Thread: Analyze please!
View Single Post
Old 10-18-2007, 08:41 AM   #6 (permalink)
Osiris
Osiris's Avatar
 

Join Date: Jan 2005

Location: Kentucky

Posts: 32,217

Osiris is a jewel in the roughOsiris is a jewel in the roughOsiris is a jewel in the rough

Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris Send a message via Skype™ to Osiris
Default Re: Analyze please!
This looks better but not in a good way....

remove these entries

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Learn about Dell's notebooks, desktops, monitors, printers plus computer electronics & accessories.

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Learn about Dell's notebooks, desktops, monitors, printers plus computer electronics & accessories.

O2 - BHO: (no name) - {0D3AEC9C-D599-427D-B581-8F843D12C557} - C:\WINDOWS\system32\gebyw.dll

O2 - BHO: (no name) - {178D4E6A-BA5A-4ECB-8521-F7B8393FDB97} - C:\WINDOWS\system32\gebaywu.dll

O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)

O20 - Winlogon Notify: jkkhijj - C:\WINDOWS\SYSTEM32\jkkhijj.dll

O20 - Winlogon Notify: gebaywu - C:\WINDOWS\SYSTEM32\gebaywu.dll

After you delete these, reboot, and see them again when you run hijackthis, boot into safemode and try to delete them

then repost a new log
__________________
Osiris is offline