Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

winmine.exe help


  • Please log in to reply

#1
yooperlou

yooperlou

    New Member

  • Member
  • Pip
  • 1 posts
Hello and first off very nice site. I have been away from my computer for over two years and when I came home I found a host of issues. I'll try to put them in some sort of order perhaps it will help.

1. While away there was a serious system crash and my wife took it to a computer shop. They installed windows xp upgrading from win 98. They gave me no original discs and after spending most of last night it appears they did not remove all of 98 before installing xp.

2. I cannot get into safe mode. My keyboard is not recognized when booting up. Constantly hitting F8 does nothing. When booting up the lights for num lock cap lock and scroll lock light one after another. I cannot even turn the keyboard off.

3. Yesterday while running anti trojan shield the virus winmine.exe came up. I thought I was rid of it but the access denied screen came up again today. The only way to get back on is to do a hard reboot by shutting the system off and turning it back on. I know this is not good but it's the only way. The virus was hidden in this folder which I deleted but it must also have a hotkey and I have no idea how to remove that. Here is the file: D:\WINDOWS\system32\winmine.exe (I have two drives c and d, originally my operating system was all on c but since this so called expert worked on this it seems to be between both drives).

4. I run the following spyware programs, AdAware, Spybot, I use AVG as my virus block. I d/l and ran ATF and spyware blocker as recommended today. I also ran hijack this and will post the log.

5. I am by no means a computer expert. I have been extremely busy the last couple days getting things back in order and would appreciate anyones help. I am very hesitant to take this anywhere to be looked at. I live in a very rural area and none of these people have impressed me at all. Here is the hijack log, please bear with me, like I said I'm no expert. Thanks again

Logfile of HijackThis v1.99.1
Scan saved at 8:22:27 AM, on 11/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
D:\Program Files\Winamp\winampa.exe
D:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\supervisor.exe
D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
D:\Documents and Settings\Lou Bertucci\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ms101.mysearc...sa/srchlft.html
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/"); (D:\Documents and Settings\Lou Bertucci\Application Data\Mozilla\Profiles\default\bgma72mk.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (D:\Documents and Settings\Lou Bertucci\Application Data\Mozilla\Profiles\default\bgma72mk.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Motive SmartBridge] D:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [PicasaNet] "D:\Program Files\Hello\Hello.exe" -b
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\RunOnce: [0003 - D:\Documents and Settings\Lou Bertucci\Start Menu\Programs\HP Internet Connection Center] D:\WINDOWS\command.com /c rmdir "D:\Documents and Settings\Lou Bertucci\Start Menu\Programs\HP Internet Connection Center"
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "Lou Bertucci"
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /1
O4 - HKCU\..\Run: [supervisor.exe] D:\WINDOWS\supervisor.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Eraser] D:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [DW4] "D:\PROGRA~1\THEWEA~1\DESKTO~1\DESKTO~1.exe"
O4 - HKCU\..\Run: [updateMgr] "D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = D:\Program Files\SBC Self Support Tool\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .tiff: D:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O18 - Protocol: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - D:\WINDOWS\system32\wowctl2.dll
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

Here is the uninstall list if this helps:

Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0.7
Anti-Trojan Shield 2
AVG Free Edition
ColorCastFX for Digital Cameras
GdiplusUpgrade
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
HP Extended Capabilities 4.7
HP Image Zone 4.7
HP PSC & OfficeJet 4.7
HP Software Update
Intel® PRO Network Adapters and Drivers
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.0_03
Java 2 Runtime Environment, SE v1.4.1_02
Macromedia Shockwave Player
MailWasher Pro
Maptech Terrain Navigator
Microsoft Office 2000 Professional
Mozilla Firefox (1.0.7)
MSN Music Assistant
Netscape (7.1)
Panda Titanium Antivirus 2004
QuickTime
SBC Self Support Tool
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Spybot - Search & Destroy 1.3
SpywareBlaster v3.5.1
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Version 1.03 Lite (Free)
Weather Services
Winamp (remove only)
Window Washer
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinZip

update: I was contacted by trojan shield to upgrade to the new version, which I did. I then ran the scan and of course winmine was still there but it let me delete it although next reboot I'm sure it will be there. Now another thing came up, will it never end. A windows file protection box with this info came up:

Files that are required by windows to run properly have been replaced by unrecognized versions. To maintain system stability, windows must restore the original versions of these files. Please insert your windows xp home edition cd rom now.

I borrowed a cd from my mother and put it in the drive, it would not do anything because it says the version on my computer is newer than the disc. Talk about frustrating.

Thanks again, I'm about ready to take great satisfaction placing this tower under the tires of my jeep and give new meaning to backing up :whistling:
Lou

Edited by yooperlou, 02 November 2006 - 08:37 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP