Still need help! Antivirus 2008 issue (I think), please help!

Well this asiuoqgusdbaksd.com thing is causing me problems, every search engine link i click takes me to this 'asiuoqgusdbaksd.com' website, then redirects me off else where. This is really not the issues, but would love to get rid of it as it's casing problems with other programs running, and what not.

I am running Windows Xp Home just so you know.

Now the main issue is I can't get HiJackThis to install. I get a error saying 'C:\Documents and Settings\Owner\Desktop\HJThisInstall.exe is not a valid win32 Application' When it is a Windows XP version, so it should work.

Also when I try to boot to safe mode via F8 I get the 'NTLDR is missing press cont+alt+delete to restart.' So I can't boot to safe mode.

I believe this is all tied to this Asiuoqgusbaksd.com browser Hijacker, but it could also be something I did on my own trying to get rid of it.

As a side note... It seems anything I download is getting corrupted during the download. Only way I am able to download and run a .exe is if I download it as a zip, then extract/install.

Any help is GREATLY appriciated!

Thanks in advance,
Chris

 

Got HiJackThis to install finally. Here is the log-

Code:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:24:03 PM, on 8/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Linksys Wireless-G Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G Wireless Network Monitor\wmp54gs.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {093450DF-AD44-487D-B9A9-0B143A64CBEF} - C:\WINDOWS\system32\oPijkKCU.dll (file missing)
O2 - BHO: (no name) - {0BC723F4-60E8-4388-AE62-011751CABF16} - C:\WINDOWS\system32\khfCRkjk.dll (file missing)
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [c0954f91] rundll32.exe "C:\WINDOWS\system32\vlmoufjw.dll",b
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AIM] D:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Macro Express 3.lnk = C:\Program Files\Macro Express3\MacExp.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - [url]http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab[/url]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - [url]http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab[/url]
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - [url]http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab[/url]
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - [url]http://lads.myspace.com/upload/MySpaceUploader1006.cab[/url]
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - [url]http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab[/url]
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - [url]http://download.divx.com/player/DivXBrowserPlugin.cab[/url]
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - [url]http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab[/url]
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/url]
O20 - Winlogon Notify: khfCRkjk - khfCRkjk.dll (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WMP54GSSVC - GEMTEKS - C:\Program Files\Linksys Wireless-G Wireless Network Monitor\WLService.exe

--
End of file - 7377 bytes

 

I believe my issue happens to be this -

Code:

O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll

Also I believe I happend to download this antiVirus 2008 thing that is going around.

It's disabled the use of system restore, won't let me view most secuirty webpages, or let me download many thing, plus has made my computer very slow to the point it takes a few minutes to load up afterdawn.com homepage. it's rather irritating.

Again, thanks in advance.

 

I'm also having basically the same problem. Everytime I click a link on a search engine it leads me to asiuoqgusbaksd.com and prompts me to download antivirus 2008(I don't).

I can't run newly installed programs because it says they aren't valid win32 app. And I can't go to well known antimalware/tech forums or websites.

I did a hijack this scan and also had the yahoo toolbar file but I fixed it and still having problems. I also fixed a program called L.exe which is suppsoed to be a downloader trojan, and nothing was fixed.

My internet is going really slow and Winamp(music player) keeps crashing. Even when I type in the URL manually it loads the page incorrectly.

I ran Avast Antivirus thorough scan of every file and it caught like 9 trojan gen and adware gen but it didn't fix the problem, then I did a boot-scan through Avast and it caught a DNS changer and a couple more trojan gen's, although the problem was still there. After that I did a HijackThis scan and deleted the yahoo toolbar and L.exe and did a bootscan with Avast again. This time the bootscan didn't catch anything except 2 courrupted Zip Archives in yahoo and a corrupted RAR archive in Conquer2.0(Pretty sure thats a game I uninstalled a little while ago).

I am pretty sure I got this through Limewire.
I have been getting viruses every couple days since I accidentally installed Vista 2008 Antivirus on my computer(I removed it manually, pretty sure I got all it's files because I used a guide online).

I ran Rootkit Revealer before this new wave of viruses came and it said I had a couple hidden files hidden from Windows API. They were in Control/Controlset001(and 003 and 004) or whatever and were all named tdssserv.sys and there was about 9 or 8 of them.

It has gotten so bad that to even post this I have to use my mom's computer. Will let you know if I fix my computer how to do it.

 

Figured out I could download things on another(uninfected) computer and then use a jump drive to get it to my computer and then the program would work/install.

I just used malwarebytes' antimalware scan, it found 24 objects and successfully removed/deleted them all, but internet is still taking me to the asiuoqgusbaksd site.

 

I'm just going to reformat. No one can seem to actually give any help with this issue. Soo.