Home > General > TratBHO


RgdsMark ActorSeeksJob Registered User 28-Jan-2008 19:36 #10 We are nearly done actually1. Please re-open HiJackThis and choose do a system scan only. D: is CDROM (No Media)F: is Fixed (NTFS) - 69.3 GiB total, 46.61 GiB free. \\.\PHYSICALDRIVE0 - IC35L120AVV207-0 - 115.04 GiB - 2 partitions \PARTITION0 (bootable) - Installable File System - Type Y to begin the script.

The file will be unloaded when it is no longer in use.-- Security Event Log ----------------------------------------------------------No Errors/Warnings found.-- System Event Log ------------------------------------------------------------Event Record #/Type4033 / WarningEvent Submitted/Written: 03/30/2008 09:23:47 PMEvent ID/Source: DllUnregisterServer procedure not found in C:\WINDOWS\system32\ddcbcbb.dllC:\WINDOWS\system32\ddcbcbb.dll NOT unregistered.File move failed. You can use CleanUp or the Windows Advanced Care features for that.3. System Restore cannot be disabled on Windows 9x and it's not available in Windows 2k. view publisher site

Run HJT again and put a check in the following: R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = http://fastsearchweb.com/srh.php?q=%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://1-se.com/srchasst.html (obfuscated) R3 - folder error: C:\Windows\system32**************************************************************************.Completion time: 2008-02-02 0:32:04ComboFix2.txt 2008-02-02 08:21:59.2008-02-01 07:36:10 --- E O F --- Back to top #4 larxy larxy Topic Starter Members 5 posts OFFLINE Local time:03:23 PM Posted I looked in the otscanit folder and found these two.

Games-- Registry Dump ---------------------------------------------------------------*Note* empty entries & legit default entries are not shown[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89A1E40D-0254-4F99-B9AE-B60A2D8754A9}]20/01/2008 22:49 39424 --a------ C:\WINDOWS\system32\ddcbcbb.dll[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 13:00]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 01:11]"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [09/04/2007 12:23]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [22/10/2006 11:22]"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [22/10/2006 11:22]"BigDogPath"="C:\WINDOWS\VM_STI.exe" Games2007-12-01 15:48 --------- d-----w C:\Program Files\TryMedia.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89A1E40D-0254-4F99-B9AE-B60A2D8754A9}][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! G: is Fixed (NTFS) - 34.18 GiB total, 7.23 GiB free.

Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Thank you for helping me. Please check the logs. 05.12.2007 г. 07:52:19SYSTEM1716Function setifaceUpdatePackages() has failed. http://www.geekstogo.com/forum/topic/193134-trat-bho-really-need-help-please-read-resolved/ Free/Pro/IS/Premier проблем със Win32:tratBHO << < (2/2) lubet0: да, махнах го с ад-ауеър1.6се и то от третия път. пробвах сигурно поне 10тина скенера и програми едни го намираха ма не го

Please check the logs. 28.2.2007 г. 22:45:57SYSTEM528Function setifaceUpdatePackages() has failed. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review. **Note: Do not mouseclick comboFix's window while it's running. iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Yes, my password is: Forgot your password?

Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! http://www.pcadvisor.co.uk/forum/helproom-1/win32tratbho-trj-how-keeps-coming-back-321058/ Stay logged in Sign up now! The error will be ignored. Click Next, then Install, make sure "Run fixit" is checked and click Finish.

AntivirusAzureus VuzeBelltech Business Card Designer Pro 4.7Conflict Denied OpsDell Resource CDDisney Pirates of the Caribbean OnlineDivX Content UploaderDivX Web PlayerDVD Decrypter (Remove Only)DVD Shrink 3.2DVDFab HD Decrypter Bowling 7 (remove Click Start and then click the picture at the top of the right column on the Start menu,this opens the User Accounts Control Panel.2. Very Important! Why did Avast let the program through in the first place?

Post that information back hereI will review the information when it comes back in.Please download Deckard's System Scanner (DSS) and save it to your Desktop.Close all other windows before proceeding.Double-click on Then from your desktop double-click on jre-6u4-windows-i586-p.exe to install the newest version.Please disable UAC [User Account Control].1. antivirus 4.8.1169 [VPS 080504-0] v4.8.1169 (ALWIL Software)[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1""C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"%ProgramFiles%\\AOL 9.0\\aol.exe"="%ProgramFiles%\\AOL 9.0\\aol.exe:*:Enabled:AOL""%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe:*:Enabled:SPLINTER CELL Pro v4.7.1043_Keygen_CORE.exe\[PECompact]" file. 11.11.2007 г. 23:04:19DEDI1828Sign of "Win32:ShipUp-J [trj]" has been found in "G:\PowerISO v.3.8 + KeyGen\keygen.exe" file. 16.10.2007 г. 20:24:55SYSTEM1808AAVM - scanning warning: x_AavmCheckFileDirectEx: http://fs4.filehippo.com/7294/0b67ae53b9f34e119cf17f086b7c7cbb/klcodec350f.exe (C:\WINDOWS\TEMP\_avast4_\unp84438919.tmp) returning error, 0000001E. 16.10.2007

Connect with top rated Experts 11 Experts available now in Live! Select for scanning archives. C:\WINDOWS\system32\ddcbcbb.dll scheduled to be moved on reboot.[Custom Input]< purity > OTMoveIt2 v1.0.14 log created on 01252008_141946Deckard's System Scanner v20071014.68Run by michael on 2008-01-25 14:30:24Computer is in Normal Mode.---------------------------------------------------------------------------------- HijackThis (run as

Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More...

Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exeO23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exeO23 Register now! Get 1:1 Help Now Advertise Here Enjoyed your answer? Everyone else please begin a New Topic.

Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear BleepingComputer.com Macker1 Registered User 24-Jan-2008 10:52 #4 Hello ASJ,Thanks for responding. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. Download ComboFix and save it to your desktop. **Note: In the event you already have ComboFix, this is a new version that I need you to download.

It is important that it is saved directly to your desktop** Close any open browsers and make sure you are disconnected from the net. Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Scroll down to where it says 'Java Runtime Environment (JRE) 6u4'.3.