View Single Post
  #10  
Old May 26th, 2004, 03:30 AM
Melodi's Avatar
Melodi Melodi is offline
Senior Member
 
Join Date: May 2004
O/S: Windows XP Pro
Location: San Diego, CA
Posts: 868
TMAC:
Re-run Hijack this and put check marks next to the below entries then click 'fix checked'
02 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
O4 - HKLM\..\Run: [bxdhjzvgagt] C:\WINDOWS\System32\kdyobr.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/25e3177ed30cf5...ip/RdxIE601.cab
O19 - User stylesheet: C:\WINDOWS\color.css

OK, i've edited this so many times, i'm surprised that something doesn't pop out of the computer to slap me. IN safe mode, delete these files. Safe mode: as soon as you reboot, start tapping F8 repeatedly, a window will load asking you how you want to start, choose safe mode. Search for these files and delete them.
C:\WINDOWS\System32\kdyobr.exe
C:\WINDOWS\color.css
SOUNDMAN.EXE (all caps, nost soundman.exe)
Then run the below scan to find whatever I may have missed
Trendmicro:
http://housecall.trendmicro.com/ choose ‘scan now it’s free’ then have it fix whatever it finds.

Another thing is, after we get your system clean, you will need to dump the restore files, so don't let me forget to tell you about that.

Last edited by Melodi; May 26th, 2004 at 05:00 AM.
Reply With Quote