|
| ||
| (task manager) need help some1 PLEASE review hijackthis file my taskmanager isnt working Logfile of HijackThis v1.99.1 Scan saved at 23:12:11, on 29/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\QWJkdWw\command.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Network Monitor\netmon.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\RunDll32.exe C:\nwnmff_14.exe C:\kybrdff_14.exe C:\dfndrff_14.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\{5C1403C1-0682-1033-0728-04102803002c}\Update.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\svchost.exe C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\taskmgr.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE C:\Program Files\UTStarcom\now wireless broadband\dialer\Dialer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Abdul Manan\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file) O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [p2p networking] p2pnetworking.exe O4 - HKLM\..\Run: [csr] csrrs.exe O4 - HKLM\..\Run: [newname] C:\\nwnmff_14.exe O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_14.exe O4 - HKLM\..\Run: [defender] C:\\dfndrff_14.exe O4 - HKLM\..\Run: [qzwd0af8] RUNDLL32.EXE w083e1e6.dll,n 002d0af60000000a083e1e6 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [UserFaultCheck] C:\WINDOWS\system32\dumprep 0 -u O4 - HKLM\..\RunServices: [p2p networking] p2pnetworking.exe O4 - HKLM\..\RunServices: [csr] csrrs.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe O4 - HKCU\..\Run: [dialer] "C:\Program Files\UTStarcom\now wireless broadband\dialer\Dialer.exe" O4 - HKCU\..\Run: [kkko] C:\PROGRA~1\COMMON~1\kkko\kkkom.exe O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\FIELD_AFFID.exe O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: svchost.exe O4 - Global Startup: taskmgr.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.co...p/PhtPkMSN.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{551C87CE-58BD-42A4-8E22-C2DAA213503E}: NameServer = 81.91.192.254 81.91.192.254 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: Control Panel - C:\WINDOWS\system32\gprol3931.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QWJkdWw\command.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe |
| ||
| Re: (task manager) need help some1 PLEASE review hijackthis file Hi sumeet_b, this may not be the help you expected, but your system is massively infected by several sorts of malware. No wonder your taskmanager doesn't work - some of the nasties try to manipulate the taskmanager. I found indices for actual infections and debris of these pets or their relatives: TROJ_BUDDY.E http://www.trendmicro.com/vinfo/viru...UDDY.E&VSect=T Win32.Mimail.M http://www3.ca.com/securityadvisor/v....aspx?id=37692 Spyware.Look2Me http://www.symantec.com/security_res...102016-0741-99 DollarRevenue/TR/Dldr.Adlo.CW.8.B http://research.eacceleration.com/th...?threat=141094 W32/Agobot-AK http://www.sophos.com/security/analy...2agobotak.html At this point I stopped searching. There is more. I can't help you removing them anyway but I personally wouldn't even try. But you can try to download some free antivirus/anti-spyware programs and online scans and see how far you come: All these buddies are from 2003 and every decent antivirus software + Spybot S+D should know them. But I'm afraid that cleaning up the mess would cost much more time than reformat and reinstall. Read about your infections (click on the links) and what they do on your computer and decide yourself. Read about how to avoid infections (sticky thread on top of this forum) I don't see a sign of a virus scanner on your computer either, which would be an explanation why you have a whole malware retirement home on day trip on your computer. ;) But maybe someone here has better advice for you, good luck |
| ||
| Re: (task manager) need help some1 PLEASE review hijackthis file thanks for trying i aprreciate it im getting my computer rebooted p.s. could you recomend a good free antivirus download thank you:o :) Quote:
|
| ||
| Re: (task manager) need help some1 PLEASE review hijackthis file Try these: Avira Antivir Personal Edition Classic: http://www.free-av.com/ or AVG: http://www.majorgeeks.com/download886.html Always use only one antivirus software (at least only one "guard") since they may interfere with each other. ONLINE VIRUS SCAN WEBSITE Trend Micro:http://housecall.trendmicro.com/ Download Spybot Search and Destroy: http://www.safer-networking.org/en/index.html Much more softwares worth downloading: http://www.daniweb.com/techtalkforums/thread35730.html |
| All times are GMT -4. The time now is 4:38 pm. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC