Find It log and Hijack This Log (wayyyq.exe??)

[SunDizzle]

alrighty right right...thanks for the replies guys!!!

Now, Kuasimodem, that was the first thing I did and, to no avail, it still keeps coming back as infected.......

Here's the deal I did a lot of searching for this problem and think I fixed all the issues in the HijackThis log since the only offending program now is the wayyyq.exe which I have deleted in safe mode and regular (w/o an internet connection mind you) and, to no avail, it's back @ startup each time.

27, no the machine does not run antivirus since i just uninstalled it. I am not partial to Norton so I downloaded an updated version of AVG for the machine but don't want to install it until I get that bugger off of it.

I have been going to the Trendmicro site to scan since that site has Never steared me wrong and it keeps saying I have this Narrator.a viurs/trojan.....

Did more research on that and found a post on, I think it was Castle Cops or something, stating that the person was experiencing the same difficulties and that person was told to download the findit program w/ brings up that second log there. Now the person was also told to get something like LVM or LV, an anit virus program to fix the issue but, is that for me???

To top it all off I can not find a tutorial on how to use the Findit program, unlike Hijack this which has a plethora of info out there on the web......

so, my situation hasn't changed, cleaned up hijack issues (once again minus the wayyyq.exe file) and am stuck @ the findit log....

could this be the offending culprit?? if it is, do I delete all of them at the same time?? the first and third ones have come up as the narrator virus but I can't get rid of them:
-------- Strings.exe Qoologic Results --------

C:\WINDOWS\system32\cugggi.dll: updates.qoologic.com
C:\WINDOWS\system32\erqqqs.dll: updates.qoologic.com
C:\WINDOWS\system32\hupppx.exe: updates.qoologic.com

Thanks to all whom help!!!

shaun

[SunDizzle]

Just checked the second link, 27, and both of the files marked nasty arent?? One of them is the Microsoft Money dll that runs for that program (it is installed on the pc) and the other one is a file from Trendmicro Housecall....(believe me, checked the clsid's on those....) Anything else?

[SunDizzle]

checking back to see if anyone found out about this yet??

[SunDizzle]

Anyone........Buler....Buler...........

[SunDizzle]

hello?

[SunDizzle]

bump???

[SunDizzle]

Bump

[large_nostril]

Quote:

Anyone........Buler....Buler...........

That made me lol.


Well I'd check this entry again:
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab

Make sure it's really part of TrendMicro HouseCall. All HouseCall files are supposed to come from either housecall.trendmicro.com or housecall-beta.trendmicro.com. This one reportedly came from akamai.net which is an ad server and is known for using spyware to promote the ads.

Also, these entries are adware (part of the ClkOptimizer):

Code:

C:\WINDOWS\system32\cugggi.dll: updates.qoologic.com
C:\WINDOWS\system32\erqqqs.dll: updates.qoologic.com
C:\WINDOWS\system32\hupppx.exe: updates.qoologic.com

You should run a-squared and avast!.

Also get yourself a copy of CodeStuff Starter to manage the startup files. Something is likely starting with Windows and causing these things to be added back in.

[EDIT]
Forgot to mention, I have no idea how to use FindIt. I actually never heard of it until now.
[/EDIT]

[SunDizzle]

Nice the Nostril.....I will check it out an let you know. Actually already systematically renameing/deleting the files from my computer.....I ll holla.

[27]

Quote:

Originally Posted by SunDizzle

27, no the machine does not run antivirus since i just uninstalled it. I am not partial to Norton so I downloaded an updated version of AVG for the machine but don't want to install it until I get that bugger off of it.

Uninstall AVG and intall Avast, Home Edition(free).
http://www.avast.com/eng/down_home.html