Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92290 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

possilbe sptware problem


  • Please log in to reply
22 replies to this topic

#16 dom1978111

dom1978111

    Authentic Member

  • Authentic Member
  • PipPip
  • 34 posts

Posted 04 April 2008 - 12:44 PM

here it the requested report File pkeoidm.ex_ received on 03.08.2008 12:17:17 (CET) Current status: finished Result: 5/32 (15.62%) Compact Print results Antivirus Version Last Update Result AhnLab-V3 - - - AntiVir - - - Authentium - - - Avast - - - AVG - - - BitDefender - - - CAT-QuickHeal - - (Suspicious) - DNAScan ClamAV - - - DrWeb - - - eSafe - - - eTrust-Vet - - - Ewido - - - F-Prot - - W32/Heuristic-USU!Eldorado F-Secure - - Suspicious:W32/Malware!Gemini FileAdvisor - - - Fortinet - - - Ikarus - - - Kaspersky - - - McAfee - - - Microsoft - - - NOD32v2 - - - Norman - - - Panda - - - Prevx1 - - Heuristic: Suspicious Self Modifying EXE Rising - - - Sophos - - - Sunbelt - - - Symantec - - - TheHacker - - - VBA32 - - - VirusBuster - - - Webwasher-Gateway - - Virus.Win32.FileInfector.gen (suspicious) Additional information MD5: 3994631c58202a94cd8391006edac560 SHA1: 628eb62b278a082a82674ab8d9f0271f2c5abb3f SHA256: e6c0ba2b910f1dfebedbf897ac4eeef50374aead238d0a8eba6ad560321a76f3 SHA512: 13e08702108048561790ac33dada62edb959182c9b84cfdd1da6d8f623c73924638a9b15af82994c 539434bda9f4b3bf40f326b97de3202489c9e4cab1529d7c

    Advertisements

Register to Remove


#17 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,218 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 04 April 2008 - 01:07 PM

Dom,

Lets remove them, OTMoveIt will make a backup if we need them.

Please download OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt.exe to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

    C:\documents and settings\dom\local settings\application data\pkeoidm.exe
    c:\Documents and Settings\DOM\Local Settings\Application Data\pkeoidm.dat
    c:\Documents and Settings\DOM\Local Settings\Application Data\pkeoidm_nav.dat
    c:\Documents and Settings\DOM\Local Settings\Application Data\pkeoidm_navps.dat

  • Return to OTMoveIt, right click on the "Paste List of Files/Folders to be moved" window and choose Paste.
  • Click the red Moveit! button.
  • Copy everything on the Results window to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it on your next reply.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


Post the OTMoveIt log and a New HJT log and let me know how your system is behaving now

Jeffce_zpsa19ee2e6.png

 

 

The forum is staffed by volunteers who donate their time and expertise.

If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#18 dom1978111

dom1978111

    Authentic Member

  • Authentic Member
  • PipPip
  • 34 posts

Posted 04 April 2008 - 01:13 PM

as requested File/Folder C:\documents and settings\dom\local settings\application data\pkeoidm.exe not found. File/Folder c:\Documents and Settings\DOM\Local Settings\Application Data\pkeoidm.dat not found. File/Folder c:\Documents and Settings\DOM\Local Settings\Application Data\pkeoidm_nav.dat not found. File/Folder c:\Documents and Settings\DOM\Local Settings\Application Data\pkeoidm_navps.dat not found. File/Folder not found. File/Folder not found. OTMoveIt2 by OldTimer - Version 1.0.4.0 log created on 04042008_201248

#19 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,218 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 04 April 2008 - 01:41 PM

OTMoveIt is a pretty powerful tool, if it can't find it then they are most likely gone. You can check your self to see if there still present , keeping windows enabled to show all files and folders, let me know and also let me know how your system is running now.

Jeffce_zpsa19ee2e6.png

 

 

The forum is staffed by volunteers who donate their time and expertise.

If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#20 dom1978111

dom1978111

    Authentic Member

  • Authentic Member
  • PipPip
  • 34 posts

Posted 04 April 2008 - 02:00 PM

There are 4 incidences left in the application data folder pkeoidm_nav.da_ pkeoidm_nav.da_Ex file pkeoidm_navps.da_ pkeoidm.da_ These entries have no file icon (instead, they have the 'windows cannot open this file') They had this same icon when i uploaded them to virus total Not sure what it means! As for the system, no popups and all seems fine, the pkeoidm.exe start up entry is still on my tune up start up list and has the same cannot open icon but boes not now check itself when i uncheck it.

#21 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,218 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 04 April 2008 - 02:06 PM

Are you able to delete them, is so delete them and leave them in the Trash .

You may have to be in Safemode to remove them.
To Enter Safemode
  • Go to Start> Shut off your Computer> Restart
  • As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
    this will bring up a menu.
  • Use the Up and Down Arrow Keys to scroll up to Safemode
  • Then press the Enter Key on your Keyboard
Tutorial if you need it How to boot into Safemode

Edited by ken545, 04 April 2008 - 02:08 PM.

Jeffce_zpsa19ee2e6.png

 

 

The forum is staffed by volunteers who donate their time and expertise.

If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#22 dom1978111

dom1978111

    Authentic Member

  • Authentic Member
  • PipPip
  • 34 posts

Posted 04 April 2008 - 02:48 PM

Hi ken, I have now deleted those files now. and things seem normal now. Thank you for your help and patience

#23 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,218 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 04 April 2008 - 02:55 PM

Your very welcome Dom. Glad we got you fixed up :thumbup:


Malware Complaints
Are you mad ? I mean really mad, seething mad, so mad your ready to spit, mad that you have taken your hard earned dollars to buy a computer only to have some Miscredents, Dirt Bags and Cyber Criminals install a malicious program on your computer without your knowledge or consent. You can post your complaint at the above site. If you live in the U.S.A. you can also report your grievance to your State Attorney Generals Office and the Federal Trade Commission's Bureau of Consumer Protection.



Keep in mind if you install some of these programs. Only ONE Anti Virus and only ONE Firewall is recommended, more is overkill and can cause you problems. You can install all the Spyware programs I have listed without any problems. If you install Spyware Blaster, you can still install Spybot Search and Destroy but do not enable the TeaTimer in Spybot.


Here are some free programs to install, all free and highly regarded by the fine people in the Malware Removal Community
  • Spybot Search and Destroy 1.5
    Check for Updates/ Immunize and run a Full System Scan on a regular basis. If you install Spyware Blaster ( Recommended ) then do not enable the TeaTimer in Spybot Search and Destroy.
  • Spyware Blaster It will prevent most spyware from ever being installed. No scan to run, just update about once a week and enable all protection.
  • Spyware Guard It offers realtime protection from spyware installation attempts, again, no scan to run, just install it and let it do its thing.
  • IE-Spyad
    IE-Spyad places over 6000 web sites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (cookies etc) from the sites listed, although you will still be able to connect to the sites.
  • Firefox 2.0.0.13 It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.

Glad we could help

Safe Surfn
Ken

Jeffce_zpsa19ee2e6.png

 

 

The forum is staffed by volunteers who donate their time and expertise.

If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users