Log reports
- Thread starter elliott
- Start date
- Status
What is your brand and model, or motherboard, and how much memory do you have?
If you have any truly evil stuff, I missed it. But you are loading a great deal of stuff each time you boot, and must have a lot of memory to deal with it.
Do you really need incredimail and SpyBot?
AVG 8.0 has been a lot of trouble compared to AVG 7.5... You might consider switching to Avir or AVAST... then use Adaware with one other good program... such as a paid one like Spyware Doctor or Spysweeper.
You don't need a lot... but you do need good.
Maybe you could tell us a bit about what kind of misbehavior you have been observing.
If you have any truly evil stuff, I missed it. But you are loading a great deal of stuff each time you boot, and must have a lot of memory to deal with it.
Do you really need incredimail and SpyBot?
AVG 8.0 has been a lot of trouble compared to AVG 7.5... You might consider switching to Avir or AVAST... then use Adaware with one other good program... such as a paid one like Spyware Doctor or Spysweeper.
You don't need a lot... but you do need good.
Maybe you could tell us a bit about what kind of misbehavior you have been observing.
xxdanielxx
Posts: 1,069 +0
Please read this post completely, it may make it easier for you if you copy and paste this post to a new text document or print it for reference later.
Please re-open HiJackThis and scan.**Check the boxes next to all the entries listed below.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: rightonadz browser optimizer - {527acd4d-b80f-b417-b9de-8d8699ff663a} - C:\WINDOWS\system32\{ec677ce4-fe9b-41c1-c23d-cceb559b37da}.dll (file missing)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {B53455DB-5527-4041-AC41-F86E6947AA47} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\kwinlmdm.exe P2D002
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/225a3a29c287dfef5204/netzip/RdxIE601.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://playweb15.pogo.com/game/deluxe/insaniquarium/popcaploader_v6.cab
Now close all windows other than HiJackThis, then click Fix Checked.**Close HiJackThis.**Reboot into safe mode.
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.
Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):
google
BearShare
Please note any other programs that you don't recognize in that list in your next response.
Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete these folders (if present):
c:\program files\google
C:\Program Files\BearShare applications
Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete these files (if present):
C:\WINDOWS\system32\{ec677ce4-fe9b-41c1-c23d-cceb559b37da}.dll
C:\WINDOWS\system32\kwinlmdm.exe
After that, Reboot, and post a new HijackThis log here in a reply
Also where is your super antispyware log attach it to the next log also check in your add/remove programs for zango and let me know if you have it. One more thing where is the combofix log
Please re-open HiJackThis and scan.**Check the boxes next to all the entries listed below.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: rightonadz browser optimizer - {527acd4d-b80f-b417-b9de-8d8699ff663a} - C:\WINDOWS\system32\{ec677ce4-fe9b-41c1-c23d-cceb559b37da}.dll (file missing)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {B53455DB-5527-4041-AC41-F86E6947AA47} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\kwinlmdm.exe P2D002
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/225a3a29c287dfef5204/netzip/RdxIE601.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://playweb15.pogo.com/game/deluxe/insaniquarium/popcaploader_v6.cab
Now close all windows other than HiJackThis, then click Fix Checked.**Close HiJackThis.**Reboot into safe mode.
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.
Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):
BearShare
Please note any other programs that you don't recognize in that list in your next response.
Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete these folders (if present):
c:\program files\google
C:\Program Files\BearShare applications
Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete these files (if present):
C:\WINDOWS\system32\{ec677ce4-fe9b-41c1-c23d-cceb559b37da}.dll
C:\WINDOWS\system32\kwinlmdm.exe
After that, Reboot, and post a new HijackThis log here in a reply
Also where is your super antispyware log attach it to the next log also check in your add/remove programs for zango and let me know if you have it. One more thing where is the combofix log
- Status
Similar threads
