:\WINDOWS\inet20026\socks.exe
O4 - HKLM\..\Run: [manmc] C:\WINDOWS\System32\manmc.exe
O4 - HKLM\..\Run: [jssvc23] jsssvc.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [idnt] C:\WINDOWS\System32\idnt.exe
O4 - HKLM\..\Run: [hnmx] C:\WINDOWS\System32\hnmx.exe
O4 - HKLM\..\Run: [hldflbwA] C:\WINDOWS\hldflbwA.exe
O4 - HKLM\..\Run: [dzc6f9ae] RUNDLL32.EXE w81c9161.dll,n 0056f9a90000000381c9161
O4 - HKLM\..\Run: [dput] C:\WINDOWS\System32\dput.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [apiin] C:\WINDOWS\System32\apiin.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [62ad0bc.exe] C:\WINDOWS\System32\62ad0bc.exe
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [PopUpWasher] C:\PROGRA~1\Webroot\POP-UP~1\PopUpWasher.exe
O4 - HKCU\..\Run: [shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00004.exe"
O4 - HKCU\..\Run: [services32] C:\Program Files\Common Files\Windows\mc-110-12-0000140.exe
O4 - HKCU\..\Run: [PopUpWasher] C:\PROGRA~1\Webroot\POP-UP~1\PopUpWasher.exe
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [mrfz] C:\PROGRA~1\COMMON~1\mrfz\mrfzm.exe
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\mc-110-12-0000140.exe
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\owinnrag.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.0.6.4.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/reso...lscbase969.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...66/mcfscan.cab
O20 - AppInit_DLLs: mlan446EC7DB.dll MDT2446EC7DB.dll
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\n64slgh7164.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\Ewido Anti-Spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
•
•
Join Date: May 2005
Posts: 3,204
Reputation: 
Solved Threads: 188
For a start, you have look-to-me adware.... so go here http://www.f-secure.com/tools/f-look2me.zip and dl f-look2me and as an administrator, unzip it and run the .exe. Reboot.
I would like you to download CCleaner from http://www.ccleaner.com/ and put it in a new folder. You should aim to keep this one for general use. I set it from the install checkboxes to only open from the recycle bin. It's just a neater thing.
Now go to grisoft.com to update from Ewido 4 to AVG antispyware 7.5. Uninstall Ewido then install AVG A-S 7.5. Update it.
Get Adaware SE Personal from http://www.lavasoft.de/software/adaware/
- install it. Update it.
When it finishes updating files go get this free beta [blbeta.exe] from http://www.f-secure.com/blacklight/ and install it also.
Finally go here to get Spybot S&D :- http://www.safer-networking.org/en/download/ Update it.
You have a couple of other trojans in there also, so memorise these instructions... or copy em to notepad. Or just use Opera...
Ok, you're done with the net. Shut it down. Disconnect...
Rclick your recycle bin and run CCleaner. [or go to its folder and dclick ccleaner.exe] You will lose a lot of handy stuff like histories etc... but there is a job to do...
Now go into safe mode [Restart, F8 and select Safe Mode and Enter.... You'll get a dark desktop with icons etc...]
Note: Close all open windows, and DO NOT USE the computer while these scans are running. If Explorer or other programs are open during the scan that means certain files will also be in use. Some malware will insert itself and hide in areas that are "protected" by Windows when the files are being used. This can hamper a scanner's ability to clean properly and may result in reinfection.
- Run the blbeta.exe.
- Run AVG A-S as you used to run ewido. Start AVG Antispyware, do the complete system scan. Click "Apply all actions" to place any infected files into Quarantine, and only then click on "Save Report" to view all completed scans; click on the scan you just performed and select "Save report."
- Do a full Adaware scan and remove all the problems it finds.
- Run SpyBot S D. Create the registry backup, then check for problems. Select and fix problems.
Reboot into normal windows mode... if everything appears to be working you must now remove all old system restore points... do this by turning sys res off then on again for all drives. The path to this is via Start > all programs > accessories > system tools> system restore - use the link "system restore settings", and check turn off sys res for all drives, Apply... AND THEN UNCHECK THE BOX, AND APPLY. The reason for doing this is that some trojans write themselves into the System Restore files, and in there they are totally safe from anything.
Run HT again and post the log, and retell any problems you may still be having.
I would like you to download CCleaner from http://www.ccleaner.com/ and put it in a new folder. You should aim to keep this one for general use. I set it from the install checkboxes to only open from the recycle bin. It's just a neater thing.
Now go to grisoft.com to update from Ewido 4 to AVG antispyware 7.5. Uninstall Ewido then install AVG A-S 7.5. Update it.
Get Adaware SE Personal from http://www.lavasoft.de/software/adaware/
- install it. Update it.
When it finishes updating files go get this free beta [blbeta.exe] from http://www.f-secure.com/blacklight/ and install it also.
Finally go here to get Spybot S&D :- http://www.safer-networking.org/en/download/ Update it.
You have a couple of other trojans in there also, so memorise these instructions... or copy em to notepad. Or just use Opera...
Ok, you're done with the net. Shut it down. Disconnect...
Rclick your recycle bin and run CCleaner. [or go to its folder and dclick ccleaner.exe] You will lose a lot of handy stuff like histories etc... but there is a job to do...
Now go into safe mode [Restart, F8 and select Safe Mode and Enter.... You'll get a dark desktop with icons etc...]
Note: Close all open windows, and DO NOT USE the computer while these scans are running. If Explorer or other programs are open during the scan that means certain files will also be in use. Some malware will insert itself and hide in areas that are "protected" by Windows when the files are being used. This can hamper a scanner's ability to clean properly and may result in reinfection.
- Run the blbeta.exe.
- Run AVG A-S as you used to run ewido. Start AVG Antispyware, do the complete system scan. Click "Apply all actions" to place any infected files into Quarantine, and only then click on "Save Report" to view all completed scans; click on the scan you just performed and select "Save report."
- Do a full Adaware scan and remove all the problems it finds.
- Run SpyBot S D. Create the registry backup, then check for problems. Select and fix problems.
Reboot into normal windows mode... if everything appears to be working you must now remove all old system restore points... do this by turning sys res off then on again for all drives. The path to this is via Start > all programs > accessories > system tools> system restore - use the link "system restore settings", and check turn off sys res for all drives, Apply... AND THEN UNCHECK THE BOX, AND APPLY. The reason for doing this is that some trojans write themselves into the System Restore files, and in there they are totally safe from anything.
Run HT again and post the log, and retell any problems you may still be having.
Last edited by gerbil; Nov 5th, 2006 at 9:21 am.
Thank you so much. I've downloaded, installed and updated all the programs except for the F-Secure Blacklight. It says either my PC settings or Malicious adware is stopping it from working.
•
•
Join Date: May 2005
Posts: 3,204
Reputation:
Solved Threads: 188
Then rerun Adaware in safe mode, and once back in normal windows mode try this scan online:- http://www.pandasoftware.com/products/activescan? Give them some details, and follow the scan buttons.
Run HT again and post the log, plus the Panda log.
Run HT again and post the log, plus the Panda log.
|
Similar Threads
- hjt log included. (Viruses, Spyware and other Nasties)
- Please help HJT log included (Viruses, Spyware and other Nasties)
- Fear of some malware or other nasties. HJT log included. (Viruses, Spyware and other Nasties)
- Checking Computer (HJT log included) (Viruses, Spyware and other Nasties)
- Persistent spyware problems, HJT log included. (Viruses, Spyware and other Nasties)
- Persistent spyware problems, HJT log included. (Viruses, Spyware and other Nasties)
- about:blank problem...HJT log included (Viruses, Spyware and other Nasties)
- backdoor.prorat please help, HJT log is included? (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: system critical errors
- Next Thread: "Server busy" Dialog box /help me
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet censorship china commercials conficker connect control crosssitescripting cyber cyberwarfare ddos domains e-mafia education email europe facebook fake fancheckvirus gaming gtaiv gumblar halloween hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police president privacy pro problem redirect redirecting reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses war warning windows worm yahoo zeroday
