Home > General > Loadingwebsite.com


Reboot into Safe Mode (hit F8 key until menu shows up). program again and clean everything. Tools->Open process manager. With that said (when ready): Please download the following programs required for the removal process: Kill2Me http://www.greyknight17.com/spy/Kill2Me.exe PV http://www.greyknight17.com/spy/pv.zip VX2Finder(126) http://www.greyknight17.com/spy/VX2Finder(126).exe Hoster http://www.greyknight17.com/spy/Hoster.exe CleanUp!

Rerun HJT,and put a tick beside these :- O20 - Winlogon Notify: - KillLook2Me.dll (file missing) now close all windows and browsers and click FIX CHECKED then reboot and post a Logfile of HijackThis v1.99.1 Scan saved at 13:07:22, on 18/06/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\System32\Ati2evxx.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe Causing problems. It pops up even when I am not using the browser.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. Log for VX2.BetterInternet File Finder (msg126) Files Found--- Additional Files--- C:\WINNT\system32\spOrder.dll Keys Under Notify---crypt32chain Keys Under Notify---cryptnet Keys Under Notify---cscdll Keys Under Notify---NavLogon Keys Under Notify---sclgntfy Keys Under Notify---SensLogn Keys Under If they are still there, go to c:\windows\system32\ and sort the files by date. Completed although the folder program files\vbouncer was not there.

  1. After a reboot, your desktop and icons will appear, then disappear (this is normal).
  2. Download WinsockFix and unzip it.
  3. Restart and hit the F8 key (repeatedly until a menu shows up) to enter Safe Mode. 5.
  4. Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List
  5. I will take a look at it. 02-09-2005, 12:08 PM #3 dshanna Registered Member Join Date: Feb 2005 Posts: 2 OS: WIN2K Result.txt from HijackThis Analyzer ==================================================================== Log
  6. If you have any questions during this process, please ask us (just don't restart or shutdown - unless the instructions say so). 1.
  7. The length of the page is 100% generated by adding one line with every visitor.

What should I Thread Tools Search this Thread 02-08-2005, 09:47 AM #1 dshanna Registered Member Join Date: Feb 2005 Posts: 2 OS: WIN2K I think you may Say NO when it asks you to reboot/logoff. Vision]InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YV.DLLCODEBASE = http://download.yahoo.com/dl/fv/yv.cab[Communities.com Passport]InProcServer32 = C:\PROGRAM FILES\COMMUNITIES.COM\CARTOONORBIT\QU2LMT59HBCAYVJABNCYUN6DT7XKQLE3.DLLCODEBASE = http://cartoonorbit..../winorbiter.cab[Microsoft Search Settings Control]InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\SEARCHSETTINGS.OCXCODEBASE = http://lg.home.micro...rchsettings.cab[PWImageControl Class]InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\PWACTIVEXIMGCTL.DLLCODEBASE = http://ebay.sj.ipixm...tiveXImgCtl.cab[InstallShield Setup Player]InProcServer32 Word Racer - http://download.game...nts/y/wt1_x.cabO16 - DPF: Yahoo!

By continuing to browse our site you agree to our use of data and cookies.Tell me more | Cookie Preferences Partially Powered By Products Found At Lampwrights.com Jump to content Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - If it gives you an intro screen, just choose 'Do a system scan and save a logfile'. 2. proud member since 2004Most active in: Resolved or inactive Malware Removal Back to top Back to Resolved or inactive Malware Removal 0 user(s) are reading this topic 0 members, 0 guests,

If you don't get the intro screen, just hit Scan and then click on Save log. 3. Causing problems. Copyright Dennis Publishing 2010, All rights reserved Please click here if you are not redirected within a few seconds. failed (GetAccountSid(Administrators)=1332 deleting local copy: d0j0la1m1d.dll deleting local copy: eacapi.dll deleting local copy: enj8l11u1.dll deleting local copy: kidgr1.dll The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Canada DATA ADDED CURRENT RANKING → Total length:359286 lines Today added:125 lines Countries total:205 2017-01-1705:12:33 PMSweden 2017-01-1705:08:23 PMUnited States 2017-01-1705:08:02 PMPakistan 2017-01-1705:07:59 PM United States 2017-01-1705:05:52 PM China 2017-01-1705:03:28 PM Canada You have a bad one there. Here is a tutorial which describes its usage:http://www.bleepingc...tutorial93.htmlCheck the custom settings to your liking under options, but be sure to delete temporary files and temporary internet files for all user profiles.

Before you give us a new log here, if we gave you instructions for a fix, please do the fixes first and then post the new log with this updated version. You will also regain a massive amount of disk space. Pyramids - http://download.game...ts/y/pyt1_x.cabO16 - DPF: {9FC87BC7-7963-4B70-8485-B1A41034C9A1} (CSonyPicturesGameDownloaderCtl Object) - http://www.shockwave...eDownloader.cabO16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/...gx/GrooveAX.cabO16 - DPF: {908F3C82-B57E-11D4-BF33-00A0CCE8754B} (TInterActXInstallObject) - http://www.mathxl.co...ActXInstall.cabO16 - DPF: Yahoo! Make sure to close any open browsers.

Here is the new log. See if the O1 entries are still in HijackThis. No 2.4GHz band connections on... Logfile of HijackThis v1.98.2 Scan saved at 10:39:51 AM, on 2/8/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe

Very much appreciate your help.Logfile of HijackThis v1.99.1Scan saved at 00:37:10, on 14/05/2005Platform: Windows ME (Win9x 4.90.3000)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\SYSTEM\KERNEL32.DLLC:\WINDOWS\SYSTEM\MSGSRV32.EXEC:\WINDOWS\SYSTEM\MPREXE.EXEC:\WINDOWS\SYSTEM\MSTASK.EXEC:\WINDOWS\SYSTEM\mmtask.tskC:\WINDOWS\EXPLORER.EXEC:\WINDOWS\SYSTEM\RESTORE\STMGR.EXEC:\WINDOWS\RUNDLL32.EXEC:\WINDOWS\SYSTEM\SYSTRAY.EXEC:\WINDOWS\TASKMON.EXEC:\PROGRAM FILES\GRISOFT\AVG7\AVGCC.EXEC:\PROGRAM FILES\GRISOFT\AVG7\AVGAMSVR.EXEC:\WINDOWS\SYSTEM\WMIEXE.EXEC:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXEC:\WINDOWS\SYSTEM\STIMON.EXEC:\HJT\HIJACKTHIS.EXER1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = We also need a list of files in the following folders: C:\WINDOWS\Downloaded Program Files\ - for these files, if they just have numbers as the filename, right click on them and Check and fix the following: O1 - Hosts: auto.search.msn.com O1 - Hosts: search.netscape.com O1 - Hosts: ieautosearch O2 - BHO: (no name) - {1FBCE7C6-F7DC-4D4F-06CF-85CAB2521528} - (no file) Close

Panda scan below.

Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLLO4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorunO4 - HKLM\..\Run: [SystemTray] SysTray.ExeO4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe startO4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec The time now is 16:12.

-- Default Style ---- Alt Blue Theme ---- Alt Grey Theme Contact Us - Web User - Archive - Privacy Statement - Top We are looking for any randomly named files. When the scan is finished mark everything for removal and get rid of it. (Right-click the window and choose Select All from the drop down menu and click Next).rebootRun HijackThisClick on

Check out the forums and get free advice from the experts. Using it on a system that does not have an L2M infection can damage it. Thank you.I've removed a lot of problems except one. Here is the scan log from Hijackthis.

Post whatever questions you may have in the forum and we will take a look at it when we get to it. Post the description for each of those here. Click here to get the latest version of HijackThis and run it. Thread Tools Search this Thread Display Modes #1 17-06-05, 13:41 master82 Newbie Join Date: Jun 2005 Posts: 2 Infected with Spotresult.com & Loadingwebsite.com I am running Win XP