buildbirdaim/Mode2Phone/fxjddnkn

R

realchaos1

New member
ok i've been ranting about this on the boards for a while now. I wanna make sure you guys get this.

Every once and a while my CPU will bog down and a file called buildbirdaim.exe will show up in the Task Manager Processes sucking up % of the CPU. I'll also hear a commercial play in the background out of no where and a pop-up with IE will show up about Registery Clean Up.

see: http://forums.spybot.info/showthread.php?t=8901

I appologies for posting a bunch of threads. I was hoping someone would either delete or move then to the appropriate forum after I messed up.

When I snooped around and did a search for "buildbirdaim" I found a pf file hidden away, see: http://forums.spybot.info/showpost.php?p=52944&postcount=5

I started taking a look at my msconfig and found files in the startup that I did not recognize. Mode2Phone.exe and fxjddnkn.exe located under 'C:\Documents and Settings\R-109\Application Data\intermoveaudio' showed up.

So I decided to look in that folder and found that everything was hanging out, including buildbirdaim.exe

I took the Mode2Phone.exe and fxjddnkn.exe out of the msconfig and left the files along (because i wanted to further discuss this with the Spybot community). I restarted and thought all was good until my computer started bogging down yet again.

Not kool, I ended task to buildbirdaim.exe (again) and checked msconfig. Mode2Phone.exe was sitting there checked as if it had a mind of its own.

So I would like to send these files to detections(AT)spybot.info

I will also include the link to this thread. I sent one earlier of the pf file. I want you guys to deal with this so Spybot can make an update. I will leave the infected files on my computer until Spybot S&D can address it.

:spider: god speed!
 
Hello realchaos1,

Let's see if my suspicions are correct about the audio you're hearing. Please do the following for me. :)

Go to Start > Run and paste in the following line:

regedit /e c:\reg.txt "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components"

Click OK.

Go to Start > Run and paste in the following:

c:\reg.txt

Click OK.

A notepad should open, please paste the contents of the notepad into your next reply.

Also :

* Click here to download HJTsetup.exe
  • Save HJTsetup.exe to your desktop.
  • Doubleclick on the HJTsetup.exe icon on your desktop.
  • By default it will install to C:\Program Files\Hijack This.
  • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
  • Put a check by Create a desktop icon then click Next again.
  • Continue to follow the rest of the prompts from there.
  • At the final dialogue box click Finish and it will launch Hijack This.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

Thank you! :)
tea
 
:scratch:
This topic is closed due to lack of a response to helper, if you need it re-opened please send me a private message (pm) and provide a link to the thread.

Applies only to the original topic starter.
 
You must log in or register to reply here.
Back
Top