0

my taskmanager isnt working


Logfile of HijackThis v1.99.1
Scan saved at 23:12:11, on 29/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\QWJkdWw\command.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RunDll32.exe
C:\nwnmff_14.exe
C:\kybrdff_14.exe
C:\dfndrff_14.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\{5C1403C1-0682-1033-0728-04102803002c}\Update.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\svchost.exe
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\taskmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE
C:\Program Files\UTStarcom\now wireless broadband\dialer\Dialer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Abdul Manan\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O3 - Toolbar: ToolBar888 - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [p2p networking] p2pnetworking.exe
O4 - HKLM\..\Run: [csr] csrrs.exe
O4 - HKLM\..\Run: [newname] C:\\nwnmff_14.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_14.exe
O4 - HKLM\..\Run: [defender] C:\\dfndrff_14.exe
O4 - HKLM\..\Run: [qzwd0af8] RUNDLL32.EXE w083e1e6.dll,n 002d0af60000000a083e1e6
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UserFaultCheck] C:\WINDOWS\system32\dumprep 0 -u
O4 - HKLM\..\RunServices: [p2p networking] p2pnetworking.exe
O4 - HKLM\..\RunServices: [csr] csrrs.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [dialer] "C:\Program Files\UTStarcom\now wireless broadband\dialer\Dialer.exe"
O4 - HKCU\..\Run: [kkko] C:\PROGRA~1\COMMON~1\kkko\kkkom.exe
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\FIELD_AFFID.exe
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: svchost.exe
O4 - Global Startup: taskmgr.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{551C87CE-58BD-42A4-8E22-C2DAA213503E}: NameServer = 81.91.192.254 81.91.192.254
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Control Panel - C:\WINDOWS\system32\gprol3931.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QWJkdWw\command.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe

2
Contributors
3
Replies
4
Views
11 Years
Discussion Span
Last Post by Xpenetrator
0

Hi sumeet_b,

this may not be the help you expected, but your system is massively infected by several sorts of malware. No wonder your taskmanager doesn't work - some of the nasties try to manipulate the taskmanager.
I found indices for actual infections and debris of these pets or their relatives:

TROJ_BUDDY.E
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_BUDDY.E&VSect=T

Win32.Mimail.M
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=37692

Spyware.Look2Me
http://www.symantec.com/security_response/writeup.jsp?docid=2003-102016-0741-99

DollarRevenue/TR/Dldr.Adlo.CW.8.B
http://research.eacceleration.com/threats/?threat=141094

W32/Agobot-AK
http://www.sophos.com/security/analyses/w32agobotak.html

At this point I stopped searching. There is more. I can't help you removing them anyway but I personally wouldn't even try. But you can try to download some free antivirus/anti-spyware programs and online scans and see how far you come: All these buddies are from 2003 and every decent antivirus software + Spybot S+D should know them. But I'm afraid that cleaning up the mess would cost much more time than reformat and reinstall. Read about your infections (click on the links) and what they do on your computer and decide yourself. Read about how to avoid infections (sticky thread on top of this forum) I don't see a sign of a virus scanner on your computer either, which would be an explanation why you have a whole malware retirement home on day trip on your computer. ;) But maybe someone here has better advice for you, good luck

0

thanks for trying i aprreciate it im getting my computer rebooted p.s. could you recomend a good free antivirus download thank you:o :)

Hi sumeet_b,

this may not be the help you expected, but your system is massively infected by several sorts of malware. No wonder your taskmanager doesn't work - some of the nasties try to manipulate the taskmanager.
I found indices for actual infections and debris of these pets or their relatives:

TROJ_BUDDY.E
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_BUDDY.E&VSect=T

Win32.Mimail.M
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=37692

Spyware.Look2Me
http://www.symantec.com/security_response/writeup.jsp?docid=2003-102016-0741-99

DollarRevenue/TR/Dldr.Adlo.CW.8.B
http://research.eacceleration.com/threats/?threat=141094

W32/Agobot-AK
http://www.sophos.com/security/analyses/w32agobotak.html

At this point I stopped searching. There is more. I can't help you removing them anyway but I personally wouldn't even try. But you can try to download some free antivirus/anti-spyware programs and online scans and see how far you come: All these buddies are from 2003 and every decent antivirus software + Spybot S+D should know them. But I'm afraid that cleaning up the mess would cost much more time than reformat and reinstall. Read about your infections (click on the links) and what they do on your computer and decide yourself. Read about how to avoid infections (sticky thread on top of this forum) I don't see a sign of a virus scanner on your computer either, which would be an explanation why you have a whole malware retirement home on day trip on your computer. ;) But maybe someone here has better advice for you, good luck

0

Try these:

Avira Antivir Personal Edition Classic:
http://www.free-av.com/
or
AVG:
http://www.majorgeeks.com/download886.html

Always use only one antivirus software (at least only one "guard") since they may interfere with each other.

ONLINE VIRUS SCAN WEBSITE
Trend Micro:http://housecall.trendmicro.com/

Download Spybot Search and Destroy:
http://www.safer-networking.org/en/index.html

Much more softwares worth downloading:
http://www.daniweb.com/techtalkforums/thread35730.html

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.