Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can't get rid of 'absearch4u'

Started by miquem , May 18 2005 12:41 AM

  • Please log in to reply

#1
miquem
Posted 18 May 2005 - 12:41 AM

miquem

    New Member

  • Member
  • Pip
  • 1 posts
Can somebody help me please to get rid of a self-installing start-page 'abcsearch.com'?



Hijack-this-log:

Logfile of HijackThis v1.99.1
Scan saved at 8:25:27, on 18-5-2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
E:\Program Files Beveiliging\AntiVir\AVWUPSRV.EXE
G:\WINDOWS\system32\crypserv.exe
G:\WINDOWS\system32\ZoneLabs\vsmon.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
G:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
G:\WINDOWS\System32\P2P Networking\P2P Networking.exe
G:\Program Files\Logitech\iTouch\iTouch.exe
E:\Program Files Beveiliging\AntiVir\AVSched32.EXE
G:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\ProgramFiles\ZoneAlarm\zlclient.exe
E:\Program Files Beveiliging\AntiVir\AVGNT.EXE
E:\PROGRA~1\DESKTO~1\ADC.exe
G:\windows\cvdqurd.exe
E:\ProgramFiles\Common\Bin\WinCinemaMgr.exe
G:\WINDOWS\System32\wuauclt.exe
E:\Program Files Beveiliging\AntiVir\AVGUARD.EXE
G:\Program Files\Internet Explorer\iexplore.exe
G:\WINDOWS\explorer.exe
G:\PROGRA~1\WINZIP\winzip32.exe
G:\Documents and Settings\Mieke\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://abcsearch4u.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://abcsearch4u.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://abcsearch4u.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://abcsearch4u.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://abcsearch4u.com/index.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 80.61.253.180
O2 - BHO: AzEntretien Class - {0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} - %SystemRoot%\azentretien.dll (file missing)
O2 - BHO: BHOMoneyGainer Class - {2559D0B1-AF60-4BD5-965D-0E51383A6367} - G:\WINDOWS\shginas.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~3\SPYBOT~1\SDHelper.dll
O2 - BHO: ZToolbar Activator Class - {da7ff3f8-08be-4cac-bc00-94d91c6ae7f4} - G:\WINDOWS\System32\azesearch3.ocx (file missing)
O3 - Toolbar: AZE Search - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - G:\WINDOWS\System32\azesearch3.ocx (file missing)
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "G:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [EM_EXEC] G:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [P2P Networking] G:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVSCHED32] E:\Program Files Beveiliging\AntiVir\AVSched32.EXE /min
O4 - HKLM\..\Run: [TkBellExe] "G:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] E:\ProgramFiles\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NeroCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVGCtrl] E:\Program Files Beveiliging\AntiVir\AVGNT.EXE /min
O4 - HKCU\..\Run: [Active Desktop Calendar] E:\PROGRA~1\DESKTO~1\ADC.exe
O4 - HKCU\..\Run: [cldqcdu] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [tepsdbq] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [roirgnw] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [punlxcm] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [lqxhihy] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [bdngspb] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [nibwwee] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [nvwufnt] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [cvxfcdi] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [siykrjq] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [ldxlcsl] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [wjubxol] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [iipcfsc] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [nvuklxf] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [fownkdw] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [bcoxonn] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [tdkqriy] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [jfjgrwl] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [lrrcsrs] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [ueipojv] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [vgrjgme] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [rpdkrbh] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [labsvaa] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [opcyqtl] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [gwtbpdd] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [wdyqtpm] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [kxogwfr] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [bikllmg] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [hprscyt] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [ruupwjt] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [xtnlrgm] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [nkqusky] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [knjdamb] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [uatnuvt] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [lydujau] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [iersyug] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [qminbgh] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [clyxvqv] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [ohaynmr] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [jnwmumm] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [xgtkryv] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [gkqgyid] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [tcpuybu] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [iafqiat] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [sslxtvc] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [bauqpxi] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [niuswli] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [mcuuqvs] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [hepavrn] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [xjkprav] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [aaypmfw] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [sgkgkps] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [edyqpak] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [gqfqlsp] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [hcvjjto] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [jhuqxel] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [qcrvhja] g:\windows\cvdqurd.exe
O4 - HKCU\..\Run: [jgpvrbt] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [eehcenn] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [fmvvgfv] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [wqedtco] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [hwdgtqg] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [exfwihh] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [rnttkkr] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [neaiiyc] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [ymgpeko] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [gqmpofi] g:\windows\hfdodma.exe
O4 - HKCU\..\Run: [nftvpup] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [kvvbtwm] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [jkgbqfc] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [wbalasf] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [wuqcdty] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [xhfmoui] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [unngogc] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [fbntnop] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [rxifbwe] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [yfmxrid] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [rbxaxdp] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [hpkhynw] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [xfxxbes] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [ggpdmhb] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [fswkjqi] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [bbkkhti] g:\windows\wrsmdam.exe
O4 - HKCU\..\Run: [tnwvshu] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [cubdwqw] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [goppbaq] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [xyqbvrj] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [fdegfbo] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [adjqjjn] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [rfqsliq] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [msachch] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [xkelrxa] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [njjripm] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [awmrrcf] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [swxdkvg] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [pdkocyy] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [msswyio] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [hcuodth] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [cevkqgk] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [tcsvhxu] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [ikynifw] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [wbbpuyl] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [ligenea] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [mnhrvbo] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [kqrkwkk] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [yesdlvc] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [jospjop] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [wrxpqhh] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [tkxqhts] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [enomwop] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [eaiwcuc] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [dbjcrvb] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [asyuajo] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [kgrbvrp] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [gapaqha] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [tbepppg] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [shxtcxw] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [mbtcpsa] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [etxpaqr] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [sfdkomr] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [josprga] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [tngrukk] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [wooepkm] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [vvlssyx] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [ungpaot] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [yrptwib] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [xjwueiw] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [nhvkdni] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [ebtesgw] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [rkjacfe] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [pfrfisu] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [nmtbfyg] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [jettuvy] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [fsmrwje] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [dpeojfq] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [pipxrbj] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [vsltgxu] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [enhqsfr] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [ybfovtn] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [fdwubss] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [krvqrel] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [gsakurx] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [rirgjmp] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [cdkbjsw] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [oquobco] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [twowtqt] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [qeladub] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [etkjwwi] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [qdmqigm] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [nmejghy] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [rkpnvcj] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [ahxxvrk] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [dgipgul] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [lpdorri] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [qqttdyo] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [qcsecpr] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [oahyvys] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [cdilxey] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [jpbrmti] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [idtwqpc] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [crcvjkx] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [pgfgapj] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [dpnltae] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [yndxqna] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [gjjvtpc] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [gycisgs] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [iwgfxxr] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [btkjwpr] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [qlvcnlw] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [dmidmqy] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [jfjbupr] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [fjrikvd] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [oumfepv] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [wqlfunc] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [fcnbsum] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [acaylkm] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [tpvcewm] g:\windows\jgsurvi.exe
O4 - HKCU\..\Run: [clvikta] g:\windows\mjbiney.exe
O4 - HKCU\..\Run: [syoijso] g:\windows\mjbiney.exe
O4 - HKCU\..\Run: [ilgclif] g:\windows\mjbiney.exe
O4 - HKCU\..\Run: [qmrmqtl] g:\windows\mjbiney.exe
O4 - HKCU\..\Run: [neoqgor] g:\windows\mjbiney.exe
O4 - HKCU\..\Run: [bbjboux] g:\windows\mjbiney.exe
O4 - HKCU\..\Run: [dstkqyd] g:\windows\mjbiney.exe
O4 - HKCU\..\Run: [apnyxkb] g:\windows\mjbiney.exe
O4 - HKCU\..\Run: [nogxkyb] g:\windows\mjbiney.exe
O4 - HKCU\..\Run: [dchetfs] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [dtoctvq] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [ckbvcod] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [prbiarh] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [kdnhebg] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [mgarand] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [xdtdkon] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [farifma] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [iawqhlm] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [gfldjvq] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [yhekqum] g:\windows\yqpgojj.exe
O4 - HKCU\..\Run: [lrbvgrh] g:\windows\yrycxsq.exe
O4 - HKCU\..\Run: [feuedup] g:\windows\yrycxsq.exe
O4 - HKCU\..\Run: [kohirpx] g:\windows\yrycxsq.exe
O4 - HKCU\..\Run: [joqykhx] g:\windows\yrycxsq.exe
O4 - HKCU\..\Run: [dtjsrgv] g:\windows\yrycxsq.exe
O4 - HKCU\..\Run: [xycmmsw] g:\windows\vfnoyrs.exe
O4 - HKCU\..\Run: [ilvenpf] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [ndqatpp] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [geernsh] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [ecnixxw] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [mlfjhjc] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [vsejagq] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [swtkicy] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [mdvkwfn] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [wddrryh] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [jrqtwqw] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [ocufnfq] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [yqcrmtg] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [jtfvqdd] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [uxkymtq] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [guksqew] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [rkvboxt] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [ygfyfpj] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [ldmsurq] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [mhlmwxj] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [suhmxrn] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [xcvrvtv] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [htlfsvj] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [luxmkgs] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [nyarntc] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [bikxnxf] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [hwallsw] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [wovmpnh] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [cpojojy] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [ukpyxyp] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [nbstpup] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [hvypcyr] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [dyfuuhj] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [ofagtlh] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [kktcjpw] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [fpfocgn] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [gupcsus] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [uyymunm] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [rokrrqs] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [htshlre] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [bhluoon] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [eeeicvu] g:\windows\lrhojyg.exe
O4 - HKCU\..\Run: [vqgjgtt] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [gscjrrf] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [trumqsw] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [lisuktq] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [jgxvqmv] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [jnxjocl] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [qjymmqs] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [gqwdmxo] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [dpjicfq] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [bdeblee] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [cqfmygi] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [nmgtigf] g:\windows\illsisf.exe
O4 - HKCU\..\Run: [cylvigq] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [pijvsxi] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [ncsrlbv] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [trnxvya] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [pmeklfb] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [kblsxoh] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [yxoksus] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [oqkdpde] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [jkbnxjq] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [kjhjifb] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [lwqtigb] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [dlcghuk] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [bciywgc] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [hjodanh] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [dnladvx] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [piqrrib] g:\windows\mrfhmge.exe
O4 - HKCU\..\Run: [pltgoye] g:\windows\wxembel.exe
O4 - HKCU\..\Run: [vtfgkaa] g:\windows\wxembel.exe
O4 - HKCU\..\Run: [wvsseyl] g:\windows\wxembel.exe
O4 - HKCU\..\Run: [wdsonxu] g:\windows\wxembel.exe
O4 - HKCU\..\Run: [tflkqux] g:\windows\wxembel.exe
O4 - HKCU\..\Run: [dtboues] g:\windows\wxembel.exe
O4 - HKCU\..\Run: [vixrrvx] g:\windows\yysgiaf.exe
O4 - HKCU\..\Run: [qubgsxn] g:\windows\yysgiaf.exe
O4 - HKCU\..\Run: [csjswex] g:\windows\yysgiaf.exe
O4 - HKCU\..\Run: [fmfdwas] g:\windows\yysgiaf.exe
O4 - HKCU\..\Run: [geakgrh] g:\windows\yysgiaf.exe
O4 - HKCU\..\Run: [grxfsux] g:\windows\yysgiaf.exe
O4 - HKCU\..\Run: [cmthewy] g:\windows\yysgiaf.exe
O4 - HKCU\..\Run: [dhulljt] g:\windows\yysgiaf.exe
O4 - HKCU\..\Run: [ylbhvmb] g:\windows\sgrihgc.exe
O4 - HKCU\..\Run: [japkhtk] g:\windows\sgrihgc.exe
O4 - HKCU\..\Run: [dqrjarb] g:\windows\sgrihgc.exe
O4 - HKCU\..\Run: [tauruyk] g:\windows\sgrihgc.exe
O4 - HKCU\..\Run: [fbsuuxd] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [cmyprly] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [hinoqlq] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [qypiqnb] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [gjdsqvl] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [pxtosyt] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [hfappei] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [vuveygl] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [tvlbhae] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [hmbgvxa] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [nhulxrf] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [tlxhkol] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [wrbovgy] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [wgkvtri] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [jjoqpwb] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [ixcuipt] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [nhkhbym] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [eprjeqp] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [gdotemm] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [dyyhcea] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [escdung] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [jxavgsg] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [oowldlh] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [hipoaiw] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [mdfcwta] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [btechtf] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [hongqin] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [aiuxwue] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [deibqjx] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [snrrmwg] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [nesnmvs] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [fhbusic] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [gkwssks] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [muayqcc] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [ldcqhec] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [jwbvlfm] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [iveqqpv] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [ttsvsps] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [titnrnp] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [crpupsy] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [tjqaqyr] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [dsrvrij] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [odqwrmj] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [xmylxlc] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [rbgtgbt] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [qjidcfx] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [vyndmmr] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [vwyqgwl] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [mpfkama] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [wktdvvy] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [iqhedgh] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [cohcxtf] g:\windows\wrxmwru.exe
O4 - HKCU\..\Run: [npyqjuq] g:\windows\gjmhkla.exe
O4 - HKCU\..\Run: [qwgddfw] g:\windows\gjmhkla.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = E:\ProgramFiles\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = E:\ProgramFiles\Word\Office\OSA9.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: ppctlcab - http://ppupdates.ca....er/ppctlcab.cab
O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postb...l/sesam/CAX.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca....r/axscanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1112381825137
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zone...ctor/WebAAS.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylomg...gamesplayer.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.game...outLauncher.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.co.../azesearch3.cab
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://www.p3.postb...l/GTO/PBGNX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://home.hetnet.nl/bb/XUpload.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{8D4FD2A6-8EFA-4F3F-B4FC-B09637ECBBB8}: NameServer = 195.121.1.34 195.121.1.66
O23 - Service: Adobe LM Service - Unknown owner - G:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - E:\Program Files Beveiliging\AntiVir\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - E:\Program Files Beveiliging\AntiVir\AVWUPSRV.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - G:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE" --ntservice (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - G:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • 0

Advertisements

#2
coachwife6
Posted 25 May 2005 - 09:39 PM

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft...p1/default.mspx
Apply the update, reboot, and post a fresh Hijack This log.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP