1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Websiteviewer

Discussion in 'Virus & Other Malware Removal' started by Mr.No1, Sep 3, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. Mr.No1

    Mr.No1 Thread Starter

    Joined:
    Sep 3, 2004
    Messages:
    7
    Some pls. I am running Win XP and I've got Websiteviewer and I am not able to get rid of this stuff ...

    My Hijack This log is :

    Logfile of HijackThis v1.97.7
    Scan saved at 15:03:37, on 2004-09-03
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\Ägaren\Skrivbord\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sw5.hpwis.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://sw5.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sw5.hpwis.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.tiscali.se/
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [Tiscali SE fts] "C:\Program\Tiscali SE\Tiscali ADSL Bredband\fts.exe"
    O4 - HKLM\..\Run: [WSSAConfiguration] wmmon32.exe
    O4 - HKLM\..\Run: [ATI VIDEO REGKEY] ati2vid.exe
    O4 - HKLM\..\Run: [Microsoft DirectX] PDSched.exe
    O4 - HKLM\..\Run: [starter] scvhosting.exe
    O4 - HKLM\..\Run: [Microsoft Update Machine] winxp64.exe
    O4 - HKLM\..\Run: [win updates] wugrds.exe
    O4 - HKLM\..\Run: [System Update] C:\WINDOWS\System32\dmxtcyr.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\F-Secure Anti-Virus\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\F-Secure Anti-Virus\TNB\TNBUtil.exe" /CHECKALL
    O4 - HKLM\..\Run: [Windows Compliant] zzvqme.exe
    O4 - HKLM\..\Run: [Media Player] wmplayer.exe
    O4 - HKLM\..\Run: [XML Service] msxml32.exe
    O4 - HKLM\..\Run: [Microsoft Windows Update] winupdate.exe
    O4 - HKLM\..\Run: [System Uptime Server] sysentry32.exe
    O4 - HKLM\..\Run: [Microsoft--Updates] sxvhost.exe
    O4 - HKLM\..\Run: [Windows Media Player] muqoki.exe
    O4 - HKLM\..\Run: [Generic Host Service] lshost.exe
    O4 - HKLM\..\RunServices: [WSSAConfiguration] wmmon32.exe
    O4 - HKLM\..\RunServices: [ATI VIDEO REGKEY] ati2vid.exe
    O4 - HKLM\..\RunServices: [Microsoft DirectX] PDSched.exe
    O4 - HKLM\..\RunServices: [starter] scvhosting.exe
    O4 - HKLM\..\RunServices: [Microsoft Update Machine] winxp64.exe
    O4 - HKLM\..\RunServices: [win updates] wugrds.exe
    O4 - HKLM\..\RunServices: [Windows Compliant] zzvqme.exe
    O4 - HKLM\..\RunServices: [Media Player] wmplayer.exe
    O4 - HKLM\..\RunServices: [XML Service] msxml32.exe
    O4 - HKLM\..\RunServices: [Microsoft Windows Update] winupdate.exe
    O4 - HKLM\..\RunServices: [System Uptime Server] sysentry32.exe
    O4 - HKLM\..\RunServices: [Microsoft--Updates] sxvhost.exe
    O4 - HKLM\..\RunServices: [Windows Media Player] muqoki.exe
    O4 - HKLM\..\RunServices: [Generic Host Service] lshost.exe
    O4 - HKCU\..\Run: [starter] scvhosting.exe
    O4 - HKCU\..\Run: [Microsoft DirectX] PDSched.exe
    O4 - HKCU\..\Run: [ATI VIDEO REGKEY] ati2vid.exe
    O4 - HKCU\..\Run: [win updates] wugrds.exe
    O4 - HKCU\..\Run: [Microsoft Update Machine] winxp64.exe
    O4 - HKCU\..\Run: [Windows Compliant] zzvqme.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Microsoft Windows Update] winupdate.exe
    O4 - HKCU\..\RunServices: [Microsoft Update Machine] winxp64.exe
    O4 - HKLM\..\RunOnce: [starter] scvhosting.exe
    O4 - HKCU\..\RunOnce: [starter] scvhosting.exe
    O4 - Global Startup: Tiscali ADSL Bredband.lnk = C:\Program\Tiscali SE\Tiscali ADSL Bredband\connect.exe
    O9 - Extra button: Informationshanteraren (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1094140172794
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab


    help needed :rolleyes:
     
  2. Mr.No1

    Mr.No1 Thread Starter

    Joined:
    Sep 3, 2004
    Messages:
    7
    no1 ?
     
  3. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
  4. Mr.No1

    Mr.No1 Thread Starter

    Joined:
    Sep 3, 2004
    Messages:
    7
    Got this rigt now ..

    Logfile of HijackThis v1.98.2
    Scan saved at 14:11:20, on 2004-09-05
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\windows\system\hpsysdrv.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Documents and Settings\Ägaren\Skrivbord\hijackthis\HijackThis.exe
    C:\Program\Tiscali SE\Tiscali ADSL Bredband\connect.exe
    C:\Program\Tiscali SE\Tiscali ADSL Bredband\fts.exe
    C:\Program\Internet Explorer\iexplore.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sw5.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sw5.hpwis.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://sw5.hpwis.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [Tiscali SE fts] "C:\Program\Tiscali SE\Tiscali ADSL Bredband\fts.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Tiscali ADSL Bredband.lnk = C:\Program\Tiscali SE\Tiscali ADSL Bredband\connect.exe
    O9 - Extra button: Informationshanteraren - {9455301C-CF6B-11D3-A266-00C04F689C50} - c:\Program\Delade filer\Microsoft Shared\Reference 2001\EROProj.dll
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8C5529B4-F3AC-45FC-984D-E2AB61A56230}: NameServer = 195.67.199.24 195.67.199.25
    O17 - HKLM\System\CS1\Services\Tcpip\..\{8C5529B4-F3AC-45FC-984D-E2AB61A56230}: NameServer = 195.67.199.24 195.67.199.25
     
  5. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Big change there! Did the virus scans do that?
     
  6. Mr.No1

    Mr.No1 Thread Starter

    Joined:
    Sep 3, 2004
    Messages:
    7
    Nope, I have not been able to rung online virus scans or download all the Updates 'cause of this "thing" it slows down my puter 100% CPU Usage and is redirecting me when I am going in to MY sites but it redirects me to porno gambling sites etc. perky nipz etc etc etc .. Its also placing .exe files like loveme, sexy etc. in my windows and program folder . :mad:
     
  7. Mr.No1

    Mr.No1 Thread Starter

    Joined:
    Sep 3, 2004
    Messages:
    7
    Its still here, I am able to remove TIBS with ad-aware but its back when the puter is rebooted again ...

    some1 pls. help :rolleyes:
     
  8. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Run HJT again, click on Config, Misc Tools, put checks in the boxes under Generate StartupList log and paste that log back here.
     
  9. Mr.No1

    Mr.No1 Thread Starter

    Joined:
    Sep 3, 2004
    Messages:
    7
    Logfile of HijackThis v1.98.2
    Scan saved at 19:26:59, on 2004-09-06
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\Ägaren\Skrivbord\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sw5.hpwis.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sw5.hpwis.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://sw5.hpwis.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.tiscali.se/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [Tiscali SE fts] "C:\Program\Tiscali SE\Tiscali ADSL Bredband\fts.exe"
    O4 - HKLM\..\Run: [Microsoft Updater] updater.exe
    O4 - HKLM\..\Run: [ATI VIDEO REGKEY] ati2vid.exe
    O4 - HKLM\..\Run: [Zone Alarm] vsmon.exe
    O4 - HKLM\..\Run: [Microsoft DirectX] PDSched.exe
    O4 - HKLM\..\Run: [Microsoft Update Time] wuam.exe
    O4 - HKLM\..\Run: [WindowsRegKey update] winupdate.exe
    O4 - HKLM\..\Run: [Windows Media Player] uefgof.exe
    O4 - HKLM\..\Run: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKLM\..\Run: [Win32 Configuration] videosd32.exe
    O4 - HKLM\..\Run: [System32 Spool ] winint.exe
    O4 - HKLM\..\RunServices: [Microsoft Updater] updater.exe
    O4 - HKLM\..\RunServices: [ATI VIDEO REGKEY] ati2vid.exe
    O4 - HKLM\..\RunServices: [Zone Alarm] vsmon.exe
    O4 - HKLM\..\RunServices: [Microsoft DirectX] PDSched.exe
    O4 - HKLM\..\RunServices: [Microsoft Update Time] wuam.exe
    O4 - HKLM\..\RunServices: [WindowsRegKey update] winupdate.exe
    O4 - HKLM\..\RunServices: [Windows Media Player] uefgof.exe
    O4 - HKLM\..\RunServices: [XML Service] msxml32.exe
    O4 - HKLM\..\RunServices: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
    O4 - HKLM\..\RunServices: [System32 Spool ] winint.exe
    O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKLM\..\RunOnce: [Win32 Configuration] videosd32.exe
    O4 - HKLM\..\RunOnce: [System32 Spool ] winint.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Microsoft DirectX] PDSched.exe
    O4 - HKCU\..\Run: [ATI VIDEO REGKEY] ati2vid.exe
    O4 - HKCU\..\Run: [Microsoft Update Time] wuam.exe
    O4 - HKCU\..\Run: [Zone Alarm] vsmon.exe
    O4 - HKCU\..\Run: [Microsoft Updater] updater.exe
    O4 - HKCU\..\Run: [Windows Media Player] uefgof.exe
    O4 - HKCU\..\Run: [SpySweeper] "C:\Program\Webroot\Spy Sweeper\SpySweeper.exe" /0
    O4 - HKCU\..\Run: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKCU\..\Run: [Win32 Configuration] videosd32.exe
    O4 - HKCU\..\Run: [System32 Spool ] winint.exe
    O4 - HKCU\..\Run: [WindowsRegKey update] winupdate.exe
    O4 - HKCU\..\RunServices: [Windows Media Player] uefgof.exe
    O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKCU\..\RunOnce: [System32 Spool ] winint.exe
    O4 - HKCU\..\RunOnce: [Win32 Configuration] videosd32.exe
    O4 - Global Startup: Tiscali ADSL Bredband.lnk = C:\Program\Tiscali SE\Tiscali ADSL Bredband\connect.exe
    O9 - Extra button: Informationshanteraren - {9455301C-CF6B-11D3-A266-00C04F689C50} - c:\Program\Delade filer\Microsoft Shared\Reference 2001\EROProj.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1094386575214
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O17 - HKLM\System\CS1\Services\Tcpip\..\{8C5529B4-F3AC-45FC-984D-E2AB61A56230}: NameServer = 195.67.199.24 195.67.199.25
     
  10. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Bring up Task Manager by pressing CTRL+ALT+Delete.

    End task on these:
    updater.exe
    ati2vid.exe
    PDSched.exe
    wuam.exe
    winupdate.exe
    uefgof.exe
    syscfg32.exe
    videosd32.exe
    winint.exe
    updater.exe
    msxml32.exe

    Now see if you can run one of the online virus scans.
     
  11. Mr.No1

    Mr.No1 Thread Starter

    Joined:
    Sep 3, 2004
    Messages:
    7
    I appreciate your help and I am sure that it will work but 1 really HUGE problem is that I am not able to bring up the task manager :-( when i have got mouse.over the icon down right or mouse.on the window it just shuts itself off ..
     
  12. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Run HJT again and put a check in the following:

    O4 - HKLM\..\Run: [Microsoft Updater] updater.exe
    O4 - HKLM\..\Run: [ATI VIDEO REGKEY] ati2vid.exe
    O4 - HKLM\..\Run: [Microsoft DirectX] PDSched.exe
    O4 - HKLM\..\Run: [Microsoft Update Time] wuam.exe
    O4 - HKLM\..\Run: [WindowsRegKey update] winupdate.exe
    O4 - HKLM\..\Run: [Windows Media Player] uefgof.exe
    O4 - HKLM\..\Run: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKLM\..\Run: [Win32 Configuration] videosd32.exe
    O4 - HKLM\..\Run: [System32 Spool ] winint.exe
    O4 - HKLM\..\RunServices: [Microsoft Updater] updater.exe
    O4 - HKLM\..\RunServices: [Microsoft DirectX] PDSched.exe
    O4 - HKLM\..\RunServices: [Microsoft Update Time] wuam.exe
    O4 - HKLM\..\RunServices: [WindowsRegKey update] winupdate.exe
    O4 - HKLM\..\RunServices: [Windows Media Player] uefgof.exe
    O4 - HKLM\..\RunServices: [XML Service] msxml32.exe
    O4 - HKLM\..\RunServices: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
    O4 - HKLM\..\RunServices: [System32 Spool ] winint.exe
    O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKLM\..\RunOnce: [Win32 Configuration] videosd32.exe
    O4 - HKLM\..\RunOnce: [System32 Spool ] winint.exe
    O4 - HKCU\..\Run: [Microsoft DirectX] PDSched.exe
    O4 - HKCU\..\Run: [ATI VIDEO REGKEY] ati2vid.exe
    O4 - HKCU\..\Run: [Microsoft Update Time] wuam.exe
    O4 - HKCU\..\Run: [Microsoft Updater] updater.exe
    O4 - HKCU\..\Run: [Windows Media Player] uefgof.exe
    O4 - HKCU\..\Run: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKCU\..\Run: [Win32 Configuration] videosd32.exe
    O4 - HKCU\..\Run: [System32 Spool ] winint.exe
    O4 - HKCU\..\Run: [WindowsRegKey update] winupdate.exe
    O4 - HKCU\..\RunServices: [Windows Media Player] uefgof.exe
    O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKCU\..\RunOnce: [System32 Spool ] winint.exe
    O4 - HKCU\..\RunOnce: [Win32 Configuration] videosd32.exe


    Close all applications and browser windows before you click "fix checked".


    Restart in Safe Mode

    Open Windows Explorer. Go to Tools, Folder Options and click on the View tab.
    Make sure that "Show hidden files and folders" is checked.
    Also uncheck "Hide protected operating system files".
    Now click "Apply to all folders", Click "Apply" then "OK"

    Delete these files: You will find them in the c:\windows or c:\windows\system32 folders.

    updater.exe
    ati2vid.exe
    PDSched.exe
    wuam.exe
    winupdate.exe
    uefgof.exe
    syscfg32.exe
    videosd32.exe
    winint.exe
    updater.exe
    msxml32.exe

    Reboot.

    Now see if you can run the virus scans and also very important that you get the critical patches from Windows update site.
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/269713

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice