logfile attached for BDE Projector & DSO issue

Nothing here to look at but do not post logs unless we ask for them. Your starting point is to please follow all the steps in this Sticky thread < READ ME FIRST: Basic Spyware, Trojan And Virus Removal >

If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.

 

I welcomed you to post a log file in another thread which is what confused us, you have 5 posts, no logfile attached. Were geeks, but we get confused easily too Try again. If your really stuck, copy and paste it and I will convert it to a log file.

 

Okay! I looked up your other thread. The problem is that you should not have started a new thread. You should have just continued to work your problem in the thread you already started for it.

MA,
I have to go edit that HJT tutorial MA. It says post your HJT in a new thread. What we want it to say is "in a new thread if you have not already started one for your problem"

 

Re: logfile inserted for BDE Projector & DSO issue

First you should just ignore the DSO Exploit messages from SpyBot. It is a well known bug. You can configure SpyBot to ignore them to in Advanced Mode under Settings, Ignore Products. Just put a check on DSO Exploit and you will not see them anymore.

For the BDE Projector message you should give us the full message/location that SPyBot Reports. I think it is probably a leftover in the registry somewhere. I do not expect anything I gave you below to address BDE Projector. But the items below should be fixed.

If you have WeatherBug installed, goto Add/Remove Programs and uninstall it.
Run HijackThis and select the below lines (noting by comments/questions) and click Fix
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll (file missing)

If not removed by an uninstall, fix this WeatherBug entry:
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (HKCU)

Do you use napster? If not, remove this next entry:
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.napster.com/client/setup.exe

I always remove anything related to WildTangent so remove the next line.
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/hitthepros03/foxsports/wtinst.cab

Do you recognize this IP address and the name Road Runner? Is this your ISP?
24.95.80.41 = [ cmh-dns-amp-01.columbus.rr.com ]
OrgName: Road Runner
OrgID: RRMA
Address: 13241 Woodland Park Road
City: Herndon
StateProv: VA
PostalCode: 20171
Country: US

If not, fix the below line:
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CA2A225-ED35-4B3D-BC29-ABAE1011219E}: NameServer = 24.95.80.41,24.95.80.45

 

You're welcome Becky.