Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

lost and confused


  • This topic is locked This topic is locked

#1
playdan1

playdan1

    New Member

  • Member
  • Pip
  • 2 posts
Hi all,
I've done the pre-post reqs. Downloaded and ran everything I could except AVG. I already had it installed on my pc, but all of a sudden I can't access the control center. It says access denied. I tried uninstalling it, same thing. I downloaded the program again and tried installing it hoping it would overwrite the previous version, same thing, denied. I have the free version! My AVG antispy works though.

When I run ad-aware, spybot s and d, rogue remover, panda, and superantispyware they all work and find things and quarantine or delete them (or both), but when i reboot and run them again, everything is back.

When I try to shut down, a box pops up saying explorer.exe is not responding and i click end now. If that doesn't show up, then it will be iexplore.exe. They switch back and forth.

When I start my pc, I have to do it three times. The first two, my background image comes up but nothing else. No task bar, no desktop icons. The pc just freezes, but the third time works. Also when I go to search engines and click on links after performing a search, i have to click a link 3 times before what I want pulls up. The first two open a window that brings me to some random for-profit site like local roofing companies, or car sales, etc. The third time I click, it takes me to where I want to go.

I am so lost as to what to do! My pc worked fine 5 days ago, now i'm ready to throw it away, but I can't afford to do that! Thank you all so much!

Here is my hijackthis.log file followed by ones from Superantispyware and panda active.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:40:48 PM, on 2/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\PhoTags Express\Photags AutoDetect.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Photags AutoDetect.lnk = C:\Program Files\PhoTags Express\Photags AutoDetect.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://help.bellsout...oad/tgctlcm.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=58813
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://netscape.musi...ad/mnviewer.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} - https://pbells.broad...aller_4-0-0.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective....torLauncher.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx...owserPlugin.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/.../GrooveAX27.cab
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.gamehouse...bugs/axhost.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://pbells.broad...flowActiveX.CAB
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineco...loadcontrol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn...ro.cab34246.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer....l/installer.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/...ploader_v10.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by24fd.bay24....ex/HMAtchmt.ocx
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McciCMService - Unknown owner - C:\Program Files\Common Files\Motive\McciCMService.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 10083 bytes

here's the panda online scan file:

Incident Status Location

Virus:Trj/Downloader.SHL Disinfected Operating system
Potentially unwanted tool:Application/ViewPoint Not disinfected C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
Virus:Generic Malware Disinfected C:\Documents and Settings\Administrator\Application Data\Macromedia\Shockwave Player\xtras\download\TheGrooveAlliance\3DGrooveXtrav181\Groove.x32
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt
Virus:Trj/Downloader.MDW Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\8BV3AGX1\popcaploader_v10[1].cab[PopCapLoader.dll]
Adware:Adware/VideoAddon Not disinfected C:\Documents and Settings\All Users\Application Data\SecTaskMan\1202706364.dll.q_96B3200_q
Virus:Trj/Downloader.SHL Disinfected C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
Virus:Trj/Downloader.SHL Disinfected C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
Virus:Trj/Downloader.SHL Disinfected C:\Program Files\BellSouth\HelpCenter40b\bin\sprtcmd.exe
Virus:Trj/Downloader.SHL Disinfected C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
Virus:Trj/Downloader.SHL Disinfected C:\Program Files\Grisoft\AVG7\avgcc.exe
Virus:Trj/Downloader.SHL Disinfected C:\Program Files\iTunes\iTunesHelper.exe
Virus:Trj/Downloader.SHL Disinfected C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
Adware:Adware/VideoAddon Not disinfected C:\Program Files\NetProject\uninst.exe
Adware:Adware/VideoAddon Not disinfected C:\Program Files\NetProject\wamdl.dll
Virus:Trj/Downloader.SHL Disinfected C:\Program Files\QuickTime\qttask.exe
Virus:Trj/Downloader.SHL Disinfected C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Virus:Trj/Downloader.MDW Disinfected C:\WINDOWS\Downloaded Program Files\popcaploader.dll
Potentially unwanted tool:Application/ViewPoint Not disinfected C:\WINDOWS\Temp\0\Private\Vendor\ProgFiles\ViewBarBHO.dll

here's the SuperAntiSpyware file:
SUPERAntiSpyware Scan Log
Generated 02/13/2008 at 08:05 PM

Application Version : 3.6.1000

Core Rules Database Version : 3401
Trace Rules Database Version: 1393

Scan type : Complete Scan
Total Scan Time : 01:33:56

Memory items scanned : 323
Memory threats detected : 0
Registry items scanned : 5681
Registry threats detected : 34
File items scanned : 52281
File threats detected : 43

Trojan.Smitfraud Variant
HKLM\Software\Classes\CLSID\{747e1fbe-b70f-441d-bbca-6e536c04924a}
HKCR\CLSID\{747E1FBE-B70F-441D-BBCA-6E536C04924A}
HKCR\CLSID\{747E1FBE-B70F-441D-BBCA-6E536C04924A}\InProcServer32
HKCR\CLSID\{747E1FBE-B70F-441D-BBCA-6E536C04924A}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\WUUAWKZ.DLL

Neopets Toolbar
HKLM\Software\Classes\CLSID\{CD292324-974F-4224-D074-CACA427AA030}
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}\InprocServer32
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}\InprocServer32#ThreadingModel
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}\ProgID
C:\PROGRA~1\NEOPETS\TOOLBAR\TOOLBAR.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD292324-974F-4224-D074-CACA427AA030}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{CD292324-974F-4224-D074-CACA427AA030}
HKCR\Toolbar.Neopets
HKCR\Toolbar.Neopets\Clsid
HKU\S-1-5-21-1844237615-436374069-839522115-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{CD292324-974F-4224-D074-CACA427AA030}

Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt

Adware.180solutions/ZangoSearch
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#.Owner
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#{DECEAAA2-370A-49BB-9362-68C3A58DDC62}

Trojan.Security Toolbar
C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url
C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url

Trojan.DNSChanger-Codec
HKCR\CLSID\E404.e404mgr
HKCR\CLSID\E404.e404mgr#UserId

Rogue.VirusHeat
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\bNdpEiRcmjIso
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\cpzublcDfbOfS
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\epezsgIOXs
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\InprocServer32
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\InprocServer32#ThreadingModel
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\IwpMamhjc
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\jkygylhamAnro
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\lxYoM
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\ProgID
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\Programmable
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\TypeLib
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\VersionIndependentProgID
HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\vXjFb
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\BR375.EXE

Browser Hijacker.Favorites
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\FAVORITES\ONLINE SECURITY TEST.URL

Adware.180solutions/Search Assistant
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\ICD1.TMP\SAIX.DLL

Trojan.Unknown Origin
C:\PROGRAM FILES\NETPROJECT\OT.ICO
C:\PROGRAM FILES\NETPROJECT\TS.ICO

Trojan.Media-Codec/V5
C:\PROGRAM FILES\NETPROJECT\SBMDL.DLL
C:\PROGRAM FILES\NETPROJECT\SBMNTR.EXE
C:\PROGRAM FILES\NETPROJECT\SBUN.EXE
C:\PROGRAM FILES\NETPROJECT\SCM.EXE
C:\PROGRAM FILES\NETPROJECT\SCU.EXE
C:\PROGRAM FILES\NETPROJECT\WAUN.EXE
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there and sorry for the delay in getting to you..

Could you let me know what your current situation is with start up and shutdown. And then run this analysis programme

Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

  • 0

#3
playdan1

playdan1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Thanks for the reply. It seems to be fixed now.
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK if you are sure you are happy - closing the thread
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP