Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Dr Watson ERROR stikes again

Started by auntiebebo22 , Feb 26 2005 02:58 PM

  • Please log in to reply

#1
auntiebebo22
Posted 26 February 2005 - 02:58 PM

auntiebebo22

    New Member

  • Member
  • Pip
  • 5 posts
:tazz: I cannot directly access my computer, my documents, my pictures, my music, or my control panel from the start menu. Any time i try i get this:

Dr watson Postmortem Debugger

Dr Watson Postmortem Debugger has encountered a problem and needs to close...

__________Send error report

__________Don't send error report

When I hit don't send the window disappears, but then i cannot click on anything at all. I have to bring up the task Manager and restart the computer.

If i do not try to access these 'programs' through the start button, everything works fine, i can surf the net i can click on anything else on my desktop and have no problems.

If I go through the "tools" button on IE i can than gain access to "my computer" and all the other things that i can't from the start up.

This is what i have:
Windows XP Home version 2002 service pack 2
Dell - Celerone processor 2.4 GHz
239GHz, 640 mb Ram

I have run:
Pest patrol (I have a lot of stuff quarintined here)
Spybot
ad-aware SE
CW Shredder
TDS
AVG
- I tried to get the free trend house call scan but it comes up with the following error:
These is a problem with an 'add -on' and has to close

The following add-on was running when the problem occurred
file: syslr32.dll
co. name: (its blank)
Description: syslr32.dll

Here is my Hijack log:



Logfile of HijackThis v1.99.1
Scan saved at 3:21:38 PM, on 2/26/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\WINDOWS\system32\d3cb32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\appbk.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Documents and Settings\Billie\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\dynuh.dll/sp.html#10001
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\dynuh.dll/sp.html#10001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\dynuh.dll/sp.html#10001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\dynuh.dll/sp.html#10001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\dynuh.dll/sp.html#10001
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\dynuh.dll/sp.html#10001
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\dynuh.dll/sp.html#10001
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {E47C3AAC-058B-618C-CF20-7FBEB197E13B} - C:\WINDOWS\system32\syslr32.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll (file missing)
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [zM9] C:\documents and settings\neal\local settings\temp\zM9.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TEoNlbtRj] c:\documents and settings\neal\local settings\temp\TEoNlbtRj.exe
O4 - HKLM\..\Run: [rcc] c:\documents and settings\neal\local settings\temp\rcc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [qGp] C:\documents and settings\neal\local settings\temp\qGp.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [O4jKLcI79] C:\documents and settings\dad\local settings\temp\O4jKLcI79.exe
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\dad\LOCALS~1\Temp\2004925133641_mcinfo.exe /insfin
O4 - HKLM\..\Run: [MpvAB] C:\documents and settings\neal\local settings\temp\MpvAB.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Hby] C:\documents and settings\neal\local settings\temp\Hby.exe
O4 - HKLM\..\Run: [dr2k] C:\documents and settings\dad\local settings\temp\dr2k.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\dad\LOCALS~1\Temp\2004925133645_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [s76V3qj] dmbvtmsg.exe
O4 - HKLM\..\Run: [d3cb32.exe] C:\WINDOWS\system32\d3cb32.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Billie\Application Data\ttuh.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: MS Office.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1096918658140
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab27513.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Network Security Service (NSS) ( 6Q'8) - Unknown owner - C:\WINDOWS\appbk.exe
  • 0

Advertisements

#2
grommit
Posted 26 February 2005 - 06:39 PM

grommit

    New Member

  • Member
  • Pip
  • 1 posts
:tazz:
This started happening me on Thursday after an automatic update from windows. I'm glad somebody else has the same problem.
I was going to try to reinstall Windows XP and just start all over again, but not even sure how to do that!
Does anybody have any advice?
  • 0

#3
auntiebebo22
Posted 28 February 2005 - 10:57 AM

auntiebebo22

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
:tazz:

Hi all, I've done a few more scans, finally got trend house call to work, however i can't get about buster, cws, or cleanup312 to run, Dr Watson pops up any time i click on them. Here is my newest Hijack this file:


Logfile of HijackThis v1.99.1
Scan saved at 11:41:20 AM, on 2/28/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\d3cb32.exe
C:\Program Files\The Cleaner\tca.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\The Cleaner\tcm.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\appbk.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Documents and Settings\Billie\Desktop\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\dxpmz.dll/sp.html#10001
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\dxpmz.dll/sp.html#10001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\dxpmz.dll/sp.html#10001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\dxpmz.dll/sp.html#10001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\dxpmz.dll/sp.html#10001
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\dxpmz.dll/sp.html#10001
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\dxpmz.dll/sp.html#10001
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {22D86BA3-CC72-EE2D-3BE1-802B27CE44D4} - C:\WINDOWS\ipfq.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll (file missing)
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [zM9] C:\documents and settings\neal\local settings\temp\zM9.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TEoNlbtRj] c:\documents and settings\neal\local settings\temp\TEoNlbtRj.exe
O4 - HKLM\..\Run: [rcc] c:\documents and settings\neal\local settings\temp\rcc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [qGp] C:\documents and settings\neal\local settings\temp\qGp.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [O4jKLcI79] C:\documents and settings\dad\local settings\temp\O4jKLcI79.exe
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\dad\LOCALS~1\Temp\2004925133641_mcinfo.exe /insfin
O4 - HKLM\..\Run: [MpvAB] C:\documents and settings\neal\local settings\temp\MpvAB.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Hby] C:\documents and settings\neal\local settings\temp\Hby.exe
O4 - HKLM\..\Run: [dr2k] C:\documents and settings\dad\local settings\temp\dr2k.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\dad\LOCALS~1\Temp\2004925133645_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [s76V3qj] dmbvtmsg.exe
O4 - HKLM\..\Run: [d3cb32.exe] C:\WINDOWS\system32\d3cb32.exe
O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\The Cleaner\tcm.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Billie\Application Data\ttuh.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: MS Office.hta
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1096918658140
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab27513.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Network Security Service (NSS) ( 6Q'8) - Unknown owner - C:\WINDOWS\appbk.exe



Thank you for your help. ;)
  • 0

#4
auntiebebo22
Posted 01 March 2005 - 09:13 AM

auntiebebo22

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
;)
Hello, It's me again. I've run a few more scans, and tried to delete a few things from the Hi Jack log, after referencing several of the responses to similar problems. I was able to run about Buster in safe mode, however, I cannot access the log when i reboot, Because i get a Dr Watson error and must reboot.

I am still having the same problems I had with Dr Watson and the about infection. I have deleted things from the hijack log but they keep returning. I have seen several resposes on what to delete, and have a question about that.

" Using windows explorer, locate the following files/folders, and delete any found"

Where do i go to do this?

Here is my most current Hi jack log:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Billie\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\wrbjf.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jpktv.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\wrbjf.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jpktv.dll/sp.html#37049
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {F1A44905-F8BC-EFD4-2565-F5986985091F} - C:\WINDOWS\system32\atlqs32.dll
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [zM9] C:\documents and settings\neal\local settings\temp\zM9.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TEoNlbtRj] c:\documents and settings\neal\local settings\temp\TEoNlbtRj.exe
O4 - HKLM\..\Run: [rcc] c:\documents and settings\neal\local settings\temp\rcc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [qGp] C:\documents and settings\neal\local settings\temp\qGp.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [O4jKLcI79] C:\documents and settings\dad\local settings\temp\O4jKLcI79.exe
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\dad\LOCALS~1\Temp\2004925133641_mcinfo.exe /insfin
O4 - HKLM\..\Run: [MpvAB] C:\documents and settings\neal\local settings\temp\MpvAB.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Hby] C:\documents and settings\neal\local settings\temp\Hby.exe
O4 - HKLM\..\Run: [dr2k] C:\documents and settings\dad\local settings\temp\dr2k.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\dad\LOCALS~1\Temp\2004925133645_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [s76V3qj] dmbvtmsg.exe
O4 - HKLM\..\Run: [d3cb32.exe] C:\WINDOWS\system32\d3cb32.exe
O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\The Cleaner\tcm.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Billie\Application Data\ttuh.exe
O4 - HKCU\..\RunOnce: [CleanUp!] C:\PROGRA~1\CleanUp!\CleanUp.exe /WindowsRestart
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: MS Office.hta
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1096918658140
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab27513.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Network Security Service (NSS) ( 6Q'8) - Unknown owner - C:\WINDOWS\appbk.exe


The following are 5 enteries that i have tried to delete 4 or 5 times:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\wrbjf.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jpktv.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\wrbjf.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O23 - Service: Network Security Service (NSS) ( 6Q'8) - Unknown owner - C:\WINDOWS\appbk.exe


Is there anyone that can help me with this?

Thank You. :tazz:
  • 0

#5
auntiebebo22
Posted 01 March 2005 - 10:26 AM

auntiebebo22

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Hello,
I was able to do a 'Panda' Scan and this is the results log:

Virus:Trj/StartPage.FH No disinfected Operating system
Adware:Adware/eZula No disinfected C:\WINDOWS\iLookup
Adware:Adware/BHO No disinfected Windows Registry
Adware:Adware/SearchAid No disinfected C:\Documents and Settings\Billie\Favorites\Only sex website.url
Adware:Adware/MediaTickets No disinfected Windows Registry
Adware:Adware/SideSearch No disinfected C:\Documents and Settings\Billie\Application Data\Lycos
Adware:Adware/IEDriver No disinfected Windows Registry
Adware:Adware/ILookup No disinfected C:\WINDOWS\ILookup
Adware:Adware/WUpd No disinfected C:\Program Files\Admilli Service
Adware:Adware/Zango No disinfected C:\Program Files\zango
Adware:Adware/SuperSpider No disinfected Windows Registry
Virus:Trj/StartPage.NA Disinfected Operating system
Spyware:Spyware/YourSiteBar No disinfected Windows Registry
Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Billie\Favorites\Only sex website.url
Adware:Adware/CWS.Searchmeup No disinfected Windows Registry
Virus:Trj/StartPage.FH Disinfected C:\Documents and Settings\Billie\Desktop\backups\backup-20050228-120822-505.dll
Virus:Trj/StartPage.FH Disinfected C:\Documents and Settings\Billie\Desktop\backups\backup-20050228-121611-498.dll
Virus:Trj/StartPage.FH Disinfected C:\Documents and Settings\Billie\Desktop\backups\backup-20050228-152709-314.dll
Virus:Trj/StartPage.FH Disinfected C:\Documents and Settings\Billie\Desktop\backups\backup-20050228-153033-437.dll
Virus:Trj/StartPage.FH Disinfected C:\Documents and Settings\Billie\Desktop\backups\backup-20050228-194602-505.dll
Virus:Trj/StartPage.FH Disinfected C:\Documents and Settings\Billie\Desktop\backups\backup-20050301-093349-709.dll
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-13478d8d-1a68753f.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-52e0a8b6-5b40b9de.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-eb5c5a3-42e8c60c.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2ac38564.RB0[Mein.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2ac38564.RB0[ProbeLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2ac38564.RB0[Dummy.class]
Virus:Trojan Horse Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2ac38564.RB0[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2ac38564.zip[Mein.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2ac38564.zip[ProbeLoader.class]
Virus:Trojan Horse Disinfected C:\Documents and Settings\Neal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2ac38564.zip[Beyond.class]
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Neal\Application Data\ttuh.exe
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-16f9f9b-7c4139c4.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-75c3fe-277dd3af.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-205482c2-42b05c99.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-774d507d-2c503864.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Gummy.class-421ef8d3-2b11386a.class
Adware:Adware/CWS No disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-6fd9f626-2d3af693.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-7d3dca66-5a284e7e.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2f0ac886.zip[Mein.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2f0ac886.zip[ProbeLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2f0ac886.zip[Dummy.class]
Virus:Trojan Horse Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-246797d4-2f0ac886.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-42d82be8-5a21909e.zip[BlackBox.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-42d82be8-5a21909e.zip[VB.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-42d82be8-5a21909e.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-42d82be8-5a21909e.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-74f8a61e-46ebd2e3.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-74f8a61e-46ebd2e3.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-74f8a61e-46ebd2e3.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-74f8a61e-46ebd2e3.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dialarch.jar-5396f0c7-4359a32e.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dialarch.jar-5396f0c7-4359a32e.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\neal.BILLIES\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dialarch.jar-5396f0c7-4359a32e.zip[InsecureClassLoader.class]
Adware:Adware/WUpd No disinfected C:\Program Files\Admilli Service\AdmilliComm.dll
Adware:Adware/WUpd No disinfected C:\Program Files\Admilli Service\AdmilliKeep.exe
Spyware:Spyware/New.net No disinfected C:\Program Files\FileSubmit\Turkeys In Autumn Woods\NNEZTA388.exe
Adware:Adware/QuickSearch No disinfected C:\Program Files\FileSubmit\Turkeys In Autumn Woods\TBEZA127Q.exe
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[lsp_.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[SAHAgent_.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[SahHtml_.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[SAHUninstall_.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[WEBInstaller.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[xmlparse_.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[xmltok_.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[SAHUninstall.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[lsp.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[SahAgent.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[SahHtml.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[xmltok.dll]
Adware:Adware/IEDriver No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[Searchx.htm]
Adware:Adware/IEDriver No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[SearchBar.htm]
Adware:Adware/nCase No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[salmhook.dll]
Adware:Adware/MemoryWatcher No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[wowex32.exe]
Adware:Adware/MemoryWatcher No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[TrayIcon.ocx]
Adware:Adware/MemoryWatcher No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[MemoryWatcher.exe]
Spyware:Spyware/ISTbar No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[istsvc.exe]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[seng.dll]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[chcon.dll]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[toptext button show - hide.lnk]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.RB0[my preferences.lnk]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[lsp_.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[SAHAgent_.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[SahHtml_.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[SAHUninstall_.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[WEBInstaller.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[xmlparse_.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[xmltok_.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[SAHUninstall.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[lsp.dll]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[SahAgent.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[SahHtml.exe]
Adware:Adware/SAHAgent No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[xmltok.dll]
Adware:Adware/IEDriver No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[Searchx.htm]
Adware:Adware/IEDriver No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[SearchBar.htm]
Adware:Adware/nCase No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[salmhook.dll]
Adware:Adware/MemoryWatcher No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[TrayIcon.ocx]
Adware:Adware/MemoryWatcher No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[MemoryWatcher.exe]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[seng.dll]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[chcon.dll]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[toptext button show - hide.lnk]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229111540671.zip[my preferences.lnk]
Virus:Exploit/ByteVerify Disinfected C:\Program Files\PestPatrol\Quarantine\20041229130146171.RB0[Parser.class]
Virus:Exploit/ByteVerify Disinfected C:\Program Files\PestPatrol\Quarantine\20041229130146171.RB0[Counter.class]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229130146171.RB0[my keywords.lnk]
Adware:Adware/eZula No disinfected C:\Program Files\PestPatrol\Quarantine\20041229130146171.zip[my keywords.lnk]
Virus:Exploit/ByteVerify Disinfected C:\Program Files\PestPatrol\Quarantine\20050105224139734.RB0[Parser.class]
Virus:Exploit/ByteVerify Disinfected C:\Program Files\PestPatrol\Quarantine\20050105224139734.RB0[Counter.class]
Virus:Exploit/ByteVerify Disinfected C:\Program Files\PestPatrol\Quarantine\20050105224139734.RB0[BlackBox.class]
Virus:Exploit/ByteVerify Disinfected C:\Program Files\PestPatrol\Quarantine\20050205103852484.RB0[Parser.class]
Virus:Exploit/ByteVerify Disinfected C:\Program Files\PestPatrol\Quarantine\20050205103852484.RB0[Counter.class]
Adware:Adware/SideSearch No disinfected C:\SEPinst.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\addnb.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\apikm32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\appbk.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\appfd32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\appxf.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\crvw32.exe
Adware:Adware/WUpd No disinfected C:\WINDOWS\Downloaded Program Files\AdmilliServX.dll
Adware:Adware Program No disinfected C:\WINDOWS\Downloaded Program Files\WildApp.inf
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\iery.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\javaau32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\javacg.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\javaqi32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\javaug.exe
Adware:Adware/MediaTickets No disinfected C:\WINDOWS\MediaTicketsInstaller.INF
Adware:Adware/MediaTickets No disinfected C:\WINDOWS\MediaTicketsInstaller.ocx
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\mfclv32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\netlu32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\ntfs.dll
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\ntmf.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\ntoq32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\sdkre32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\sdksw32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\sdkwj32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\sysim.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\syspl32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\addhc32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\atlpv.exe
Adware:Adware/IEDriver No disinfected C:\WINDOWS\SYSTEM32\basesrv1.exe
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\SYSTEM32\ckxsu.dll
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\d3cb32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\iphi.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\ipqa.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\iprl32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\javait32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\javaxb32.exe
Adware:Adware/PurityScan No disinfected C:\WINDOWS\SYSTEM32\LGONUI~1.EXE
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\msbn32.exe
Adware:Adware/PurityScan No disinfected C:\WINDOWS\SYSTEM32\MIEXEC~1.EXE
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\netbl32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\netyx.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\sdkpb.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\sdkvo32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\sdkxj.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\sysje32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\sysrh32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\winee32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\winky.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\winrq.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\SYSTEM32\winrx.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\systp.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\systr.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\wince32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\winfz32.exe
Virus:Trj/StartPage.FH Disinfected C:\WINDOWS\winle32.dll
I don't know if it will help anything, but i'm willing to try just about anything at this point.

any suggestions?
  • 0

#6
auntiebebo22
Posted 02 March 2005 - 05:53 AM

auntiebebo22

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
:tazz:

Hi all,

I realize this is a free forum, and there are many here asking for help and i am doing whatever i can to help myself out,but nothing is working. No matter how many times i delete items from my hijack log they keep showing back up. I am so sick and frustrated i don't know wether to cry or just puke.


Please help!!!!!

Thank You
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP