help me delete this thing! i think it is called matcach f

directions on how to delete it told me to download hijackthis and then scan and post the log and experts would tell me whet to delete and what to keep so i dont delete something i need....please help

Logfile of HijackThis v1.99.1
Scan saved at 12:11:35 AM, on 3/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\fws.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\DOCUME~1\JEFFER~1\MYDOCU~1\SKS~1\wucrtupd.exe
C:\WINDOWS\a?sembly\w?auclt.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dllhost.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe
C:\Documents and Settings\Jeffery Gill\Local Settings\Temporary Internet Files\Content.IE5\01UV0PYF\EClea2_0[1].exe
C:\Documents and Settings\Jeffery Gill\Local Settings\Temporary Internet Files\Content.IE5\01UV0PYF\EClea2_0[1].exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll
O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Verizon\Verizon Internet Security Suite\FBHR.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {D14BBC49-75F6-207C-DF4F-569099A33999} - C:\WINDOWS\system32\hdxvtje.dll
O3 - Toolbar: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - c:\program files\peoplepc\toolbar\PPCToolbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SCAR updater] C:\WINDOWS\system32\SCAR updater.exe
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Verizon Internet Security Suite] "C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe"
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Lhar] "C:\DOCUME~1\JEFFER~1\MYDOCU~1\SKS~1\wucrtupd.exe" -vt yazb
O4 - HKCU\..\Run: [Vbv] "C:\WINDOWS\a?sembly\w?auclt.exe" 99001396
O4 - HKCU\..\Run: [Avi Player] "C:\Program Files\Avi Player\AviPlayer.exe" hmw
O4 - Global Startup: dllhost.exe
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O20 - AppInit_DLLs: ,
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Radialpoint Inc. - C:\Program Files\Verizon\Verizon Internet Security Suite\fws.exe

 

Hi!

* Click Start
* Click Control Panel
* Double-click Add or Remove Program
* Find and remove this program if found:

Oin
Yazzle by Oin
Purityscan by Oin
Snowballwars by Oin
Or anything with Oin or Outerinfo
Zolero
Tizzletalk
MediaTickets
Cowabanga

========================================

Go to www.virustotal.com and put these file: C:\Program Files\Avi Player\AviPlayer.exe, to the box above. Send the results back here.

========================================

Next, download AVG Anti-Spyware:
http://www.ewido.net/en/download/
Locate the icon on the Desktop and double-click it to launch the program.

Now, update the definition files:
On the main screen select Update, and then select the Update Now link.
Next, select the Start Update button
(The update starts and a progress bar shows the updates installed.)

Once the update completes select: Scanner (the top of the screen)
Select the Settings tab
Once in the Settings screen click on: Recommended actions
Select: Quarantine
Under: Reports, select: Automatically generate report after every scan
Un-Select: Only if threats were found
Close AVG AS for now.

Download and drive uninstaller:
http://www.outerinfo.com/OiUninstaller.exe

Instructions for that uninstaller, if needed

========================================

Please download NoLop to the Desktop: http://www.thespykiller.co.uk/forum/index....tpmod;dl=item16

* Close any programs you have running since a reboot is required
* Double click NoLop.exe to run it
* Next, click the button labeled: Search and Destroy
<<your computer will now be scanned for infected files>>
* When the scan finishes, if infected, you are prompted to reboot
* Click OK
* Now click: REBOOT
* A Message should popup from NoLop. If not, double click the program again and it will finish.


Note: If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program.

========================================

Please download VundoFix.exe to your desktop.

* Double-click VundoFix.exe to run it.
* Click the Scan for Vundo button.
* Once it's done scanning, click the Remove Vundo button.
* You will receive a prompt asking if you want to remove the files, click YES
* Once you click yes, your desktop will go blank as it starts removing Vundo.
* When completed, it will prompt that it will reboot your computer, click OK.
* Please post the contents of C:\vundofix.txt and a new HiJackThis log.

Important note -- It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

========================================
Reboot to Safe Mode :
-Restart your computer.
-When the machine first starts again, tap the F8 key before Windows starts
-You are presented with a Windows XP Advanced Options menu.
-Select the option for Safe Mode using the arrow keys.
-Press Enter to boot into Safe Mode.
========================================

In Safemode Find / Remove these:

C:\Program Files\SeekmoToolbar <--- FOLDER
C:\DOCUME~1\JEFFER~1\MYDOCU~1\SKS~1\wucrtupd.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dllhost.exe
c:\program files\peoplepc <--- FOLDER

========================================

Still in Safe Mode, launch AVG AS
Select: Scanner (at the top)
Select the Scan tab
Click on: Complete System Scan
AVG AS begins the scanning process, and it may take a while.
Please do not open any other windows or programs while AVG AS is scanning, it may interfere with the scanning process!!

Once the scan is complete, AVG AS lists any infections found.
It also automatically sets the recommended action.
Click: Apply all actions
AVG AS will then display: All actions have been applied

Next select: Reports (at the top)
Select: Save report as (lower left of the screen)
Save the report to a text file in a location where you can find it!
Close AVG AS.
========================================

Restart your computer back to normalmode.

========================================
Close ALL programs, except HijackThis - Click Scan and
check these lines:

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {D14BBC49-75F6-207C-DF4F-569099A33999} - C:\WINDOWS\system32\hdxvtje.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKCU\..\Run: [Lhar] "C:\DOCUME~1\JEFFER~1\MYDOCU~1\SKS~1\wucrtupd.exe" -vt yazb
O4 - HKCU\..\Run: [Vbv] "C:\WINDOWS\a?sembly\w?auclt.exe" 99001396
O4 - Global Startup: dllhost.exe
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O20 - AppInit_DLLs: ,


And press Fix Checked. Close HijackThis

Restart your computer , send new HjT-log, C:\NoLop.log, C:\vundofix.txt and AVG report to your next reply.