Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Aurora, Wupdt, Nail, and other crap


  • Please log in to reply

#1
irhxcbcziuzxs

irhxcbcziuzxs

    New Member

  • Member
  • Pip
  • 5 posts
I think im slightly prepared for this.. so here it goes
The problems I am having are at the bottom of this page.. thank you.

First is my ewido reports

---------------------------------------------------------
ewido security suite - Startup report
---------------------------------------------------------

+ Created on: 1:52:33 AM, 5/1/2005
+ Report-Checksum: 6461D96D

Reg\HKLM\Run LVCOMS C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
Reg\HKLM\Run NvMixerTray "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
Reg\HKLM\Run QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
Reg\HKLM\Run TkBellExe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
Reg\HKLM\Run ATIPTA C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
Reg\HKCU\Run Yahoo! Pager C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
Reg\HKCU\Run MSMSGS "C:\Program Files\Messenger\msmsgs.exe" /background
Reg\HKCU\Run msnmsgr "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
Reg\HKCU\Run Steam "c:\program files\valve\steam\steam.exe" -silent
Reg\HKCU\Run areslite "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
Reg\HKCU\Run STYLEXP C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
Reg\HKCU\Run PSwitch C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe
Reg\HKCU\Run AIM C:\Program Files\AIM\aim.exe -cnetwait.odl
Reg\HKCU\Run LDM \Program\BackWeb-8876480.exe
Shell\CommonStartup Adobe Gamma Loader.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
Shell\CommonStartup Logitech Desktop Messenger.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
Shell\CommonStartup Photo Loader supervisory.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Photo Loader supervisory.lnk
Shell\UserStartup PowerReg Scheduler.exe C:\Documents and Settings\Jordan\Start Menu\Programs\Startup\PowerReg Scheduler.exe

---------------------------------------------------------
ewido security suite - Process report
---------------------------------------------------------

+ Created on: 1:52:58 AM, 5/1/2005
+ Report-Checksum: 7DA1514A

0: System Process
4: System Process
268: C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
280: \SystemRoot\System32\smss.exe
332: \??\C:\WINDOWS\system32\csrss.exe
356: \??\C:\WINDOWS\system32\winlogon.exe
472: C:\WINDOWS\system32\wscntfy.exe
492: C:\WINDOWS\system32\Ati2evxx.exe
600: C:\WINDOWS\Explorer.EXE
624: C:\WINDOWS\system32\services.exe
636: C:\WINDOWS\system32\lsass.exe
876: C:\WINDOWS\system32\Ati2evxx.exe
888: C:\WINDOWS\system32\svchost.exe
960: C:\WINDOWS\system32\svchost.exe
1052: C:\WINDOWS\System32\svchost.exe
1088: C:\WINDOWS\system32\wscntfy.exe
1096: C:\WINDOWS\System32\svchost.exe
1104: C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
1128: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
1136: C:\Program Files\QuickTime\qttask.exe
1144: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
1160: C:\WINDOWS\System32\svchost.exe
1204: C:\Program Files\Messenger\msmsgs.exe
1212: C:\program files\valve\steam\steam.exe
1244: C:\Program Files\MSN Messenger\msnmsgr.exe
1276: C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe
1296: C:\Program Files\AIM\aim.exe
1440: C:\WINDOWS\system32\spoolsv.exe
1588: C:\Program Files\ewido\security suite\ewidoctrl.exe
1684: C:\WINDOWS\System32\svchost.exe
1692: C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
1728: C:\Program Files\CASIO\Photo Loader\Plauto.exe
1996: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
2004: C:\WINDOWS\System32\alg.exe
2080: \??\C:\WINDOWS\system32\csrss.exe
2196: C:\WINDOWS\system32\Ati2evxx.exe
2204: C:\WINDOWS\Explorer.EXE
2296: C:\Program Files\QuickTime\qttask.exe
2316: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
2332: C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
2372: C:\WINDOWS\System32\svchost.exe
2520: C:\Program Files\CASIO\Photo Loader\Plauto.exe
2532: C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
3964: C:\WINDOWS\system32\NOTEPAD.EXE
4052: \??\C:\WINDOWS\system32\winlogon.exe
4092: C:\Program Files\ewido\security suite\SecuritySuite.exe

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 11:46:47 PM, 4/30/2005
+ Report-Checksum: 75CB6AE0

+ Date of database: 4/30/2005
+ Version of scan engine: v3.0

+ Duration: 115 min
+ Scanned Files: 259853
+ Speed: 37.40 Files/Second
+ Infected files: 30
+ Removed files: 29
+ Files put in quarantine: 29
+ Files that could not be opened: 0
+ Files that could not be cleaned: 1

+ Binder: Yes
+ Crypter: Yes
+ Archives: Yes

+ Scanned items:
C:\
F:\

+ Scan result:
C:\Documents and Settings\Janice\Cookies\janice@adknowledge[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@advertising[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@atdmt[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@ehg-stampsdotcom.hitbox[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@fastclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@geocities[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@hitbox[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@realmedia[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@servedby.advertising[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@targetnet[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@tribalfusion[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Cookies\janice@z1.adserver[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Janice\Desktop\backups\backup-20050430-120958-578.dll -> Spyware.ImiBar.d -> Cleaned with backup
C:\Documents and Settings\Janice\Desktop\backups\backup-20050430-120958-825.dll -> Spyware.DlMax.a -> Cleaned with backup
C:\Documents and Settings\Janice\Desktop\backups\backup-20050430-124330-361.dll -> Spyware.DlMax.a -> Cleaned with backup
C:\Documents and Settings\Janice\Local Settings\Temp\DrTemp\farmmext.exe -> Spyware.ConsCorr -> Cleaned with backup
C:\Documents and Settings\Janice\Local Settings\Temp\THI2CA.tmp\dlmax.dll -> Spyware.DlMax.a -> Cleaned with backup
C:\Documents and Settings\Jordan\Cookies\jordan@atdmt[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jordan\Cookies\jordan@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jordan\Cookies\jordan@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jordan\Local Settings\Temp\THI1962.tmp\farmmext.exe -> Spyware.ConsCorr -> Cleaned with backup
C:\Documents and Settings\Jordan\Local Settings\Temp\THI607E.tmp\dlmax.dll -> Spyware.DlMax.a -> Cleaned with backup
C:\Documents and Settings\Jordan\Local Settings\Temporary Internet Files\Content.IE5\CLI9KH05\Bolger[1].dll -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\Bolger.dll -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\systb.exe -> Trojan.Imiserv.c -> Cleaned with backup
C:\WINDOWS\system32\udlglanx.exe -> Trojan.Agent.ay -> Cleaned with backup
C:\WINDOWS\uxdukbdyqp.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\wupdsnff.exe -> Spyware.BetterInternet -> Cleaned with backup
F:\Checked 8\Final_Draft_v7.0.0.43_Cracked_by_BLiZZARD.zip/crack.exe -> TrojanDownloader.IstBar.er -> Error during cleaning


::Report End

-----------------------------------------------------------------------------------------

Then i did a hijack post...

---------------------------------------------------------
HijackThis - Log
---------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 3:55:41 PM, on 5/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\CASIO\Photo Loader\Plauto.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 134.159.124.202:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll (file missing)
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [NvMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [PSwitch] C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Photo Loader supervisory.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

-----------------------------------------------------------------------------------------

Then i did a Spybot S&D

---------------------------------------------------------
Spybot S&D - Log
---------------------------------------------------------

LinkSynergy: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


Advertising.com: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


Advertising.com: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


Avenue A, Inc.: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


ClickAgents: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


DoubleClick: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


IE Plugin: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{E4458B4A-6149-4450-84F2-864ADB7E8C52}

IE Plugin: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{D36F70B1-7DF5-4FD4-A765-70CCC8F72CD7}

IE Plugin: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{1C896551-8B92-4907-8C06-15DB2D1F874A}

IE Plugin: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{E2BF1BF3-1FDB-4C93-8874-0B09E71C594C}

IE Plugin: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{F3155057-4C2C-4078-8576-50486693FD49}

IE Plugin: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{98B2DDBA-6DA2-4421-AF2B-814E98F53649}

IE Plugin: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{7371AD3F-C419-4DC0-8E8A-E21FAFAD53E0}

IE Plugin: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{6A288140-3E1C-4CD9-AAC5-E20FDD4F5D64}

IE Plugin: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{220959EA-B54C-4201-8DF2-1CFAC8B59FD7}

IE Plugin: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\IMIToolbar.PopupWindow.1

IE Plugin: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\IMIToolbar.PopupWindow

IE Plugin: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\IMIToolbar.PopupBrowser.1

IE Plugin: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\IMIToolbar.PopupBrowser

IE Plugin: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\IMIToolbar.LeftFrame.1

IE Plugin: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\IMIToolbar.LeftFrame

IE Plugin: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\IMIToolbar.BottomFrame.1

IE Plugin: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\IMIToolbar.BottomFrame

ISTbar.Slotch: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


MediaPlex: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


Possible extension hijack: Default registry file handler (Registry change, nothing done)
HKEY_CLASSES_ROOT\regfile\shell\open\command\!=regedit.exe "%1"

TargetNet: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


ValueClick: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


WebTrends live: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)


WebTrends live: Tracking cookie (Internet Explorer: Jordan) (Cookie, nothing done)



--- Spybot - Search && Destroy version: 1.3 ---
2004-05-12 Includes\Cookies.sbi
2004-05-12 Includes\Dialer.sbi
2004-05-12 Includes\Hijackers.sbi
2004-05-12 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-05-12 Includes\Malware.sbi
2003-03-16 Includes\plugin-ignore.ini
2004-05-12 Includes\Revision.sbi
2004-05-12 Includes\Security.sbi
2004-05-12 Includes\Spybots.sbi
2003-03-16 Includes\Temporary.sbi
2004-05-12 Includes\Tracks.uti
2004-05-12 Includes\Trojans.sbi

----------------------------------------------------------------------------------------

I have used Killbox, Ewido, HijackThis, and some online virus programs that stop halfway through, and dont finish. I have gotten rid of nail.exe, wupdt.exe, and some other crap, i think...but somewhere in the process of this, my sound no longer works and get beeps, i thought maybe my nForce soundcard drivers got deleted, so i re-installed, still didnt work.. Everything is fine, in device manager as well. I also have Aurora still.. and i dont know how to get rid of it.. so if someone could help me.. i would appreciate it.. thanks!

also this shows up almost everytime i do Spybot

Possible extension hijack: Default registry file handler (Registry change, nothing done)
HKEY_CLASSES_ROOT\regfile\shell\open\command\!=regedit.exe "%1"


EDIT: Would also like to add

A command program runs everytime i start windows. It comes up as kypmjss.exe quickly then dissappears. Anyone know what this is?

Edited by irhxcbcziuzxs, 02 May 2005 - 09:00 PM.

  • 0

Advertisements


#2
irhxcbcziuzxs

irhxcbcziuzxs

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
but how long does it take for a post to be replied to, you guys help out great, but i need to have it resolves rather quickly, due to some work situations, if there is another place i could ask for help too? otherwise, just wondering how long the wait usually is.
  • 0

#3
irhxcbcziuzxs

irhxcbcziuzxs

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
A command program runs everytime i start windows. It comes up as kypmjss.exe quickly then dissappears. Anyone know what this is?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP