Thread: disappearing...
View Single Post
Old 05-23-2005, 05:24 PM   #5 (permalink)
Osiris
Osiris's Avatar
 

Join Date: Jan 2005

Location: Kentucky

Posts: 32,231

Osiris is a jewel in the roughOsiris is a jewel in the roughOsiris is a jewel in the roughOsiris is a jewel in the rough

Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris Send a message via Skype™ to Osiris
Default
Remove entries at your own risk:

You got hammered


C:\WINDOWS\system32\uuknku.exe This is a unknown process.

C:\WINDOWS\seeve.exe This is a unknown process.

C:\WINDOWS\stubinstaller4292.exe This is a unknown process.

c:\windows\system32\hkjatd.exe This is a unknown process.

C:\Program Files\Internet Optimizer\optimize.exe
Nasty running process. (optimize.exe)
Internet Optimizer Malware This is a nasty process! You should fix it and try to delete it manually!

C:\DOCUME~1\Tanya\LOCALS~1\Temp\RKY\aurareco.exe
Unknown running process. (aurareco.exe)
This is a unknown process.

C:\DOCUME~1\Tanya\LOCALS~1\Temp\LXS\aurareco.exe This is a unknown process.

C:\DOCUME~1\Tanya\LOCALS~1\Temp\wupdt.exe
Nasty running process. (wupdt.exe)
Added as a result of the IMISERV VIRUS! This is a nasty process! You should fix it and try to delete it manually!

C:\DOCUME~1\Tanya\LOCALS~1\Temp\wupdt.exe
Nasty running process. (wupdt.exe)
Added as a result of the IMISERV VIRUS! This is a nasty process! You should fix it and try to delete it manually!

C:\DOCUME~1\Tanya\LOCALS~1\Temp\ICD17.tmp\svcmm32. exe
You should fix it and try to delete it manually!

O1 - Hosts: 64.91.255.87 www.dcsresearch.com
Nasty This entry should be fixed immediately! Must be fixed!

O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\cfgmgr51.dll You should fix it and try to delete it manually!

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
Unnecessary (deactivated) entry that can be fixed.

O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe
Nasty Windows ControlAd
Must be fixed!

O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe Must be fixed!


O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe Foistware" by Integrated Search Technologies - the people behind the ISTbar parasite Must be fixed!

O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\system32\uuknku.exe reg_run
Unknown
Hit rate: -1 % (result) Unknown application.

O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" Internet connection optimizer. Malware. Must be fixed!

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe Unknown application.

O4 - HKLM\..\Run: [cfgmgr51] RunDLL32.EXE C:\WINDOWS\cfgmgr51.dll,DllRun Unknown application.

O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe BargainBuddy foistware Must be fixed!

O4 - HKLM\..\Run: [AUNPS2] RUNDLL32 AUNPS2.DLL,_Run@16
Unknown
Unknown application.
O4 - HKLM\..\Run: [seeve] C:\WINDOWS\seeve.exe
Unknown
Unknown application.
O4 - HKLM\..\Run: [ichlxf] c:\windows\system32\hkjatd.exe
Unknown
Unknown application.
O4 - HKLM\..\Run: [motoin] C:\WINDOWS\mm15201518.Stub.exe
Unknown
Unknown application.
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
Unknown
Unknown application.
O4 - HKLM\..\Run: [USB controller] "C:\DOCUME~1\Tanya\LOCALS~1\Temp\ICD17.tmp\svcmm32 .exe" /startup Unknown application.

O4 - HKLM\..\Run: [USB controller] "C:\DOCUME~1\Tanya\LOCALS~1\Temp\ICD17.tmp\svcmm32 .exe" /startup Ouchvideo.com 'n-Lite' spyware Must be fixed!

O15 - Trusted Zone: *.media-motor.net
Possibly nasty If you did not add these pages to your trusted pages, they should be fixed. If you didn't add '*.media-motor.net' to your trusted pages, it should be fixed.

O15 - Trusted Zone: *.popuppers.com If you did not add these pages to your trusted pages, they should be fixed. If you didn't add '*.popuppers.com' to your trusted pages, it should be fixed.

O16 - DPF: {539DA0E0-74A7-11D9-9669-0800200C9A66} - http://www.ouchvideo.com/mmviewer_ic13.cab
Possibly nasty Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed! Check if you know this site and fix it if you do not.

O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} (IObjSafety.DemoCtl) - http://cabs.media-motor.net/cabs/joysaver.cab
Possibly nasty Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed! Check if you know this site and fix it if you do not.

O16 - DPF: {B4831DED-3A57-4CC6-9E4B-0E7C5B08DBF4} - http://www.alwaysupdatednews.com/install/aun_0011.exe This entry is possibly nasty. Should be fixed.


O16 - DPF: {FDCC1518-6A63-11D9-AAC8-91EC5E497716} - http://www.ouchvideo.com/mmviewer_emg11.cab
Possibly nasty Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed! Check if you know this site and fix it if you do not.

O17 - HKLM\System\CCS\Services\Tcpip\..\{3FD1E693-A0C6-460B-A849-CECDCD4BEDB3}: NameServer = 209.244.0.3 209.244.0. If this Domain does not belong to your ISP, or your firms network, these entries should be fixed. 'SearchList' entries should be fixed too. Do you know the IP or Domain '209.244.0.3 209.244.0.4'? If not, fix this entry.

O23 - Service: System Startup Service - Unknown - C:\WINDOWS\svcproc.exe (file missing) Unknown service. (svcproc.exe (file missing))
Unnecessary (deactivated) entry that can be fixed.
__________________
Osiris is online now