Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need help please!


  • This topic is locked This topic is locked

#1
avensteph

avensteph

    banned

  • Banned
  • PipPip
  • 45 posts
Help please, i was looking a serial number for a friend, my mistake, and i was directed to a site where instead of serial numbers i found pornography, inmediately after my comp froze and i havent been able to use mos of my programs since, i try to run my spyware programs (avg,MS antispyware, ad-aware,xsoftspy) they all appear to b loading but then the loading window dissapears and nothing happens, this happens with most of the other programs as well, and internet explorer i cannot use anymore, im using netscape. i always get a message when i restart saying that vxh8jkdq6.exe has encountered a problem and needs to close, if someone could please help me with this id appreciate it. Btw if ur thinking of me posting a highjacklog it doesnt work either i tried it. :tazz: :)
  • 0

Advertisements


#2
avensteph

avensteph

    banned

  • Topic Starter
  • Banned
  • PipPip
  • 45 posts
i just finished scanning with ewido suite, here is the um report


---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 10:40:12 PM, 9/28/2005
+ Report-Checksum: 5F4F92A8

+ Scan result:

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\EHIN8L4X\y[1].exe/y.bat -> Trojan.Zapchast : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Paulette Parchmont\Application Data\Mozilla\Profiles\default\gf6vvesx.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Paulette Parchmont\Application Data\Mozilla\Profiles\default\gf6vvesx.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Paulette Parchmont\Application Data\Mozilla\Profiles\default\gf6vvesx.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Paulette Parchmont\Application Data\Mozilla\Profiles\default\gf6vvesx.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Paulette Parchmont\Application Data\Mozilla\Profiles\default\gf6vvesx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Paulette Parchmont\Application Data\Mozilla\Profiles\default\gf6vvesx.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Paulette Parchmont\Application Data\Mozilla\Profiles\default\gf6vvesx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Paulette Parchmont\Application Data\Mozilla\Profiles\default\gf6vvesx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Paulette Parchmont\Application Data\Mozilla\Profiles\default\gf6vvesx.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Paulette Parchmont\Local Settings\Temp\1.qtdfmp -> TrojanDownloader.Small.bho : Cleaned with backup
C:\Documents and Settings\Paulette Parchmont\Local Settings\Temp\2.qtdfmp -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Documents and Settings\Paulette Parchmont\Local Settings\Temp\5.qtdfmp -> TrojanDownloader.Agent.tx : Cleaned with backup
C:\Documents and Settings\Paulette Parchmont\Local Settings\Temp\7.qtdfmp -> TrojanDownloader.Small.atl : Cleaned with backup
C:\Documents and Settings\Paulette Parchmont\Local Settings\Temp\vxt2.game -> Backdoor.Agent.iw : Cleaned with backup
C:\Documents and Settings\Paulette Parchmont\Local Settings\Temp\vxt3.game -> Trojan.LowZones.y : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1C3BCC32-6264-4D37-A021-04FDD1\D20F422A-8AA5-4BBF-A413-AFC9A4/C:/Windows/System32/msbe.dll -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1C3BCC32-6264-4D37-A021-04FDD1\D20F422A-8AA5-4BBF-A413-AFC9A4/C:/Program Files/BullsEye Network/bin/bargains.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1C3BCC32-6264-4D37-A021-04FDD1\D20F422A-8AA5-4BBF-A413-AFC9A4/C:/Program Files/BullsEye Network/bin/adv.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1C3BCC32-6264-4D37-A021-04FDD1\D20F422A-8AA5-4BBF-A413-AFC9A4/C:/Program Files/BullsEye Network/bin/adx.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\64103750-4BB1-414C-BA8B-D16197\4C41F630-08A4-4ADE-B88B-F0FF3E/C:/Windows/System32/msbe.dll -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\64103750-4BB1-414C-BA8B-D16197\4C41F630-08A4-4ADE-B88B-F0FF3E/C:/Program Files/BullsEye Network/bin/bargains.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\64103750-4BB1-414C-BA8B-D16197\4C41F630-08A4-4ADE-B88B-F0FF3E/C:/Program Files/BullsEye Network/bin/adv.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\64103750-4BB1-414C-BA8B-D16197\4C41F630-08A4-4ADE-B88B-F0FF3E/C:/Program Files/BullsEye Network/bin/adx.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\6C4B5850-8DDC-4847-83D3-A6AB7F\39465ED0-87CD-493F-91B1-867C38/C:/Windows/System32/msbe.dll -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\6C4B5850-8DDC-4847-83D3-A6AB7F\39465ED0-87CD-493F-91B1-867C38/C:/Program Files/BullsEye Network/bin/bargains.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\6C4B5850-8DDC-4847-83D3-A6AB7F\39465ED0-87CD-493F-91B1-867C38/C:/Program Files/BullsEye Network/bin/adv.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\6C4B5850-8DDC-4847-83D3-A6AB7F\39465ED0-87CD-493F-91B1-867C38/C:/Program Files/BullsEye Network/bin/adx.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\70925796-02ED-4D9E-B744-9FA411\62480DDF-7691-406E-9386-BDD89F/C:/Windows/System32/msbe.dll -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\70925796-02ED-4D9E-B744-9FA411\62480DDF-7691-406E-9386-BDD89F/C:/Program Files/BullsEye Network/bin/bargains.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\70925796-02ED-4D9E-B744-9FA411\62480DDF-7691-406E-9386-BDD89F/C:/Program Files/BullsEye Network/bin/adv.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\70925796-02ED-4D9E-B744-9FA411\62480DDF-7691-406E-9386-BDD89F/C:/Program Files/BullsEye Network/bin/adx.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0097292.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0097475.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0097666.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0098506.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0098539.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0098564.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0098579.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0098595.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0098613.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0099613.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0099653.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0099691.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0099713.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0099726.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP260\A0101624.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP262\A0101671.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP262\A0101785.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP262\A0101819.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP262\A0101835.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP262\A0101836.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP262\A0102847.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP263\A0102853.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP263\A0102859.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP263\A0103863.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP263\A0103864.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP263\A0103892.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP263\A0103893.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP264\A0103939.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP264\A0103965.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP264\A0103966.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP264\A0103987.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP265\A0104000.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP265\A0104001.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP265\A0104018.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP265\A0105125.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107312.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107313.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107314.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107315.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107316.dll -> Spyware.WildTangent : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107317.sys -> Trojan.Rootkit.Agent.ab : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107318.exe -> Spyware.WinAD : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107319.sys -> Trojan.Rootkit.Agent.ab : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107320.exe:ibyeu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107321.exe:ibyeu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107322.ini:acrjo -> Backdoor.Small.dc : Cleaned with backup
C:\System Volume Information\_restore{B22743D3-F062-426E-B1F6-9338BC116202}\RP266\A0107323.bat -> Trojan.Zapchast : Cleaned with backup
C:\WINDOWS\system32\psis80ex.ax/C:/Windows/System32/mscb.dll -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\psis80ex.ax/C:/Program Files/CashBack/bin/cashback.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\psis80ex.ax/C:/Program Files/CashBack/bin/cb.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\psis80ex.ax/C:/Program Files/CashBack/bin/flash.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\vx.tll -> Adware.SpySheriff : Cleaned with backup


::Report End
  • 0

#3
ukbiker

ukbiker

    Rest in Peace, ukbiker

  • Retired Staff
  • 2,014 posts
Hi There

Please go here:

http://www.geekstogo..._Log-t2852.html

Run all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum

If you are unable to run any of the programmes, please ask for advice in the Malware Forum
  • 0

#4
avensteph

avensteph

    banned

  • Topic Starter
  • Banned
  • PipPip
  • 45 posts
um like i mentioned b4 i have those programs, most of them, but the problem is that wen i try to run them they wont run, i cant post a highjack log cause it wont run, i cant scan with none of my antivirus removal tools cause they wont run, i cant use iexplorer cause it wont run.
  • 0

#5
Fenor

Fenor

    Trusted Tech

  • Retired Staff
  • 5,236 posts
Hi avensteph!

I had this problem before, are you able to go into the Task Manager and view and kill processes that are running?
  • 0

#6
avensteph

avensteph

    banned

  • Topic Starter
  • Banned
  • PipPip
  • 45 posts
i just tried and i get a message saying my task manager has been disabled by the administrator, im the administrator so i dont get it.
  • 0

#7
Fenor

Fenor

    Trusted Tech

  • Retired Staff
  • 5,236 posts
Heh, sorry but I know what a pain in the fill in the blank with a bad word this is. What you need to do is download Autostart & Process Viewer, install it and then run it and kill the processes that are running that don't make sense, like vxh8jkdq6.exe. Once you find the process that is causing these programs not to start, then you will be able to run HJT and other spyware/malware removal tools. Once you are able to run a HJT log, please post it in the Malware Forum as stated by ukbiker.

As for the Task Manager disabled by adminstrator error, please go here

Fenor

Edited by Fenor, 29 September 2005 - 10:09 PM.

  • 0

#8
avensteph

avensteph

    banned

  • Topic Starter
  • Banned
  • PipPip
  • 45 posts
i just found a site to fix the task manager thing, now i can end processes what do u suggest i do?? :tazz:
  • 0

#9
Fenor

Fenor

    Trusted Tech

  • Retired Staff
  • 5,236 posts
Gah I fixed my ginked up post so it's right now :tazz:
  • 0

#10
ukbiker

ukbiker

    Rest in Peace, ukbiker

  • Retired Staff
  • 2,014 posts
Hi There

before you start stopping running processes, try to scan with HJT in Safe Mode please.
  • 0

#11
Fenor

Fenor

    Trusted Tech

  • Retired Staff
  • 5,236 posts
Won't work in Safe Mode, trust me I've had this before.

But I guess it can't hurt to try, I could be wrong :tazz:

Edited by Fenor, 29 September 2005 - 10:12 PM.

  • 0

#12
avensteph

avensteph

    banned

  • Topic Starter
  • Banned
  • PipPip
  • 45 posts
i posted in the malware section lets take it there
  • 0

#13
Fenor

Fenor

    Trusted Tech

  • Retired Staff
  • 5,236 posts
Sounds good! Let us know how things go.

Fenor

P.S. -- Post back here if you are still having problems after given a clean bill of health from the malware expert.
  • 0

#14
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Topic closed
Please refer to this Topic for further help please

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP