Tech Support Forum - View Single Post - multi site trojan/search-daily problem

sUBs · 10-05-2007, 11:30 AM

Do a HijackThis scan & place a check next to these items and select "Fix checked":

O2 - BHO: Image Helper - {64D712D1-84D9-281C-CE7D-32439D631863} - (no file)
O2 - BHO: (no name) - {C619A278-7CF2-4155-BCEE-3B06BC240F5C} - c:\WINDOWS\system32\ldldldl.dll (file missing)

---------------

Open notepad and copy/paste the text in the quotebox below into it:

Code:

File::
C:\WINDOWS\system32\ocvhojcj.dat
C:\WINDOWS\system32\axjrsrcm.dat
C:\WINDOWS\system32\vqxyullv.dat
C:\WINDOWS\system32\qvmzrtib.dat
C:\WINDOWS\system32\sssrlynl.dll
C:\WINDOWS\system32\nlhbbzlv.dll
C:\WINDOWS\system32\iighyqfm.dll
NetSvc::
bhfklsim
Driver::
bhfklsim
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{64D712D1-84D9-281C-CE7D-32439D631863}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C619A278-7CF2-4155-BCEE-3B06BC240F5C}]

Save this as "CFScript"

Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.

---------------

Click here perform an online scan >> Online Scanner

---------------

In your next post, please include fresh logs from:

Fresh Hijackthis log taken just before replying

Online scan

ComboFix's log

Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now

10-05-2007, 11:30 AM	#5 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,341 OS: N/A	Re: multi site trojan/search-daily problem Do a HijackThis scan & place a check next to these items and select "Fix checked": O2 - BHO: Image Helper - {64D712D1-84D9-281C-CE7D-32439D631863} - (no file) O2 - BHO: (no name) - {C619A278-7CF2-4155-BCEE-3B06BC240F5C} - c:\WINDOWS\system32\ldldldl.dll (file missing) --------------- Open notepad and copy/paste the text in the quotebox below into it: Code: File:: C:\WINDOWS\system32\ocvhojcj.dat C:\WINDOWS\system32\axjrsrcm.dat C:\WINDOWS\system32\vqxyullv.dat C:\WINDOWS\system32\qvmzrtib.dat C:\WINDOWS\system32\sssrlynl.dll C:\WINDOWS\system32\nlhbbzlv.dll C:\WINDOWS\system32\iighyqfm.dll NetSvc:: bhfklsim Driver:: bhfklsim Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{64D712D1-84D9-281C-CE7D-32439D631863}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C619A278-7CF2-4155-BCEE-3B06BC240F5C}] Save this as "CFScript" Refering to the picture above, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply. --------------- Click here perform an online scan >> Online Scanner --------------- In your next post, please include fresh logs from: Fresh Hijackthis log taken just before replying Online scan ComboFix's log Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now __________________ Question - what have you done for the community today?