My laptop is completely jacked. The only way that I could get windows to load was in safe mode. I ran all hte fixs in your malware section winsock, cleanup, ect., which allowed me to boot up in normal mode, but I still can't connect tot he internet. I am trying to connect via a wireless connection. When it does come up this random program Bravesnetry comes up. I did not install this program, but it is totally overloading my system. Please Please Please help.
Here is my Hijack this log:
Logfile of HijackThis v1.99.1
Scan saved at 5:37:22 PM, on 9/30/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
D:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://store.presari...t...c01&lc=0409
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://store.presari...t...c01&lc=0409
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://store.presari...t...c01&lc=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\rhqfs.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,ccwjeer.exe
O1 - Hosts: 84.252.148.18 www.bankone.com
O1 - Hosts: 84.252.148.18 bankone.com
O1 - Hosts: 84.252.148.18 halifax.com
O1 - Hosts: 84.252.148.18 www.halifax.com
O1 - Hosts: 84.252.148.18 halifax.co.uk
O1 - Hosts: 84.252.148.18 www.halifax.co.uk
O1 - Hosts: 84.252.148.18 www.bankofamerica.com
O1 - Hosts: 84.252.148.18 bankofamerica.com
O1 - Hosts: 84.252.148.18 www.paypal.com
O1 - Hosts: 84.252.148.18 paypal.com
O1 - Hosts: 84.252.148.18 www.lloydstsb.com
O1 - Hosts: 84.252.148.18 lloydstsb.com
O1 - Hosts: 84.252.148.18 www.lloydstsb.co.uk
O1 - Hosts: 84.252.148.18 lloydstsb.co.uk
O1 - Hosts: 84.252.148.18 www.garanti.com.tr
O1 - Hosts: 84.252.148.18 garanti.com.tr
O1 - Hosts: 84.252.148.18 www.kocbank.com.tr
O1 - Hosts: 84.252.148.18 kocbank.com.tr
O1 - Hosts: 84.252.148.18 www.disbank.com.tr
O1 - Hosts: 84.252.148.18 disbank.com.tr
O1 - Hosts: 84.252.148.18 www.chase.com
O1 - Hosts: 84.252.148.18 chase.com
O1 - Hosts: 84.252.148.18 www.southtrust.com
O1 - Hosts: 84.252.148.18 southtrust.com
O1 - Hosts: 84.252.148.18 www.wachovia.com
O1 - Hosts: 84.252.148.18 wachovia.com
O1 - Hosts: 84.252.148.18 www.wellsfargo.com
O1 - Hosts: 84.252.148.18 wellsfargo.com
O1 - Hosts: 84.252.148.18 www.barclays.co.uk
O1 - Hosts: 84.252.148.18 barclays.co.uk
O1 - Hosts: 84.252.148.18 www.barclays.com
O1 - Hosts: 84.252.148.18 barclays.com
O1 - Hosts: 84.252.148.18 www.barclays.pt
O1 - Hosts: 84.252.148.18 barclays.pt
O1 - Hosts: 84.252.148.18 www.barclays.pt
O1 - Hosts: 84.252.148.18 barclays.pt
O1 - Hosts: 84.252.148.18 www.citi.com
O1 - Hosts: 84.252.148.18 citi.com
O1 - Hosts: 84.252.148.18 www.citibank.com
O1 - Hosts: 84.252.148.18 citibank.com
O1 - Hosts: 84.252.148.18 www.etrade.com
O1 - Hosts: 84.252.148.18 etrade.com
O1 - Hosts: 84.252.148.18 www.neteller.com
O1 - Hosts: 84.252.148.18 neteller.com
O1 - Hosts: 84.252.148.18 tcfbank.com
O1 - Hosts: 84.252.148.18 www.tcfbank.com
O1 - Hosts: 84.252.148.18 hsbc.com
O1 - Hosts: 84.252.148.18 www.hsbc.com
O1 - Hosts: 84.252.148.18 hsbc.co.uk
O1 - Hosts: 84.252.148.18 www.hsbc.co.uk
O1 - Hosts: 84.252.148.18 aol.com
O1 - Hosts: 84.252.148.18 www.aol.com
O1 - Hosts: 84.252.148.18 comerica.com
O1 - Hosts: 84.252.148.18 www.comerica.com
O1 - Hosts: 84.252.148.18 www.3riversfcu.org
O1 - Hosts: 84.252.148.18 3riversfcu.org
O1 - Hosts: 84.252.148.18 www.53.com
O1 - Hosts: 84.252.148.18 53.com
O1 - Hosts: 84.252.148.18 www.bbt.com
O1 - Hosts: 84.252.148.18 bbt.com
O1 - Hosts: 84.252.148.18 www.boh.com
O1 - Hosts: 84.252.148.18 boh.com
O1 - Hosts: 84.252.148.18 www.capitalone.com
O1 - Hosts: 84.252.148.18 capitalone.com
O1 - Hosts: 84.252.148.18 www.cnbwax.com
O1 - Hosts: 84.252.148.18 cnbwax.com
O1 - Hosts: 84.252.148.18 www.cwbk.com
O1 - Hosts: 84.252.148.18 cwbk.com
O1 - Hosts: 84.252.148.18 www.ebay.com
O1 - Hosts: 84.252.148.18 ebay.com
O1 - Hosts: 84.252.148.18 www.edsefcu.org
O1 - Hosts: 84.252.148.18 edsefcu.org
O1 - Hosts: 84.252.148.18 egold.com
O1 - Hosts: 84.252.148.18 www.egold.com
O1 - Hosts: 84.252.148.18 www.e-gold.com
O1 - Hosts: 84.252.148.18 e-gold.com
O1 - Hosts: 84.252.148.18 www.firstusa.com
O1 - Hosts: 84.252.148.18 firstusa.com
O1 - Hosts: 84.252.148.18 www.frontierbank.com
O1 - Hosts: 84.252.148.18 frontierbank.com
O1 - Hosts: 84.252.148.18 www.gncu.org
O1 - Hosts: 84.252.148.18 gncu.org
O1 - Hosts: 84.252.148.18 www.householdbank.com
O1 - Hosts: 84.252.148.18 householdbank.com
O1 - Hosts: 84.252.148.18 www.icicibank.com
O1 - Hosts: 84.252.148.18 icicibank.com
O1 - Hosts: 84.252.148.18 www.mbna.com
O1 - Hosts: 84.252.148.18 mbna.com
O1 - Hosts: 84.252.148.18 www.mibank.com
O1 - Hosts: 84.252.148.18 mibank.com
O1 - Hosts: 84.252.148.18 www.midamericabank.com
O1 - Hosts: 84.252.148.18 midamericabank.com
O1 - Hosts: 84.252.148.18 www.myindymacbank.com
O1 - Hosts: 84.252.148.18 myindymacbank.com
O1 - Hosts: 84.252.148.18 www.nafcunet.org
O1 - Hosts: 84.252.148.18 nafcunet.org
O1 - Hosts: 84.252.148.18 www.nationalcity.com
O1 - Hosts: 84.252.148.18 nationalcity.com
O1 - Hosts: 84.252.148.18 www.cnb.com
O1 - Hosts: 84.252.148.18 cnb.com
O1 - Hosts: 84.252.148.18 www.nationwide.com
O2 - BHO: Bucket Class - {00000001-C003-4A2F-9142-7CB1D78DE6C1} - C:\WINDOWS\tct101.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSL encrypt - {746455FE-D059-47e7-AF0E-140E03F5A447} - C:\WINDOWS\System32\nsg10.dll
O2 - BHO: CFG32S - {7564B020-44E8-4c9b-A887-C6EC41AC67DA} - C:\WINDOWS\cfg32r.dll
O2 - BHO: BHO - {9BB5B49C-0D59-418d-A6A5-F6373B8FEF64} - C:\Program Files\BHO Plugin\plugin1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Scaggy Insert - {C68AE9C0-0909-4DDC-B661-C1AFB9F59898} - C:\WINDOWS\cfg32o.dll
O2 - BHO: Banner Rotator - {D117A61F-92C3-4450-A0C8-F425B14D4127} - C:\WINDOWS\System32\adrotate.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\System32\wltray.exe
O4 - HKLM\..\Run: [loaddr] C:\DOCUME~1\JOERUT~1\LOCALS~1\Temp\freddy.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [pwm1db92] RUNDLL32.EXE w0016de0.dll,n 0051db8d000000050016de0
O4 - HKLM\..\Run: [pop06apelt] C:\WINDOWS\thiselt.exe
O4 - HKLM\..\Run: [septpop06apsept] C:\program files\popupwithcast\septpop06apsept.exe
O4 - HKLM\..\Run: [adstart] "iexplore.exe" "http://iesettingsupdate"
O4 - HKLM\..\Run: [mqbrapoA] C:\WINDOWS\mqbrapoA.exe
O4 - HKLM\..\Run: [{72-27-71-13-ZN}] c:\windows\system32\okdsrego.exe ELT001
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKLM\..\Run: [win3208085-1273551] C:\WINDOWS\win3208085-1273551.exe
O4 - HKLM\..\Run: [ms071085-127355] C:\WINDOWS\ms071085-127355.exe
O4 - HKLM\..\Run: [Configuration Manager] C:\WINDOWS\cfg32.exe
O4 - HKLM\..\Run: [ms043551085-127] C:\WINDOWS\ms043551085-127.exe
O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\Duce6.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\System32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKLM\..\RunOnce: [Compaq_RBA] C:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exe -z
O4 - HKLM\..\RunOnce: [AAW] "C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Aware.exe" "+b1"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyStartUp] c:\Program Files\Microsoft Money\System\Money Startup.exe
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll
O9 - Extra button: Happytofind Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Happytofind Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Support - {A1C62740-93D5-4E72-A5B6-B668D58C5197} - C:\Program Files\Internet Explorer\SIGNUP\Presario.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=3c01&lc=0409
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct0_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/pot0_x.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1106119487956
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: crypt32net - C:\WINDOWS\SYSTEM32\crypt32net.dll
O20 - Winlogon Notify: wincnh32 - C:\WINDOWS\SYSTEM32\wincnh32.dll
O20 - Winlogon Notify: winsys2freg - C:\Documents and Settings\All Users\Documents\Settings\winsys2f.dll
O21 - SSODL: Internet Explorer - {F28A40D7-AD0E-034A-C651-5F0ED76232E6} - C:\WINDOWS\System32\Bkebpm32.dll
O21 - SSODL: DCOM Server 2236 - {2C1CD3D7-86AC-4068-93BC-A02304BB2236} - C:\WINDOWS\System32\2236_32.dll
O23 - Service: Microsoft ASPI Manager (aspi113210) - Unknown owner - C:\WINDOWS\System32\aspi302419.exe
O23 - Service: Compaq Advisor (Compaq_RBA) - NeoPlanet - C:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\mqbrapo.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
Thank You
Ben Luis