Ad:

Viruses, Spyware and other Nasties Discussion Thread
Unsolved
Views: 3523

Page 1
2
Next

You are currently viewing page 1 of this multi-page discussion thread

Mar 13th, 2005

Major Issues

Expand Post »

Im a friend of OurNation, and my Computor has major issues.

This is closest thing I have because my internet is buggy. Im lucky to be on now, meh.

Logfile of HijackThis v1.99.0
Scan saved at 8:34:48 PM, on 3/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINNT\system32\dllcache\runbatch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\lxamsp32.exe
C:\WINDOWS\System32\tvgjg\dcmrixf.exe
C:\WINDOWS\kdx\KHost.exe
C:\WINDOWS\System32\jwjtu\ufeyaqxm.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\ICO.EXE
C:\WINDOWS\System32\Pelmiced.exe
C:\WINDOWS\System32\secure.exe
C:\Program Files\Bpt\bpt.exe
C:\WINDOWS\System32\wsxsvc\wsxsvc.exe
C:\WINDOWS\System32\iqtvcdty\akuyvw.exe
C:\WINDOWS\System32\vmss\vmss.exe
C:\WINDOWS\System32\hfsm\obhik.exe
C:\WINDOWS\System32\scandsk2.exe
C:\windows\system32\msiexec16.exe
C:\WINDOWS\System32\qgjqqrdf.exe
C:\WINDOWS\System32\ubyejbd\cwuvhyko.exe
C:\windows\system32\zbnrmr.exe
C:\windows\system32\calc.exe
C:\WINDOWS\System32\wrkrqk.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\Program Files\bpc_search\BPCv2.exe
C:\WINDOWS\System32\gwhekhvp.exe
C:\WINDOWS\smfugcodd.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\ezula\mmod.exe
C:\PROGRA~1\Web Offer\wo.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\LexmarkX63\AcBtnMgr_X63.exe
C:\Documents and Settings\Owner\Application Data\obat.exe
C:\WINDOWS\System32\atmtcuiu.exe
C:\WINDOWS\isrvs\desktop.exe
C:\Program Files\LexmarkX63\ACMonitor_X63.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Web_Rebates\WebRebates1.exe
C:\WINDOWS\System32\dskquota.exe
C:\WINDOWS\System32\ddrawex.exe
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1 for hijackthis[2].zip\HijackThis.exe
C:\WINDOWS\System32\getuname.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = www.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gamefaqs.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.albinoblacksheep.com/flash/maiyahi.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
F0 - system.ini: Shell=Explorer.exe C:\windows\system32\msiexec16.exe
F1 - win.ini: run=C:\windows\system32\msiexec16.exe
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O1 - Hosts: 69.20.16.183 ieautosearch
O1 - Hosts: 69.20.16.183 ieautosearch
O2 - BHO: (no name) - {3BAE1E4A-7E7A-B8C2-9A9E-DFAD60427CFC} - C:\WINDOWS\System32\iloufwhb.dll
O2 - BHO: IE Update Class - {5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993} - C:\WINDOWS\isrvs\sysupd.dll
O2 - BHO: (no name) - {A4647FDC-4135-623C-E8DF-BDFE7FE237FF} - C:\WINDOWS\System32\pviteecr.dll (file missing)
O2 - BHO: (no name) - {ABF756EC-668A-52F4-2601-2E8E942A52B6} - C:\WINDOWS\System32\ayogiqoc.dll
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [lxamsp32.exe] lxamsp32.exe
O4 - HKLM\..\Run: [nvxkfx] C:\WINDOWS\System32\gpptftx\nvxkfx.exe
O4 - HKLM\..\Run: [kbfaq] C:\WINDOWS\System32\vdtymlxw\kbfaq.exe
O4 - HKLM\..\Run: [stefhgy] C:\WINDOWS\System32\kwkln\stefhgy.exe
O4 - HKLM\..\Run: [tqxurhqw] C:\WINDOWS\System32\mbadj\tqxurhqw.exe
O4 - HKLM\..\Run: [xegwn] C:\WINDOWS\System32\gpthvoov\xegwn.exe
O4 - HKLM\..\Run: [scfh] C:\WINDOWS\System32\lnnj\scfh.exe
O4 - HKLM\..\Run: [fxrer] C:\WINDOWS\System32\edylhk\fxrer.exe
O4 - HKLM\..\Run: [shxhar] C:\WINDOWS\System32\ajtbbv\shxhar.exe
O4 - HKLM\..\Run: [hujskckk] C:\WINDOWS\System32\nshsj\hujskckk.exe
O4 - HKLM\..\Run: [rwwpxf] C:\WINDOWS\System32\lvdgtwas\rwwpxf.exe
O4 - HKLM\..\Run: [stis] C:\WINDOWS\System32\ojkt\stis.exe
O4 - HKLM\..\Run: [qskinly] C:\WINDOWS\System32\ptqhqgff\qskinly.exe
O4 - HKLM\..\Run: [namyw] C:\WINDOWS\System32\kvwfiur\namyw.exe
O4 - HKLM\..\Run: [nrqr] C:\WINDOWS\System32\oqtkt\nrqr.exe
O4 - HKLM\..\Run: [dnxshlog] C:\WINDOWS\System32\lhivo\dnxshlog.exe
O4 - HKLM\..\Run: [whcdjkw] C:\WINDOWS\System32\xiibwdo\whcdjkw.exe
O4 - HKLM\..\Run: [uktmakhh] C:\WINDOWS\System32\wcmtvm\uktmakhh.exe
O4 - HKLM\..\Run: [lvqo] C:\WINDOWS\System32\dwkxxpuu\lvqo.exe
O4 - HKLM\..\Run: [begds] C:\WINDOWS\System32\jhaqvle\begds.exe
O4 - HKLM\..\Run: [pgbb] C:\WINDOWS\System32\taoyr\pgbb.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [uwtmcvl] C:\WINDOWS\System32\sypnrs\uwtmcvl.exe
O4 - HKLM\..\Run: [dmpy] C:\WINDOWS\System32\vwyx\dmpy.exe
O4 - HKLM\..\Run: [nthj] C:\WINDOWS\System32\nxnw\nthj.exe
O4 - HKLM\..\Run: [stcflmgi] C:\WINDOWS\System32\riye\stcflmgi.exe
O4 - HKLM\..\Run: [rhbtotuf] C:\WINDOWS\System32\vyfj\rhbtotuf.exe
O4 - HKLM\..\Run: [vyafme] C:\WINDOWS\System32\kwxgpbls\vyafme.exe
O4 - HKLM\..\Run: [hwcmup] C:\WINDOWS\System32\yvqpije\hwcmup.exe
O4 - HKLM\..\Run: [kxupyk] C:\WINDOWS\System32\mest\kxupyk.exe
O4 - HKLM\..\Run: [jvrrlhtm] C:\WINDOWS\System32\kirxhir\jvrrlhtm.exe
O4 - HKLM\..\Run: [yrkosm] C:\WINDOWS\System32\jldfm\yrkosm.exe
O4 - HKLM\..\Run: [esenyt] C:\WINDOWS\System32\ggwr\esenyt.exe
O4 - HKLM\..\Run: [isiaxmbc] C:\WINDOWS\System32\emjd\isiaxmbc.exe
O4 - HKLM\..\Run: [khhcbml] C:\WINDOWS\System32\oxxngpfj\khhcbml.exe
O4 - HKLM\..\Run: [hdguucen] C:\WINDOWS\System32\tpueiry\hdguucen.exe
O4 - HKLM\..\Run: [waioddvb] C:\WINDOWS\System32\plcelbwn\waioddvb.exe
O4 - HKLM\..\Run: [leavnc] C:\WINDOWS\System32\vlmvmsf\leavnc.exe
O4 - HKLM\..\Run: [alaqsghu] C:\WINDOWS\System32\lbsh\alaqsghu.exe
O4 - HKLM\..\Run: [mlvuqm] C:\WINDOWS\System32\cwiobad\mlvuqm.exe
O4 - HKLM\..\Run: [vdfsr] C:\WINDOWS\System32\uxms\vdfsr.exe
O4 - HKLM\..\Run: [afveb] C:\WINDOWS\System32\cqgjn\afveb.exe
O4 - HKLM\..\Run: [luvxsaf] C:\WINDOWS\System32\sijqwca\luvxsaf.exe
O4 - HKLM\..\Run: [knpute] C:\WINDOWS\System32\sycs\knpute.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [jMq49ON] C:\WINDOWS\npqtl.exe
O4 - HKLM\..\Run: [kalasns] C:\WINDOWS\System32\gska\kalasns.exe
O4 - HKLM\..\Run: [btmgmitt] C:\WINDOWS\System32\adodjft\btmgmitt.exe
O4 - HKLM\..\Run: [jtnwi] C:\WINDOWS\System32\ifbyu\jtnwi.exe
O4 - HKLM\..\Run: [vdno] C:\WINDOWS\System32\tlbj\vdno.exe
O4 - HKLM\..\Run: [tykct] C:\WINDOWS\System32\gnqouxe\tykct.exe
O4 - HKLM\..\Run: [auqiob] C:\WINDOWS\System32\niyic\auqiob.exe
O4 - HKLM\..\Run: [oqtansjm] C:\WINDOWS\System32\hrkadrk\oqtansjm.exe
O4 - HKLM\..\Run: [kddshwcc] C:\WINDOWS\System32\xorjuem\kddshwcc.exe
O4 - HKLM\..\Run: [wjbeq] C:\WINDOWS\System32\bpwmmm\wjbeq.exe
O4 - HKLM\..\Run: [oqdntyb] C:\WINDOWS\System32\rtkh\oqdntyb.exe
O4 - HKLM\..\Run: [fkfy] C:\WINDOWS\System32\raas\fkfy.exe
O4 - HKLM\..\Run: [wijqf] C:\WINDOWS\System32\wxtod\wijqf.exe
O4 - HKLM\..\Run: [fdsnoc] C:\WINDOWS\System32\ctqxug\fdsnoc.exe
O4 - HKLM\..\Run: [kusc] C:\WINDOWS\System32\woxvf\kusc.exe
O4 - HKLM\..\Run: [jelili] C:\WINDOWS\System32\sqet\jelili.exe
O4 - HKLM\..\Run: [stcnb] C:\WINDOWS\System32\ekfwmjgq\stcnb.exe
O4 - HKLM\..\Run: [kaemi] C:\WINDOWS\System32\wuiupbvp\kaemi.exe
O4 - HKLM\..\Run: [ubcydefk] C:\WINDOWS\System32\tdywxcbs\ubcydefk
O4 - HKLM\..\Run: [ngedqv] C:\WINDOWS\System32\luilij\ngedqv.exe
O4 - HKLM\..\Run: [gkpt] C:\WINDOWS\System32\wbbfcbqs\gkpt.exe
O4 - HKLM\..\Run: [ktdgtvf] C:\WINDOWS\System32\esopop\ktdgtvf.exe
O4 - HKLM\..\Run: [wxeeusm] C:\WINDOWS\System32\nujkgeh\wxeeusm.exe
O4 - HKLM\..\Run: [naak] C:\WINDOWS\System32\uxebjyr\naak.exe
O4 - HKLM\..\Run: [ongh] C:\WINDOWS\System32\cwwgn\ongh.exe
O4 - HKLM\..\Run: [lgwyhw] C:\WINDOWS\System32\ynqg\lgwyhw.exe
O4 - HKLM\..\Run: [wdfwkvr] C:\WINDOWS\System32\fyawhcqp\wdfwkvr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [xbopskjq] C:\WINDOWS\System32\rmlvp\xbopskjq.exe
O4 - HKLM\..\Run: [tegymn] C:\WINDOWS\System32\cgksd\tegymn.exe
O4 - HKLM\..\Run: [lwtunna] C:\WINDOWS\System32\tcak\lwtunna.exe
O4 - HKLM\..\Run: [jtfsi] C:\WINDOWS\System32\ciac\jtfsi.exe
O4 - HKLM\..\Run: [tcer] C:\WINDOWS\System32\sciv\tcer.exe
O4 - HKLM\..\Run: [oimlmbow] C:\WINDOWS\System32\tyui\oimlmbow.exe
O4 - HKLM\..\Run: [rxujv] C:\WINDOWS\System32\avnqpg\rxujv.exe
O4 - HKLM\..\Run: [svanmee] C:\WINDOWS\System32\pgqw\svanmee.exe
O4 - HKLM\..\Run: [atxfcus] C:\WINDOWS\System32\wmtnodan\atxfcus.exe
O4 - HKLM\..\Run: [vgebgf] C:\WINDOWS\System32\igurewj\vgebgf.exe
O4 - HKLM\..\Run: [xfkrd] C:\WINDOWS\System32\nftllbjr\xfkrd.exe
O4 - HKLM\..\Run: [wvtlaxd] C:\WINDOWS\System32\yfxptgj\wvtlaxd.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcnk] C:\WINDOWS\System32\tyhjdwt\gcnk.exe
O4 - HKLM\..\Run: [uivtj] C:\WINDOWS\System32\kjrql\uivtj.exe
O4 - HKLM\..\Run: [ttxt] C:\WINDOWS\System32\ijyhvvx\ttxt.exe
O4 - HKLM\..\Run: [vkmind] C:\WINDOWS\System32\vshhcl\vkmind.exe
O4 - HKLM\..\Run: [ugph] C:\WINDOWS\System32\ffiuhixi\ugph.exe
O4 - HKLM\..\Run: [oxewpt] C:\WINDOWS\System32\dnhb\oxewpt.exe
O4 - HKLM\..\Run: [qmffmjiq] C:\WINDOWS\System32\wkvehdy\qmffmjiq.exe
O4 - HKLM\..\Run: [otksl] C:\WINDOWS\System32\todmdc\otksl.exe
O4 - HKLM\..\Run: [lwkkkkbt] C:\WINDOWS\System32\eeagupsf\lwkkkkbt.exe
O4 - HKLM\..\Run: [cduxwu] C:\WINDOWS\System32\lxmuqax\cduxwu.exe
O4 - HKLM\..\Run: [ppnrj] C:\WINDOWS\System32\tlqldlp\ppnrj.exe
O4 - HKLM\..\Run: [rdcj] C:\WINDOWS\System32\wnjos\rdcj.exe
O4 - HKLM\..\Run: [iyetbll] C:\WINDOWS\System32\gronhfvi\iyetbll.exe
O4 - HKLM\..\Run: [sAEHB3V8] C:\documents and settings\owner\local settings\temp\sAEHB3V8.exe
O4 - HKLM\..\Run: [vfcy] C:\WINDOWS\System32\kurj\vfcy.exe
O4 - HKLM\..\Run: [fbwicovf] C:\WINDOWS\System32\hnsyww\fbwicovf.exe
O4 - HKLM\..\Run: [pwmygklj] C:\WINDOWS\System32\ofdonh\pwmygklj.exe
O4 - HKLM\..\Run: [sogu] C:\WINDOWS\System32\vtee\sogu.exe
O4 - HKLM\..\Run: [uewefxc] C:\WINDOWS\System32\cncnei\uewefxc.exe
O4 - HKLM\..\Run: [kcjwygty] C:\WINDOWS\System32\jmkiagjc\kcjwygty.exe
O4 - HKLM\..\Run: [fdyhod] C:\WINDOWS\System32\dkvam\fdyhod.exe
O4 - HKLM\..\Run: [oygbadvv] C:\WINDOWS\System32\rxmumbrd\oygbadvv.exe
O4 - HKLM\..\Run: [oL] C:\documents and settings\owner\local settings\temp\oL.exe
O4 - HKLM\..\Run: [yEh] C:\documents and settings\owner\local settings\temp\yEh.exe
O4 - HKLM\..\Run: [xVH] C:\documents and settings\owner\local settings\temp\xVH.exe
O4 - HKLM\..\Run: [lweys] C:\WINDOWS\System32\xkfb\lweys.exe
O4 - HKLM\..\Run: [pckuuovm] C:\WINDOWS\System32\gkbwmakp\pckuuovm.exe
O4 - HKLM\..\Run: [gvsvyx] C:\WINDOWS\System32\hqtoc\gvsvyx.exe
O4 - HKLM\..\Run: [rhyyhj] C:\WINDOWS\System32\pyxpe\rhyyhj.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [txyao] C:\WINDOWS\System32\hixxxad\txyao.exe
O4 - HKLM\..\Run: [fvrqnw] C:\WINDOWS\System32\slona\fvrqnw.exe
O4 - HKLM\..\Run: [chleoi] C:\WINDOWS\System32\cvxex\chleoi.exe
O4 - HKLM\..\Run: [kgrq] C:\WINDOWS\System32\yjdushht\kgrq.exe
O4 - HKLM\..\Run: [thnxynep] C:\WINDOWS\System32\qluaa\thnxynep.exe
O4 - HKLM\..\Run: [hbuxsqw] C:\WINDOWS\System32\ywkfrhc\hbuxsqw.exe
O4 - HKLM\..\Run: [dwilapwn] C:\WINDOWS\System32\strnhq\dwilapwn.exe
O4 - HKLM\..\Run: [urccd] C:\WINDOWS\System32\oaiaupx\urccd.exe
O4 - HKLM\..\Run: [ikloaljn] C:\WINDOWS\System32\cpap\ikloaljn.exe
O4 - HKLM\..\Run: [clni] C:\WINDOWS\System32\upfjfmxv\clni.exe
O4 - HKLM\..\Run: [xdgasry] C:\WINDOWS\System32\anye\xdgasry.exe
O4 - HKLM\..\Run: [hwts] C:\WINDOWS\System32\hbso\hwts.exe
O4 - HKLM\..\Run: [xjcra] C:\WINDOWS\System32\cdikbkh\xjcra.exe
O4 - HKLM\..\Run: [rqjdbe] C:\WINDOWS\System32\cbjd\rqjdbe.exe
O4 - HKLM\..\Run: [qpspfxgi] C:\WINDOWS\System32\kpujrmoy\qpspfxgi.exe
O4 - HKLM\..\Run: [orai] C:\WINDOWS\System32\mqcwn\orai.exe
O4 - HKLM\..\Run: [yritmidi] C:\WINDOWS\System32\hmfg\yritmidi.exe
O4 - HKLM\..\Run: [vqyphi] C:\WINDOWS\System32\niig\vqyphi.exe
O4 - HKLM\..\Run: [qkxv] C:\WINDOWS\System32\huifck\qkxv.exe
O4 - HKLM\..\Run: [version] C:\WINDOWS\System32\dealhelper.exe
O4 - HKLM\..\Run: [secure] C:\WINDOWS\System32\secure.exe
O4 - HKLM\..\Run: [DI2] C:\DOCUME~1\Owner\LOCALS~1\Temp\27.exe\27.exe
O4 - HKLM\..\Run: [BPT] "C:\Program Files\Bpt\bpt.exe"
O4 - HKLM\..\Run: [xipmml] C:\WINDOWS\System32\mulhpfr\xipmml.exe
O4 - HKLM\..\Run: [eyqpavf] C:\WINDOWS\System32\aspqwmx\eyqpavf.exe
O4 - HKLM\..\Run: [yugmenq] C:\WINDOWS\System32\kjntmv\yugmenq.exe
O4 - HKLM\..\Run: [mhahu] C:\WINDOWS\System32\vpahy\mhahu.exe
O4 - HKLM\..\Run: [mdaiqxrd] C:\WINDOWS\System32\hwvp\mdaiqxrd.exe
O4 - HKLM\..\Run: [pyarwmw] C:\WINDOWS\System32\klddyf\pyarwmw.exe
O4 - HKLM\..\Run: [cjpqjp] C:\WINDOWS\System32\aocaelqq\cjpqjp.exe
O4 - HKLM\..\Run: [lkgsbj] C:\WINDOWS\System32\kvogjn\lkgsbj.exe
O4 - HKLM\..\Run: [Dvx] C:\WINDOWS\System32\wsxsvc\wsxsvc.exe
O4 - HKLM\..\Run: [vmss] C:\WINDOWS\System32\vmss\vmss.exe
O4 - HKLM\..\Run: [pxlw] C:\WINDOWS\System32\wxodw\pxlw.exe
O4 - HKLM\..\Run: [ihywljob] C:\WINDOWS\System32\wbhsc\ihywljob.exe
O4 - HKLM\..\Run: [epbkscd] C:\WINDOWS\System32\rqyb\epbkscd.exe
O4 - HKLM\..\Run: [qbkgbbw] C:\WINDOWS\System32\yxgqfst\qbkgbbw.exe
O4 - HKLM\..\Run: [nanpxf] C:\WINDOWS\System32\csqo\nanpxf.exe
O4 - HKLM\..\Run: [exgs] C:\WINDOWS\System32\bwagb\exgs.exe
O4 - HKLM\..\Run: [lstbp] C:\WINDOWS\System32\ycdljr\lstbp.exe
O4 - HKLM\..\Run: [ovrywsgh] C:\WINDOWS\System32\miytfcwu\ovrywsgh.exe
O4 - HKLM\..\Run: [Scandsk2] scandsk2.exe
O4 - HKLM\..\Run: [mrgfq] C:\WINDOWS\System32\rqupks\mrgfq.exe
O4 - HKLM\..\Run: [Hidden32.exe] c:\winnt\system32\dllcache\Hidden32.exe c:\winnt\system32\dllcache\runbatch.exe
O4 - HKLM\..\Run: [wwqs] C:\WINDOWS\System32\pydvu\wwqs.exe
O4 - HKLM\..\Run: [ihhejh] C:\WINDOWS\System32\dcacs\ihhejh.exe
O4 - HKLM\..\Run: [itvgpuop] C:\WINDOWS\System32\xyskulp\itvgpuop.exe
O4 - HKLM\..\Run: [hnbchfnp] C:\WINDOWS\System32\qbnys\hnbchfnp.exe
O4 - HKLM\..\Run: [wpbxf] C:\WINDOWS\System32\mjyq\wpbxf.exe
O4 - HKLM\..\Run: [ssqb.exe] ssqb.exe
O4 - HKLM\..\Run: [ibhqam] C:\WINDOWS\System32\qqqi\ibhqam.exe
O4 - HKLM\..\Run: [cencpaac] C:\WINDOWS\System32\ynwfbd\cencpaac.exe
O4 - HKLM\..\Run: [qfpxnjkv] C:\WINDOWS\System32\rtle\qfpxnjkv.exe
O4 - HKLM\..\Run: [ewjox] C:\WINDOWS\System32\grns\ewjox.exe
O4 - HKLM\..\Run: [ebbywgnm] C:\WINDOWS\System32\hxpe\ebbywgnm.exe
O4 - HKLM\..\Run: [ayrilriv] C:\WINDOWS\System32\sbcp\ayrilriv.exe
O4 - HKLM\..\Run: [uxsv] C:\WINNT\uxsv.exe
O4 - HKLM\..\Run: [itfdean] C:\WINDOWS\System32\qiss\itfdean.exe
O4 - HKLM\..\Run: [wqjkcq] C:\WINDOWS\System32\sorwmei\wqjkcq.exe
O4 - HKLM\..\Run: [wipnigv] C:\WINDOWS\System32\jfapersc\wipnigv.exe
O4 - HKLM\..\Run: [tkxwc] C:\WINDOWS\System32\pmbshpa\tkxwc.exe
O4 - HKLM\..\Run: [iqdd] C:\WINDOWS\System32\ydfottes\iqdd.exe
O4 - HKLM\..\Run: [voxmdsqe] C:\WINDOWS\System32\xwovle\voxmdsqe.exe
O4 - HKLM\..\Run: [hddv] C:\WINDOWS\System32\obpy\hddv.exe
O4 - HKLM\..\Run: [ifqkjfpc] C:\WINDOWS\System32\ohuscks\ifqkjfpc.exe
O4 - HKLM\..\Run: [beumbk] C:\WINDOWS\System32\fxadr\beumbk.exe
O4 - HKLM\..\Run: [qoobpvuj] C:\WINDOWS\System32\qjfjx\qoobpvuj.exe
O4 - HKLM\..\Run: [pphwyq] C:\WINDOWS\System32\yitblqru\pphwyq.exe
O4 - HKLM\..\Run: [qecf] C:\WINDOWS\System32\yutee\qecf.exe
O4 - HKLM\..\Run: [evjfxe] C:\WINDOWS\System32\hxygu\evjfxe.exe
O4 - HKLM\..\Run: [asxdbial] C:\WINDOWS\System32\jiakprt\asxdbial.exe
O4 - HKLM\..\Run: [mloocea] C:\WINDOWS\System32\bkbgkf\mloocea.exe
O4 - HKLM\..\Run: [GLSetIT32] C:\windows\system32\msiexec16.exe
O4 - HKLM\..\Run: [wuikkoj] C:\WINDOWS\System32\biyl\wuikkoj.exe
O4 - HKLM\..\Run: [fkamnj] C:\WINDOWS\System32\qvpgivh\fkamnj.exe
O4 - HKLM\..\Run: [tfybybi] C:\WINDOWS\System32\lempgt\tfybybi.exe
O4 - HKLM\..\Run: [bmxfttgx] C:\WINDOWS\System32\astxmw\bmxfttgx.exe
O4 - HKLM\..\Run: [ioxeo] C:\WINDOWS\System32\ilifty\ioxeo.exe
O4 - HKLM\..\Run: [rfegdqu] C:\WINDOWS\System32\quurq\rfegdqu.exe
O4 - HKLM\..\Run: [vcrsnc] C:\WINDOWS\System32\yyxhwmuc\vcrsnc.exe
O4 - HKLM\..\Run: [qgjqqrdf] C:\WINDOWS\System32\qgjqqrdf.exe
O4 - HKLM\..\Run: [ivfmfa] C:\WINDOWS\System32\vaiuj\ivfmfa.exe
O4 - HKLM\..\Run: [byhn] C:\WINDOWS\System32\djmtacgq\byhn.exe
O4 - HKLM\..\Run: [dgrlhdmy] C:\WINDOWS\System32\cyay\dgrlhdmy.exe
O4 - HKLM\..\Run: [idjjp] C:\WINDOWS\System32\qebl\idjjp.exe
O4 - HKLM\..\Run: [kwmdndfe] C:\WINDOWS\System32\glhkv\kwmdndfe.exe
O4 - HKLM\..\Run: [pyaxgd] C:\WINDOWS\System32\bgnwmbtr\pyaxgd.exe
O4 - HKLM\..\Run: [tbmgtb] C:\WINDOWS\System32\kqqeu\tbmgtb.exe
O4 - HKLM\..\Run: [jfwwopmo] C:\WINDOWS\System32\pptchd\jfwwopmo.exe
O4 - HKLM\..\Run: [tdapso] C:\WINDOWS\System32\nqvpbi\tdapso.exe
O4 - HKLM\..\Run: [woru] C:\WINDOWS\System32\gawj\woru.exe
O4 - HKLM\..\Run: [ketyftna] C:\WINDOWS\System32\qdqllt\ketyftna.exe
O4 - HKLM\..\Run: [raixsc] C:\WINDOWS\System32\udhquua\raixsc.exe
O4 - HKLM\..\Run: [ncivg] C:\WINDOWS\System32\vusmps\ncivg.exe
O4 - HKLM\..\Run: [kaffwh] C:\WINDOWS\System32\jabhpin\kaffwh.exe
O4 - HKLM\..\Run: [dbxlvnmx] C:\WINDOWS\System32\hqtydd\dbxlvnmx.exe
O4 - HKLM\..\Run: [vyrtw] C:\WINDOWS\System32\ykmo\vyrtw.exe
O4 - HKLM\..\Run: [cttff] C:\WINDOWS\System32\cagj\cttff.exe
O4 - HKLM\..\Run: [qpvb] C:\WINDOWS\System32\nspxp\qpvb.exe
O4 - HKLM\..\Run: [nshj] C:\WINDOWS\System32\pmsvab\nshj.exe
O4 - HKLM\..\Run: [ophqui] C:\WINDOWS\System32\aphwqpui\ophqui.exe
O4 - HKLM\..\Run: [zbnrmr] c:\windows\system32\zbnrmr.exe
O4 - HKLM\..\Run: [Breg] "C:\Program Files\Common Files\Java\bptre.exe"
O4 - HKLM\..\Run: [Makarzy] C:\WINDOWS\nyei.exe
O4 - HKLM\..\Run: [lkujef] C:\WINDOWS\System32\wmqw\lkujef.exe
O4 - HKLM\..\Run: [jgpxk] C:\WINDOWS\System32\vaec\jgpxk.exe
O4 - HKLM\..\Run: [mnyj] C:\WINDOWS\System32\sntx\mnyj.exe
O4 - HKLM\..\Run: [uwsbudf] C:\WINDOWS\System32\hdvuk\uwsbudf.exe
O4 - HKLM\..\Run: [wkiul] C:\WINDOWS\System32\aucbyl\wkiul.exe
O4 - HKLM\..\Run: [wbjaycuu] C:\WINDOWS\System32\gfvi\wbjaycuu.exe
O4 - HKLM\..\Run: [hhxxuk] C:\WINDOWS\System32\llrfpbrp\hhxxuk.exe
O4 - HKLM\..\Run: [veepvqqr] C:\WINDOWS\System32\pgvwrma\veepvqqr.exe
O4 - HKLM\..\Run: [ohpnnytl] C:\WINDOWS\System32\tddxpm\ohpnnytl.exe
O4 - HKLM\..\Run: [fofo] C:\WINDOWS\System32\edjvbsx\fofo.exe
O4 - HKLM\..\Run: [cpqfy] C:\WINDOWS\System32\yfnq\cpqfy.exe
O4 - HKLM\..\Run: [lbdfhv] C:\WINDOWS\System32\tfkvwexv\lbdfhv.exe
O4 - HKLM\..\Run: [psophu] C:\WINDOWS\System32\vbqb\psophu.exe
O4 - HKLM\..\Run: [gpfj] C:\WINDOWS\System32\vgqekuhk\gpfj.exe
O4 - HKLM\..\Run: [rvpbwa] C:\WINDOWS\System32\giyn\rvpbwa.exe
O4 - HKLM\..\Run: [xveyacq] C:\WINDOWS\System32\ierc\xveyacq.exe
O4 - HKLM\..\Run: [rivjglub] C:\WINDOWS\System32\hkhnl\rivjglub.exe
O4 - HKLM\..\Run: [ckbfonnl] C:\WINDOWS\System32\wtagwva\ckbfonnl.exe
O4 - HKLM\..\Run: [sigd] C:\WINDOWS\System32\bfcjyfe\sigd.exe
O4 - HKLM\..\Run: [enim] C:\WINDOWS\System32\uniwuokw\enim.exe
O4 - HKLM\..\Run: [uocomvla] C:\WINDOWS\System32\ukjnvoa\uocomvla.exe
O4 - HKLM\..\Run: [iymn] C:\WINDOWS\System32\kghkbj\iymn.exe
O4 - HKLM\..\Run: [pnojhdv] C:\WINDOWS\System32\tyvnd\pnojhdv.exe
O4 - HKLM\..\Run: [wgqw] C:\WINDOWS\System32\jjqe\wgqw.exe
O4 - HKLM\..\Run: [kejsphr] C:\WINDOWS\System32\xohiphm\kejsphr.exe
O4 - HKLM\..\Run: [ciglxi] C:\WINDOWS\System32\pbbcgye\ciglxi.exe
O4 - HKLM\..\Run: [cmodouh] C:\WINDOWS\System32\hdiqv\cmodouh.exe
O4 - HKLM\..\Run: [lfmli] C:\WINDOWS\System32\wrroxnno\lfmli.exe
O4 - HKLM\..\Run: [iiuhala] C:\WINDOWS\System32\uwhjppw\iiuhala.exe
O4 - HKLM\..\Run: [ejara] C:\WINDOWS\System32\mdfdel\ejara.exe
O4 - HKLM\..\Run: [rnig] C:\WINDOWS\System32\fjhisqos\rnig.exe
O4 - HKLM\..\Run: [agvyqws] C:\WINDOWS\System32\sxlcfyy\agvyqws.exe
O4 - HKLM\..\Run: [bncpvj] C:\WINDOWS\System32\peorsebi\bncpvj.exe
O4 - HKLM\..\Run: [dvfehqkx] C:\WINDOWS\System32\teojm\dvfehqkx.exe
O4 - HKLM\..\Run: [vytyvjd] C:\WINDOWS\System32\teejgdlt\vytyvjd.exe
O4 - HKLM\..\Run: [fkift] C:\WINDOWS\System32\fslirgbf\fkift.exe
O4 - HKLM\..\Run: [yxfmvad] C:\WINDOWS\System32\rgqkfgkb\yxfmvad.exe
O4 - HKLM\..\Run: [eldpn] C:\WINDOWS\System32\vtknojty\eldpn.exe
O4 - HKLM\..\Run: [kvjfclta] C:\WINDOWS\System32\ieeetpr\kvjfclta.exe
O4 - HKLM\..\Run: [cxel] C:\WINDOWS\System32\vuipy\cxel.exe
O4 - HKLM\..\Run: [mvkyi] C:\WINDOWS\System32\jdkgnn\mvkyi.exe
O4 - HKLM\..\Run: [jtfifvns] C:\WINDOWS\System32\caau\jtfifvns.exe
O4 - HKLM\..\Run: [xbpodypf] C:\WINDOWS\System32\wmbtbuqi\xbpodypf.exe
O4 - HKLM\..\Run: [eogbd] C:\WINDOWS\System32\rrclxyac\eogbd.exe
O4 - HKLM\..\Run: [ykcir] C:\WINDOWS\System32\iexdnia\ykcir.exe
O4 - HKLM\..\Run: [wqqgq] C:\WINDOWS\System32\aekstrp\wqqgq.exe
O4 - HKLM\..\Run: [xribwfop] C:\WINDOWS\System32\xerq\xribwfop.exe
O4 - HKLM\..\Run: [qrpgmds] C:\WINDOWS\System32\bhant\qrpgmds.exe
O4 - HKLM\..\Run: [mkiddgxi] C:\WINDOWS\System32\vitqa\mkiddgxi.exe
O4 - HKLM\..\Run: [rwlli] C:\WINDOWS\System32\ylnixaa\rwlli.exe
O4 - HKLM\..\Run: [wiwb] C:\WINDOWS\System32\anbt\wiwb.exe
O4 - HKLM\..\Run: [duuycml] C:\WINDOWS\System32\fokfqq\duuycml.exe
O4 - HKLM\..\Run: [pkgr] C:\WINDOWS\System32\xacp\pkgr.exe
O4 - HKLM\..\Run: [nvmc] C:\WINDOWS\System32\xfvrdj\nvmc.exe
O4 - HKLM\..\Run: [tiuuoej] C:\WINDOWS\System32\gvryapri\tiuuoej.exe
O4 - HKLM\..\Run: [ivkk] C:\WINDOWS\System32\ceawjsaf\ivkk.exe
O4 - HKLM\..\Run: [gwhekhvp] C:\WINDOWS\System32\gwhekhvp.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [smpcdh] C:\WINDOWS\System32\wgudqrb\smpcdh.exe
O4 - HKLM\..\Run: [fegcgggx] C:\WINDOWS\System32\aibuj\fegcgggx.exe
O4 - HKLM\..\Run: [eohmswqe] C:\WINDOWS\System32\hghy\eohmswqe.exe
O4 - HKLM\..\Run: [qalefapx] C:\WINDOWS\System32\rukm\qalefapx.exe
O4 - HKLM\..\Run: [sgtetsyi] C:\WINDOWS\System32\faflrt\sgtetsyi.exe
O4 - HKLM\..\Run: [nebebfr] C:\WINDOWS\System32\womxh\nebebfr.exe
O4 - HKLM\..\Run: [BPCv2] C:\Program Files\bpc_search\BPCv2.exe
O4 - HKLM\..\Run: [ss8S39j] wavic10n.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [akuyvw] C:\WINDOWS\System32\iqtvcdty\akuyvw.exe
O4 - HKLM\..\Run: [fkgjv] C:\WINDOWS\System32\bwtjmxgv\fkgjv.exe
O4 - HKLM\..\Run: [ctflvq] C:\WINDOWS\System32\gunl\ctflvq.exe
O4 - HKLM\..\Run: [cupk] C:\WINDOWS\System32\kitr\cupk.exe
O4 - HKLM\..\Run: [ufeyaqxm] C:\WINDOWS\System32\jwjtu\ufeyaqxm.exe
O4 - HKLM\..\Run: [obhik] C:\WINDOWS\System32\hfsm\obhik.exe
O4 - HKLM\..\Run: [cwuvhyko] C:\WINDOWS\System32\ubyejbd\cwuvhyko.exe
O4 - HKLM\..\Run: [hxljl] C:\WINDOWS\System32\lrac\hxljl.exe
O4 - HKLM\..\Run: [nanmvij] C:\WINDOWS\System32\fgyilp\nanmvij.exe
O4 - HKLM\..\Run: [ubjsfnvj] C:\WINDOWS\System32\gtgamvkj\ubjsfnvj.exe
O4 - HKLM\..\Run: [lthiyim] C:\WINDOWS\System32\ntfjjwa\lthiyim.exe
O4 - HKLM\..\Run: [WebRebates0] C:\Program Files\Web_Rebates\WebRebates0.exe
O4 - HKLM\..\Run: [C:\WINDOWS\smfugcodd.exe] C:\WINDOWS\smfugcodd.exe
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
O4 - HKLM\..\Run: [ubssxvis] C:\WINDOWS\System32\vxudvo\ubssxvis.exe
O4 - HKLM\..\Run: [dcmrixf] C:\WINDOWS\System32\tvgjg\dcmrixf.exe
O4 - HKLM\..\RunServices: [Scandsk2] scandsk2.exe
O4 - HKLM\..\RunServices: [GLSetIT32] C:\windows\system32\msiexec16.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [dBr2RVH5R] atmtcuiu.exe
O4 - HKCU\..\Run: [ANR] C:\Program Files\XemiComputers\Audio Notes Recorder\ANR.exe
O4 - HKCU\..\Run: [Ljizbrm] C:\WINDOWS\System32\??oolsv.exe
O4 - HKCU\..\Run: [Eooc] C:\Documents and Settings\Owner\Application Data\obat.exe
O4 - HKCU\..\Run: [startkey] C:\WINDOWS\System32\exec.exe
O4 - HKCU\..\Run: [ddrawex] C:\WINDOWS\System32\ddrawex.exe
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O4 - HKCU\..\Run: [eZWO] C:\PROGRA~1\Web Offer\wo.exe
O4 - HKCU\..\Run: [dskquota] C:\WINDOWS\System32\dskquota.exe
O4 - HKCU\..\Run: [getuname] C:\WINDOWS\System32\getuname.exe
O4 - Startup: Paint.exe
O4 - Global Startup: AcBtnMgr_X63.exe.lnk = C:\Program Files\LexmarkX63\AcBtnMgr_X63.exe
O4 - Global Startup: ACMonitor_X63.exe.lnk = C:\Program Files\LexmarkX63\ACMonitor_X63.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar2.dll/cmtrans.html
O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\dolsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\dolsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\dolsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\dolsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll
O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} (shizmoo Class) - http://kungfuchess.com/activex/web665.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - http://downloads.aaa1screensavers.co...-aug-acx21.exe
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Filter: text/html - {950238FB-C706-4791-8674-4D429F85897E} - C:\WINDOWS\isrvs\mfiltis.dll
O21 - SSODL: AX-Cursors 4.5 - {E623D6E8-661C-9498-99C0-47DDCC9E1F5B} - C:\Program Files\Axialis\AX-Cursors\axcursorg.dll
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: FireDaemon Service: ntsysvers - Unknown - C:\winnt\system32\dllcache\FireDaemon.EXE
O23 - Service: FireDaemon Service: runbatch - Unknown - C:\winnt\system32\dllcache\FireDaemon.EXE

Similar Threads

Dreamweaver CS3 Layout Issues in Site Layout and Usability
Linksys Client Lease Exp. & Other Issues in Networking
Dell Latitude Ls Boot Up Issues in Troubleshooting Dead Machines
my security point....... in IT Professionals' Lounge
Help Me Please in C++

ninjitcu

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

4 posts
since Mar 2005

Permalink

Mar 13th, 2005

Re: Major Issues

1. Download and install Ad-Aware SE, keeping the default options. However, some of the settings will need to be changed before your first scan

2.Close ALL windows except Ad-Aware SE

3. Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.

4. Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window

1) In the ‘General’ window make sure the following are selected in green:
*Automatically save log-file
*Automatically quarantine objects prior to removal
*Safe Mode (always request confirmation)

Under Definitions:
*Prompt to udate outdated definitions - set the number of days

2) Click on the ‘Scanning’ button on the left and select in green :

Under Driver, Folders & Files:
*Scan Within Archives

Under Select drives & folders to scan -
*choose all hard drives

Under Memory & Registry: all green
*Scan Active Processes
*Scan Registry
*Deep Scan Registry
*Scan my IE favorites for banned URL’s
*Scan my Hosts file

3) Click on the ‘Advanced’ button on the left and select in green:

Under Shell Integration:
*Move deleted files to recycle bin

Under Logfile Detail Level: (all green)
*include addtional object information
*DESELECT - include negligible objects information
*include environment information

Under Alternate Data Streams:
*Don't log streams smaller than 0 bytes
*Don't log ADS with the following names: CA_INOCULATEIT

4) Click the ‘Tweak’ button and select in green:

Under the ‘Scanning Engine’:
*Unload recognized processes during scanning
*Scan registry for all users instead of current user only

Under the ‘Cleaning Engine’:
*Let Windows remove files in use at next reboot

Under the Log Files:
*Include basic Ad-aware SE settings in logfile
*Include additional Ad-aware SE settings in logfile
*Please do not check or make green: Include Module list in logfile

5. Click on ‘Proceed’ to save the settings.

6. Click ‘Start’

*Choose:'Perform Full System Scan'
*DESELECT "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat.

7. Click ‘Next’ and Ad-Aware SE will scan your hard drive(s) with the options you have selected and clean automatically.

8. If Ad-Aware SE finds bad entries, you will receive a list of what it found in the window

9. Save the log file when it asks and then click ‘finish’

10. REBOOT to complete the removal of what Ad-Aware SE found

Download & instal Spybot S&D 1.3 from here. Update it before scanning.
After the scan is complete, have spybot fix everything marked RED.
On the page that first opens when you start Spybot there is an option to immunise, you should do this. In the immunise section there is also a link to download Spywareblaster. This program will prevent the install of bad activex controls that it has knowledge of. Download that & you can keep it updated by selecting the same link that you use to download it. Reboot

Go here to TrendMicro for an on-line scan & set it to autoclean for you. When it completes, post back the full filename of any files that cannot be cleaned or deleted.

Try this scan at Panda as well.

The scan here does not require an active X install, but uses java instead.
http://fr.trendmicro-europe.com/cons...all_launch.php

Reboot when done and post another log please.

crunchie

Moderator

Featured Poster

Reputation Points: 1142

Solved Threads: 982

Most Valuable Poster

Online

12,165 posts
since Feb 2004

Permalink

Mar 13th, 2005

Re: Major Issues

Hi im over at his house should he fix all th adaware stuff?

OurNation

Reputation Points: 16

Solved Threads: 9

Master Poster

Offline

780 posts
since Aug 2004

Permalink

Mar 13th, 2005

Re: Major Issues

Yes. Fix all that it finds.

crunchie

Moderator

Featured Poster

Reputation Points: 1142

Solved Threads: 982

Most Valuable Poster

Online

12,165 posts
since Feb 2004

Permalink

Mar 13th, 2005

Re: Major Issues

I have alot of a thing called callinghome.biz when scaned with spybot.....the trend micro thing isnt working

ninjitcu

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

4 posts
since Mar 2005

Permalink

Mar 13th, 2005

Re: Major Issues

nvm im still having issues i cant scann with trendmicro itsnot working and i have loads of popups

ninjitcu

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

4 posts
since Mar 2005

Permalink

Mar 13th, 2005

Re: Major Issues

Whatever you cannot do, leave and we will fix everything manually.

crunchie

Moderator

Featured Poster

Reputation Points: 1142

Solved Threads: 982

Most Valuable Poster

Online

12,165 posts
since Feb 2004

Permalink

Mar 13th, 2005

Re: Major Issues

Ill tell him that I call him right now should he post another log?

OurNation

Reputation Points: 16

Solved Threads: 9

Master Poster

Offline

780 posts
since Aug 2004

Permalink

Mar 14th, 2005

Re: Major Issues

Yes please. I am in Australia too, so the time difference may make it slow. I am GMT + 7 (or 8)

crunchie

Moderator

Featured Poster

Reputation Points: 1142

Solved Threads: 982

Most Valuable Poster

Online

12,165 posts
since Feb 2004

Permalink

Mar 15th, 2005

Re: Major Issues

Well my computer works now(somewhat) but at least i can access the internet and I did some of what you told me, thanks crunchie! And fine, if i have to thank you, OurNation. Thanks Again

ninjitcu

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

4 posts
since Mar 2005

Page 1
2
Next

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: Trojan Horse Downloader.Dyfica.BP

Next Thread in Viruses, Spyware and other Nasties Forum Timeline: HOTOFFER.INFO Malware removal

DaniWeb Message

Cancel Changes

User Name
Password