Does Prevx CSI remove kdjev.exe and other concerns

Hi
Advanced Windows Care 2 which I installed from MajorGeeks found a Startup it didn't like and showed me c:\windows\system32\kdjev.exe
All other items were known to me.
I searched the Internet and there were only two instances where kdjev.exe was even mentioned. Both labelled it as Malware and Prevx claimed it could remove it.
I actually went into the registry (Win XP Pro SP2) and deleted every instance I found of kdjev.exe but, as you will probably have guessed it's still there.
So I downloaded (from MajorGeeks Downloads) and ran Prevx CSI. It declared me free of any Malware.
However kdjev.exe is STILL there/here/somewhere on my system
I have enabled "viewing" all system and hidden files, but I can't find it anywhere on my hard drives.

I had, of course, read the READ & RUN ME first but thought I'd see if a simple run of Prevx would fix this problem.
A problem which "could" have been the cause of my IE6 Google searches being redirected to http://click.so and so and to http:// yellow.pages.

Now that I realize I will have to do the whole READ & RUN MR FIRST, my question is (I have already downloaded all the required tools and am ready for Step 2 of Windows XP Cleaning procedure and would like to know if I have to do it all in one session or if I can, for ex. run SuperAntiSpyware then Spybot S&D and then power OFF for the night and resume with the rest the next day.
Thanks in advance

 

I want to thank you for the wonderful instructions and tools you have put together. I ran through the Read and Run me FIRST and it worked like a charm.

The only problem (not really a problem but an extra task that took more than 55 minutes) I ran into was when trying to install the Win XP Recovery Console. My CD was not an SP2 and the page in Microsoft had been changed. Their method involved copying the CD's i386\ subdirectory onto my hard drive and download SP2 and integrate it into the re-installation and practically re-install Win XP-SP2. (Actually Combofixe's instructions were not up-to-date for the installation of the Recovery Console and I didn't want to register myself as a Forum user there, just to tell them this.)

My computer "looks" and "acts" OK.
Should I still send you the logs? Just in case?


Thank you all, again.

 

Thanks.
Attaching part 1

 

And here's part 2

Thanks

 

Hi Chaslang
Just wanted to let you know what I did after READ & RUN ME FIRST.
(And I really am not trying to bump my thread. You can respond to it as per the older messages.....)

In order to disable my AV tool (McAfee..... OK, don't laugh please) I un-installed it.

After running all the R&R1st programs, I noticed that I had a lot of antispyware programs but no AVirus and my Firewall was the much maligned Windows XP Firewall. So, I decided to try ZoneAlarm Security Suite (for both Firewall and AV). I was on XP Pro SP2. ZoneAlarm requested a certain Hotfix. To install that Hotfix, Microsoft insisted on updating me to SP3 (which I did) and eventually ZoneAlarm Security Suite is ON and running.

Just wanted to let you know that my registry must have changed from the time the logs I sent you were created and that, possibly, I know that I might be asked to run new logs.

Thanks
Ahmed

 

As well as a few other evil pieces that I was not even aware of.

It worked like a charm. :-D

No offense meant, but I believe you may have been typing a bit too fast. Did you actually mean "Delete the C:\combofix folder from C:\" ?

But when all has been said and done (in this case "done and then said") you guys are fabulous; helping computer users out of quicksand and rescuing us, just for the love of computing, is fantabulous. A Gazillion thanks.