phoenix

Members
  • Content count

    4
  • Joined

  • Last visited

About phoenix

  • Rank
    New Member

Contact Methods

  • ICQ
    0
  1. No I am deffinetly infected I cannot turn my Pc on without getting the malware sites popping up It has even taken over my desktop.I will run these and get back with you Thanks SO MUCH!!!!!
  2. Please help just got rouge remover to try and get rid of this virus and it found Absolutly nothing! Yet my Pc is definetly infected.I have Xoft SE and it finds the malware and says it will remove it but No such Luck.You guys have helped me in the past Hope you can help me now.Thats what I get for letting peopel use my PC Thanks PHOENIX
  3. So far so Good Thanks for all your HElp! Phoenix
  4. I HAVE TRIED EVERYTHING TO GET THIS ABOOUT BLANK OFF OF MY COMPUTER. I TRY TO RUN THE ABOUTBUSTER AND IT GIVES ME A"RUNTIME ERROR'6'" OVERFLOW. I MAD MY RUN IN SAFE MODE AS DESCRIBED. PLEASE HELP FINALLY GET RID OF THIS ABOUT BLANK BEFORE I GET RID OF THIS PC. HERE IS MY HIJACK THIS LOG HOPE IT HELPS. Logfile of HijackThis v1.99.1 Scan saved at 8:55:20 PM, on 3/5/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LxrJD31s.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Messenger\MSMSGS.EXE C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\WINDOWS\system32\appns32.exe C:\WINDOWS\system32\ipvf32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Compaq\Local Settings\Temporary Internet Files\Content.IE5\HXQUMLAD\HijackThis[1].exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\yedrk.dll/sp.html#87649%resultposition.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\yedrk.dll/sp.html#87649%resultposition.net R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\yedrk.dll/sp.html#87649%resultposition.net R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:3128 R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {9FA55D9D-4623-722C-F668-42A986C7E121} - (no file) O2 - BHO: Class - {B26261C6-DD9C-7B1B-9DA4-AADC705B9C91} - C:\WINDOWS\d3zp.dll O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [apibt32.exe] C:\WINDOWS\system32\apibt32.exe O4 - HKLM\..\Run: [ipie.exe] C:\WINDOWS\system32\ipie.exe O4 - HKLM\..\Run: [javayf.exe] C:\WINDOWS\javayf.exe O4 - HKLM\..\Run: [iebl.exe] C:\WINDOWS\system32\iebl.exe O4 - HKLM\..\Run: [mfczx32.exe] C:\WINDOWS\mfczx32.exe O4 - HKLM\..\Run: [iepq.exe] C:\WINDOWS\system32\iepq.exe O4 - HKLM\..\Run: [mfcyy.exe] C:\WINDOWS\system32\mfcyy.exe O4 - HKLM\..\Run: [iehd32.exe] C:\WINDOWS\iehd32.exe O4 - HKLM\..\Run: [addjr32.exe] C:\WINDOWS\addjr32.exe O4 - HKLM\..\Run: [msmk.exe] C:\WINDOWS\msmk.exe O4 - HKLM\..\Run: [atlpz.exe] C:\WINDOWS\atlpz.exe O4 - HKLM\..\Run: [MCUpdateExe] D:\McAfee.com\Agent\McUpdate.exe O4 - HKLM\..\Run: [MCAgentExe] D:\McAfee.com\Agent\McAgent.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [appns32.exe] C:\WINDOWS\system32\appns32.exe O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot O4 - HKLM\..\RunOnce: [winea32.exe] C:\WINDOWS\winea32.exe O4 - HKLM\..\RunOnce: [ipyd32.exe] C:\WINDOWS\ipyd32.exe O4 - HKLM\..\RunOnce: [msqs32.exe] C:\WINDOWS\msqs32.exe O4 - HKLM\..\RunOnce: [crfp32.exe] C:\WINDOWS\system32\crfp32.exe O4 - HKLM\..\RunOnce: [netkj.exe] C:\WINDOWS\system32\netkj.exe O4 - HKLM\..\RunOnce: [ntkp32.exe] C:\WINDOWS\ntkp32.exe O4 - HKLM\..\RunOnce: [atlje.exe] C:\WINDOWS\atlje.exe O4 - HKLM\..\RunOnce: [mfcfc.exe] C:\WINDOWS\system32\mfcfc.exe O4 - HKLM\..\RunOnce: [ipfs32.exe] C:\WINDOWS\system32\ipfs32.exe O4 - HKLM\..\RunOnce: [atlle32.exe] C:\WINDOWS\system32\atlle32.exe O4 - HKLM\..\RunOnce: [ntdb.exe] C:\WINDOWS\ntdb.exe O4 - HKLM\..\RunOnce: [ipyx.exe] C:\WINDOWS\ipyx.exe O4 - HKLM\..\RunOnce: [crqd.exe] C:\WINDOWS\system32\crqd.exe O4 - HKLM\..\RunOnce: [mfcbr.exe] C:\WINDOWS\system32\mfcbr.exe O4 - HKLM\..\RunOnce: [syspl.exe] C:\WINDOWS\syspl.exe O4 - HKLM\..\RunOnce: [winaw.exe] C:\WINDOWS\winaw.exe O4 - HKLM\..\RunOnce: [crfy.exe] C:\WINDOWS\system32\crfy.exe O4 - HKLM\..\RunOnce: [apiea32.exe] C:\WINDOWS\system32\apiea32.exe O4 - HKLM\..\RunOnce: [sysjc.exe] C:\WINDOWS\system32\sysjc.exe O4 - HKLM\..\RunOnce: [javais32.exe] C:\WINDOWS\system32\javais32.exe O4 - HKLM\..\RunOnce: [mfcom.exe] C:\WINDOWS\system32\mfcom.exe O4 - HKLM\..\RunOnce: [syssk32.exe] C:\WINDOWS\syssk32.exe O4 - HKLM\..\RunOnce: [sdkxn.exe] C:\WINDOWS\sdkxn.exe O4 - HKLM\..\RunOnce: [sdkxp32.exe] C:\WINDOWS\sdkxp32.exe O4 - HKLM\..\RunOnce: [javafv32.exe] C:\WINDOWS\javafv32.exe O4 - HKLM\..\RunOnce: [mfcqo.exe] C:\WINDOWS\system32\mfcqo.exe O4 - HKLM\..\RunOnce: [crzw.exe] C:\WINDOWS\system32\crzw.exe O4 - HKLM\..\RunOnce: [atlth.exe] C:\WINDOWS\atlth.exe O4 - HKLM\..\RunOnce: [winjx.exe] C:\WINDOWS\winjx.exe O4 - HKLM\..\RunOnce: [javazd32.exe] C:\WINDOWS\system32\javazd32.exe O4 - HKLM\..\RunOnce: [ipvf32.exe] C:\WINDOWS\system32\ipvf32.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1115263800969 O16 - DPF: {DE4735F3-7532-4895-93DC-911111111173} - http://afris.biz/ex.exe O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe PHOENIX