John_McKenna
(HijackThis Helper)
Wed Sep 07 2005 06:56 PM
Re: Please check this log.

BigFix can automatically download and read technical support information provided by computer and software manufacturers and other technical support experts (published in the form of Fixlet® Messages) and can automatically check your computer for bugs, configuration conflicts, and security holes. Should only be started manually as it's a resource hog.


Step 1

Configure Windows to Show all hidden files & folders and ensure you're familiar with rebooting into Safe Mode.

Download & install Cleanup! from here.

Download the Lop uninstaller from here to your desktop.
(if your anti-virus detects trojan swizzor, please ignore it and download regardless, it is not harmful!)

Copy the below steps to notepad, close Internet Explorer and disconnect from the internet.



Step 2

Run HJT again and checkmark the boxes next to the following:-

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.esnwrkjicdqrmxrccsoxneqwu.inf...A9Bez5PcPdc.asp
O2 - BHO: AzEntretien Class - {0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} - %SystemRoot%\azentretien.dll (file missing)
O2 - BHO: (no name) - {592275AD-16A8-CB70-2397-87B7A0205E60} - C:\DOCUME~1\ANDREA~1\PROGRA~1\DaleLog\once grim.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [DeskMateAutoUpdate] C:\PROGRA~2\DESKMA~1\DeskMateAutoUpdate.exe
O4 - HKLM\..\Run: [BITS DUPE PING BOWS] C:\Documents and Settings\All Users\Programdata\cdrom software bits dupe\oncechic.exe
O4 - HKCU\..\Run: [Jump Mix] C:\DOCUME~1\ANDREA~1\PROGRA~1\OBJLIC~1\Window mfcd.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/azesearch.cab

Close ALL OPEN WINDOWS/BROWSERS and click Fix Checked


Step 3

Start CleanUp! and do the following:

Click the Options button.
Make sure only the following are checked:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files (XP only)
  • Scan local drives for temporary files
  • Cleanup! All Users

Click the Ok button to close the Options dialog.
Click the CleanUp! button to begin cleaning. It may take a while depending on the size of the hard drive so be patient.
When it has finished, close CleanUp! but decline to logoff when prompted.

Warning: Cleanup removves EVERYTHING in your temp/temporary folders. If you have any programs or saved work in them, please save it to another location before running Cleanup.


Step 4

Please now reboot into Safe Mode and delete the following folders in bold:

C:\Documents and Settings\ANDREA~1\PROGRA~1\OBJLIC~1\Window mfcd.exe
C:\Documents and Settings\ANDREA~1\PROGRA~1\DaleLog\once grim.exe
C:\PROGRAM FILES\DESKMATE\DeskMateAutoUpdate.exe
C:\Documents and Settings\All Users\Programdata\cdrom software bits dupe\oncechic.exe


Then run the Lop uninstaller.


Step 5

Reboot and run any of the following online virus scans (saving the scan report when complete):

Kasperskey Online
Panda ActiveScan
Trend Micro (Europe)


Step 6

Then post a fresh HJT log after rebooting along with the online scan results.

.

Contact Us | Privacy statement Main website

Webuser.co.uk

Web User Alerts

Web User Network

Site Policies

Magazine Subscription

Contacts


Search

© Copyright IPC Media Limited 2009, All rights reserved