kylethedarkn

First run HJT and check the following. [COLOR=Black] O2 - BHO: DPCUpdater Object - {61C07AF3-01A3-4B85-ADB2-4EFD04E1286C} - C:\WINDOWS\system32\pmkhi.dll O8 - Extra context menu item: Download All by FlashGet - C:\Archivos de programa\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Archivos de programa\FlashGet\jc_link.htm O9 - Extra button: FlashGet - …

Wow you have a lot of trojans. First of all open HJT and check the following lines. [COLOR=Black] O4 - HKLM\..\Run: [msconfig38] mssvcc.exe O4 - HKLM\..\Run: [secures23] lup.exe O4 - HKLM\..\Run: [Windows ASN4 Services] xyjv.exe O4 - HKLM\..\Run: [keyboard] C:\\kybrd.exe O4 - HKLM\..\Run: [defender] C:\\dfndra.exe O4 - HKLM\..\Run: [newname] C:\\nwnm.exe …

I seemed to have picked up an annoying bit of malware. There are only two problems. One is that random sound clips(i think from my temp folder) will play and i get pop ups that ask me if i want to go to 1click2go.com. Heres my HJT log. I would …

Ok thats what i thought. Run it again except this time choose option 2 and enter.(warning this may delete your background for your desktop) Are you still having problems after that?

If that doesn't work try this. [URL="http://www.atribune.org/ccount/click.php?id=7"][COLOR=red][B][U]Click here[/U][/B][/COLOR][/URL] to download Look2Me-Destroyer.exe and save it to your desktop. [LIST] [*]Close all windows before continuing. [*]Double-click [B]Look2Me-Destroyer.exe[/B] to run it. [*]Put a check next to [B]Run this program as a task.[/B] [*]You will receive a message saying Look2Me-Destroyer will close and re-open …

Ok. First I would like you to download ewido security suite from [URL="http://www.download.com/Ewido-Security-Suite/3000-8022_4-10326287.html?tag=lst-0-1"]here[/URL]. [LIST=1] [*]Install ewido anti-malware [*]When installing, under "Additional Options" [B]uncheck..[/B][LIST] [*][B]Install background guard[/B] [*][B]Install scan via context menu[/B][/LIST] [*]Launch ewido, there should be an icon on your desktop, double-click it. [*]The program will now open to the …

In the future just reply to the previous posts don't Start a new thread. Don't know who was helping this person so I'll just get out of your way.

Are You sure you didn't accidentally give anyone your password. Also try [URL="http://www.ewido.net/en/download/"]this[/URL] scanner. [LIST=1] [*]Install ewido anti-malware [*]When installing, under "Additional Options" [B]uncheck..[/B][LIST] [*][B]Install background guard[/B] [*][B]Install scan via context menu[/B][/LIST] [*]Launch ewido, there should be an icon on your desktop, double-click it. [*]The program will now open to …

Try this scanner and see if it picks it up. Plz Download Ewido from [URL="http://www.ewido.net/en/download/"]here[/URL] [LIST=1] [*]Install ewido anti-malware [*]When installing, under "Additional Options" [B]uncheck..[/B][LIST] [*][B]Install background guard[/B] [*][B]Install scan via context menu[/B][/LIST] [*]Launch ewido, there should be an icon on your desktop, double-click it. [*]The program will now open …

First of all having HJT in the actual Program Files folder Try putting it in a folder such as C:\Program Files\HJT. Or something similar. Now I want you to download Ewido's Security Suite from [URL="http://www.download.com/Ewido-Securi...ml?tag=lst-0-1"]here[/URL]. [LIST=1] [*]Install Ewido Anti-Malware [*]When installing, under "Additional Options" [B]uncheck..[/B][LIST] [*][B]Install background guard[/B] [*][B]Install scan …

Are the following things found infected or not because i want to know whether or not the use smitfraudfix to clean them. SmitFraudFix v2.63 Scan done at 17:55:24.81, Tue 06/20/2006 Run from C:\Documents and Settings\Owner\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT Fix ran in normal mode »»»»»»»»»»»»»»»»»»»»»»»» C:\ …

I've look over my log but i cant seem to find any obvious sign of infestation. All my running processes appear to be clean and most everything else looks normal, but im still getting pop ups and random programs are download from IE(which sucks) and messing up the computer even …

First of all move HJT to its own folder such as [COLOR=Blue]C:/HJT [COLOR=DimGray]Then run HJT and check the following [/COLOR][/COLOR][COLOR=Black] C:\WINDOWS\System32\users32.exe C:\WINDOWS\System32\adobepnl.dll O4 - HKLM\..\Run: [Adware.Srv32] C:\WINDOWS\System32\runsrv32.exe O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\System32\susp.exe R3 - Default URLSearchHook is missing[/COLOR] [COLOR=Black]Also check the items that say BHO (no name)....(no file) [COLOR=DimGray] Close …

Does anybody know where i can edit virtual memory setting because i want to change it to a slave drive

is it possible to select this folder w/ pocket killbox C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5

Plz download HJT from [URL="http://www.majorgeeks.com/downloadget.php?id=3155&file=9&evp=3304750663b552982a8baee6434cfc13"]here [/URL]and put it in its own folder such as [COLOR=Blue]C:/HJT. [COLOR=DimGray]Run it and when its done save the the log and copy and paste the contents in your next post it makes it easier for us to see what's wrong.[/COLOR] [/COLOR]

Allow them both they are both critical for security also i found a couple nasties. Run HJT and check the following [COLOR=Black]C:\WINDOWS\SYSTEM\KERNEL32.DLL Also delete kernel32.dll from the windows system folder by using my computer now upload the file [COLOR=Blue]C:\WINDOWS\scanregw.exe [COLOR=Black]file to [URL="http://virusscan.jotti.org/"]Jotti's[/URL] and tell me the results.[/COLOR][/COLOR] [/COLOR]

Can you start up the computer or does it immediately shut back down after you start it up. If you can, Download HJT from [URL="http://www.majorgeeks.com/downloadget.php?id=3155&file=11&evp=3304750663b552982a8baee6434cfc13"]here[/URL] and extract the file to it own folder such as C:/HJT. Run the program and do a system scan. When its finished click on save …

i dont know if this is adware caused or not but sometimes the computer will randomly shut down on its own from an improperly working fan so you might want to check that

here's his HJT log he cant use the internet its so bad but i can get him any programs he needs thx for the help Logfile of HijackThis v1.99.1 Scan saved at 10:18:33 PM, on 6/7/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: …

im 75% sure that these 2 are malware and key processes for the pop-ups C:\WINDOWS\SmFzb24\command.exe C:\Program Files\Network Monitor\netmon.exe

post this in the viriuses and other nasties forum not this one also put Hi-jack this in its own folder such as [COLOR=Blue]C:\HJT[/COLOR] or something similar

heres my hjt log Logfile of HijackThis v1.99.1 Scan saved at 4:01:40 PM, on 6/5/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe …

its malware that doing it most likely download Hi-jack This and post the log under viriuses and other nasties forum

Yeah you do have quite a few nasties there, but im no expert i can definetely tell your IE settings are wacked but thats about it

well dialup and aol are the worst combos for internet acess get dsl they have good deals like 15 bucks a month

have you tried running a good scanner such as ad-aware or ewido

if i did a system restore would that only reset the settings of system folders or also folders like my documents

i recently found a number of temp files that i cant delete because they are being used by an outside program of which i have no idea what it could be they are mostly html files and pictures like you get from normal browsing but when i tried to delete …

is there anyway to change novell settings if your not on the administrative account

plz help heres my log Logfile of HijackThis v1.99.1 Scan saved at 11:25:37 AM, on 5/28/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Network Monitor\netmon.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program …

My computer has about every trojan/adware on it including vx2 winfixer and many other i used scanners to get rid of most of it but heres my HJT log. Plz help me find the other problems PS-ive already downloaded lspfix ccleaner and ewido here it is Logfile of HijackThis v1.99.1 …

Uninstall Panda if you can gmail and other email sites tend to stop working if you have an internet security program that screws up that happened to me with norton

is there anything wrong w/ my comp here my log Logfile of HijackThis v1.99.1 Scan saved at 4:27:15 PM, on 5/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\WINDOWS\System32\snmp.exe …

could somebody plz post a link to a program that will remove norton

About a week ago i noticed that when i tried to acess gmail(google email) i recieved and error message in my mozilla firefox browser. unfortounetly the error was not caused by a bad internet connection or a busy site. I think it was caused by norton internet security because after …

how come sometimes in IE you can select Today in the history and delete it but other time you have to delete each individual entry

try using xoftspy and get the serial key from theserials.com i dont recommend going to theserials.com unless you have norton or are using a mozilla firefox browser because if you use internet explorer it will automaticly download some nasty adware