SysChat is a free online computer support community. Ask questions, share resources, contribute knowledge and discuss technology. Join our growing community to access all features. Register Now!

SysChat » Software Support » Computer Security » Help Removing Zedo

Computer Security

Discuss Computer Security- Viruses, Adware, Spyware, etc...

Reply
 
LinkBack Thread Tools
  #1 (permalink)  
Old 09-08-2008, 12:20 AM
DaStever DaStever is offline
Junior Member
 
About:
Join Date: Sep 2008
Posts: 1
DaStever is on a distinguished road

Default Help Removing Zedo


Hi,

Can anyone help me? I've tried everything I could find on how to remove Zedo from this box, but nothing's working. I've pasted a Hijack This log file below.

Thanks in advance!!!!!
Andrew

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:16:42 PM, on 9/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Hello\Hello.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\GetModule\GetModule21.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\GetPack\GetPack20.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jason\Desktop\HiJackThis_v2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe




Last edited by Sami; 09-08-2008 at 12:51 AM.. Reason: to remove the links from the log file
Reply With Quote
  #2 (permalink)  
Old 09-08-2008, 12:53 AM
Sami's Avatar
Sami Sami is offline
Administrator
 
About:
Join Date: Jan 2006
Location: New Jersey
Posts: 804
Sami has a spectacular aura aboutSami has a spectacular aura aboutSami has a spectacular aura about

Default


Reboot your computer in safe mode run HijackThis and delete the following entries

C:\Program Files\GetModule\GetModule21.exe
C:\Program Files\GetPack\GetPack20.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = CNN. com - Breaking News, U.S., World, Weather, Entertainment & Video News

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Learn about Dell's laptops, desktops, monitors, printers plus PC electronics & accessories.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local

O2 - BHO: Helper Class - {3670A914-63C2-4E67-8C9B-370AE1922143} - C:\Program Files\BChanger\bchanger.dll

O2 - BHO: bannerstyles15 browser enhancer - {72336a1a-bafb-e607-a0ad-218e19796665} - C:\WINDOWS\system32\dbjxznhhtocz.dll

O2 - BHO: (no name) - {875A1348-7674-42aa-ADAC-B4F36A004A2D} - (no file)



Reply With Quote
Reply




Thread Tools

Similar Threads
Thread Thread Starter Forum Replies Last Post
Removing Norton & others NOT in Add/Remove malmauney General Software 8 09-12-2008 06:27 PM
Can Zedo be removed? bubbarox Computer Security 24 05-30-2008 02:23 PM
Removing XP from Vista Dual-Boot System bobcat1238 Operating Systems 10 03-24-2008 06:48 AM
Zedo birdhouse Computer Security 1 01-02-2008 05:18 PM
Removing XP from dual boot Errol Operating Systems 1 12-19-2007 01:01 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are on



» Ads



1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54