Jump to content


Photo

random exe generation problems


  • Please log in to reply
1 reply to this topic

#1 dave_price

dave_price

    Member

  • New Member
  • Pip
  • 1 posts

Posted 06 July 2004 - 05:35 PM

Hi all,

This is a log file for my brothers comp. Norton Firewall pops up intermittently with exes with names like dfjkdfjdkf.exe and so on. I ended processes on roughriders.exe and skinkers.exe, so not sure if HJT will show them, but they are on there. Can you let me know if that is whats causing the problem or if its something more?

Logfile of HijackThis v1.97.7
Scan saved at 23:24:01, on 06/07/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\Program Files\Norton Personal Firewall\ccPxySvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system32\cmt101.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\System32\GSICON.EXE
C:\WINDOWS\System32\dslagent.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\tsynuv.exe
C:\windows\system32\sncntr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe
C:\Program Files\Sky Alerts\skinkers.exe
C:\Valve\Steam\Steam.exe
C:\Program Files\Eyetide Media\Eyetide Viewer\EyetideController.exe
c:\Program Files\over.exe
C:\WINDOWS\System32\IMAPD.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\John\Desktop\hjtlog.exe
c:\hijackthis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell...gen/default.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell...gen/default.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell...gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0
R3 - URLSearchHook: MrSmiley Popup Blocker - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - C:\Program Files\MrSmiley Popup Blocker\toolbar.dll (file missing)
F1 - win.ini: run=c:\windows\system32\cmt101.exe
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Messenger\ycomp.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Messenger\ycomp.dll
O3 - Toolbar: MrSmiley Popup Blocker - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - C:\Program Files\MrSmiley Popup Blocker\toolbar.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gjecai] C:\WINDOWS\System32\tsynuv.exe
O4 - HKLM\..\Run: [sncntr] c:\windows\system32\sncntr.exe /nocomm
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [EVPHYWMV] c:\windows\system32\evphywmv.exe /install
O4 - HKLM\..\Run: [BZNMCBLM] c:\windows\system32\bznmcblm.exe /install
O4 - HKLM\..\Run: [CLENVKCB] c:\windows\system32\clenvkcb.exe /install
O4 - HKLM\..\Run: [IWWHRXTH] c:\windows\system32\iwwhrxth.exe /install
O4 - HKLM\..\Run: [EZNNJLDJ] c:\windows\system32\eznnjldj.exe /install
O4 - HKLM\..\Run: [KPLNKUIK] c:\windows\system32\kplnkuik.exe /install
O4 - HKLM\..\Run: [JEABEZXV] c:\windows\system32\jeabezxv.exe /install
O4 - HKLM\..\Run: [PESKHMJQ] c:\windows\system32\peskhmjq.exe /install
O4 - HKLM\..\Run: [TADYXIVI] c:\windows\system32\tadyxivi.exe /install
O4 - HKLM\..\Run: [HGBRUNPL] c:\windows\system32\hgbrunpl.exe /install
O4 - HKLM\..\Run: [ENGMADPR] c:\windows\system32\engmadpr.exe /install
O4 - HKLM\..\Run: [UVCWWZPK] c:\windows\system32\uvcwwzpk.exe /install
O4 - HKLM\..\Run: [MCVNSQWT] c:\windows\system32\mcvnsqwt.exe /install
O4 - HKLM\..\Run: [QTVUCVDB] c:\windows\system32\qtvucvdb.exe /install
O4 - HKLM\..\Run: [ARBMPSXM] c:\windows\system32\arbmpsxm.exe /install
O4 - HKLM\..\Run: [MMATYFMP] c:\windows\system32\mmatyfmp.exe /install
O4 - HKLM\..\Run: [PTSWYLFX] c:\windows\system32\ptswylfx.exe /install
O4 - HKLM\..\Run: [TEQPZLKV] c:\windows\system32\teqpzlkv.exe /install
O4 - HKLM\..\Run: [DXTDCCIW] c:\windows\system32\dxtdcciw.exe /install
O4 - HKLM\..\Run: [TXGESPSG] c:\windows\system32\txgespsg.exe /install
O4 - HKLM\..\Run: [TTJBYBOG] c:\windows\system32\ttjbybog.exe /install
O4 - HKLM\..\Run: [SMULHQBH] c:\windows\system32\smulhqbh.exe /install
O4 - HKLM\..\Run: [BMGSLUYW] c:\windows\system32\bmgsluyw.exe /install
O4 - HKLM\..\Run: [ARBHPOSX] c:\windows\system32\arbhposx.exe /install
O4 - HKLM\..\Run: [KCRPBFLK] c:\windows\system32\kcrpbflk.exe /install
O4 - HKLM\..\Run: [ZEPQWOCI] c:\windows\system32\zepqwoci.exe /install
O4 - HKLM\..\Run: [DXVHYPAN] c:\windows\system32\dxvhypan.exe /install
O4 - HKLM\..\Run: [PAOZXLOA] c:\windows\system32\paozxloa.exe /install
O4 - HKLM\..\Run: [AIVAIDPE] c:\windows\system32\aivaidpe.exe /install
O4 - HKLM\..\Run: [YJKIRMTW] c:\windows\system32\yjkirmtw.exe /install
O4 - HKLM\..\Run: [CKFPRXIU] c:\windows\system32\ckfprxiu.exe /install
O4 - HKLM\..\Run: [XKEZSTKK] c:\windows\system32\xkezstkk.exe /install
O4 - HKLM\..\Run: [UGAMTJVA] c:\windows\system32\ugamtjva.exe /install
O4 - HKLM\..\Run: [CIHGQWCM] c:\windows\system32\cihgqwcm.exe /install
O4 - HKLM\..\Run: [SQVKBEVZ] c:\windows\system32\sqvkbevz.exe /install
O4 - HKLM\..\Run: [BBBVFXRZ] c:\windows\system32\bbbvfxrz.exe /install
O4 - HKLM\..\Run: [BGITCJCL] c:\windows\system32\bgitcjcl.exe /install
O4 - HKLM\..\Run: [UZPLZUCT] c:\windows\system32\uzplzuct.exe /install
O4 - HKLM\..\Run: [BDRPWGOM] c:\windows\system32\bdrpwgom.exe /install
O4 - HKLM\..\Run: [ZVLQFBLF] c:\windows\system32\zvlqfblf.exe /install
O4 - HKLM\..\Run: [DLHKIXJK] c:\windows\system32\dlhkixjk.exe /install
O4 - HKLM\..\Run: [EYYYAWHU] c:\windows\system32\eyyyawhu.exe /install
O4 - HKLM\..\Run: [EIFHPBIO] c:\windows\system32\eifhpbio.exe /install
O4 - HKLM\..\Run: [ENEERROT] c:\windows\system32\eneerrot.exe /install
O4 - HKLM\..\Run: [MHTFEEVK] c:\windows\system32\mhtfeevk.exe /install
O4 - HKLM\..\Run: [WPXDOEMP] c:\windows\system32\wpxdoemp.exe /install
O4 - HKLM\..\Run: [JAXFMPVX] c:\windows\system32\jaxfmpvx.exe /install
O4 - HKLM\..\Run: [DQJQNCLP] c:\windows\system32\dqjqnclp.exe /install
O4 - HKLM\..\Run: [UJIDGLVY] c:\windows\system32\ujidglvy.exe /install
O4 - HKLM\..\Run: [PUTGQCCI] c:\windows\system32\putgqcci.exe /install
O4 - HKLM\..\Run: [ESIYCKBC] c:\windows\system32\esiyckbc.exe /install
O4 - HKLM\..\Run: [HWCFXMRK] c:\windows\system32\hwcfxmrk.exe /install
O4 - HKLM\..\Run: [SRUAKGZB] c:\windows\system32\sruakgzb.exe /install
O4 - HKLM\..\Run: [FBNPNIZC] c:\windows\system32\fbnpnizc.exe /install
O4 - HKLM\..\Run: [JQBDLXHH] c:\windows\system32\jqbdlxhh.exe /install
O4 - HKLM\..\Run: [YXADDUSJ] c:\windows\system32\yxaddusj.exe /install
O4 - HKLM\..\Run: [FIYSRESE] c:\windows\system32\fiysrese.exe /install
O4 - HKLM\..\Run: [SVVUFAWJ] c:\windows\system32\svvufawj.exe /install
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [GVZSHZMT] c:\windows\system32\gvzshzmt.exe /install
O4 - HKLM\..\Run: [RoughRiders] C:\Program Files\WMx\Dialers\RoughRiders\RoughRiders.exe /dontdial
O4 - HKLM\..\Run: [CVXEORGV] c:\windows\system32\cvxeorgv.exe /install
O4 - HKLM\..\Run: [LRQPKLIB] c:\windows\system32\lrqpklib.exe /install
O4 - HKLM\..\Run: [TYSBWFME] c:\windows\system32\tysbwfme.exe /install
O4 - HKLM\..\Run: [DHQKDOJA] c:\windows\system32\dhqkdoja.exe /install
O4 - HKLM\..\Run: [UFJXVLNJ] c:\windows\system32\ufjxvlnj.exe /install
O4 - HKLM\..\Run: [TZVSKEGL] c:\windows\system32\tzvskegl.exe /install
O4 - HKLM\..\Run: [XRVRGWIZ] c:\windows\system32\xrvrgwiz.exe /install
O4 - HKLM\..\Run: [VNARJKRD] c:\windows\system32\vnarjkrd.exe /install
O4 - HKLM\..\Run: [Cmt101] c:\windows\system32\cmt101.exe
O4 - HKLM\..\Run: [MMHGTNRA] c:\windows\system32\mmhgtnra.exe /install
O4 - HKLM\..\Run: [IMAPD] C:\WINDOWS\System32\IMAPD.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [SkySportsCluster] C:\Program Files\Sky Alerts\skinkers.exe
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Cmt101] c:\windows\system32\cmt101.exe
O4 - Startup: Eyetide Launcher.lnk = C:\Program Files\Eyetide Media\Eyetide Viewer\EyetideController.exe
O8 - Extra context menu item: &MrSmiley Toolbar search - res://C:\Program Files\MrSmiley Popup Blocker\toolbar.dll/SEARCH.HTML
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {034CC2DC-3245-4B26-B5C7-7B8777739CB7} - http://gaming.gamesp...ming/gaming.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.ma...director/sw.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yaho...s/yinst0309.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comne...iveSecurity.cab
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} -
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://download.yaho...utocomplete.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.app.../ITDetector.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark...en/AMClient.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFA761A9-6215-493E-B65A-E9B62701E273}: NameServer = 194.74.65.69 194.72.9.34

#2 dave38

dave38

    Devout Murphyite!

  • Emeritus
  • PipPipPipPipPip
  • 8,508 posts

Posted 06 July 2004 - 05:56 PM

Have Hijack This fix all of the following by placing a check in the appropriate boxes and hitting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

R3 - URLSearchHook: MrSmiley Popup Blocker - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - C:\Program Files\MrSmiley Popup Blocker\toolbar.dll (file missing)

F1 - win.ini: run=c:\windows\system32\cmt101.exe

O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)

O3 - Toolbar: MrSmiley Popup Blocker - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - C:\Program Files\MrSmiley Popup Blocker\toolbar.dll (file missing)

O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [gjecai] C:\WINDOWS\System32\tsynuv.exe
O4 - HKLM\..\Run: [sncntr] c:\windows\system32\sncntr.exe /nocomm
O4 - HKLM\..\Run: [EVPHYWMV] c:\windows\system32\evphywmv.exe /install
O4 - HKLM\..\Run: [BZNMCBLM] c:\windows\system32\bznmcblm.exe /install
O4 - HKLM\..\Run: [CLENVKCB] c:\windows\system32\clenvkcb.exe /install
O4 - HKLM\..\Run: [IWWHRXTH] c:\windows\system32\iwwhrxth.exe /install
O4 - HKLM\..\Run: [EZNNJLDJ] c:\windows\system32\eznnjldj.exe /install
O4 - HKLM\..\Run: [KPLNKUIK] c:\windows\system32\kplnkuik.exe /install
O4 - HKLM\..\Run: [JEABEZXV] c:\windows\system32\jeabezxv.exe /install
O4 - HKLM\..\Run: [PESKHMJQ] c:\windows\system32\peskhmjq.exe /install
O4 - HKLM\..\Run: [TADYXIVI] c:\windows\system32\tadyxivi.exe /install
O4 - HKLM\..\Run: [HGBRUNPL] c:\windows\system32\hgbrunpl.exe /install
O4 - HKLM\..\Run: [ENGMADPR] c:\windows\system32\engmadpr.exe /install
O4 - HKLM\..\Run: [UVCWWZPK] c:\windows\system32\uvcwwzpk.exe /install
O4 - HKLM\..\Run: [MCVNSQWT] c:\windows\system32\mcvnsqwt.exe /install
O4 - HKLM\..\Run: [QTVUCVDB] c:\windows\system32\qtvucvdb.exe /install
O4 - HKLM\..\Run: [ARBMPSXM] c:\windows\system32\arbmpsxm.exe /install
O4 - HKLM\..\Run: [MMATYFMP] c:\windows\system32\mmatyfmp.exe /install
O4 - HKLM\..\Run: [PTSWYLFX] c:\windows\system32\ptswylfx.exe /install
O4 - HKLM\..\Run: [TEQPZLKV] c:\windows\system32\teqpzlkv.exe /install
O4 - HKLM\..\Run: [DXTDCCIW] c:\windows\system32\dxtdcciw.exe /install
O4 - HKLM\..\Run: [TXGESPSG] c:\windows\system32\txgespsg.exe /install
O4 - HKLM\..\Run: [TTJBYBOG] c:\windows\system32\ttjbybog.exe /install
O4 - HKLM\..\Run: [SMULHQBH] c:\windows\system32\smulhqbh.exe /install
O4 - HKLM\..\Run: [BMGSLUYW] c:\windows\system32\bmgsluyw.exe /install
O4 - HKLM\..\Run: [ARBHPOSX] c:\windows\system32\arbhposx.exe /install
O4 - HKLM\..\Run: [KCRPBFLK] c:\windows\system32\kcrpbflk.exe /install
O4 - HKLM\..\Run: [ZEPQWOCI] c:\windows\system32\zepqwoci.exe /install
O4 - HKLM\..\Run: [DXVHYPAN] c:\windows\system32\dxvhypan.exe /install
O4 - HKLM\..\Run: [PAOZXLOA] c:\windows\system32\paozxloa.exe /install
O4 - HKLM\..\Run: [AIVAIDPE] c:\windows\system32\aivaidpe.exe /install
O4 - HKLM\..\Run: [YJKIRMTW] c:\windows\system32\yjkirmtw.exe /install
O4 - HKLM\..\Run: [CKFPRXIU] c:\windows\system32\ckfprxiu.exe /install
O4 - HKLM\..\Run: [XKEZSTKK] c:\windows\system32\xkezstkk.exe /install
O4 - HKLM\..\Run: [UGAMTJVA] c:\windows\system32\ugamtjva.exe /install
O4 - HKLM\..\Run: [CIHGQWCM] c:\windows\system32\cihgqwcm.exe /install
O4 - HKLM\..\Run: [SQVKBEVZ] c:\windows\system32\sqvkbevz.exe /install
O4 - HKLM\..\Run: [BBBVFXRZ] c:\windows\system32\bbbvfxrz.exe /install
O4 - HKLM\..\Run: [BGITCJCL] c:\windows\system32\bgitcjcl.exe /install
O4 - HKLM\..\Run: [UZPLZUCT] c:\windows\system32\uzplzuct.exe /install
O4 - HKLM\..\Run: [BDRPWGOM] c:\windows\system32\bdrpwgom.exe /install
O4 - HKLM\..\Run: [ZVLQFBLF] c:\windows\system32\zvlqfblf.exe /install
O4 - HKLM\..\Run: [DLHKIXJK] c:\windows\system32\dlhkixjk.exe /install
O4 - HKLM\..\Run: [EYYYAWHU] c:\windows\system32\eyyyawhu.exe /install
O4 - HKLM\..\Run: [EIFHPBIO] c:\windows\system32\eifhpbio.exe /install
O4 - HKLM\..\Run: [ENEERROT] c:\windows\system32\eneerrot.exe /install
O4 - HKLM\..\Run: [MHTFEEVK] c:\windows\system32\mhtfeevk.exe /install
O4 - HKLM\..\Run: [WPXDOEMP] c:\windows\system32\wpxdoemp.exe /install
O4 - HKLM\..\Run: [JAXFMPVX] c:\windows\system32\jaxfmpvx.exe /install
O4 - HKLM\..\Run: [DQJQNCLP] c:\windows\system32\dqjqnclp.exe /install
O4 - HKLM\..\Run: [UJIDGLVY] c:\windows\system32\ujidglvy.exe /install
O4 - HKLM\..\Run: [PUTGQCCI] c:\windows\system32\putgqcci.exe /install
O4 - HKLM\..\Run: [ESIYCKBC] c:\windows\system32\esiyckbc.exe /install
O4 - HKLM\..\Run: [HWCFXMRK] c:\windows\system32\hwcfxmrk.exe /install
O4 - HKLM\..\Run: [SRUAKGZB] c:\windows\system32\sruakgzb.exe /install
O4 - HKLM\..\Run: [FBNPNIZC] c:\windows\system32\fbnpnizc.exe /install
O4 - HKLM\..\Run: [JQBDLXHH] c:\windows\system32\jqbdlxhh.exe /install
O4 - HKLM\..\Run: [YXADDUSJ] c:\windows\system32\yxaddusj.exe /install
O4 - HKLM\..\Run: [FIYSRESE] c:\windows\system32\fiysrese.exe /install
O4 - HKLM\..\Run: [SVVUFAWJ] c:\windows\system32\svvufawj.exe /install
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [GVZSHZMT] c:\windows\system32\gvzshzmt.exe /install
O4 - HKLM\..\Run: [RoughRiders] C:\Program Files\WMx\Dialers\RoughRiders\RoughRiders.exe /dontdial
O4 - HKLM\..\Run: [CVXEORGV] c:\windows\system32\cvxeorgv.exe /install
O4 - HKLM\..\Run: [LRQPKLIB] c:\windows\system32\lrqpklib.exe /install
O4 - HKLM\..\Run: [TYSBWFME] c:\windows\system32\tysbwfme.exe /install
O4 - HKLM\..\Run: [DHQKDOJA] c:\windows\system32\dhqkdoja.exe /install
O4 - HKLM\..\Run: [UFJXVLNJ] c:\windows\system32\ufjxvlnj.exe /install
O4 - HKLM\..\Run: [TZVSKEGL] c:\windows\system32\tzvskegl.exe /install
O4 - HKLM\..\Run: [XRVRGWIZ] c:\windows\system32\xrvrgwiz.exe /install
O4 - HKLM\..\Run: [VNARJKRD] c:\windows\system32\vnarjkrd.exe /install
O4 - HKLM\..\Run: [Cmt101] c:\windows\system32\cmt101.exe
O4 - HKLM\..\Run: [MMHGTNRA] c:\windows\system32\mmhgtnra.exe /install
O4 - HKLM\..\Run: [IMAPD] C:\WINDOWS\System32\IMAPD.exe
O4 - HKCU\..\Run: [SkySportsCluster] C:\Program Files\Sky Alerts\skinkers.exe
O4 - HKCU\..\Run: [Cmt101] c:\windows\system32\cmt101.exe

O8 - Extra context menu item: &MrSmiley Toolbar search - res://C:\Program Files\MrSmiley Popup Blocker\toolbar.dll/SEARCH.HTML

Reboot and delete

files
C:\WINDOWS\System32\tsynuv.exe
c:\windows\system32\sncntr.exe
c:\windows\system32\evphywmv.exe
c:\windows\system32\bznmcblm.exe
c:\windows\system32\clenvkcb.exe
c:\windows\system32\iwwhrxth.exe
c:\windows\system32\eznnjldj.exe
c:\windows\system32\kplnkuik.exe
c:\windows\system32\jeabezxv.exe
c:\windows\system32\peskhmjq.exe
c:\windows\system32\tadyxivi.exe
c:\windows\system32\hgbrunpl.exe
c:\windows\system32\engmadpr.exe
c:\windows\system32\uvcwwzpk.exe
c:\windows\system32\mcvnsqwt.exe
c:\windows\system32\qtvucvdb.exe
c:\windows\system32\arbmpsxm.exe
c:\windows\system32\mmatyfmp.exe
c:\windows\system32\ptswylfx.exe
c:\windows\system32\teqpzlkv.exe
c:\windows\system32\dxtdcciw.exe
c:\windows\system32\txgespsg.exe
c:\windows\system32\ttjbybog.exe
c:\windows\system32\smulhqbh.exe
c:\windows\system32\bmgsluyw.exe
c:\windows\system32\arbhposx.exe
c:\windows\system32\kcrpbflk.exe
c:\windows\system32\zepqwoci.exe
c:\windows\system32\dxvhypan.exe
c:\windows\system32\paozxloa.exe
c:\windows\system32\aivaidpe.exe
c:\windows\system32\yjkirmtw.exe
c:\windows\system32\ckfprxiu.exe
c:\windows\system32\xkezstkk.exe
c:\windows\system32\ugamtjva.exe
c:\windows\system32\cihgqwcm.exe
c:\windows\system32\sqvkbevz.exe
c:\windows\system32\bbbvfxrz.exe
c:\windows\system32\bgitcjcl.exe
c:\windows\system32\uzplzuct.exe
c:\windows\system32\bdrpwgom.exe
c:\windows\system32\zvlqfblf.exe
c:\windows\system32\dlhkixjk.exe
c:\windows\system32\eyyyawhu.exe
c:\windows\system32\eifhpbio.exe
c:\windows\system32\eneerrot.exe
c:\windows\system32\mhtfeevk.exe
c:\windows\system32\wpxdoemp.exe
c:\windows\system32\jaxfmpvx.exe
c:\windows\system32\dqjqnclp.exe
c:\windows\system32\ujidglvy.exe
c:\windows\system32\putgqcci.exe
c:\windows\system32\esiyckbc.exe
c:\windows\system32\hwcfxmrk.exe
c:\windows\system32\sruakgzb.exe
c:\windows\system32\fbnpnizc.exe
c:\windows\system32\jqbdlxhh.exe
c:\windows\system32\yxaddusj.exe
c:\windows\system32\fiysrese.exe
c:\windows\system32\svvufawj.exe
c:\windows\system32\gvzshzmt.exe
c:\windows\system32\cvxeorgv.exe
c:\windows\system32\lrqpklib.exe
c:\windows\system32\tysbwfme.exe
c:\windows\system32\dhqkdoja.exe
c:\windows\system32\ufjxvlnj.exe
c:\windows\system32\tzvskegl.exe
c:\windows\system32\xrvrgwiz.exe
c:\windows\system32\vnarjkrd.exe
c:\windows\system32\cmt101.exe
c:\windows\system32\mmhgtnra.exe
C:\WINDOWS\System32\IMAPD.exe

folders
C:\Program Files\WMx\Dialers
C:\Program Files\Sky Alerts

These may be hidden files. See HERE for how to show hidden files.

Please post a followup Hijack this log, and say if your problems persist.
Be wary of strong drink. It may make you shoot at tax collectors, and miss!
Please support SWI forum




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button