Posts by kylethedarkn

Hmm. Well other than that your log was completely clean which leads me to believe this isn't caused by malware. However please do the following just to make sure.

Please download and install ewido anti-spyware tool(Now called AVG)

• Close all other Applications Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• This in very important to get updates
• When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

• Next, please reboot your computer in Safe Mode by doing the following:
• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
• Instead of Windows loading as normal, a menu should appear use arrow up to highlight
• Select the first option, to run Windows in Safe Mode hit enter.
• For additional help in booting into Safe Mode, see the following site: HERE

  You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

• Open Ewido
• Click on scanner top of …

It looks like this might be caused by a bug or something in AOL. Try uninstalling and then reinstalling the AOL browser. I'm thinking that that will get rid of the problem.

I want you to go here and upload and scan the following file called update.exe.
C:\WINDOWS\SoftwareDistribution\Download\d02eed8b27b568c24c0de02bbc04855d\update\update.exe

Post the results of that scan back here.

Norton isn't exactly a good anti-virus program. I would recommend Macafee or AVG, but that is up to you. I think a simple scan on all the computers will get the job done. Use the following instructions.

Please download and install ewido anti-spyware tool

• Close all other Applications Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• This in very important to get updates
• When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

• Next, please reboot your computer in Safe Mode by doing the following:
• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
• Instead of Windows loading as normal, a menu should appear use arrow up to highlight
• Select the first option, to run Windows in Safe Mode hit enter.
• For additional help in booting into Safe Mode, see the following site: HERE

  You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

• Open Ewido
• Click on scanner top …

Please don't piggyback off ofther peoples posts guys. Make your own threads. But since your logs are all already here plz do the following.

Please download SmitfraudFix(http://siri.urz.free.fr/Fix/SmitfraudFix.zip) (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm

Now when you get the log from that everybody make a new thread and post the contents in that new thread.

Well it doesn't seem that this is a nastie related problem. If you posted this in another forum such as the windows xp forum or even the hardware forum u would would probably get better help.

One thing left please run HJT and check the following entrie.

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML

Click fix checked.

Make sure that viewpoint is gone from your program files. If not boot into safe mode by tapping F8 in start up and then delete it.

Thanks.

Looks good. You can mark this thread as solved then.(theres a link in the top left corner above your name)

Sorry about the delay, i guess ill take over for DMR.
First of all got to Control Panel and then Add/Remove progams. Uninstall Viewpoint Manager.

Move HJT to its own folder such as C:\HJT\ or something similar. Now run HJT and place a checkmark next to the following if they are still there.
O2 - BHO: (no name) - {2FDDEDAE-EDEF-4628-B979-13A3CB1E264d} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBarBHO.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
Click fix checked.

Post a new HJT log in your next post. If the problem is still there it is most likely a conflict between two programs and you should post in the regular windows XP forum.

Look at my last post agian i edited it.

Now run it again except this time use the 2 option and enter.

Still having problems after that?

Not any official malware persay, but there is one toolbar on your computer that is open to debate.

Did you purposely install weatherstudio on your computer?
Also did you add http://194.164.34.97 as a trusted ip?

If you didn't do either then do the following. Run HJT and place a checkmark next to the following.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.weatherstudio.com/dp/searc...YBRn254BE3i3C8=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.weatherstudio.com/dp/searc...VuzR2iG1gTULaE=
O2 - BHO: WeatherStudio - {849CC480-5983-4D30-A12C-774E8E8D8291} - C:\Program Files\WeatherStudio\bin\WeatherStudio.dll (file missing)
O3 - Toolbar: WeatherStudio - {C6139A57-16FB-4FA4-8045-A847FBFFD695} - C:\Program Files\WeatherStudio\bin\WeatherStudio.dll (file missing)
O4 - HKLM\..\Run: [WeatherStudio Desktop] "C:\Program Files\WeatherStudio Desktop\WeatherStudio Desktop.exe"
O15 - Trusted IP range: http://194.164.34.97

Then click fix checked.

Now do the following(even if you didn't do the above step)

Please download and install ewido anti-spyware tool(Now called AVG)

• Close all other Applications Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• This in very important to get updates
• When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

• Next, please reboot your computer in Safe Mode by doing …

After doing some research i believe you might have a smitfraud infection.(or some variant) please do the following.

First download Smitfraudfix from here.

Extract it to its own folder. Double click on smitfraudfix.cmd

When it opens up the command prompt press any key to continue and then press 1 and enter to scan.

When its done it should open up a txt file. Save that and then post the contents here.

Thx looks like you know the malware by symptom. I will keep this info in mind for future references. Do the above steps they will help alot.

Well well well. We strike down one thing and another pops up. Ok i want you to do two things. One is to go to controll panel and go to add/remove programs and then remove the following.

Viewpoint

Now in safe mode delete the C:\Program Files\Viewpoint\ folder.

First download Smitfraudfix from here.

Extract it to its own folder. Double click on smitfraudfix.cmd

When it opens up the command prompt press any key to continue and then press 1 and enter to scan.

When its done it should open up a txt file. Save that and then post the contents here.

Your log looks clean but im gonna have you run a scan anyways just to make sure. A few questions also. Have you recently installed any new software that might of caused this?

Please download and install ewido anti-spyware tool

• Close all other Applications Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• This in very important to get updates
• When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

• Next, please reboot your computer in Safe Mode by doing the following:
• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
• Instead of Windows loading as normal, a menu should appear use arrow up to highlight
• Select the first option, to run Windows in Safe Mode hit enter.
• For additional help in booting into Safe Mode, see the following site: HERE

  You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

• Open Ewido
• Click on scanner top of Ewido …

Sorry to hear that. We could of got you through it. Oh well though.

The log is still clean so lets check for rootkits.

Go here and download Rootkit analizer. Install and run it then click analyze. Then check the box that says only show hooked processes. Then click export and save the txt file.

Post the contents of that text file here.

It seems that this little malware hides itself pretty good. because i compared your log with another person who had the same problem and there were no similarities. However you do have some other nasties we can get rid of.

First run HJT and place a checkmark next to the following.
O3 - Toolbar: Protection Bar - {5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2} - C:\Program Files\Video ActiveX Object\iesplugin.dll
O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\system32\susp.exe
O4 - HKLM\..\Run: [VirusBurster] C:\Program Files\VirusBurster\virusburster.exe /h
Click fix checked.

You might want to print out the following directions because you cant access the internet in safe mode.

Now reboot to safe mode by tapping F8 during start up and selecting safe mode.

Delete the following files/folders using my computer and the delete key.
C:\Program Files\Video ActiveX Object\
C:\WINDOWS\system32\susp.exe
C:\Program Files\VirusBurster\

Now reboot back to normal.

Post a new HJT log and tell me if the thing is still there.

One of the items i told u to delete is still there so lets see if i can get rid of it.
First run HJT and check the following.
O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\GUI.exe
Click fix checked.

Now boot into safe mode again and delete the following folder.
C:\Program Files\Gigabyte\

Reboot back to normal.

That should fix it.

Well your log is completely clean which is weird becase it souns like you are infected with malware. Ok lets scan your computer with a scanner that we suppport on this site.

Please download and install ewido anti-spyware tool(Now called AVG)

• Close all other Applications Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• This in very important to get updates
• When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

• Next, please reboot your computer in Safe Mode by doing the following:
• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
• Instead of Windows loading as normal, a menu should appear use arrow up to highlight
• Select the first option, to run Windows in Safe Mode hit enter.
• For additional help in booting into Safe Mode, see the following site: HERE

  You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

• Open Ewido
• Click on scanner top of Ewido sceen
• Click …

I would use VundoFix. Also the IE7 problems are unrelated usually.

Ok a couple traces of malware.
First run HJT and put a checkmark next to the following.
O3 - Toolbar: Protection Bar - {5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2} - C:\Program Files\Video ActiveX Object\iesplugin.dll
O20 - AppInit_DLLs: pushow92.dll

Do you know what C:\Program Files\TRIXX\TRIXX.exe is? If you dont place a checkmark next to the following.

O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s

You might want to print out the following instructions, because you wont be able to access the internet.

Restart to safe mode by tapping F8 during start up and selecting safe mode.

Now using My Computer and the delete key delete the following filles and folders.(if they exist)
C:\Program Files\Gigabyte\
C:\Program Files\Video ActiveX Object\
C:\Windows\System32\pushow92.dll

If you dont know what the trixx thing is then delete the following also.
C:\Program Files\TRIXX\

Now Reboot back to normal mode.

Post a new HJT log along with any problems you are still having.

Please post a HJt log.(there are instructions in the stickys).

Also i never use the safely remove hardware thing and my removable drive is fine.

This doesn't look like a complete log. Are you sure you didn't delete anyting from it?

If you did then please post the full log we need to see that info so that we can fix your computer.

If you didn't please change the name of hijackthis.exe to something else like hello.exe.

Your log looks clean. So if you still haven't had any problems you can mark this thread as solved.(there should be a link in the top left hand corner of the page)

Does you anti-virus have a firewall? If it does it would most likely pick up any/all hacking attempts. How often does the computer "seize up" and what does it do exactly. Try disconnnecting from the internet and see if it still seizes up.

Other than that your logs clean, but just incase could you change the name of hijackthis.exe to something different like hello.exe.(some malware hides it self from hijackthis.exe)

Post the new log after the name change and ill see what i can do.

You got alot of nasties on your computer. Lets get rid of those.
First run HJT and put a checkmark next to the following.
O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Program Files\TrueCodec\isaddon.dll (file missing)
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - C:\Program Files\TrueCodec\iesplugin.dll (file missing)
O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll (file missing)
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O21 - SSODL: contrabandists - {dfa61db1-388e-4c87-8d56-540fa229bcb4} - C:\WINDOWS\system32\dpfwu.dll
O21 - SSODL: gaonic - {f31aee4a-1530-4fef-8537-79c6973bff9a} - C:\WINDOWS\system32\tazth.dll

Click fix checked.

You might want to print out the following instructions because you cannot acces the internet in safe mode.

Now reboot to safe mode by tapping F8 during start up and selecting safe mode.

Now using My Computer and the delete key delete the following files and folders.
C:\Program Files\TrueCodec\
C:\Program Files\Seekmo Programs\
C:\Program Files\Common Files\DriveCleaner 2006 Free\
C:\WINDOWS\system32\tazth.dll
C:\WINDOWS\system32\dpfwu.dll

Reboot back to normal mode.

Please post a new HJT log and tell me if you are still getting that message.

Hmm.. There are two files that could be normal or could be malware. So i want you to scan them.
C:\Program Files\RSI Saver\nhc.exe(Don't know what RSI saver is, couldn't find and info on it.)

To scan these go to here and upload them.
Post the results here when the scans are done.

Also run a ewdio scan and post the log here.

Also I personally would update from Windows Me because the internet and Windows ME don't really mix well.

Well the extremely suspicious process is update.exe running from the registry out of common files. To get rid of it lets do the following.

Please download and install ewido anti-spyware tool(Now Called AVG)

• Close all other Applications Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• This in very important to get updates
• When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

• Next, please reboot your computer in Safe Mode by doing the following:
• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
• Instead of Windows loading as normal, a menu should appear use arrow up to highlight
• Select the first option, to run Windows in Safe Mode hit enter.
• For additional help in booting into Safe Mode, see the following site: HERE

  You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

• Open Ewido
• Click on scanner top of Ewido sceen
• Click on Settings
• Under How …

A couple things. One probably isn't malware related but just in case please post a HJT log. No its not really that bad as long as you get the updates once in a while ecspecially service packs and such.

Also is it failing to block all pop ups or just when a bunch pop up at once. Sometimes if a pop up blocker is overloaded one or two pop ups will get through. Also heres the scanners i recommend.
AVG-anti spyware
AVG anti virus
Xoftspy(for fast scan)

First of all move HJT to a permanent folder such as C:\HJT\ or something similar.
Ok not a bad infection. Run HJT and put a checkmark next to the following items.
O4 - HKLM\..\Run: [dflnl.exe] C:\WINDOWS\system32\dflnl.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
Click Fix Checked.

Now Reboot to safe mode by tapping F8 during start up and selecting safe mode. Once there delete the following file using my computer and the delete key.
C:\WINDOWS\system32\dflnl.exe

Reboot back to normal.

Post a new HJT log and any tell me any problems ur still having.

A couple things First of all could you include a HJT log. Also i think it says in the stickies to scan with AVG anti-spyware first, but i'll give instructions anyways.

Please download and install ewido anti-spyware tool(Now called AVG)

• Close all other Applications Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• This in very important to get updates
• When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

• Next, please reboot your computer in Safe Mode by doing the following:
• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
• Instead of Windows loading as normal, a menu should appear use arrow up to highlight
• Select the first option, to run Windows in Safe Mode hit enter.
• For additional help in booting into Safe Mode, see the following site: HERE

  You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

• Open Ewido
• Click on scanner top of …

Well you can do two things. One try reinstalling the AT&T thing(motivesb.exe) or you can run HJT and check the following.
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
Then click fixed check. This will make it not try to start up and therefore no error.

Hmm thats strange it wont let you load. Usually when the keyboard is not recognized it just tells you and then ignores it and loads up anyway. See if it will let you get into safe mode. Once in safe mode you can uninstall the software mentioned above

No Problem always happy to help.

Well your logs clean still and it looks like AVG cleaned out a few things you got from bearshear. Are you still having problems? If not you can mark this thread as solved by clicking the link at the top of the page. And i got no rep so that would be nice.

Two questions.
First What kind of surface is the mouse on if its a clear surface such as a glass desk the mouse would not work cuz it wouldn't pick anything up.

Are you sure the mouse isn't broken. Try putting the mouse on your hand and moving it.

So whats the problem. From what you said i know you have a cable that converts into a usb slot. Do you just want to update the driver for the hell of it or is it not working properly. If you google search that serial you posted you can probably find the company.

Buy a usb keyboard. Its a stronger connection and easy becasue its plug and play meaning no setup. You just plug it in and it works. The problem could be caused by a driver conflict or something simple like that. Try uninstalling any software that you installed with the scanner and see if the keyboard works again.

Or you could just make three seprate lines in a row. Wouldn't that be crazy.

Yeah I bet explorer.exe isn't starting up to begin with. I'll have to ask someone who knows more about the windows config to figure how you can make it do it automatically again, but for now just use task manager to run explorer.exe.(thats all you have to type in the run box "explorer.exe")

Most likely not but you can do an online virus scan here. There are alot of viruses that use the same name but they are usually located in different directories then the real ones. Yours is in the correct directory so i wouldn't worry.

Hmm the log is clean the only suspicious thing is that there are like 12 yahoo widget processes running. Well lets do an AVG scan then.

Please download and install ewido anti-spyware tool(Now called AVG)

• Close all other Applications Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• This in very important to get updates
• When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

• Next, please reboot your computer in Safe Mode by doing the following:
• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
• Instead of Windows loading as normal, a menu should appear use arrow up to highlight
• Select the first option, to run Windows in Safe Mode hit enter.
• For additional help in booting into Safe Mode, see the following site: HERE

  You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

• Open Ewido
• Click on scanner top of Ewido sceen
• Click on Settings
• Under How …

For the most part your log is clean, however i found one little piece of malware that might be the cause. So do the following.

Run HJT and check the following.
O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - C:\WINDOWS\system32\vcehaeb.dll
Click fix checked.

That should have deleted the file but check the windows/system32 folder anyway for vcehaeb.dll. If its still there then try and delete it. If it doesn't let u delete it then do the following.

Reboot your computer at the load up screen keep tapping F8 until a selection menu pops up select boot into safe mode and hit enter. (using arrow keys)

Now try to delete in while in safe mode.

Reboot back to normal.

Post a new HJT log here and tell me if your still having problems.

Lets start by just scanning your computer with AVG anti spyware. here are the directions.

Please download and install ewido anti-spyware tool(Now called AVG)

• Close all other Applications Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• This in very important to get updates
• When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

• Next, please reboot your computer in Safe Mode by doing the following:
• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
• Instead of Windows loading as normal, a menu should appear use arrow up to highlight
• Select the first option, to run Windows in Safe Mode hit enter.
• For additional help in booting into Safe Mode, see the following site: HERE

  You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

• Open Ewido
• Click on scanner top of Ewido sceen
• Click on Settings
• Under How to Act click on Recommended Action choose Quarantine
• Under How to …

Ok lets get started.
Run HJT and put a checkmark next to each of the following.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: metaspinner GmbH - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~2.DLL (file missing)
O2 - BHO: (no name) - {ae18da4e-be15-4925-81bb-890c04af0200} - C:\Program Files\Gold Codec\isaddon.dll (file missing)
O2 - BHO: metaspinner GmbH - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL (file missing)
O3 - Toolbar: Protection Bar - {96ebbe6a-2864-4345-b32b-26ee9be524b5} - C:\Program Files\Gold Codec\iesplugin.dll (file missing)
O4 - HKCU\..\Run: [BPK] C:\Program Files\Perfect Keylogger Lite\bpk.exe
O21 - SSODL: gimmicks - {40dcff6e-af8d-4183-8ebe-a82270ac449e} - C:\WINDOWS\system32\dcvwaah.dll (file missing)

The following are optional it will make your computer faster if you check these.

O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

Now click fix checked.
Now for the next step. Download Smitfraud fix from here. Now extract it to your desktop and then double click the smitfraudfix.cmd file. Press any key to continue and then press 1 and enter to scan your computer. When it is done it makes a log we will need that for later.

You might want to print out the rest of the instructions because the require you to go into safe mode and internet cannot be used in safe mode.

Please download and install ewido anti-spyware tool(Now called AVG)

• Close all other …