Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Please help random BSOD's [CLOSED]


  • This topic is locked This topic is locked

#1
UVA

UVA

    New Member

  • Member
  • Pip
  • 5 posts
All of the sudden I am getting random bsod's, when I send an error report upon reboot it always says it was caused by a device driver, however the error codes are different most of the time. My machine has always ran fine until recently. I have tested my ram and it passes all tests. I am thinking that it may be a software issue, possibly spyware or such. I have a nvidia gforce4 ti4200 video card and I have heard bad things about certain drivers but i have tried the newest driver and also version 61.xx something , neither seem to help. here is the most recent error code.

STOP: 0x00000023 (0x000E0100,0xF4126A94,0xF4126790,0xF6A18529

Fastfat.sys Address F6A18529 Base at F6A07000

as I said these bsod's are random and don't always have a file name listed. They also happen at random times, this last crash happened while running ewido, and it always happens about 5-10 mins into playing WOW. Since I got a bsod while running ewido all I have right now is my hjthis log.

Logfile of HijackThis v1.99.1
Scan saved at 9:50:54 PM, on 11/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\dXNlcg\command.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ldvogrm.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\tuhjcns.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Avant Browser\avant.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\bungle\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clicksear...index.php?aff=9
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O2 - BHO: wb - {55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} - C:\WINDOWS\system32\nsq7.dll
O2 - BHO: (no name) - {A04839E0-0D3E-DD5A-0CDA-4D49A1FDDF39} - C:\WINDOWS\ferruklb.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Task Manager] c:\windows\system32\taskmg.exe
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{B9E1BAD6-1C57-437A-9A08-6EA2513022CB}\SVCHOST.EXE
O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\System32\intell32.exe
O4 - HKLM\..\Run: [tuhjcns] C:\WINDOWS\tuhjcns.exe
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Fnnipaus] C:\WINDOWS\System32\??plorer.exe
O4 - HKCU\..\Run: [WindowsFY] c:\wp.exe
O4 - HKCU\..\Run: [Pdut] C:\Program Files\obsc\mhrh.exe
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 1.9.118.lnk = C:\Program Files\OpenOffice.org 1.9.118\program\quickstart.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Microsoft AntiSpyware helper - {209A1F54-6128-4CB8-8380-6DB0153EB222} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {209A1F54-6128-4CB8-8380-6DB0153EB222} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {4CE73C31-AC7C-451A-96A8-5D854B724AAA} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {4CE73C31-AC7C-451A-96A8-5D854B724AAA} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {50DCD783-6346-460C-8E1E-AAF492780335} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {50DCD783-6346-460C-8E1E-AAF492780335} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {65628939-876B-438F-8556-2E80343E3DB4} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {65628939-876B-438F-8556-2E80343E3DB4} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {7BDFA27A-1FEE-46FB-8801-7FE035C47DD2} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {7BDFA27A-1FEE-46FB-8801-7FE035C47DD2} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {E38AB678-6AB2-4423-AE64-1709651A6FF0} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {E38AB678-6AB2-4423-AE64-1709651A6FF0} - (no file) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot8_x.cab
O16 - DPF: Yahoo! Literati - http://download.game...nts/y/tt3_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: Yahoo! Spades - http://download.game...nts/y/st2_x.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....015/CTSUEng.cab
O16 - DPF: {0FD53023-699C-1794-4D89-7E98599433E0} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {10827629-9F8F-70DD-4197-73FA511094E1} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {11B8CFE1-07FB-467A-C088-3B3A679AFD37} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {173A103D-DA9F-084A-DF4D-205F14C43E38} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {26098EA2-C95D-48EA-89B4-63C5A63BD42F} - http://www.pacimedia...ll/pcs_0031.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {342BCA8B-DC2C-2B2B-CA24-57E43DBF1023} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {406C793D-1EE6-1F0F-5A06-0BB209D078EF} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.co.../ysb_cracks.cab
O16 - DPF: {4B8F24CE-0A4C-5C8D-2ACB-4BAF29DA6347} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {6A1EC6A9-77C9-017C-62E9-2C537FAFED6D} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {770B904E-5AF5-275D-47AF-4BD44AA8FF1B} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {CA356D79-679B-4B4C-8E49-5AF97014F4C1} -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15016/CTPID.cab
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: ShellCompatibility - C:\WINDOWS\
O21 - SSODL: NTDBGTOOL - {6C8F2637-7E42-45BD-AFEB-8DD5B641E0F3} - C:\WINDOWS\System32\kbdimpat.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\dXNlcg\command.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Loading Outpost Connections (KDE) - Unknown owner - C:\WINDOWS\System32\cmdtel.exe (file missing)
O23 - Service: Debug oupost relations (LAGOS) - Unknown owner - C:\WINDOWS\System32\ahtun.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\ldvogrm.exe
  • 0

Advertisements


#2
UVA

UVA

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Sorry i posted this in the wrong area but I am new here. TY for whoever moved it here. Please help it is getting worse I am now getting popups like crazy.
  • 0

#3
UVA

UVA

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Here is my ewido log.

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 11:17:49 AM, 11/9/2005
+ Report-Checksum: E847C515

+ Scan result:

C:\Program Files\Microsoft AntiSpyware\Quarantine\7B30D16E-4ED1-4DBD-A7AF-6C9C25\04E68FF6-B7C6-4BD6-844B-488C33 -> TrojanDownloader.IstBar : Ignored
HKLM\SOFTWARE\ISTsvc -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTsvc -> Spyware.ISTBar : Cleaned with backup
HKU\S-1-5-21-448539723-492894223-839522115-1003\Software\IST -> Spyware.ISTBar : Cleaned with backup
C:\Program Files\System Files\System.exe -> Spyware.CASClient : Cleaned with backup
C:\WINDOWS\bsx32 -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI2.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ABSPLAT.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ACCUQ.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3AMERS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ASKNOW2.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3CARQ.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3CARQ2.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3CCB.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3CHOCPBMM.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3CHRISMORT.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3CREDITCARD.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3DIRTYH.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ENDOMET.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3FREECS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3FREEIPOD.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3FREEIPOD2.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3FREEXBOX.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3HAIRLOSS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3HYDRO.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3KAN1.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3KAN10.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3KAN11.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3KAN12.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3KAN2.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3KAN6.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3KAN7.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3LEXREPAIR.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3LMORON.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3LOWRATE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3MYDISH.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3MYINKS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3NETFLIX2.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ODYSSEY.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3PARTYPOKER.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3PASSION.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3PCHSWEEPS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3POP.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3SPORTSINT.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3SUPERIOR.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3WEIGHTL.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASICLRE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASIEPRE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASIPP.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASIRCPRE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASISS2RE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASISSRE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\EECH1.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\SPECAUTO.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\SPECENTER.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\SPZ3.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPC.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPD.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPF.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPFAM.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPFI.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPFIN.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPG.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPH.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPHL.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPJ.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPM.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPMTV.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPN.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPR.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPSHOP.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPSP.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\TMPW.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\cmvbmjazbh.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\YSBactivex.dll -> TrojanDownloader.IstBar : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\istactivex.dll -> TrojanDownloader.IstBar : Cleaned with backup
C:\WINDOWS\dXNlcg\command.exe -> Adware.CommAd : Cleaned with backup
C:\WINDOWS\iyqrol.exe -> TrojanDownloader.IstBar.ij : Cleaned with backup
C:\WINDOWS\ldvogrm.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\oypshe.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\system\UpdInst.exe -> Spyware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\APD123.exe -> Spyware.Pacer : Cleaned with backup
C:\WINDOWS\system32\MTE2ODM6ODoxNg.exe -> Spyware.ISearch : Cleaned with backup
C:\WINDOWS\system32\SSK3.exe -> TrojanDropper.Small.qn : Cleaned with backup
C:\WINDOWS\system32\__delete_on_reboot__fltmgr.dll -> Backdoor.Agent.lg : Cleaned with backup
C:\WINDOWS\tuhjcns.exe -> Spyware.Hijacker.Generic : Cleaned with backup


::Report End
  • 0

#4
OwNt

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Hello, UVA.

Please DELETE your current HJT program from its present location.

Download and run the following HijackThis autoinstall program from Here . Please choose the default location of C:\Program Files\ as the destination. HJT needs to be in its own folder so that the program itself isn't deleted by accident

Run HijackThis

Click SCAN and SAVE LOG. (a notepad window will open with the log in it when you click Save Log) (Ctrl-A to'select all', Ctrl-C to 'copy')

POST the log into this thread using 'Add Reply' (Ctrl-V to 'paste')
  • 0

#5
OwNt

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP