Home > Need Help > Need Help With TinyProxy.exe And Kenny16.exe Removal

Need Help With TinyProxy.exe And Kenny16.exe Removal

I restored my computer to the day before I got the virus and Spybot S&D can no longer find any threats, but my internet explorer is still messed up. Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLLO3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLLO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO8 - They shouldn't conflict, but Spysweeper and TM Av sure would have. Create Account How it Works Javascript Disabled Detected You currently have javascript disabled. http://scvanet.org/need-help/pum-dns-removal.html

When it finishes, post the contents of new log, Combofix.txt in your next reply together with a new HijackThis log. · actions · 2008-Dec-22 4:21 pm · (locked) RexterLibertas, Aequitas, Veritasjoin:2002-11-17cloud Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Yahoo! Please re-enable javascript to access full functionality. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dllO2 - BHO: Spybot-S&D IE

FYI after doing what u said i coulnt connect to internet, Somthing about proxy settings so i just changed it to no proxy and now everything works fine!! I can't figure out why it's adding them. The symptom I mentioned in my earlier post has gone away. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO2 - BHO: &Yahoo!

Adam Smith Glasgow, 1760 Back to top #6 nasdaq nasdaq Forum Deity Global Moderator 49,124 posts Posted 08 October 2008 - 07:52 AM Glad we could help. It links through www.findmycontent.com. Sign In Use Facebook Use Twitter Use Windows Live Register now! mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832]R3 mfesmfk;McAfee Inc.

This applies only to the original topic starter. You enjoy a clean, safe computer. It also had some sort of error at the end, that it couldn't access something. iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast!

Register to remove all ads. All rights reserved. Pager]--a------ 2007-08-30 17:43 4670704 c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="c:\\Program Files\\iTunes\\iTunes.exe"="c:\\Program Files\\iWin Games\\iWinGames.exe"="c:\\Program Files\\iWin Games\\WebUpdater.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"8383:TCP"= 8383:TCP:TINYPROXY"53:TCP"= 53:TCP:TINYPROXY"8484:TCP"= 8484:TCP:TINYPROXYR1 aswSP;avast! I am using notepad on the infected machine, and gedit on the machine I'm using here on-line.

  • Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllR3 - URLSearchHook: (no name) - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - (no file)O2 - BHO: &Yahoo!
  • First, Move the ComboFix tool to your desktop please.
  • Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:21:18 AM, on 9/20/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe
  • If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.Give it atleast 20-30 minutes to finish if needed. · actions · 2008-Dec-22 10:18
  • We recommend SecurityTaskManager for verifying your computer's security.

IP address is 69.254.78.46. http://www.file.net/process/tinyproxy.exe.html It complained about not being able to connect to the internet, but it ran the scan anyway. The application uses ports to connect to or from a LAN or the Internet. Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast!

Please Help! The connection is automatically restored before CF completes its run. With this I am able ping IP addresses, but unable to resolve DNS queries.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:23:48 AM, on 12/22/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates,

Open HijackThis and do a *system scan only*When it finishes, checkmark these 2 in the list and then press the *fix checked* buttonR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;O8 - Extra context Do join the team if you want to post help, we'd love to have you with us. :-) Back to top #3 nasdaq nasdaq Forum Deity Global Moderator 49,124 posts Posted Several functions may not work. http://scvanet.org/need-help/malware-removal.html O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}

You are running it off of a different drive and it may not work right (we are going to need to use ComboFix to make some custom fixes so that is Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLLO3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLLO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast!

Some files associated with this infection are not showing in your Hijackthis log, So please do the following and post the logs.Download RSIT by random/random and save it to your desktop.Double

Jump to content FacebookTwitter Geeks to Go Forum Security Virus, Spyware, Malware Removal Welcome to Geeks to Go - Register now for FREE Geeks To Go is a helpful hub, where Please re-enable javascript to access full functionality. All rights reserved. Any help offered is greatly appreciated.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:10:10 AM, on 10/10/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program

Here it the HiJack This Report Please Help!!!!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:20:01 PM, on 9/21/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning Jump to content FacebookTwitter Geeks to Go Forum Security Virus, Spyware, Malware Removal Welcome to Geeks to Go - Register now for FREE Geeks To Go is a helpful hub, where I have word wrap turned off on both text editors.===========================================================omboFix 08-12-21.04 - Sandra Removed 2008-12-22 12:56:42.2 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1270.878 [GMT -7:00]Running from: c:\documents and settings\Sandra Removed\Desktop\ComboFix.exeCommand switches Check This Out A clean and tidy computer is the key requirement for avoiding PC trouble.

Register now! A case like this could easily cost hundreds of thousands of dollars. Everyone else please begin a New Topic. 0 Back to Virus, Spyware, Malware Removal · Next Unread Topic → Similar Topics 0 user(s) are reading this topic 0 members, 0 guests, redirected to finditand.com and 404 errors and slower comp [CLOSED] Started by billybobjo999 , Oct 11 2008 05:50 PM This topic is locked #1 billybobjo999 Posted 11 October 2008 - 05:50

The file tinyproxy.exe is located in a subfolder of "C:\Program Files". Place a check against each of the following:R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8484R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;O4 - HKUS\S-1-5-18\..\Run: [ichckupd] C:\WINDOWS\system32\ichckupd.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [ichckupd] C:\WINDOWS\system32\ichckupd.exe (User 'Default user')O8 Use the 6resmon command to identify the processes that are causing your problem. Join our site today to ask your question.

Username or email: I've forgotten my password Forum Password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Community Forum Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exeO23 - Service: Google Updater Staff Online Now TerryNet Moderator Triple6 Moderator Macboatmaster Trusted Advisor Advertisement Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Home Forums Forums BleepingComputer is being sued by Enigma Software because of a negative post of SpyHunter.

Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Microsoft PartnerSilver I di need to get rid of trendmicro, and webroot.Sorry about the spacing. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dllO4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exeO4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exeO4 If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Style Default Style Contact Us Help Home Top RSS Terms and Rules Copyright © TechGuy, Inc. Below are the results you requested:log.txt contents:Logfile of random's system information tool 1.04 (written by random/random)Run by Nelson Family at 2008-10-12 21:05:42Microsoft Windows XP Professional Service Pack 3System drive C: has