hijack this log

i could barely get to this website to send you this. my computer keeps freezing. i downloaded and ran the programs you suggested and changed the settings on my computer. psguard keeps reloading itself and various icons apper on my desktop. i am afraid to do anything with hi jack this. i ran the scan and am sending the log. can you help?

 

Please download HOSTER and then follow the below steps.

• Unzip Hoster to a convenient folder such as C:\Hoster

• Run Hoster.exe, click Restore Original Hosts and then click OK.
• Click the X to exit the program.

Now, please run Panda Online Scan. After the scan attach the log to your next post. Also please follow the below:

1 - Please EXTRACT all files from Qoologic Tool to its own folder - C:\Program Files\QoologicFinder . Then, DoubleClick Find-Qoologic.bat to run the tool. It should produce a log - Please attach that with your next post!

2 - Please EXTRACT all the files form RKFiles Tool to its own folder named C:\Program Files\RKTOOL. Then, Please boot to SAFE MODE and DoubleClick rkfiles.bat to run the tool. Let it run and then, when it finishes, look for a log at C:\Log.txt and please attach that log.


Now come back here and post all three logs as attachments.

 

rklog, panda log

i tryed everything you last said to do but the Qoologic wouldn't work for me because i have an error message about "16 bit ms dos autoexec.nt" that's not exactly what it says, i'm hoping you recognize it. anyway here are the other 2 logs you ask me to send.

thank you so much for taking your time to help me. i really appreciate it.

mandykin

 

Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled and navigate to and DELETE the following folders if they should remain:

C:\Program Files\MNPAntiPopup
C:\Program Files\SearchRelevant
C:\Program Files\FwBarTemp
C:\Program Files\sf
C:\Program Files\Aprps
C:\Program Files\Cas
C:\Program Files\SurfAccuracy
C:\Program Files\InetGet
C:\Program Files\DNS
C:\WINDOWS\System32\vidctrl
C:\Documents and Settings\All Users\Application Data\vidctrl


NEXT:
Run CCleaner to clean up cookies and temp files.


Locate PocketKillbox
(Procede with this step even if they do not show in blue)

Next, you will be entering items into Pocket KillBox. Please select the “Delete on Reboot” Option. Copy&Paste each of the file names listed below into the box one by one, making sure Delete on Reboot is Checked for each entry. Click the Red X for each entry, but DO NOT Allow your machine to be rebooted until the last item has been entered:

** Note: For any of the .dll files, check the Unregister .dll Before Deleting box as well. If this option is not enabled, don't worry about it.

C:\adlinstallwin32.exe

C:\WINDOWS\cfgmgr52.dll
C:\WINDOWS\1nxk7rp.sys
C:\WINDOWS\gelbwtbw.exe
C:\WINDOWS\syshost.exe
C:\WINDOWS\NDNuninstall5_48.exe

C:\WINDOWS\SYSTEM32\stlb2.xml
C:\WINDOWS\SYSTEM32\sp32.xml
C:\WINDOWS\SYSTEM32\WinStat12.dll
C:\WINDOWS\SYSTEM32\adlinstallwin32.exe
C:\WINDOWS\SYSTEM32\richedtr.dll
C:\WINDOWS\SYSTEM32\winupdt.008
C:\WINDOWS\SYSTEM32\supdate.dll
C:\WINDOWS\SYSTEM32\riched32.exe
C:\WINDOWS\SYSTEM32\bgqyv.dat
C:\WINDOWS\SYSTEM32\auc57b8.exe
C:\WINDOWS\SYSTEM32\nr1ec.dll
C:\WINDOWS\SYSTEM32\ypepbjq.exe
C:\WINDOWS\SYSTEM32\hnpbgop.dll
C:\WINDOWS\SYSTEM32\jafwlkf.dll
C:\WINDOWS\SYSTEM32\nsz12.dll
C:\WINDOWS\SYSTEM32\nse48.dll
C:\WINDOWS\SYSTEM32\ezaaeoa.exe
C:\WINDOWS\SYSTEM32\PMTSetup1.exe
C:\WINDOWS\SYSTEM32\adstartup.exe
C:\WINDOWS\SYSTEM32\mmxdoubleexe.exe.exe
C:\WINDOWS\SYSTEM32\nshB0.dll
C:\WINDOWS\SYSTEM32\hwin32.dll
C:\WINDOWS\SYSTEM32\1nxk7rp.sys
C:\WINDOWS\SYSTEM32\WinStat12.dll
C:\WINDOWS\SYSTEM32\PSof1.exe
C:\WINDOWS\SYSTEM32\Qzzkqe.exe
C:\WINDOWS\SYSTEM32\adlinstallwin32.exe
C:\WINDOWS\SYSTEM32\nsl42.dll
C:\WINDOWS\SYSTEM32\nso66.dll
C:\WINDOWS\SYSTEM32\redit.cpl
C:\WINDOWS\SYSTEM32\redtrsha.dll
C:\WINDOWS\SYSTEM32\richedtr.dll
C:\WINDOWS\SYSTEM32\richup.exe
C:\WINDOWS\SYSTEM32\unpack.exe
C:\WINDOWS\SYSTEM32\heideak.exe
C:\WINDOWS\SYSTEM32\hpavebl.exe
C:\WINDOWS\SYSTEM32\yckynd.exe
C:\WINDOWS\SYSTEM32\yckync.exe
C:\WINDOWS\SYSTEM32\yckynf.exe
C:\WINDOWS\SYSTEM32\hcacygt.dll
C:\WINDOWS\SYSTEM32\modgxyz.exe
C:\WINDOWS\SYSTEM32\Cache\SSK3_B5 Advagency.exe
C:\WINDOWS\SYSTEM32\Cache\ven_d1.exe
C:\WINDOWS\SYSTEM32\InstallerV3.exe
C:\WINDOWS\SYSTEM32\WinStat13.dll
C:\WINDOWS\SYSTEM32\VVSNInst.exe
C:\WINDOWS\SYSTEM32\nsfE.dll
C:\WINDOWS\SYSTEM32\WinStat11.dll
C:\WINDOWS\SYSTEM32\rxcqodc.exe
C:\WINDOWS\SYSTEM32\nshA7.dll
C:\WINDOWS\SYSTEM32\ordkb.dll
C:\WINDOWS\SYSTEM32\intel32.exe
C:\WINDOWS\SYSTEM32\apisvc.exe
C:\WINDOWS\SYSTEM32\oleext.dll
C:\WINDOWS\SYSTEM32\mc-110-12-0000079.exe
C:\WINDOWS\SYSTEM32\PSof1.exe
C:\WINDOWS\SYSTEM32\adlinstallwin32.exe
C:\WINDOWS\SYSTEM32\thin-138-1-x-x.exe
C:\WINDOWS\SYSTEM32\ba7_ni.exe
C:\WINDOWS\Downloaded Program Files\flash.inf
C:\WINDOWS\Downloaded Program Files\HDPlugin1100.dll
C:\WINDOWS\Downloaded Program Files\EPXActiveX.ocx

C:\Program Files\Common Files\ADAPTEC\CDGUIDE\MNPAPUninstall.exe
C:\Program Files\Common Files\mc-110-12-0000079.exe
C:\Program Files\Common Files\services.exe
C:\Program Files\Common Files\system32.dll

C:\Program Files\Windows Media Player\wmplayer.exe.tmp

C:\Documents and Settings\MANDY\Application Data\Sskknwrd.dll


After you complete the above, reboot and attach a fresh HJT log.