|
|||||||
| Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
 |
|
|
Topic Tools |
|
#1
April 12th, 2006, 02:02 PM
|
|||
|
|||
|
Desperately seeking help....
Ihave downloaded a horrible something, lol. I don't have a validated version of Windows XP running so I don't have any of the "validated microsoft updates" and can't use them. I have been very ineffectivally trying to remove what ever is in my computer and have failed miserably, lol. The infections just keep piling up in numbers. PLEASE can someone help me remove this pesky little bugger or buggers from my computer.
Thank you tremdously! Here is my HJT Log: Logfile of HijackThis v1.99.1 Scan saved at 8:48:38 AM, on 04/12/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\rundll32.exe D:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe D:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe D:\WINDOWS\dHJldm9y\command.exe D:\Program Files\Network Monitor\netmon.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\cpwvlss.exe D:\WINDOWS\Explorer.EXE D:\Program Files\MessengerPlus! 3\MsgPlus.exe D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe D:\WINDOWS\SYSC00.exe D:\WINDOWS\ms04545342738.exe D:\WINDOWS\cpwvlssA.exe D:\WINDOWS\System32\RUNDLL32.EXE D:\WINDOWS\system32\sms_msn40.exe D:\WINDOWS\system32\sms_msn.exe C:\windows\mousepad10.exe D:\Program Files\WinAntiVirus Pro 2006\winav.exe D:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.e xe D:\Program Files\Trend Micro\Tmas\Tmas.exe D:\WINDOWS\system32\ngpw40.exe D:\Program Files\Common Files\Windows\services32.exe D:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE D:\Documents and Settings\trevor\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file) F2 - REG:system.ini: Shell=Explorer.exe, D:\WINDOWS\System32\bwjds.exe F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,lrqhdfo. exe O2 - BHO: ngsh35.clsIS - {279A1B41-6CAC-4ABF-B39C-72C8E489F685} - D:\WINDOWS\system32\ngsh35.dll O2 - BHO: RieMon Class - {70F6A776-579A-4C95-BA88-134253907752} - D:\WINDOWS\System32\irsmiibx.dll O2 - BHO: (no name) - {7D9CB362-375B-4FB9-8024-E55079CC69D1}" - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_6_0_0. dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - (no file) O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - D:\Program Files\Toolbar888\ToolBar888.dll O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TheMonitor] D:\WINDOWS\SYSC00.exe O4 - HKLM\..\Run: [ms04545342738] D:\WINDOWS\ms04545342738.exe O4 - HKLM\..\Run: [cpwvlssA] D:\WINDOWS\cpwvlssA.exe O4 - HKLM\..\Run: [w21862f1.dll] RUNDLL32.EXE w21862f1.dll,I2 0003c164021862f1 O4 - HKLM\..\Run: [BrowserUpdateSched] D:\WINDOWS\System32\twinsraf.exe FI002 O4 - HKLM\..\Run: [sms_msn40] D:\WINDOWS\system32\sms_msn40.exe O4 - HKLM\..\Run: [sms_msn] D:\WINDOWS\system32\sms_msn.exe O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard10.exe O4 - HKLM\..\Run: [newname] C:\windows\newname10.exe O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad10.exe O4 - HKLM\..\Run: [WinAntiVirusPro2006] D:\Program Files\WinAntiVirus Pro 2006\winav.exe /min O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] D:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.e xe O4 - HKCU\..\Run: [gbert] D:\WINDOWS\System32\knsysa.exe reg_run O4 - HKCU\..\Run: [irssyncd] D:\WINDOWS\System32\irssyncd.exe O4 - HKCU\..\Run: [iuiz] D:\PROGRA~1\COMMON~1\iuiz\iuizm.exe O4 - HKCU\..\Run: [SurfSideKick 3] D:\Program Files\SurfSideKick 3\Ssk.exe O4 - HKCU\..\Run: [services32] D:\Program Files\Common Files\Windows\mc-110-12-0000137.exe O4 - Startup: Zeno.lnk = D:\WINDOWS\system32\twinsraf.exe O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Trend Micro Anti-Spyware.lnk = D:\Program Files\Trend Micro\Tmas\Tmas.exe O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://D:\Program Files\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - D:\WINDOWS\System32\dmonwv.dll (file missing) O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - D:\WINDOWS\System32\dmonwv.dll (file missing) O15 - Trusted Zone: *.elitemediagroup.net O15 - Trusted Zone: http://click.getmirar.com (HKLM) O15 - Trusted Zone: http://click.mirarsearch.com (HKLM) O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM) O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM) O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/game...s/y/dot8_x.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho...st20040510.cab O16 - DPF: {35B9DBE4-5284-46B3-9E0F-919364B22F02} (Test Class) - http://adult.www.worldgroups.com/atlweb1.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} (elitectl.DemoCtl) - http://cabs.elitemediagroup.net/cabs/mediaview.cab O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go.com/games/downl...ameManager.cab O16 - DPF: {F229AB32-7BF9-4225-B78F-B4680AE6FC23} (Snapfish File Upload ActiveX Control) - http://www.snapfish.com/SnapfishUpload.cab O20 - Winlogon Notify: DateTime - D:\WINDOWS\system32\lv6409jqe.dll O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - D:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - D:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Command Service (cmdService) - Unknown owner - D:\WINDOWS\dHJldm9y\command.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Network Monitor - Unknown owner - D:\Program Files\Network Monitor\netmon.exe O23 - Service: Windows Overlay Components - Unknown owner - D:\WINDOWS\cpwvlss.exe |
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| Desperately Seeking Help | LoppyThug | Windows Vista | 6 | February 14th, 2008 05:53 AM |
| Desperately seeking help :( | WinT | Windows 98 | 31 | July 6th, 2006 07:12 PM |
| Please HELP . Desperately seeking help | shinkansen | Windows XP | 1 | November 4th, 2004 05:35 PM |
| Desperately seeking help.... | DoubleShimmer | Malware Removal | 12 | August 17th, 2004 09:11 PM |
| Desperately Seeking . . . Help | carlygirl1973 | Malware Removal | 1 | June 27th, 2004 04:13 AM |
All times are GMT +1. The time now is 09:50 PM.