jwbirdsong

Deckard's System Scanner Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges. Close all applications and windows. Double-click on dss.exe to run it, and follow the prompts. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here. Please attach extra.txt to your post. To attach a file to a new post, simply Go to the Atachments section on the post composition pa

Open HijackThis and place a check next to the following: O2 - BHO: (no name) - {A2DA9276-0D8E-493D-BC21-7E3BECEC0EA7} - C:\WINDOWS\system32\pmnnm.dll (file missing) O4 - HKLM\..\RunServices: [Windows Recycler] ljmwjfh.exe O20 - Winlogon Notify: pmnnm - C:\WINDOWS\system32\pmnnm.dll (file missing) Please download VundoFix.exe to your desktop Double-click VundoFix.exe to run it. Click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it st

Open HijackThis and place a check next to the following: O2 - BHO: {0b7bd7ba-9f2a-7f7a-dc74-9c382a210f23} - {32f012a2-83c9-47cd-a7f7-a2f9ab7db7b0} - (no file) O2 - BHO: (no name) - {7A5565EF-A594-46E4-AF56-FE71AEAFD7D5} - C:\Windows\system32\tuvvv.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {8BE8B8FC-BD38-46F3-8BB2-222F5DE84C49} - (no file) O2 - BHO: (no name) - {E454D3E1-0B5E-493C-BCA2-93E9F8294A00} - (no file) O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\tuvvv.dll,#1 Close ALL other windows and then cliic

Deckard's System Scanner Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges. Close all applications and windows. Double-click on dss.exe to run it, and follow the prompts. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here. Please attach extra.txt to your post. To attach a file to a new post, simply Go to the Atachments section on the post composition pa

Resolved per OP

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges. Close all applications and windows. Double-click on dss.exe to run it, and follow the prompts. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here. Please attach extra.txt to your post. To attach a file to a new post, simply Go to the Atachments section on the post composition page.(just below the text e

Any luck?

Open a new notepad 'page' and copy/paste the text in the codebox below to it: File:: C:\80avp08.com C:\xfoolavp.com C:\dosocom.com C:\WINDOWS\system32\amvo1.dll C:\WINDOWS\system32\amvo.exe C:\WINDOWS\system32\avpo0.dll C:\utdetect.com C:\usdeiect.com C:\ntde1ect.com C:\WINDOWS\Help\F3C74E3FA248.dll C:\WINDOWS\Help\F3C74E3FA248.exe C:\WINDOWS\system32\jjjlm.bak1 C:\WINDOWS\system32\jjjlm.bak2 C:\WINDOWS\system32\jjjlm.ini2 C:\WINDOWS\system32\avpo.exe C:\WINDOWS\system32\lssas.exe Folder:: C:\Documents and Settings\James1\Local Settings\Temp\ Driver:: nenum13E Registry:: [HKEY_CURRENT_USER

Download SDFix and save it to your desktop. Double click SDFix.exe and it will extract the files to C:\SDFix Please then reboot your computer in Safe Mode (without Networking) by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the option, to run Windows in Safe Mode, then press Enter. Choose your usual account. Open the C:\SDFix folder and double click RunThis.bat to start the script. Type Y

Working from chat

A malicious .DLL file is disrupting the LSP chain on your computer. We need to get rid of it. Please download LSPFix from here. Run the LSPFix.exe that you have just finished downloading. Check the I know what I'm doing box. In the Keep box you should see one or more instances of c:\windows\system32\od2media.dll. Select every instance of c:\windows\system32\od2media.dll and move each one to the Remove box by clicking the >> button. When you are done click Finish>>. Open HiJackThis. It should open to a "New users quickstart" menu Click "Open the Misc Tools section" Click "Delete a

Please go here to upload a suspicious file for analysis. Enter your username from this forum Copy and paste the link to this thread Browse for this filename: C:\WINDOWS\bvtqfvx.dll and C:\WINDOWS\alxvdvm.dll In the comments, please mention that I asked you to upload this file Click on Send File Download Combofix to your desktop. Doubleclick combofix.exe Follow the prompts. Don't click on the window while the fix is running, because that will cause your system to hang. When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt. Post this log in your next

Please download SmitfraudFix (by S!Ri) to your Desktop. (Don't worry about using this, even though some AV's will say that parts of it are malware, they are not.) Now, you should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site. Next, please reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as norma

Download SDFix and save it to your desktop. Double click SDFix.exe and it will extract the files to C:\SDFix Please then reboot your computer in Safe Mode (without Networking) by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the option, to run Windows in Safe Mode, then press Enter. Choose your usual account. Open the C:\SDFix folder and double click RunThis.bat to start the script. Type Y

Using Internet Explorer please do an online scan with Kaspersky Online Scanner Click on Kaspersky Online Scanner Click "I accept" You will be prompted to install an ActiveX component from Kaspersky, Click Yes. The program will launch and then start to download the latest definition files. Once the scanner is installed and the definitions downloaded, click Next. Now click on Scan Settings In the scan settings make sure that the following are selected: Scan using the following Anti-Virus database: Extended (If available otherwise Standard) [*]Scan Options: Scan Archives Scan Mail Bases

No that is just Windows trying to load the Vundo file that is no longer threre. We'll fix it in a moment. Open a new notepad 'page' and copy/paste the text in the codebox below to it: File:: C:\WINDOWS\system32\oqtss.ini2 Folder:: C:\WINDOWS\system32\daSgo01 Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0003afc4-9aeb-4662-b8aa-79036e249742}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{44A3420F-00CC-4798-A799-552D065F1B47}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "6423734a"=- [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\

Please download SmitfraudFix (by S!Ri) to your Desktop. (Some AV's will say that parts of it are malware, they are not.) Now, you should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site. Next, please reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, a menu with options should appear; Sele

Please download VundoFix.exe to your desktop Double-click VundoFix.exe to run it. Click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will reboot your computer, click OK. Please post the contents of C:\vundofix.txt and a the DSS results from below in a reply to this thread. Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix

Please download VundoFix.exe to your desktop Double-click VundoFix.exe to run it. Click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will reboot your computer, click OK. Please post the contents of C:\vundofix.txt and a the DSS results from below in a reply to this thread. Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix

Download Combofix to your desktop. Doubleclick combofix.exe Follow the prompts. Don't click on the window while the fix is running, because that will cause your system to hang. When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt. Post this log in your next reply .

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Open you Control Panel>Add/Remove programs> uninstall ALL old JAVA/JRE/JSE programs listed. Then download and install the latest version Java 6 Update 3 Time for some housekeeping Click START then RUN Now type Combofix /u in the runbox and click OK [*] When shown the disclaimer, Select "2" The above procedure will: Delete the following: ComboFix and its associated files and folders. VundoFix backups, if present The C:\Deckard folder, if present The C:_OtMoveIt folder, if present [*] Reset the clock settings. [*] Hide file extensions, if required. [*] Hide System/Hidden files

Sorry this reply must have slipped by me..everything looks pretty good post an update HijackThis log and any further problems the computer is having.

Yes this happens some time. ComboFix is NOT a virus..it is safe to run.... Please do so.

Couple of mine. 1st one is Gnome (used by my kids mostly) the 2nd is Fluxbox w/ fbpanel and a few dock apps (My choice) Sorry about the 'readability' of the 2nd one's screen shot term....you get the idea/info from 1st one tho.