Well, probly searchin a dodgey or something. I just turned my PC on to findi t laggy as ****, I cannot shut down by the start menu, cannot open task manager, cannot open Run prompt thing.

I finally got rid of that with Search n Destroy. However, it searchs quite a thew more, I delete them then its like 'You must restart you PC and run this program whilst windows loads, as some virus are in the memory' or some kinda annoyin BS. So I do all this fkn **** AND ITS STILL THEIR THE LITTLE ****ERZ!!

You actually dont no how annoyin this peice of **** is, arrrrg!! Fkn wankin 'wannabe pr0 hackers'. Anyways, can anybody help?! Iv used AVG, SpyBot, LIVE Checker or summit.

Please dont flame me -.- Just help. I remember, about 1 Year I had some malware/spyware and I dont this weird tutorial where i load a program which i added to my floppy and loaded, but I cannot find that tutorial nor can I start in Safe Mode, just spamms me sayin some random .dll bull**** files loaded, then nothing else.

Please guys, you dont no how desperate i am for this littlev peice of **** off my pc, i cannot do **** and well, i have no life !! :) PC is my life, especially since im on Skool Holidays. Im actually thinkin about reinstallin Windows again, thats how annoyed and pissed off i am with this little ****. UGH!!

Thanks in Advance to those that help.

Okay no need to swear and learn to type proper English. Download a program called HijackThis (http://www.spywareinfo.com/~merijn/programs.php). Run it and paste the results here.

Sorry, butg this has been happenin ages, im just just uber annoyed.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:56:01, on 16/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Xfire\xfire.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Windows Media Player\wmplayer.exe
C:\demoa\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O2 - BHO: (no name) - {5D07D972-F9E4-4891-885C-03A997253E23} - D:\WINDOWS\system32\gebcc.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - D:\Program Files\Dealio\kb106\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} - D:\WINDOWS\system32\egiyoxur.dll (file missing)
O2 - BHO: (no name) - {F4002052-AB29-4B33-8C8D-0E99084564EC} - D:\WINDOWS\system32\opnlkig.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - D:\Program Files\Dealio\kb106\Dealio.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "D:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [AOLDialer] D:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] D:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HostManager] D:\Program Files\Common Files\AOL\1173378275\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Xfire Music] "D:\Program Files\Xfire\xfiremusic.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [pipmon] pipmon.exe
O4 - HKLM\..\Run: [au] D:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "D:\WINDOWS\system32\rjxjstsd.dll",forkonce
O4 - HKLM\..\Run: [LiveProtect] "D:\Program Files\LiveProtect\LiveProtect.exe" -h
O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [igndlm.exe] D:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Battery Doubler.lnk = D:\Program Files\Dachshund Software\Battery Doubler\Battery Doubler.exe
O4 - Startup: Hare.lnk = D:\Documents and Settings\kevin wills\Desktop\Hare.exe
O4 - Startup: TA_Start.lnk = D:\WINDOWS\system32\dwdsregt.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = D:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = D:\Program Files\AOL 9.0\aoltray.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &AOL Toolbar search - res://D:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Compare Prices with &Dealio - D:\Program Files\Dealio\kb106\res\DealioSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - D:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - D:\Program Files\Dealio\kb106\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - D:\Program Files\Yahoo!\Common\Yinsthelper.dll
O20 - Winlogon Notify: gebcc - D:\WINDOWS\system32\gebcc.dll
O20 - Winlogon Notify: opnlkig - D:\WINDOWS\SYSTEM32\opnlkig.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - D:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apache2Triad Apache2 Service (Apache2) - Apache Software Foundation - D:\apache2triad\bin\httpd.exe
O23 - Service: Apache2Triad Apache2 Service with SSL (Apache2SSL) - Apache Software Foundation - D:\apache2triad\bin\httpd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Apache2Triad MySql Service (MySql) - Unknown owner - D:\apache2triad\mysql\bin\mysqld.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Apache2Triad PostgreSQL Service (PgSql) - PostgreSQL Global Development Group - D:\apache2triad\pgsql\bin\pg_ctl.exe
O23 - Service: SlimFTPd - Unknown owner - D:\apache2triad\ftp\SlimFTPd.exe
O23 - Service: wampapache - Unknown owner - D:\wamp\apache2\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - D:\wamp\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - D:\WINDOWS\wanmpsvc.exe
O23 - Service: Apache2Triad Xmail Service (XMail) - Unknown owner - D:\apache2triad\mail\bin\XMail.exe

--
End of file - 10753 bytes

^that?

o.0 My Privacy, I just read it. xD No flamin my progs boys, I closed like everythin to try and increase my performance, which helped the littlest possible, me thinkz.

Wow sigh, Windows is dire, it says I close these programs, which it obviously do NOT. *claps Mircosoft* xD

Not sure I understand your english but, at the end of the first list is shows


C:\demoa\HiJackThis_v2.exe


If it were my PC, I would delete this. if it turns out to be something you need, then you should have the initial install files to re-install it. Otherwise, it should go.

bazz

That's the program that is generating the list (i.e. Trend Micro HijackThis v2.0.0).

You should take out the following

O4 - HKLM\..\Run: [pipmon] pipmon.exe
O4 - HKLM\..\Run: [au] D:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "D:\WINDOWS\system32\rjxjstsd.dll",forkonce

O4 - Startup: Hare.lnk = D:\Documents and Settings\kevin wills\Desktop\Hare.exe
O4 - Startup: TA_Start.lnk = D:\WINDOWS\system32\dwdsregt.exe


There's a bunch of other things that you probably don't need at startup. So you may want to go through the startup list and pare it down. Also some of those services that you probably don't want running (the apache and nero ones - the indexing services are good at bringing computers to a crawl).

semper fi...

Do this in Safe Mode (http://www.computerhope.com/issues/chsafe.htm#02):

Start > Run
Type: msconfig
Click OK

Click the startup tab, and see if you can find and disable what javabits told you. Just don't go crazy and disable everything :p

Run Spybot
Run Ad-Aware (http://www.download.com/Ad-Aware-2007-Free/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5)
Run an antivirus software.
You could also try Ccleaner (http://www.ccleaner.com/)
Restart in normal mode - and hopefully it should be all good.

Thanks guys, I shall tell you the outcome later on. But before I do this, I must be able to access the 'Safe Mode' boot. Im holding the F8 key, hit Safe Mode and then, it loads all these files listed like this:

'multi(0)disk(0)rdisk(1)partition(1)\windows\system32\drivers\ ACPI.sys'

That is the basic structure of 1 of many, many files that are loaded. Once they are loaded its basicly freezes. I can only turn off VIA the Button on my PC, that blank screen with white writin stays. :s

Also, a little small peice of Malwar/Spyware/Virus? I no that to launch Internet Explorer the command is 'iexplore.exe', well, in my Processes tab within the Task Manager theirs a file namedd 'IEXPLORE.EXE' when Internet Explorer isnt even loaded, along with the weird capitalize 'IEXPLORE' text.

Thanks in Advance.

Good, free, real-time protection from spyware and adware:

http://www.javacoolsoftware.com/spywareblaster.html

and

http://www.javacoolsoftware.com/spywareguard.html

Configure them and you will never notice them anymore as long as you live. They just run silently in the background, no popups or anything. And they work...

OK, thanks. I'll report later. :)

Err, Jut mate. That dont help me? It doesnt giv the option to remove nor scan, just prevents future Spyware from downloadin -.- Im lookin to remove this, or get into my SafeMode boot.

How long did you wait when it froze when loading into safe mode? Some computers can take an awfully long time to load into safe mode. My laptop takes at least 5 minutes usually.

Aprox. 15mins, and my PC isnt that bad.

Err, Jut mate. That dont help me? It doesnt giv the option to remove nor scan, just prevents future Spyware from downloadin -.- Im lookin to remove this, or get into my SafeMode boot.

Well, it will prevent most of that malware getting in again. :rolleyes:

Ignore my Aprox. 15mins post, I dont know why, but I left my PC idlein for 2Mins, came back and SafeMode has booted, I must of forgotten the time I orginally left my PC.

Thanks for all you'r help guys, its fixed. Much LUV! <3