Tech Support Forum - View Single Post

tetonbob · 10-09-2006, 08:57 AM

Open HijackThis and click on 'Do a System Scan Only'. Check the following entries if they exist (make sure you do not miss any) and click Fix Checked

O2 - BHO: (no name) - {926DB18D-2241-12B7-12F0-7DE29D0220E1} - (no file)
O2 - BHO: AD Rotator - {EEC590D8-0A3C-4464-BB20-25A4747992F9} - C:\WINDOWS\system32\adrotate.dll (file missing)

Close HijackThis now.

---------------------------------------------------------------------------------------------

Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Also make sure there is no checkmark beside Hide file extensions for known file types
* Click Yes to confirm and then click OK.

Delete the following if they exist:

C:\WINDOWS\system32\ippgggxh.exe
C:\WINDOWS\hancermm.exe
C:\WINDOWS\DXCecho.exe
C:\WINDOWS\system32\wnsapitr.exe
C:\WINDOWS\YazzleBundle-1264.exe

---------------------------------------------------------------------------------------------

Run combofix, using these instructions:

Go to Start -> Run and then paste in this single line command & click OK

"%userprofile%\desktop\combofix.exe" /v jkhhe nsn2D rccsrjkr lyhdkz awtqnlj nsi2A0

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

When finished, it shall produce a log for you. Post that log in your next reply, along with a new HijackThis log.

10-09-2006, 08:57 AM	#8 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 35,179 OS: 2000 Pro; XP Pro; XP Home	Open HijackThis and click on 'Do a System Scan Only'. Check the following entries if they exist (make sure you do not miss any) and click Fix Checked O2 - BHO: (no name) - {926DB18D-2241-12B7-12F0-7DE29D0220E1} - (no file) O2 - BHO: AD Rotator - {EEC590D8-0A3C-4464-BB20-25A4747992F9} - C:\WINDOWS\system32\adrotate.dll (file missing) Close HijackThis now. --------------------------------------------------------------------------------------------- Go to My Computer->Tools->Folder Options->View tab: * Under the Hidden files and folders heading, select Show hidden files and folders. * Uncheck the Hide protected operating system files (recommended) option. * Also make sure there is no checkmark beside Hide file extensions for known file types * Click Yes to confirm and then click OK. Delete the following if they exist: C:\WINDOWS\system32\ippgggxh.exe C:\WINDOWS\hancermm.exe C:\WINDOWS\DXCecho.exe C:\WINDOWS\system32\wnsapitr.exe C:\WINDOWS\YazzleBundle-1264.exe --------------------------------------------------------------------------------------------- Run combofix, using these instructions: Go to Start -> Run and then paste in this single line command & click OK "%userprofile%\desktop\combofix.exe" /v jkhhe nsn2D rccsrjkr lyhdkz awtqnlj nsi2A0 Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall When finished, it shall produce a log for you. Post that log in your next reply, along with a new HijackThis log. __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Microsoft MVP - Consumer Security 2009