computer problems forum computer problems forum computer problems forum
computer problems forum
       
Home   |    Forums   |    Register   |   FAQ   |   Members List   |   Calendar   |   Search   |   Today's Posts   |   Mark Forums Read   |



Go Back   ComputerProblems.org Free Computer Support & Technology Discussion > Computer Help > Antivirus/Spyware
Reload this Page Problems opening antivirus.

Welcome to the ComputerProblems.org Free Computer Support & Technology Discussion.
   computer problems forum
Welcome to ComputerProblems.Org, your source for PC technical help and information!

You are currently viewing our boards as a guest which gives you limited access to view most discussions. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, access our arcade and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact contact support.


Reply
Page 2 of 2 < 1 2
 
LinkBack Thread Tools Display Modes
 
  #16 (permalink)  
Old 03-10-2008, 10:43 PM
gortjake's Avatar
Cool Member
  
Europe - Geography game Champion! Falldown Champion! Fight Man Champion! Flying Plane Champion! Jungle Quest Champion! Amira Champion! Missle Defender Champion! The Naked Run Champion! Onsengame Champion! Flash Pacman Champion! Speed Master Champion! Operation Seahawk Champion! Saratoga Slingo Champion! Shoot Rat Champion! Shortbus Revenge Champion! 3D Space Skimmer Champion! A Day Of Slacking Champion! Soap Bubble Champion! Stack The Cats Champion! Whack The Dead Champion! Zwill Champion! Attack of the Tweety Zombies Champion! 1-i Champion! Balloon Shoot Champion! 3D Tunnel Champion! 3D Net Blazer Champion! 3D Car Driver Champion! 3D SuperBall Champion! Bat & Mouse 2 Champion! 30k Starfighter Champion!
Join Date: Mar 2004
Posts: 103
gortjake is on a distinguished road
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:33 AM, on 3/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Business is better with Yahoo! Search Engine Marketing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Business is better with Yahoo! Search Engine Marketing
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
F2 - REG:system.ini: Shell=
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: (no name) - {45C2A50F-8F4A-496E-AF02-D0207525BF5A} - C:\WINDOWS\system32\ljjjkli.dll
O2 - BHO: {f4d39972-380a-2b5b-7044-d4fde879c006} - {600c978e-df4d-4407-b5b2-a08327993d4f} - C:\WINDOWS\system32\eltbauhs.dll
O2 - BHO: (no name) - {F8A41924-D542-48AF-A702-283E8061D54C} - C:\WINDOWS\system32\mllmn.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [BM0b6b1be5] Rundll32.exe "C:\WINDOWS\system32\ebhtyuet.dll",s
O4 - HKLM\..\Run: [08582879] rundll32.exe "C:\WINDOWS\system32\yliutvyp.dll",b
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O4 - HKCU\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe " -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Risk\Images\stg_drm.ocx
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Risk\Images\armhelper.ocx
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 5465 bytes
_________________________________________________

Also he said he had some files in his windows folder that should not have been there. There was also in the program files thousands of files that were titled pos1ed, pos2ed, pos1de, like that.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
 
Sponsored Links
 
  #18 (permalink)  
Old 03-13-2008, 10:27 AM
Maurice's Avatar
Community Leader
  

Join Date: Jun 2007
Location: Walthamstow, London, England
Posts: 619
Maurice has a spectacular aura about Maurice has a spectacular aura about Maurice has a spectacular aura about
Send a message via MSN to Maurice
Well I have had a look and can't see anything nasty but I am not sure what these two .dll files are doing as they are being run by rundll32 which will obscure them from view.

O4 - HKLM\..\Run: [BM0b6b1be5] Rundll32.exe "C:\WINDOWS\system32\ebhtyuet.dll",s
O4 - HKLM\..\Run: [08582879] rundll32.exe "C:\WINDOWS\system32\yliutvyp.dll",b

I have googled these two but nothing found. I would search the C: drive for these two files and display their properties to see if this identifies them.

I believe SICS is a bit of a whizz when it comes to HiJackThis reports.

** You really should update to IE7 asap too.
__________________
Beer is living proof that God loves us and wants us to be happy.

http://www.vforum.me.uk/
Last edited by Maurice : 03-13-2008 at 11:02 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
 
 
  #19 (permalink)  
Old 03-13-2008, 12:01 PM
SICS's Avatar
Fearless Leader
  
Tetris Champion! All Star Skate Park Champion! TransFormers Energon Champion! Equilibrium Champion! Evangelion Champion! Tiger Moth Champion! Surf Point Blue Champion! Fire Storm Champion! Fish Food Champion! Fishy Champion! Finnair Champion! Flash Back Champion! Color Boxes Champion! Flippy Attack Champion! Little Geek Champion! Finding Nemo Champion! Four Balls Champion! Freaky Football Champion! Free Mars Champion! Frog Batting Champion! Fucking Killer Champion! Gauntlet 2 Champion! Gandys Quest Champion! Gorlog Champion! GoGo Pogo Champion! Goo Slasher 2 Champion! Goo Slasher Champion! Guardian Angel Champion! Gunny Bunny Champion! Hacker Champion! Out Of Halloween Champion! Heineken! Champion! Jewel Thief Champion! Jongler Champion! Just Not Cricket Champion! Kaboom Champion! Kick Off Champion! Super Soccer Champion! Kung Fu Fighter Champion! Long Jump Lite Champion! Lizzie McGuire Turbo Racer Champion! Lost Treasure Champion! Lord of the Rings Battle Champion! Love Champion! Luigis Day Champion! Luigis Revenge Interactive Champion! POL Champion! Van Champion! Mac Man Champion! Maple Story Champion! Shoot The Mail Champion! Super Mario Flash Champion! Mars Encounter Champion! Matrix Fighter Champion! Bombjack 2 [ New Levels ] Champion! Mini Putt Champion! Mini Golf Champion! MineCar Mayhem Champion! Monkey Target Champion! Mordor Mountain Madness Champion! Mr Fox Champion! Mr Shuster Champion! Ms Pacman Champion! Munchy Man Champion! Parasitesi Champion! Ollie Champion! Oldgit Champion! Open Range Champion! Panda Golf Champion! Pacman Jungle Trip Champion! Pang-2001 Champion! Santa Panic Champion! Paper Cup Champion! Pang 2004 Champion! Inspector Parker Champion! Party Pals Champion! Plasma V2 Champion! Power Driver 2.0 Champion! Power Failure Champion! Poolpyhazard Champion! Panik: Poopascoopa Champion! Punching Trainer Champion! Pro Quarterback Champion! pursuit Champion! Speedys Pyramid Rescue Champion! Qbert Arcade Champion! Q Bert 2004 Champion! Quick Killer Champion! Quix Champion! Recoil Champion! Raiden 2s Part B Champion! RocketMX Racing Champion! Rocket Man Champion! River City Hacky Sack Champion! Rooftop Skater Champion! Rubberband it Champion! Sandwich Stacker Champion! Shark Attack Champion! Shark Attack Champion! Sheep Jumper Champion! Sky Attack Champion! Ski Jump 2001 Champion! The Cheats Smoking Challenge Champion! Snake 3 Champion! Snowboard Challenge Champion! Sonic Champion! Space Boy Champion! Space Ace Champion! Space Evader Champion! Space Dude Champion! Space Lander Boy Champion! Species Champion! Speedy Thief Champion! Escape from Toyland Champion! SQRL Ski Champion! Star Fly Champion! Streaker Champion! Titania Champion! Strip Our Die Champion! Summer Games Champion! Summer Soaker Champion! Superball Champion! Super Headers Champion! SuperSize Me Champion! Super Mario Flash HV Champion! Surf Adventure Champion! Swim Shot Champion! Tarzan and Jane Adventure Jungle Jump Champion! The Terrortubbys Champion! The Great Candy Caper Champion! Toms Adventure 2 Champion! Tontie Champion! Tontie v2 Champion! Traffic Jam Champion! Treaty Thieve Champion! Turkey Hunter Champion! Turkey Shoot Champion! Ultimate Football Champion! UFO 101 Champion! Unreveal Tournament Champion! Vanilla Champion! The Viking Champion! Vlax Champion! Winning Streak Champion! Carious Weltling Champion! Weezer Jam Session Champion! Whack the Stress Champion! Zelda Champion! Xevoz Showdown Champion! Zero Tolerance Champion! Zizzo Challenge Champion! Floats Champion! Brighton Bounty Hunter Champion! Barb Jump Champion! Agent Footy Champion! Bubble Bobble Champion! Bubbles Champion! A-Blast Champion!
Tournaments Won: 2

Join Date: May 2003
Location: Las Vegas, NV
Posts: 4,461
SICS is on a distinguished road
Maurice's suggestions look good to me. Those look to be a couple spyware .dll files.

Erase those, and then do a scan with spybot in safe mode.

Once done post another log
__________________
MCSE,MCSA,MCP,NET+,A+,CST,CNST
ComputerProblems.org Owner
Please do not PM me for support, support will be given in the public forum only, as it will help others with the same problem
Helpful Links: Spyware Removal Tips|AntiVirus Software|Site Rules *Please Read Them*
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
 
 
  #20 (permalink)  
Old 03-13-2008, 04:09 PM
gortjake's Avatar
Cool Member
  
Europe - Geography game Champion! Falldown Champion! Fight Man Champion! Flying Plane Champion! Jungle Quest Champion! Amira Champion! Missle Defender Champion! The Naked Run Champion! Onsengame Champion! Flash Pacman Champion! Speed Master Champion! Operation Seahawk Champion! Saratoga Slingo Champion! <