HJT log attached.

[JSapit]

Hey all. I stumbled across this website while searching for online computer help forums. This is my first time posting here, so I hope you all will receive me well

I'll get right to the problems. First off, on start-up, I get this error
(it's a RUNDLL error)
"Error Loading C:\WINDOWS\system32\sruusxm.dll

The specified module could not be found."

I don't know how to get rid of that error, but it seems to cause no major problems.

Second, I've been having some popup problems, so I was wondering if there was a good, on-line virus scan that could take care of any malicious programs running on my computer? (I heard of this HijackThis! thing, but I don't know about it.)

Third, after long use, or just turning my monitor off and turning it back on, my computer slows down drastically, and I don't know why. What could be the problem of this?

Thanks in advance.

 

[kitty500cat]

Hi, welcome to TechSpot.

We always receive new members, so no need to worry

It does sound like a malware problem. Please go and read this thread and then post a HijackThis log as an attachment into this thread.

Regards

 

[JSapit]

My HijackThis! log.

Here it is, posted as an attachement.

 

[kitty500cat]

There are some infections present, but we should be able to get rid of them.

First of all, download VundoFix from here.

Double click the Vundofix.exe to run it.

Right click in the vundofix window and click add files.

Enter the full file path/s to the files you want Vundofix to delete and click the add files button, followed by the close window button. Click the remove vundo button and let Vundofix do its stuff.

These are the filepaths you need to enter into Vundofix.

C:\WINDOWS\system32\ipnydgh.dll
C:\WINDOWS\msagent\actsvs.dll
C:\WINDOWS\system32\yayyvtt.dll
C:\WINDOWS\system32\lwdwnnlc.dll
C:\WINDOWS\system32\ixt0.dll
C:\WINDOWS\SYSTEM32\winuyw32.dll

Now search your computer for the filenames above and delete all instances found.

Go into Add/Remove Programs in your Control Panel and remove anything having to do with:

SafetyBar
Bar888

Search your computer for bar888.dll and alcmtr.exe and delete all instances found. Go into C:\Program Files, and delete the entire "SafetyBar" directory.

Now have HJT fix these entries:
O2 - BHO: (no name) - {26B61245-2471-3859-3126-04487DAC7F8A} - C:\WINDOWS\system32\ipnydgh.dll (file missing)
O2 - BHO: (no name) - {2C1CB100-1E1B-4BF3-A027-B8EF1CDB73C6} - C:\WINDOWS\msagent\actsvs.dll (file missing)
O2 - BHO: (no name) - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - (no file)
O2 - BHO: (no name) - {9BBA408A-A125-4E0D-9CBF-AE3621E0D006} - C:\WINDOWS\system32\yayyvtt.dll (file missing)
O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{3843F~1\Bar888.dll
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\lwdwnnlc.dll
O2 - BHO: (no name) - {f4d74aaa-a178-4463-846b-b4bc87a024e0} - C:\WINDOWS\system32\ixt0.dll (file missing)
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{3843F~1\Bar888.dll
O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Program Files\Safety Bar\SafetyBar.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\OWNER~1.JUS\LOCALS~1\Temp\2006115211352_mcinfo.exe /insfin
O4 - HKLM\..\Run: [sruusxm.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\sruusxm.dll,nsrxhv
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) - http://cabalonline.net/com/KALogoutComponent.cab
O20 - Winlogon Notify: actsvs - C:\WINDOWS\msagent\actsvs.dll (file missing)
O20 - Winlogon Notify: winuyw32 - winuyw32.dll (file missing)
O20 - Winlogon Notify: yayyvtt - yayyvtt.dll (file missing)

Finally, go into C:\Documents and Settings\%your user name%\Local Settings\Temp and delete the file 2006115211352_mcinfo.exe. (where %your user name% is your current user name).

Now read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly, then post fresh HJT, Combofix, and AVG Antispyware logs as attachments into this thread. Also post here the results of the AVG Antirootkit scan.

Regards

This thread is for the use of JSapit only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.

 

[howard_hopkinso]

Threads merged.