My computer is bringing up pop ups at random times saying that my computer is infected with Worm.Win32.NetBooster and that I need to download the recomended antispyware , the internet will also pop up randomly with ads for antispyware, antivirus, and other programs. Also there's three icons on my desktop that appeared out of the blue and all three are directing to : http://viruswebprote...om/shandler.php? I downloaded a few different types of programs to help me with the problem, such as: Spybot SD, RegistryBooster 2, SpyZooka (not at same time....deleted from computer) None seem to work though...
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\WINDOWS\wanmpsvc.exe
C:\Documents and Settings\All
Users\Application
Data\nkzchatu\pejslwpy.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Lexmark 5400
Series\ezprint.exe
C:\Program
Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common
Files\AOL\1161093392\ee\AOLSoftware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet
Explorer\iexplore.exe
C:\Program Files\Trend
Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://softwarerefer...om/jump.php?wmi
d=6010&mid=MjI6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft....wlink/?LinkId=6
9157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft....wlink/?LinkId=5
4896
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft....wlink/?LinkId=5
4896
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://go.microsoft....wlink/?LinkId=6
9157
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,First Home Page =
http://go.microsoft....wlink/?LinkId=5
4843
O2 - BHO: Lexmark Toolbar -
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} -
C:\Program Files\Lexmark
Toolbar\toolband.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program
Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: DVA Gate -
{DB9D1BB8-3615-48A6-BF50-5CB45AB28230} -
C:\WINDOWS\gndarmblaor.dll
O3 - Toolbar: Lexmark Toolbar -
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} -
C:\Program Files\Lexmark
Toolbar\toolband.dll
O3 - Toolbar: wxdbpfvo -
{E1B2B64B-E123-4A7A-98D7-C51065DF3249} -
C:\WINDOWS\wxdbpfvo.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
/STARTUP
O4 - HKLM\..\Run: [lxctmon.exe]
"C:\Program Files\Lexmark 5400
Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series
Fax Server] "C:\Program Files\Lexmark
5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program
Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32
C:\WINDOWS\System32\spool\DRIVERS\W32X86
\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Windows Defender]
"C:\Program Files\Windows
Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched]
"C:\Program
Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program
Files\Real\RealPlayer\RealPlay.exe
SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Pure Networks Port
Magic]
"C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.e
xe" -Run
O4 - HKLM\..\Run: [NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray]
C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HostManager]
C:\Program Files\Common
Files\AOL\1161093392\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program
Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware
Protection]
"C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP
Scheduler.exe"
O4 - HKLM\..\Run: [EarthLink Installer]
" /C
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Desktop
Search] "C:\Program Files\Google\Google
Desktop Search\GoogleDesktop.exe"
/startup
O4 - HKCU\..\Run: [Antivirus] C:\Program
Files\Antivirus 2008\Antvrs.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer]
C:\Program Files\Spybot - Search &
Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue
RegistryBooster 2] C:\Program
Files\Uniblue\RegistryBooster
2\RegistryBooster.exe /S
O4 - HKLM\..\Policies\Explorer\Run:
[4vqpbZjPq9] C:\Documents and
Settings\All Users\Application
Data\nkzchatu\pejslwpy.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run]
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run]
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run]
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run]
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program
Files\IMVU\IMVUClient.exe
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program
Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java
Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program
Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) -
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
(no file)
O9 - Extra button: Run IMVU -
{d9288080-1baa-4bc4-9cf8-a92d743db949} -
C:\Documents and Settings\Owner\Start
Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O16 - DPF:
{17492023-C23A-453E-A040-C7C580BBF700}
(Windows Genuine Advantage Validation
Tool) -
http://go.microsoft....wlink/?LinkID=3
9204
O16 - DPF:
{6414512B-B978-451D-A0D8-FCFDF33E833C}
(WUWebControl Class) -
http://update.micros...om/windowsupdat
e/v6/V5Controls/en/x86/client/wuweb_site
.cab?1160496661531
O16 - DPF:
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.micros...om/microsoftupd
ate/v6/V5Controls/en/x86/client/muweb_si
te.cab?1164838269500
O21 - SSODL: qadovnel -
{42958F14-F20A-46AE-B5A0-AD620A24763A} -
C:\WINDOWS\qadovnel.dll
O21 - SSODL: bdkpfxqw -
{43025D42-C4EC-475E-B96F-19F16C218AEC} -
C:\WINDOWS\bdkpfxqw.dll
O23 - Service: AOL Connectivity Service
(AOL ACS) - AOL LLC -
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG7 Alert Manager Server
(Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service
(Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner
(AVGEMS) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: lxct_device - -
C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: WAN Miniport (ATW)
Service (WANMiniportService) - America
Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O24 - Desktop Component 0: Privacy
Protection -
file:///C:\WINDOWS\privacy_danger\index.
htm
--
End of file
---Please and Thank you