Is Your System Infected with a Virus / Spyware / Adware / Trojan? – Part II



NOTE: This topic is closed for new posts. Please use following topic for posting your HijackThis log file:

Post Your HijackThis Log File Here

HOW TO POST:

If your system is running very slow or giving random problems, there are chances that its infected with a virus. Download HijackThis from the link given below and scan your system with it. It'll generate a log file, copy the content of the log file and post here.

Download HijackThis Installer

Download HijackThis Zip

Download HijackThis Executable

HOW TO FIX:

To fix the suggested entries, Boot your Windows in Safe Mode by pressing “F8″ key at system startup and select "Safe Mode" option. Run HijackThis again. Then select the entries and click on “Fix checked” button.

Also don't forget to scan your system with a good anti-virus and anti-spyware software.

You can also visit following tutorial to speedup your Windows:

Master Tutorial to Make Your Windows XP Super Fast

Master Tutorial to Make Your Windows VISTA Super Fast

Master Tutorial to Make Your Windows 7 Super Fast



This article was posted in Security Zone, Troubleshooting.

Subscribe to RSS Feed | Email Newsletter | More Articles

Related Articles

Popular Articles



592 Comments

1 ... 58 59 60

  • DEN

    Been having serious problems with my computer. Task Manager is disabled by admin, etc. Had XP Police and managed to delete it manually, but I'm unable to do the same for Spyware Protect 2009 and whatever else I have.

  • VG

    ^^ Fix following:

    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\twex.exe,
    O2 - BHO: worldadmarketplace browser enhancer - {4FBBDF56-8AB7-2ED3-FFE2-97B4B83FAB9B} - C:\WINDOWS\system32\vdstfcgyupiv.dll
    O2 - BHO: (no name) - {77AB5974-55A3-4737-9FD5-B93C64307F78} - C:\WINDOWS\system32\llguvcfo.dll
    O2 - BHO: (no name) - {9f719a05-a752-4d29-8817-8ca9c970071a} - C:\WINDOWS\system32\mihamake.dll
    O2 - BHO: worldadmarketplace - {c965dd6c-702b-c604-fcd9-af5dc15d53ab} - C:\WINDOWS\system32\nsoB.dll
    O2 - BHO: HelloWorldBHO - {D88E1558-7C2D-407A-953A-C044F5607CEA} - C:\Program Files\Mjcore\Mjcore.dll
    O4 - HKLM\..\Run: [punovefupi] Rundll32.exe "C:\WINDOWS\system32\tijevufi.dll",s
    O4 - HKLM\..\Run: [txctjwgzrmci] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\vdstfcgyupiv.dll"
    O4 - HKLM\..\Run: [5cfa2258] rundll32.exe "C:\WINDOWS\system32\fisalunu.dll",b
    O4 - HKLM\..\Run: [CPM5fc911c4] Rundll32.exe "c:\windows\system32\dojisino.dll",a
    O4 - HKCU\..\Run: [cogad] "C:\Documents and Settings\Ahz\Application Data\cogad\cogad.exe" 61A847B5BBF72813338B2B27128065E9C084320161C4661227A755E9C2933154389A
    O4 - HKCU\..\Run: [Twain] C:\Documents and Settings\Ahz\Application Data\Twain\Twain.exe
    O4 - HKCU\..\Run: [GetPack30] "C:\Program Files\GetPack\GetPack30.exe"
    O4 - HKCU\..\Run: [sysguard] C:\WINDOWS\sysguard.exe
    O4 - HKCU\..\Run: [PoliceAV] C:\Program Files\XPPoliceAntivirus\xppolice.exe
    O4 - HKCU\..\Policies\Explorer\Run: [svcho] C:\WINDOWS\svcho.exe
    O4 - HKUS\S-1-5-19\..\Run: [punovefupi] Rundll32.exe "C:\WINDOWS\system32\tijevufi.dll",s (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [punovefupi] Rundll32.exe "C:\WINDOWS\system32\tijevufi.dll",s (User 'NETWORK SERVICE')
    O20 - AppInit_DLLs: zudwwn.dll dhfblh.dll rsbahc.dll C:\WINDOWS\system32\bufufodu.dll kebyqb.dll ikxgqj.dll anokrj.dll hiogfv.dll mffjqj.dll bjvllo.dll uhsxwg.dll mowgml.dll c:\windows\system32\dojisino.dll

    @Saoirse
    Did you try to fix the entry in Safe Mode?

    @Eric
    Fix following:

    O4 - HKLM\..\Run: [Windows Updates] update.exe
    O4 - HKLM\..\RunServices: [Windows Updates] update.exe

    @The Champ
    Following entry looks suspicious to me. Fix following if you don't know the app:

    O4 - HKCU\..\Run: [ThetaWall] D:\Downloads\Pictures\Bollywood\ThetaWall.exe

1 ... 58 59 60