can't get inetspeak out with regedit! - Page 2 - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 05-20-2005, 06:47 PM   #11 (permalink)
Newb Techie
 
Join Date: May 2005
Posts: 13
Default

hope this is what you were talking about.


R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {D6862A22-1DD6-11D3-BB7C-444553540000} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [BearShare] "E:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCStart] C:\Documents and Settings\All Users\Documents\Microsoft\Msapps\sbs\Pcm40.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [ICQ Lite] E:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HydraVisionDesktopManager] E:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [iTunesHelper] E:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "E:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Launchpad] E:\Program Files\ATI Multimedia\main\launchpd.exe
O4 - HKCU\..\Run: [ccleaner] "E:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SoniqueQuickStart] E:\Program Files\Sonique\sqstart.exe -nostick
O4 - HKCU\..\RunOnce: [ICQ Lite] E:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://E:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1095624467797
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab
O23 - Service: Ati HotKey Poller - Unknown owner - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - E:\Program Files\TuneUp WinStyler\WinStylerThemeSvc.exe
__________________

clamz is offline  
Old 05-20-2005, 07:31 PM   #12 (permalink)
Monster Techie
 
Join Date: Jan 2005
Posts: 1,100
Send a message via AIM to Blitze105 Send a message via Yahoo to Blitze105
Default

Yes it was what he wanted.
__________________

__________________
I'm Forgetful! so if i stop posting on something that i was helping you with... PM me or IM me
yahoo and aol: blitze105
you can always IM or PM me if i offend you as well, i will edit the post if i have.
Blitze105 is offline  
Old 05-20-2005, 07:42 PM   #13 (permalink)
Monster Techie
 
Join Date: Jan 2005
Posts: 1,100
Send a message via AIM to Blitze105 Send a message via Yahoo to Blitze105
Default

Ok now that i think of it i have heard of this. I looked it up and i found it is also called: JaypeeSysBHO. (which rang a bell)

All i know about it, is that there are many different versions of it. Here is how to delete the different versions... (we're in for alot of typing)
Start -> run -> Type CMD
Now, type in these lines at the command prompt.
Oh, and alot of these will not work, you may not have that 'version' of the spyware.


cd "%WinDir%\System"
regsvr32 /u "C:\Program Files\mm050102\BHO42602.dll

cd "%WinDir%\System"
regsvr32 /u "C:\Program Files\mm052202\WindowsIE.dll"

cd "%WinDir%\System"
regsvr32 /u "C:\Windows\WindowsIE.dll"

cd "%WinDir%\System"
regsvr32 /u "..\iexplorr11.dll"

cd "%WinDir%\System"
regsvr32 /u "C:\Program Files\Internet Explorer\boombar.dll"

cd "%WinDir%\System"
regsvr32 /u "..\iexplorr22.dll"

cd "%WinDir%\System"
regsvr32 /u "..\iexplorr23.dll"

Reboot your computer. Sadly it isn't over, not just yet atleast. You may now delete it from your registry. You should also delete it from your windows folder, it is called winietoolbar.ini

Enjoy
__________________
I'm Forgetful! so if i stop posting on something that i was helping you with... PM me or IM me
yahoo and aol: blitze105
you can always IM or PM me if i offend you as well, i will edit the post if i have.
Blitze105 is offline  
Old 05-20-2005, 08:42 PM   #14 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Remove entries at your own risk

Your log seems to be ok, but where are the processes at?


O2 - BHO: (no name) - {D6862A22-1DD6-11D3-BB7C-444553540000} - (no file) Must be fixed!
Unnecessary (deactivated) entry that can be fixed.

O4 - HKCU\..\Run: [ccleaner] "E:\Program Files\CCleaner\ccleaner.exe" /AUTO Unknown application.
__________________

__________________
Osiris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 03:07 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.