Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Pop up problems & Other evil things


  • This topic is locked This topic is locked

#1
m0vieXfanatic

m0vieXfanatic

    Member

  • Member
  • PipPip
  • 12 posts
Hello. I have never posted here before so I don't really know how it works, but I have been having serious issues with my computer. I get overrun by pop ups, and everytime I get on my computer programs have installed. I installed HijackThis and got my log and am wondering if anything seems at all bad on it. Thanks in advance!


Logfile of HijackThis v1.99.1
Scan saved at 4:17:20 PM, on 4/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\wfojtjuy\pyflq.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\qeocnij\wyuvy.exe
C:\Program Files\Common Files\BullGuard\BullGuard Communicator\xcommsvr.exe
C:\Program Files\Common Files\BullGuard\BullGuard Scan Server\bdss.exe
C:\Program Files\BullGuard\vsserv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\LTMSG.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\exp.exe
C:\Program Files\BullGuard\bdmcon.exe
C:\Program Files\BullGuard\bgnewsag.exe
C:\Program Files\MemoryBoost\MemoryBoost.exe
C:\WINDOWS\system32\winupdt.exe
C:\WINDOWS\system32\wintask.exe
C:\WINDOWS\WinTask.exe
C:\WINDOWS\system32\rlcng\sbwxkxck.exe
C:\WINDOWS\QOCODLL.EXE
C:\WINDOWS\TZWUENC.EXE
C:\WINDOWS\system32\RunDLL32.EXE
C:\WINDOWS\system32\xvnnxxgn\wahenk.exe
C:\WINDOWS\system32\picsvr\picsvr.exe
C:\WINDOWS\system32\rprnlk.exe
C:\WINDOWS\system32\xuqow\rpislxg.exe
C:\WINDOWS\system32\jnvkg\pueyxim.exe
C:\WINDOWS\system32\kqxub\gsmjyiv.exe
C:\WINDOWS\system32\qtirf\nyeygk.exe
C:\WINDOWS\system32\wkrk\fmgwirh.exe
C:\WINDOWS\system32\pyryxjar\jsob.exe
C:\WINDOWS\system\wsokscgsc.exe
c:\windows\system32\zhkbbp.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Documents and Settings\Owner\Application Data\wtta.exe
C:\WINDOWS\system32\?ervices.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\PC Cleaner\trayicon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Open Field Software\ELLA for Microsoft Outlook\Launcher.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\bs573.tmpbsx32\bbi2.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\8TMNC5EZ\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: 216.39.69.102 view.atdmt.com
O2 - BHO: DLMaxObj Class - {00000000-59D4-4008-9058-080011001200} - C:\WINDOWS\dlmax.dll
O2 - BHO: (no name) - {00000000-DD60-0064-6EC2-6E0100000000} - (no file)
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\cfgmgr51.dll
O2 - BHO: (no name) - {187ADCD4-1A4A-3CEC-E525-78221FC398CD} - C:\WINDOWS\system32\ehdmotgi\iwjnwdhu.dll
O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll
O2 - BHO: (no name) - {8DA5457F-A8AA-4CCF-A842-70E6FD274094} - C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll (file missing)
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\system32\nsm89.dll
O2 - BHO: PopBlock Class - {A25A30C9-6D9A-46D0-A92C-05ABD82A83AE} - C:\Program Files\AdBlocker\PopupBlocker.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [scvhost.exe] scvhost.exe
O4 - HKLM\..\Run: [cnmpilyt] C:\WINDOWS\cnmpilyt.exe
O4 - HKLM\..\Run: [gjytsx] C:\WINDOWS\gjytsx.exe
O4 - HKLM\..\Run: [zcvcfmr] C:\WINDOWS\zcvcfmr.exe
O4 - HKLM\..\Run: [hopunuz] C:\WINDOWS\hopunuz.exe
O4 - HKLM\..\Run: [AGEK] C:\WINDOWS\AGEK.exe
O4 - HKLM\..\Run: [ZFM] C:\WINDOWS\ZFM.exe
O4 - HKLM\..\Run: [ufof] C:\WINDOWS\ufof.exe
O4 - HKLM\..\Run: [bqrcj] C:\WINDOWS\bqrcj.exe
O4 - HKLM\..\Run: [ELRYBLSYC] C:\WINDOWS\ELRYBLSYC.exe
O4 - HKLM\..\Run: [NTHNUHUEL] C:\WINDOWS\NTHNUHUEL.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [DJQWDQX] C:\WINDOWS\DJQWDQX.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [wlctqxcv] C:\WINDOWS\wlctqxcv.exe
O4 - HKLM\..\Run: [dqjqngz] C:\WINDOWS\dqjqngz.exe
O4 - HKLM\..\Run: [xohovov] C:\WINDOWS\xohovov.exe
O4 - HKLM\..\Run: [hyp] C:\WINDOWS\hyp.exe
O4 - HKLM\..\Run: [wpcnun] C:\WINDOWS\wpcnun.exe
O4 - HKLM\..\Run: [mfqfqh] C:\WINDOWS\mfqfqh.exe
O4 - HKLM\..\Run: [yhqpsnqr] C:\WINDOWS\yhqpsnqr.exe
O4 - HKLM\..\Run: [fql] C:\WINDOWS\fql.exe
O4 - HKLM\..\Run: [nkt] C:\WINDOWS\nkt.exe
O4 - HKLM\..\Run: [xkpuzil] C:\WINDOWS\xkpuzil.exe
O4 - HKLM\..\Run: [xsxof] C:\WINDOWS\xsxof.exe
O4 - HKLM\..\Run: [ylsf] C:\WINDOWS\ylsf.exe
O4 - HKLM\..\Run: [niz] C:\WINDOWS\niz.exe
O4 - HKLM\..\Run: [fqncved] C:\WINDOWS\fqncved.exe
O4 - HKLM\..\Run: [dkp] C:\WINDOWS\dkp.exe
O4 - HKLM\..\Run: [hot] C:\WINDOWS\hot.exe
O4 - HKLM\..\Run: [cdulgn] C:\WINDOWS\cdulgn.exe
O4 - HKLM\..\Run: [ran] C:\WINDOWS\ran.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nyt] C:\WINDOWS\nyt.exe
O4 - HKLM\..\Run: [hwzoz] C:\WINDOWS\hwzoz.exe
O4 - HKLM\..\Run: [upelsd] C:\WINDOWS\upelsd.exe
O4 - HKLM\..\Run: [fqj] C:\WINDOWS\fqj.exe
O4 - HKLM\..\Run: [efutiv] C:\WINDOWS\efutiv.exe
O4 - HKLM\..\Run: [gbabsd] C:\WINDOWS\gbabsd.exe
O4 - HKLM\..\Run: [gferkt] C:\WINDOWS\gferkt.exe
O4 - HKLM\..\Run: [elkr] C:\WINDOWS\elkr.exe
O4 - HKLM\..\Run: [ahyn] C:\WINDOWS\ahyn.exe
O4 - HKLM\..\Run: [qvex] C:\WINDOWS\qvex.exe
O4 - HKLM\..\Run: [oxeh] C:\WINDOWS\oxeh.exe
O4 - HKLM\..\Run: [qnyjefoh] C:\WINDOWS\qnyjefoh.exe
O4 - HKLM\..\Run: [epehavgz] C:\WINDOWS\epehavgz.exe
O4 - HKLM\..\Run: [hwdczgf] C:\WINDOWS\hwdczgf.exe
O4 - HKLM\..\Run: [hsx] C:\WINDOWS\hsx.exe
O4 - HKLM\..\Run: [angpwlwr] C:\WINDOWS\angpwlwr.exe
O4 - HKLM\..\Run: [vmryt] C:\WINDOWS\vmryt.exe
O4 - HKLM\..\Run: [apov] C:\WINDOWS\apov.exe
O4 - HKLM\..\Run: [nwjyt] C:\WINDOWS\nwjyt.exe
O4 - HKLM\..\Run: [szmraj] C:\WINDOWS\szmraj.exe
O4 - HKLM\..\Run: [ungd] C:\WINDOWS\ungd.exe
O4 - HKLM\..\Run: [gdkvyj] C:\WINDOWS\gdkvyj.exe
O4 - HKLM\..\Run: [ngdypmd] C:\WINDOWS\ngdypmd.exe
O4 - HKLM\..\Run: [mxijkbof] C:\WINDOWS\mxijkbof.exe
O4 - HKLM\..\Run: [gzqfwx] C:\WINDOWS\gzqfwx.exe
O4 - HKLM\..\Run: [nujeh] C:\WINDOWS\nujeh.exe
O4 - HKLM\..\Run: [nsbyrep] C:\WINDOWS\nsbyrep.exe
O4 - HKLM\..\Run: [ermrqx] C:\WINDOWS\ermrqx.exe
O4 - HKLM\..\Run: [mpsbivoj] C:\WINDOWS\mpsbivoj.exe
O4 - HKLM\..\Run: [zib] C:\WINDOWS\zib.exe
O4 - HKLM\..\Run: [bmjkr] C:\WINDOWS\bmjkr.exe
O4 - HKLM\..\Run: [kpahep] C:\WINDOWS\kpahep.exe
O4 - HKLM\..\Run: [klofypml] C:\WINDOWS\klofypml.exe
O4 - HKLM\..\Run: [rotqdwf] C:\WINDOWS\rotqdwf.exe
O4 - HKLM\..\Run: [xaxmvwz] C:\WINDOWS\xaxmvwz.exe
O4 - HKLM\..\Run: [pwr] C:\WINDOWS\pwr.exe
O4 - HKLM\..\Run: [psnyj] C:\WINDOWS\psnyj.exe
O4 - HKLM\..\Run: [sxmxoh] C:\WINDOWS\sxmxoh.exe
O4 - HKLM\..\Run: [ebszst] C:\WINDOWS\ebszst.exe
O4 - HKLM\..\Run: [ipshyn] C:\WINDOWS\ipshyn.exe
O4 - HKLM\..\Run: [ifofijsn] C:\WINDOWS\ifofijsn.exe
O4 - HKLM\..\Run: [ypwbipyp] C:\WINDOWS\ypwbipyp.exe
O4 - HKLM\..\Run: [fgdej] C:\WINDOWS\fgdej.exe
O4 - HKLM\..\Run: [GUS76B] C:\WINDOWS\byzrcqh.exe
O4 - HKLM\..\Run: [STOPzilla] "C:\Program Files\STOPzilla!\Stopzilla.exe" /autorun
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [-
] C:\WINDOWS\tylnnxa.exe
O4 - HKLM\..\Run: [Rvphwnf] C:\Program Files\Scrnel\Jinw.exe
O4 - HKLM\..\Run: [pk2xzo58] C:\Program Files\pk2xzo58\pk2xzo58.exe
O4 - HKLM\..\Run: [exp.exe] C:\WINDOWS\system32\exp.exe
O4 - HKLM\..\Run: [SystemCheck] C:\WINDOWS\SysCheckBop32
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\BullGuard\\bdmcon.exe
O4 - HKLM\..\Run: [BGNewsAgent] C:\Program Files\BullGuard\bgnewsag.exe
O4 - HKLM\..\Run: [MemoryBoost] "C:\Program Files\MemoryBoost\MemoryBoost.exe"
O4 - HKLM\..\Run: [winupdtl] C:\WINDOWS\system32\winupdt.exe
O4 - HKLM\..\Run: [PaciSoft] C:\WINDOWS\system32\pacis.exe
O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS\system32\wintask.exe
O4 - HKLM\..\Run: [PopMark] C:\WINDOWS\WinTask.exe
O4 - HKLM\..\Run: [sys11-1670093253] C:\WINDOWS\sys11-1670093253.exe
O4 - HKLM\..\Run: [mhwn] c:\windows\mhwn.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [tvin] C:\WINDOWS\system32\obtjecn\tvin.exe
O4 - HKLM\..\Run: [onyf] C:\WINDOWS\system32\dnvoyun\onyf.exe
O4 - HKLM\..\Run: [ttexpcf] C:\WINDOWS\system32\amwxi\ttexpcf.exe
O4 - HKLM\..\Run: [jsfbhlq] C:\WINDOWS\system32\rrsg\jsfbhlq.exe
O4 - HKLM\..\Run: [xbrc] C:\WINDOWS\system32\moxbvv\xbrc.exe
O4 - HKLM\..\Run: [rkhfn] C:\WINDOWS\system32\ublvwgd\rkhfn.exe
O4 - HKLM\..\Run: [oedt] C:\WINDOWS\system32\ybtw\oedt.exe
O4 - HKLM\..\Run: [sewp] C:\WINDOWS\system32\vuib\sewp.exe
O4 - HKLM\..\Run: [QOCODLL] C:\WINDOWS\QOCODLL.EXE
O4 - HKLM\..\Run: [TZWUENC] C:\WINDOWS\TZWUENC.EXE
O4 - HKLM\..\Run: [etbrun] C:\windows\system32\elitekyr32.exe
O4 - HKLM\..\Run: [fgaku] C:\WINDOWS\system32\dbpo\fgaku.exe
O4 - HKLM\..\Run: [cfgmgr51] RunDLL32.EXE C:\WINDOWS\cfgmgr51.dll,DllRun
O4 - HKLM\..\Run: [dkcyxktw] C:\WINDOWS\system32\wthkw\dkcyxktw.exe
O4 - HKLM\..\Run: [xpcekts] C:\WINDOWS\system32\ibjme\xpcekts.exe
O4 - HKLM\..\Run: [wahenk] C:\WINDOWS\system32\xvnnxxgn\wahenk.exe
O4 - HKLM\..\Run: [dmquiay] C:\WINDOWS\system32\pbsxdmh\dmquiay.exe
O4 - HKLM\..\Run: [fubtssgf] C:\WINDOWS\system32\wcsrumx\fubtssgf.exe
O4 - HKLM\..\Run: [cnkwbgc] C:\WINDOWS\system32\aqskr\cnkwbgc.exe
O4 - HKLM\..\Run: [anauelfd] C:\WINDOWS\system32\yxct\anauelfd.exe
O4 - HKLM\..\Run: [skyhn] C:\DOCUME~1\Owner\LOCALS~1\Temp\acuqrh.exe
O4 - HKLM\..\Run: [picsvr] C:\WINDOWS\system32\picsvr\picsvr.exe
O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\system32\rprnlk.exe
O4 - HKLM\..\Run: [BMan] C:\Documents and Settings\All Users\Application Data\msw\BMan1.exe
O4 - HKLM\..\Run: [wlywngkp] C:\WINDOWS\system32\qmdliw\wlywngkp.exe
O4 - HKLM\..\Run: [bjlhfl] C:\WINDOWS\system32\aihcfig\bjlhfl.exe
O4 - HKLM\..\Run: [sqgyu] C:\WINDOWS\system32\buqgpnie\sqgyu.exe
O4 - HKLM\..\Run: [rpislxg] C:\WINDOWS\system32\xuqow\rpislxg.exe
O4 - HKLM\..\Run: [onnybb] C:\WINDOWS\system32\daydwg\onnybb.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pueyxim] C:\WINDOWS\system32\jnvkg\pueyxim.exe
O4 - HKLM\..\Run: [ws5T35Q] npwca.exe
O4 - HKLM\..\Run: [pyflq] C:\WINDOWS\system32\wfojtjuy\pyflq.exe
O4 - HKLM\..\Run: [wyuvy] C:\WINDOWS\system32\qeocnij\wyuvy.exe
O4 - HKLM\..\Run: [gsmjyiv] C:\WINDOWS\system32\kqxub\gsmjyiv.exe
O4 - HKLM\..\Run: [sbwxkxck] C:\WINDOWS\system32\rlcng\sbwxkxck.exe
O4 - HKLM\..\Run: [nyeygk] C:\WINDOWS\system32\qtirf\nyeygk.exe
O4 - HKLM\..\Run: [fmgwirh] C:\WINDOWS\system32\wkrk\fmgwirh.exe
O4 - HKLM\..\Run: [jsob] C:\WINDOWS\system32\pyryxjar\jsob.exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKLM\..\RunServices: [scvhost.exe] scvhost.exe
O4 - HKLM\..\RunServices: [Microsoft Update] Microsoft.exe
O4 - HKLM\..\RunServices: [LSASS Authority] lshosts32.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [CaseyVideo[1]] C:\Windows\CaseyVideo[1].exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Notn] C:\Documents and Settings\Owner\Application Data\wtta.exe
O4 - HKCU\..\Run: [Xjnnhc] C:\WINDOWS\system32\?ervices.exe
O4 - HKCU\..\Run: [PC_CLEAN] C:\Program Files\PC Cleaner\trayicon.exe
O4 - HKCU\..\Run: [hBu3RRc8i] spdsmgr.exe
O4 - Startup: Outlook Express Monitor.lnk = C:\Program Files\Open Field Software\ELLA for Microsoft Outlook\Launcher.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.hta (file missing)
O9 - Extra 'Tools' menuitem: &Toolbar Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.hta (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_30.dll' missing
O16 - DPF: {0878B424-1F95-4E26-B5AB-F0D349D89650} - http://download.barg..._MEDIAWHIZ3.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup.../bridge-c18.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.co...etup1.0.0.8.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {5F3B3060-09E0-44C6-86F7-BC7B02B57BEE} (Installer Class) - http://downloads.sho...odspeed1003.cab
O16 - DPF: {78AB15BF-0C99-4E52-87C9-5201394749EF} - http://install.mycle...mycleanerpc.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B4831DED-3A57-4CC6-9E4B-0E7C5B08DBF4} - http://www.alwaysupd...ll/aun_0015.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {C0B285F6-DB2B-4908-9C58-F6D95397D747} - http://www.pacimedia...ll/pcs_0008.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.game...aploader_v6.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: BullGuard Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\BullGuard\BullGuard Scan Server\bdss.exe" /service (file missing)
O23 - Service: fgxllosreab - Unknown owner - C:\WINDOWS\system32\losreab\fgxl.exe
O23 - Service: fubtssgfwcsrumx - Unknown owner - C:\WINDOWS\system32\wcsrumx\fubtssgf.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: oedtybtw - Unknown owner - C:\WINDOWS\system32\ybtw\oedt.exe
O23 - Service: onyfdnvoyun - Unknown owner - C:\WINDOWS\system32\dnvoyun\onyf.exe
O23 - Service: pyflqwfojtjuy - Unknown owner - C:\WINDOWS\system32\wfojtjuy\pyflq.exe
O23 - Service: rkhfnublvwgd - Unknown owner - C:\WINDOWS\system32\ublvwgd\rkhfn.exe
O23 - Service: sewpvuib - Unknown owner - C:\WINDOWS\system32\vuib\sewp.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)
O23 - Service: ttexpcfamwxi - Unknown owner - C:\WINDOWS\system32\amwxi\ttexpcf.exe
O23 - Service: BullGuard Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BullGuard\vsserv.exe" /service (file missing)
O23 - Service: wyuvyqeocnij - Unknown owner - C:\WINDOWS\system32\qeocnij\wyuvy.exe
O23 - Service: BullGuard Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\BullGuard\BullGuard Communicator\xcommsvr.exe" /service (file missing)
  • 0

Advertisements


#2
Guest_usetobe_*

Guest_usetobe_*
  • Guest
Hi Movie,

Welcome to Geeks 2 Go.

Having looked at your log, i don't think i have seen one so full in quite some time.

It will take a while to formulate my reply for you, so bear with me. This is going to be a long job, so get a flask of coffee, sandwiches and a sleeping bag. :tazz: ;)

I'll be back soon

Regards,

Usetobe
  • 0

#3
Guest_usetobe_*

Guest_usetobe_*
  • Guest
Hi movie,

I will post what we need to do in stages, so as not to overwhelm you.

Firstly, Create a new folder on your C Drive (for example C\HJT) Put your HJT program in that folder and run it from at folder. That way it can create backups if required.

Open up ADD/REMOVE programs in Controlpanel.

If any of the following are present, remove them

Newdotnet
Wintools
Bargain Buddy


1. Please download LSPFix from here.
2. Run the LSPFix.exe that you have just finished downloading.
3. Check the I know what I'm doing box.
4. In the Keep box you may see one or more instances of newdotnet6_30.dll.
5. Select every instance of newdotnet6_30.dll and move each one to the Remove box by clicking the >> button.
6. When you are done click Finish>>.

Carry out a free online virus scan from the following link and allow it to fix anything it may find.

Trend housecall

and another free online virus scan from Panda

Panda Active Scan

Next please download the following two programs. Install them and update them both. Then run each one and have them fix anything that they may find.

Spybot Search and Destroy 1.3

Ad-aware S E 1.5


Rescan with HJT and post a new log back in this thread.
  • 0

#4
Guest_usetobe_*

Guest_usetobe_*
  • Guest
no response, topic closed
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP