plya Posted February 2, 2006 Share Posted February 2, 2006 reasantly i ahad my pc atacked by tojans,addware and amllware but i managed to get rid of them i think, anyways my computer is still acting in mesteriaus ways. I hide my icons by axcident now i cant right clik it wont let me how do i fix that . I cant clik ctrl+alt+delete it just says disabled by the administrator Still have soem dodgy pop us. If any1 knows the soliution please help i would a preiceate it . Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
weezcake Posted February 2, 2006 Share Posted February 2, 2006 Download HijackThis: http://www.spywareinfo.com/~merijn/downloads.html Run a scan, save the log and post it here. Someone will be able to help you out. ==================================Retired tip.it moderator.Teaching and inspiring. Link to comment Share on other sites More sharing options...
plya Posted February 2, 2006 Author Share Posted February 2, 2006 i got this: Logfile of HijackThis v1.99.1 Scan saved at 9:48:17 PM, on 2/2/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\WINDOWS\system32\services[Caution: ExecutableFile] C:\WINDOWS\system32\lsass[Caution: ExecutableFile] C:\WINDOWS\system32\svchost[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\Program Files\ntl\ntl Netguard\fws[Caution: ExecutableFile] C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] C:\Program Files\Common Files\Command Software\dvpapi[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\WINDOWS\Explorer[Caution: ExecutableFile] C:\Program Files\BroadJump\Client Foundation\CFD[Caution: ExecutableFile] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE[Caution: ExecutableFile] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile] C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4[Caution: ExecutableFile] C:\windows\winsysban4[Caution: ExecutableFile] C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\Program Files\Internet Explorer\iexplore[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] C:\WINDOWS\system32\RDSHOST[Caution: ExecutableFile] C:\WINDOWS\system32\sessmgr[Caution: ExecutableFile] C:\Program Files\Internet Explorer\iexplore[Caution: ExecutableFile] C:\Program Files\Internet Explorer\iexplore[Caution: ExecutableFile] C:\Documents and Settings\Ant\Local Settings\Temporary Internet Files\Content.IE5\I5CR6B0R\HijackThis[1][Caution: Executable File] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.navids.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ntlworld.com/broadband R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD[Caution: ExecutableFile] O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE[Caution: ExecutableFile] /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile] O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy[Caution: ExecutableFile]" O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud[Caution: ExecutableFile] O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb[Caution: ExecutableFile] /AllUsers O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect[Caution: ExecutableFile] O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4[Caution: ExecutableFile] O4 - HKLM\..\Run: [MSN Service Drivers] svchost[Caution: ExecutableFile] O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd4[Caution: ExecutableFile] O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS\system32\wintask[Caution: ExecutableFile] O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban4[Caution: ExecutableFile] O4 - HKLM\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk[Caution: ExecutableFile] O4 - HKLM\..\Run: [gimmygames] C:\windows\gimmygames[Caution: ExecutableFile] O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS[Caution: ExecutableFile]" O4 - HKLM\..\RunServices: [MSN Service Drivers] svchost[Caution: ExecutableFile] O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [MSN Service Drivers] svchost[Caution: ExecutableFile] O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient[Caution: ExecutableFile] O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain[Caution: ExecutableFile] O4 - HKCU\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk[Caution: ExecutableFile] O4 - HKCU\..\Run: [fufr] C:\PROGRA~1\COMMON~1\fufr\fufrm[Caution: ExecutableFile] O4 - HKCU\..\RunServices: [MSN Service Drivers] svchost[Caution: ExecutableFile] O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136204348615 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136200146364 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: ExecutableFile] O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi[Caution: ExecutableFile] O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws[Caution: ExecutableFile] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile] Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
plya Posted February 3, 2006 Author Share Posted February 3, 2006 come on plz my comp is acting mad :D Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
Mementh Posted February 3, 2006 Share Posted February 3, 2006 O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws[Caution: ExecutableFile] C:\Program Files\ntl\ntl Netguard\fws[Caution: ExecutableFile] (firewall?) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE[Caution: ExecutableFile] O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE[Caution: ExecutableFile] /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88" (your stylus?) C:\windows\winsysban4[Caution: ExecutableFile] C:\WINDOWS\system32\RDSHOST[Caution: ExecutableFile] R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file) 4 - HKLM\..\Run: [MSN Service Drivers] svchost[Caution: ExecutableFile] O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd4[Caution: ExecutableFile] O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS\system32\wintask[Caution: ExecutableFile] O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban4[Caution: ExecutableFile] O4 - HKLM\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk[Caution: ExecutableFile] O4 - HKLM\..\Run: [gimmygames] C:\windows\gimmygames[Caution: ExecutableFile] O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS[Caution: ExecutableFile]" O4 - HKLM\..\RunServices: [MSN Service Drivers] svchost[Caution: ExecutableFile] O4 - HKCU\..\Run: [MSN Service Drivers] svchost[Caution: ExecutableFile] O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient[Caution: ExecutableFile] O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain[Caution: ExecutableFile] O4 - HKCU\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk[Caution: ExecutableFile] O4 - HKCU\..\Run: [fufr] C:\PROGRA~1\COMMON~1\fufr\fufrm[Caution: ExecutableFile] The Following Items ARE OR COULD BE VIRUSES I used http://www.hijackthis.de/ to analize your logs which seems to be pretty good The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time andrew i love you & want you to have my babys!!! Finally, I get to save the Earth with deadly lasers instead of deadly slide shows! Link to comment Share on other sites More sharing options...
plya Posted February 3, 2006 Author Share Posted February 3, 2006 um. so what do now..do i scan my pc now and clik fix or something? Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
plya Posted February 3, 2006 Author Share Posted February 3, 2006 i scanned my pc right..and a list came up do i tick evrything and clik fix or do i tick just soem of the boxes? Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
Mementh Posted February 3, 2006 Share Posted February 3, 2006 i scanned my pc right..and a list came up do i tick evrything and clik fix or do i tick just soem of the boxes? click the ones that match what i posted and you should be ok.. though you mihgt need to run more scans The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time andrew i love you & want you to have my babys!!! Finally, I get to save the Earth with deadly lasers instead of deadly slide shows! Link to comment Share on other sites More sharing options...
plya Posted February 3, 2006 Author Share Posted February 3, 2006 i ahve doen i think evry file that u said to fix and i didi but i still have pop ups and my pc is still wild.. so here is the log for my 2nd scan and do i post my log in the other website and it will say is it a virus or is the file ok... Logfile of HijackThis v1.99.1 Scan saved at 4:14:34 PM, on 2/3/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\WINDOWS\system32\services[Caution: ExecutableFile] C:\WINDOWS\system32\lsass[Caution: ExecutableFile] C:\WINDOWS\system32\svchost[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\Program Files\ntl\ntl Netguard\fws[Caution: ExecutableFile] C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] C:\Program Files\Common Files\Command Software\dvpapi[Caution: ExecutableFile] C:\Program Files\Network Monitor\netmon[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\WINDOWS\Explorer[Caution: ExecutableFile] C:\Program Files\BroadJump\Client Foundation\CFD[Caution: ExecutableFile] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE[Caution: ExecutableFile] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile] C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4[Caution: ExecutableFile] C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile] C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile] C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem[Caution: ExecutableFile] C:\Program Files\Common Files\Windows\services32[Caution: ExecutableFile] C:\Program Files\Internet Explorer\iexplore[Caution: ExecutableFile] C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N68M2301NetInstaller[Caution: ExecutableFile] C:\Documents and Settings\Ant\Local Settings\Temporary Internet Files\Content.IE5\I5CR6B0R\HijackThis[1][Caution: Executable File] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.navids.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ntlworld.com/broadband R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: XBTP07618 - {2296428D-C133-4928-B76A-A200FF409572} - C:\PROGRA~1\FREEPR~1\freeprod.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD[Caution: ExecutableFile] O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE[Caution: ExecutableFile] /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile] O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy[Caution: ExecutableFile]" O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud[Caution: ExecutableFile] O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb[Caution: ExecutableFile] /AllUsers O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect[Caution: ExecutableFile] O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4[Caution: ExecutableFile] O4 - HKLM\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk[Caution: ExecutableFile] O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [services32] C:\Program Files\Common Files\Windows\mc-110-12-0000228[Caution: ExecutableFile] O4 - HKCU\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk[Caution: ExecutableFile] O4 - HKCU\..\RunServices: [MSN Service Drivers] svchost[Caution: ExecutableFile] O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136204348615 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136200146364 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\mepbde40.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: ExecutableFile] O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi[Caution: ExecutableFile] O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws[Caution: ExecutableFile] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile] O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon[Caution: ExecutableFile] Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
plya Posted February 3, 2006 Author Share Posted February 3, 2006 ok i think i got the hang of this but i have one really anoying task i canot find one file named C:\Program Files\Common Files\Windows\services32[Caution: ExecutableFile] when i put in my log in that website it says this si highjacked virus and verry nasty please remove but i canot find it on the scan thing its not there can some1 help? Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
Mementh Posted February 3, 2006 Share Posted February 3, 2006 ok i think i got the hang of this but i have one really anoying task i canot find one file named C:\Program Files\Common Files\Windows\services32.e3e (CAUTION - executable file) when i put in my log in that website it says this si highjacked virus and verry nasty please remove but i canot find it on the scan thing its not there can some1 help? it might be hiding itself.. follow the following directions but when your in safemode try to find it before you run the scans get rid of the following CLOSE ALL PROGRAMS first before you scan cept for Firefox / Internet explorer C:\Program Files\Network Monitor\netmon[Caution: ExecutableFile] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE[Caution: ExecutableFile] C:\Program Files\Common Files\Windows\services32[Caution: ExecutableFile] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com O2 - BHO: XBTP07618 - {2296428D-C133-4928-B76A-A200FF409572} - C:\PROGRA~1\FREEPR~1\freeprod.dll O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll O4 - HKLM\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk[Caution: ExecutableFile] O4 - HKCU\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk[Caution: ExecutableFile] O4 - HKCU\..\RunServices: [MSN Service Drivers] svchost[Caution: ExecutableFile] O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\mepbde40.dll (file missing) Get: Adaware spybot search and destroy bazooka scanner TrojanHunter The Cleaner SpywareBlaster run them all once in regular then restart your computer in safe mode and run all of them again. this SHOULD clean it all up.. this process should take between 10-15 hours so hop to it The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time andrew i love you & want you to have my babys!!! Finally, I get to save the Earth with deadly lasers instead of deadly slide shows! Link to comment Share on other sites More sharing options...
plya Posted February 3, 2006 Author Share Posted February 3, 2006 lol tnx verry much Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
plya Posted February 3, 2006 Author Share Posted February 3, 2006 um what do u meen safe mode do i just scan my pc rest then scan again? Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
Mementh Posted February 4, 2006 Share Posted February 4, 2006 um what do u meen safe mode do i just scan my pc rest then scan again? when your computer restarts hit F8 it will bring up a menu.. one of the options will be safe mode select it The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time andrew i love you & want you to have my babys!!! Finally, I get to save the Earth with deadly lasers instead of deadly slide shows! Link to comment Share on other sites More sharing options...
plya Posted February 4, 2006 Author Share Posted February 4, 2006 lol thnx verry much now i know how to use hjt verry good program and i did i scanned my pc and vent safe mode (not sure what it does) but it work of fixing all of my infected files but i couldnt save my windows acount so i created a new 1 Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
Mementh Posted February 4, 2006 Share Posted February 4, 2006 lol thnx verry much now i know how to use hjt verry good program and i did i scanned my pc and vent safe mode (not sure what it does) but it work of fixing all of my infected files but i couldnt save my windows acount so i created a new 1 safe mode is like driving a car but with only a engine transmission and steering and brakes NO AC No seats No dash No radio no frills basically.. only the extreme basics to load the computer i assume you REFORMATTED your computer? because just making a new user does not stop the viruses i belive The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time andrew i love you & want you to have my babys!!! Finally, I get to save the Earth with deadly lasers instead of deadly slide shows! Link to comment Share on other sites More sharing options...
plya Posted February 4, 2006 Author Share Posted February 4, 2006 ohh cool so thats whats safe mode and why do peopel use it when scanign pc? and no i changed my acounts becouse the viruses configured with my setings which were not reversable so i cahange acounts Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
Mementh Posted February 4, 2006 Share Posted February 4, 2006 ohh cool so thats whats safe mode and why do peopel use it when scanign pc? and no i changed my acounts becouse the viruses configured with my setings which were not reversable so i cahange acounts they use it because MOST viruses and spyware and keyloggers can't pretend well enough to make themselves seem a VITAL part and so can't hide themselves.. also since they are not running they are EASYER to detect and remove The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time andrew i love you & want you to have my babys!!! Finally, I get to save the Earth with deadly lasers instead of deadly slide shows! Link to comment Share on other sites More sharing options...
plya Posted February 4, 2006 Author Share Posted February 4, 2006 o cool so 1rst i scan with 5 programs then restart and scan again in safe mode,just to rember Visit TipRs for Rs Tips such as Money Making Guides Link to comment Share on other sites More sharing options...
Mementh Posted February 5, 2006 Share Posted February 5, 2006 o cool so 1rst i scan with 5 programs then restart and scan again in safe mode,just to rember right The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time andrew i love you & want you to have my babys!!! Finally, I get to save the Earth with deadly lasers instead of deadly slide shows! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now