Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Appwrap B.com Winfix loadingwebsite.com [RESOLVED]


  • This topic is locked This topic is locked

#1
Mikey127

Mikey127

    Member

  • Member
  • PipPip
  • 18 posts
Hi, well my pc has alot of stuff i cant get rid of.starting off theres Appwrap[1] and Appwrap[2] ive killboxed both of these multiple times and my virus scanner has quarentined them well over 50x it just comes back.i also get a b.com trojan popup as well as many popups from loadingwebsite.com/yyy*some number*.my javascript is currently messed up even though its enabled so i cant go to trendmicro and scan, winfix... everyone seems to have winfix 2005 problems lol.when i look at taskmanager theres over 10 programs of "Iexplore"and about every 30mins i get a popup window saying "do you wish to run internet explorer scripts, most scripts are secure". any help at all is greatly appreciated, ty! and heres my hjt log


Logfile of HijackThis v1.99.1
Scan saved at 9:32:59 PM, on 8/7/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\ptsnoop.exe
C:\WINDOWS\DESKTOP\SYSRESET\MIRC.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://morwillsearch...id=fish&sub_id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [RegRun WinBait] C:\WINDOWS\winbait.exe
O4 - HKLM\..\Run: [@RegRunOnSecure] C:\PROGRA~1\GREATIS\REGRUN~1\OnSecure.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKCU\..\Run: [Regrun2] C:\PROGRA~1\GREATIS\REGRUN~1\WatchDog.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\WINDOWS\Desktop\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PopUpSentry] C:\PROGRAM FILES\POPUPSENTRY.COM\POP-UP SENTRY!\PSENTRY.EXE
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\PROGRAM FILES\AOL\AOL TOOLBAR 2.0\AOLTB.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/s...nfo/webscan.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - http://gameadvisor.f...lobal/msc37.cab
O16 - DPF: {4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} (ActiveX Control) - http://www.icannnews.../ST/ActiveX.ocx
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com...p/PCPitStop.CAB
O16 - DPF: {972BB342-14A7-4660-83C1-51DDBEE171DB} - http://www.pacimedia...ll/pcs_0026.exe
  • 0

Advertisements


#2
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Please download L2m9xfix here:
http://swandog46.gee...om/l2m9xfix.exe

Save it to the desktop and run it. Extract the files, and then open the l2m9xfix folder you just created and run RunThis.bat.

A window will open, and your desktop will disappear, then reappear. Please be patient until the batch says it is completed.

Then please restart your computer, and post a new HijackThis log as well as the entire text of the log.txt file which should be in the same folder as RunThis.bat.

Regards,
  • 0

#3
Mikey127

Mikey127

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Logfile of HijackThis v1.99.1
Scan saved at 9:22:14 AM, on 8/15/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\ptsnoop.exe
C:\PROGRAM FILES\LIUTILITIES\SPEEDUPMYPC\SPEEDUPMYPC.EXE
C:\PROGRAM FILES\LIUTILITIES\WINTASKS\WINTASKS.EXE
C:\PROGRAM FILES\LIUTILITIES\SPEEDUPMYPC\HELPER.EXE
C:\WINDOWS\NOTEPAD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by @Home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy:8080
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O4 - Startup: SpeedUpMyPC.lnk = C:\Program Files\LIUtilities\SpeedUpMyPC\speedupmypc.exe
O4 - Startup: WinTasks.lnk = C:\Program Files\LIUtilities\WinTasks\wintasks.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\PROGRAM FILES\AOL\AOL TOOLBAR 2.0\AOLTB.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: @Home - {F1E02480-08CC-11DA-8D93-00D009D1AFD4} - http://home.excite.com (file missing) (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.mac...ash/swflash.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/s...nfo/webscan.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - http://gameadvisor.f...lobal/msc37.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com...p/PCPitStop.CAB
  • 0

#4
Mikey127

Mikey127

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Log of L2M9XFix v1

************

Running from directory:
C:\WINDOWS\Desktop\L\l2m9xfix

************

Files found:

C:\WINDOWS\system\AND.DLL
C:\WINDOWS\system\AND.DLL
C:\WINDOWS\system\AND.DLL
C:\WINDOWS\system\AND.DLL
C:\WINDOWS\system\atiehelp.dll
C:\WINDOWS\system\atiehelp.dll
C:\WINDOWS\system\atiehelp.dll
C:\WINDOWS\system\atiehelp.dll
C:\WINDOWS\system\AZDENC32.DLL
C:\WINDOWS\system\AZDENC32.DLL
C:\WINDOWS\system\AZDENC32.DLL
C:\WINDOWS\system\AZDENC32.DLL
C:\WINDOWS\system\CFYPTUI.DLL
C:\WINDOWS\system\CFYPTUI.DLL
C:\WINDOWS\system\CFYPTUI.DLL
C:\WINDOWS\system\CFYPTUI.DLL
C:\WINDOWS\system\CKTRUST.DLL
C:\WINDOWS\system\CKTRUST.DLL
C:\WINDOWS\system\CKTRUST.DLL
C:\WINDOWS\system\CKTRUST.DLL
C:\WINDOWS\system\Cnpe32.dll
C:\WINDOWS\system\Cnpe32.dll
C:\WINDOWS\system\Cnpe32.dll
C:\WINDOWS\system\Cnpe32.dll
C:\WINDOWS\system\cosNPB22.dll
C:\WINDOWS\system\cosNPB22.dll
C:\WINDOWS\system\cosNPB22.dll
C:\WINDOWS\system\cosNPB22.dll
C:\WINDOWS\system\Cvpe32.dll
C:\WINDOWS\system\Cvpe32.dll
C:\WINDOWS\system\Cvpe32.dll
C:\WINDOWS\system\Cvpe32.dll
C:\WINDOWS\system\dCdxof.dll
C:\WINDOWS\system\dCdxof.dll
C:\WINDOWS\system\dCdxof.dll
C:\WINDOWS\system\dCdxof.dll
C:\WINDOWS\system\DDSCRIPT.DLL
C:\WINDOWS\system\DDSCRIPT.DLL
C:\WINDOWS\system\DDSCRIPT.DLL
C:\WINDOWS\system\DDSCRIPT.DLL
C:\WINDOWS\system\DFRAW.DLL
C:\WINDOWS\system\DFRAW.DLL
C:\WINDOWS\system\DFRAW.DLL
C:\WINDOWS\system\DFRAW.DLL
C:\WINDOWS\system\DH630_32.DLL
C:\WINDOWS\system\DH630_32.DLL
C:\WINDOWS\system\DH630_32.DLL
C:\WINDOWS\system\DH630_32.DLL
C:\WINDOWS\system\DKDMO.DLL
C:\WINDOWS\system\DKDMO.DLL
C:\WINDOWS\system\DKDMO.DLL
C:\WINDOWS\system\DKDMO.DLL
C:\WINDOWS\system\DNVMGR32.DLL
C:\WINDOWS\system\DNVMGR32.DLL
C:\WINDOWS\system\DNVMGR32.DLL
C:\WINDOWS\system\DNVMGR32.DLL
C:\WINDOWS\system\DRVOICE.DLL
C:\WINDOWS\system\DRVOICE.DLL
C:\WINDOWS\system\DRVOICE.DLL
C:\WINDOWS\system\DRVOICE.DLL
C:\WINDOWS\system\dSd9.dll
C:\WINDOWS\system\dSd9.dll
C:\WINDOWS\system\dSd9.dll
C:\WINDOWS\system\dSd9.dll
C:\WINDOWS\system\DTDIM700.DLL
C:\WINDOWS\system\DTDIM700.DLL
C:\WINDOWS\system\DTDIM700.DLL
C:\WINDOWS\system\DTDIM700.DLL
C:\WINDOWS\system\dUdpmesh.dll
C:\WINDOWS\system\dUdpmesh.dll
C:\WINDOWS\system\dUdpmesh.dll
C:\WINDOWS\system\dUdpmesh.dll
C:\WINDOWS\system\DVCPCSVC.DLL
C:\WINDOWS\system\DVCPCSVC.DLL
C:\WINDOWS\system\DVCPCSVC.DLL
C:\WINDOWS\system\DVCPCSVC.DLL
C:\WINDOWS\system\eicapi.dll
C:\WINDOWS\system\eicapi.dll
C:\WINDOWS\system\eicapi.dll
C:\WINDOWS\system\eicapi.dll
C:\WINDOWS\system\GSI32.DLL
C:\WINDOWS\system\GSI32.DLL
C:\WINDOWS\system\GSI32.DLL
C:\WINDOWS\system\GSI32.DLL
C:\WINDOWS\system\IASENG.DLL
C:\WINDOWS\system\IASENG.DLL
C:\WINDOWS\system\IASENG.DLL
C:\WINDOWS\system\IASENG.DLL
C:\WINDOWS\system\icagr5.dll
C:\WINDOWS\system\icagr5.dll
C:\WINDOWS\system\icagr5.dll
C:\WINDOWS\system\icagr5.dll
C:\WINDOWS\system\IF_NDI.DLL
C:\WINDOWS\system\IF_NDI.DLL
C:\WINDOWS\system\IF_NDI.DLL
C:\WINDOWS\system\IF_NDI.DLL
C:\WINDOWS\system\IMLOADER.DLL
C:\WINDOWS\system\IMLOADER.DLL
C:\WINDOWS\system\IMLOADER.DLL
C:\WINDOWS\system\IMLOADER.DLL
C:\WINDOWS\system\INM32.DLL
C:\WINDOWS\system\INM32.DLL
C:\WINDOWS\system\INM32.DLL
C:\WINDOWS\system\INM32.DLL
C:\WINDOWS\system\iuircl.dll
C:\WINDOWS\system\iuircl.dll
C:\WINDOWS\system\iuircl.dll
C:\WINDOWS\system\iuircl.dll
C:\WINDOWS\system\IX_NDI.DLL
C:\WINDOWS\system\IX_NDI.DLL
C:\WINDOWS\system\IX_NDI.DLL
C:\WINDOWS\system\IX_NDI.DLL
C:\WINDOWS\system\IY3v23xBase.DLL
C:\WINDOWS\system\IY3v23xBase.DLL
C:\WINDOWS\system\IY3v23xBase.DLL
C:\WINDOWS\system\IY3v23xBase.DLL
C:\WINDOWS\system\jwdw400.dll
C:\WINDOWS\system\jwdw400.dll
C:\WINDOWS\system\jwdw400.dll
C:\WINDOWS\system\jwdw400.dll
C:\WINDOWS\system\LBEXPAND.DLL
C:\WINDOWS\system\LBEXPAND.DLL
C:\WINDOWS\system\LBEXPAND.DLL
C:\WINDOWS\system\LBEXPAND.DLL
C:\WINDOWS\system\MBTCP.DLL
C:\WINDOWS\system\MBTCP.DLL
C:\WINDOWS\system\MBTCP.DLL
C:\WINDOWS\system\MBTCP.DLL
C:\WINDOWS\system\mcoeacct.dll
C:\WINDOWS\system\mcoeacct.dll
C:\WINDOWS\system\mcoeacct.dll
C:\WINDOWS\system\mcoeacct.dll
C:\WINDOWS\system\mdcrlrev.dll
C:\WINDOWS\system\mdcrlrev.dll
C:\WINDOWS\system\mdcrlrev.dll
C:\WINDOWS\system\mdcrlrev.dll
C:\WINDOWS\system\MDVBVM50.DLL
C:\WINDOWS\system\MDVBVM50.DLL
C:\WINDOWS\system\MDVBVM50.DLL
C:\WINDOWS\system\MDVBVM50.DLL
C:\WINDOWS\system\mdxdm.dll
C:\WINDOWS\system\mdxdm.dll
C:\WINDOWS\system\mdxdm.dll
C:\WINDOWS\system\mdxdm.dll
C:\WINDOWS\system\mfstdfmt.dll
C:\WINDOWS\system\mfstdfmt.dll
C:\WINDOWS\system\mfstdfmt.dll
C:\WINDOWS\system\mfstdfmt.dll
C:\WINDOWS\system\mgoeacct.dll
C:\WINDOWS\system\mgoeacct.dll
C:\WINDOWS\system\mgoeacct.dll
C:\WINDOWS\system\mgoeacct.dll
C:\WINDOWS\system\MHXML.DLL
C:\WINDOWS\system\MHXML.DLL
C:\WINDOWS\system\MHXML.DLL
C:\WINDOWS\system\MHXML.DLL
C:\WINDOWS\system\MIPCIC.DLL
C:\WINDOWS\system\MIPCIC.DLL
C:\WINDOWS\system\MIPCIC.DLL
C:\WINDOWS\system\MIPCIC.DLL
C:\WINDOWS\system\mitext40.dll
C:\WINDOWS\system\mitext40.dll
C:\WINDOWS\system\mitext40.dll
C:\WINDOWS\system\mitext40.dll
C:\WINDOWS\system\MJCMS.DLL
C:\WINDOWS\system\MJCMS.DLL
C:\WINDOWS\system\MJCMS.DLL
C:\WINDOWS\system\MJCMS.DLL
C:\WINDOWS\system\MKVCI70.dll
C:\WINDOWS\system\MKVCI70.dll
C:\WINDOWS\system\MKVCI70.dll
C:\WINDOWS\system\MKVCI70.dll
C:\WINDOWS\system\mljtes40.dll
C:\WINDOWS\system\mljtes40.dll
C:\WINDOWS\system\mljtes40.dll
C:\WINDOWS\system\mljtes40.dll
C:\WINDOWS\system\MOCUIA32.DLL
C:\WINDOWS\system\MOCUIA32.DLL
C:\WINDOWS\system\MOCUIA32.DLL
C:\WINDOWS\system\MOCUIA32.DLL
C:\WINDOWS\system\MOPWL32.DLL
C:\WINDOWS\system\MOPWL32.DLL
C:\WINDOWS\system\MOPWL32.DLL
C:\WINDOWS\system\MOPWL32.DLL
C:\WINDOWS\system\MPVFW32.DLL
C:\WINDOWS\system\MPVFW32.DLL
C:\WINDOWS\system\MPVFW32.DLL
C:\WINDOWS\system\MPVFW32.DLL
C:\WINDOWS\system\MQCUIA32.DLL
C:\WINDOWS\system\MQCUIA32.DLL
C:\WINDOWS\system\MQCUIA32.DLL
C:\WINDOWS\system\MQCUIA32.DLL
C:\WINDOWS\system\mqvcp60.dll
C:\WINDOWS\system\mqvcp60.dll
C:\WINDOWS\system\mqvcp60.dll
C:\WINDOWS\system\mqvcp60.dll
C:\WINDOWS\system\MUACM32.DLL
C:\WINDOWS\system\MUACM32.DLL
C:\WINDOWS\system\MUACM32.DLL
C:\WINDOWS\system\MUACM32.DLL
C:\WINDOWS\system\MUJT3032.DLL
C:\WINDOWS\system\MUJT3032.DLL
C:\WINDOWS\system\MUJT3032.DLL
C:\WINDOWS\system\MUJT3032.DLL
C:\WINDOWS\system\mxtext40.dll
C:\WINDOWS\system\mxtext40.dll
C:\WINDOWS\system\mxtext40.dll
C:\WINDOWS\system\mxtext40.dll
C:\WINDOWS\system\MYPCIC.DLL
C:\WINDOWS\system\MYPCIC.DLL
C:\WINDOWS\system\MYPCIC.DLL
C:\WINDOWS\system\MYPCIC.DLL
C:\WINDOWS\system\nfcpl.dll
C:\WINDOWS\system\nfcpl.dll
C:\WINDOWS\system\nfcpl.dll
C:\WINDOWS\system\nfcpl.dll
C:\WINDOWS\system\nfrspl.dll
C:\WINDOWS\system\nfrspl.dll
C:\WINDOWS\system\nfrspl.dll
C:\WINDOWS\system\nfrspl.dll
C:\WINDOWS\system\nhiew.dll
C:\WINDOWS\system\nhiew.dll
C:\WINDOWS\system\nhiew.dll
C:\WINDOWS\system\nhiew.dll
C:\WINDOWS\system\nkmirage.dll
C:\WINDOWS\system\nkmirage.dll
C:\WINDOWS\system\nkmirage.dll
C:\WINDOWS\system\nkmirage.dll
C:\WINDOWS\system\nlwrspt.dll
C:\WINDOWS\system\nlwrspt.dll
C:\WINDOWS\system\nlwrspt.dll
C:\WINDOWS\system\nlwrspt.dll
C:\WINDOWS\system\nnwdmcpl.dll
C:\WINDOWS\system\nnwdmcpl.dll
C:\WINDOWS\system\nnwdmcpl.dll
C:\WINDOWS\system\nnwdmcpl.dll
C:\WINDOWS\system\NVSHAR2K.DLL
C:\WINDOWS\system\NVSHAR2K.DLL
C:\WINDOWS\system\NVSHAR2K.DLL
C:\WINDOWS\system\NVSHAR2K.DLL
C:\WINDOWS\system\nwwrseng.dll
C:\WINDOWS\system\nwwrseng.dll
C:\WINDOWS\system\nwwrseng.dll
C:\WINDOWS\system\nwwrseng.dll
C:\WINDOWS\system\nxwrstr.dll
C:\WINDOWS\system\nxwrstr.dll
C:\WINDOWS\system\nxwrstr.dll
C:\WINDOWS\system\nxwrstr.dll
C:\WINDOWS\system\NYDLL.DLL
C:\WINDOWS\system\NYDLL.DLL
C:\WINDOWS\system\NYDLL.DLL
C:\WINDOWS\system\NYDLL.DLL
C:\WINDOWS\system\ONTWA400.DLL
C:\WINDOWS\system\ONTWA400.DLL
C:\WINDOWS\system\ONTWA400.DLL
C:\WINDOWS\system\ONTWA400.DLL
C:\WINDOWS\system\oqbccp32.dll
C:\WINDOWS\system\oqbccp32.dll
C:\WINDOWS\system\oqbccp32.dll
C:\WINDOWS\system\oqbccp32.dll
C:\WINDOWS\system\OSUI400.DLL
C:\WINDOWS\system\OSUI400.DLL
C:\WINDOWS\system\OSUI400.DLL
C:\WINDOWS\system\OSUI400.DLL
C:\WINDOWS\system\OTE2DISP.DLL
C:\WINDOWS\system\OTE2DISP.DLL
C:\WINDOWS\system\OTE2DISP.DLL
C:\WINDOWS\system\OTE2DISP.DLL
C:\WINDOWS\system\owbc32gt.dll
C:\WINDOWS\system\owbc32gt.dll
C:\WINDOWS\system\owbc32gt.dll
C:\WINDOWS\system\owbc32gt.dll
C:\WINDOWS\system\OWESVR.DLL
C:\WINDOWS\system\OWESVR.DLL
C:\WINDOWS\system\OWESVR.DLL
C:\WINDOWS\system\OWESVR.DLL
C:\WINDOWS\system\oybcjt32.dll
C:\WINDOWS\system\oybcjt32.dll
C:\WINDOWS\system\oybcjt32.dll
C:\WINDOWS\system\oybcjt32.dll
C:\WINDOWS\system\PHSPL.DLL
C:\WINDOWS\system\PHSPL.DLL
C:\WINDOWS\system\PHSPL.DLL
C:\WINDOWS\system\PHSPL.DLL
C:\WINDOWS\system\pkapi.dll
C:\WINDOWS\system\pkapi.dll
C:\WINDOWS\system\pkapi.dll
C:\WINDOWS\system\pkapi.dll
C:\WINDOWS\system\PLFMGR.DLL
C:\WINDOWS\system\PLFMGR.DLL
C:\WINDOWS\system\PLFMGR.DLL
C:\WINDOWS\system\PLFMGR.DLL
C:\WINDOWS\system\PSWRPROF.DLL
C:\WINDOWS\system\PSWRPROF.DLL
C:\WINDOWS\system\PSWRPROF.DLL
C:\WINDOWS\system\PSWRPROF.DLL
C:\WINDOWS\system\pudx5016.dll
C:\WINDOWS\system\pudx5016.dll
C:\WINDOWS\system\pudx5016.dll
C:\WINDOWS\system\pudx5016.dll
C:\WINDOWS\system\QHSNAME.DLL
C:\WINDOWS\system\QHSNAME.DLL
C:\WINDOWS\system\QHSNAME.DLL
C:\WINDOWS\system\QHSNAME.DLL
C:\WINDOWS\system\RGCLTCCM.DLL
C:\WINDOWS\system\RGCLTCCM.DLL
C:\WINDOWS\system\RGCLTCCM.DLL
C:\WINDOWS\system\RGCLTCCM.DLL
C:\WINDOWS\system\RIASIG.DLL
C:\WINDOWS\system\RIASIG.DLL
C:\WINDOWS\system\RIASIG.DLL
C:\WINDOWS\system\RIASIG.DLL
C:\WINDOWS\system\rpaenh.dll
C:\WINDOWS\system\rpaenh.dll
C:\WINDOWS\system\rpaenh.dll
C:\WINDOWS\system\rpaenh.dll
C:\WINDOWS\system\RQSAPI16.DLL
C:\WINDOWS\system\RQSAPI16.DLL
C:\WINDOWS\system\RQSAPI16.DLL
C:\WINDOWS\system\RQSAPI16.DLL
C:\WINDOWS\system\RQSAPI32.DLL
C:\WINDOWS\system\RQSAPI32.DLL
C:\WINDOWS\system\RQSAPI32.DLL
C:\WINDOWS\system\RQSAPI32.DLL
C:\WINDOWS\system\RRCLTC3.DLL
C:\WINDOWS\system\RRCLTC3.DLL
C:\WINDOWS\system\RRCLTC3.DLL
C:\WINDOWS\system\RRCLTC3.DLL
C:\WINDOWS\system\scrmdll.dll
C:\WINDOWS\system\scrmdll.dll
C:\WINDOWS\system\scrmdll.dll
C:\WINDOWS\system\scrmdll.dll
C:\WINDOWS\system\SGSCRAP.DLL
C:\WINDOWS\system\SGSCRAP.DLL
C:\WINDOWS\system\SGSCRAP.DLL
C:\WINDOWS\system\SGSCRAP.DLL
C:\WINDOWS\system\SIHANNEL.DLL
C:\WINDOWS\system\SIHANNEL.DLL
C:\WINDOWS\system\SIHANNEL.DLL
C:\WINDOWS\system\SIHANNEL.DLL
C:\WINDOWS\system\SIMPAPI.DLL
C:\WINDOWS\system\SIMPAPI.DLL
C:\WINDOWS\system\SIMPAPI.DLL
C:\WINDOWS\system\SIMPAPI.DLL
C:\WINDOWS\system\slsif630.dll
C:\WINDOWS\system\slsif630.dll
C:\WINDOWS\system\slsif630.dll
C:\WINDOWS\system\slsif630.dll
C:\WINDOWS\system\SUSCRAP.DLL
C:\WINDOWS\system\SUSCRAP.DLL
C:\WINDOWS\system\SUSCRAP.DLL
C:\WINDOWS\system\SUSCRAP.DLL
C:\WINDOWS\system\SVDOCVW.DLL
C:\WINDOWS\system\SVDOCVW.DLL
C:\WINDOWS\system\SVDOCVW.DLL
C:\WINDOWS\system\SVDOCVW.DLL
C:\WINDOWS\system\SVFTPUB.DLL
C:\WINDOWS\system\SVFTPUB.DLL
C:\WINDOWS\system\SVFTPUB.DLL
C:\WINDOWS\system\SVFTPUB.DLL
C:\WINDOWS\system\SVNCENG.DLL
C:\WINDOWS\system\SVNCENG.DLL
C:\WINDOWS\system\SVNCENG.DLL
C:\WINDOWS\system\SVNCENG.DLL
C:\WINDOWS\system\SXI_CI32.DLL
C:\WINDOWS\system\SXI_CI32.DLL
C:\WINDOWS\system\SXI_CI32.DLL
C:\WINDOWS\system\SXI_CI32.DLL
C:\WINDOWS\system\SZSDETMG.DLL
C:\WINDOWS\system\SZSDETMG.DLL
C:\WINDOWS\system\SZSDETMG.DLL
C:\WINDOWS\system\SZSDETMG.DLL
C:\WINDOWS\system\TEPI.DLL
C:\WINDOWS\system\TEPI.DLL
C:\WINDOWS\system\TEPI.DLL
C:\WINDOWS\system\TEPI.DLL
C:\WINDOWS\system\TZOLHELP.DLL
C:\WINDOWS\system\TZOLHELP.DLL
C:\WINDOWS\system\TZOLHELP.DLL
C:\WINDOWS\system\TZOLHELP.DLL
C:\WINDOWS\system\UAL.DLL
C:\WINDOWS\system\UAL.DLL
C:\WINDOWS\system\UAL.DLL
C:\WINDOWS\system\UAL.DLL
C:\WINDOWS\system\UQDM16.DLL
C:\WINDOWS\system\UQDM16.DLL
C:\WINDOWS\system\UQDM16.DLL
C:\WINDOWS\system\UQDM16.DLL
C:\WINDOWS\system\VJ5DB.DLL
C:\WINDOWS\system\VJ5DB.DLL
C:\WINDOWS\system\VJ5DB.DLL
C:\WINDOWS\system\VJ5DB.DLL
C:\WINDOWS\system\VK5DB.DLL
C:\WINDOWS\system\VK5DB.DLL
C:\WINDOWS\system\VK5DB.DLL
C:\WINDOWS\system\VK5DB.DLL
C:\WINDOWS\system\vqunzip.dll
C:\WINDOWS\system\vqunzip.dll
C:\WINDOWS\system\vqunzip.dll
C:\WINDOWS\system\vqunzip.dll
C:\WINDOWS\system\WENNET16.DLL
C:\WINDOWS\system\WENNET16.DLL
C:\WINDOWS\system\WENNET16.DLL
C:\WINDOWS\system\WENNET16.DLL
C:\WINDOWS\system\wkpcd.dll
C:\WINDOWS\system\wkpcd.dll
C:\WINDOWS\system\wkpcd.dll
C:\WINDOWS\system\wkpcd.dll
C:\WINDOWS\system\WNNINET.DLL
C:\WINDOWS\system\WNNINET.DLL
C:\WINDOWS\system\WNNINET.DLL
C:\WINDOWS\system\WNNINET.DLL
C:\WINDOWS\system\wnpui.dll
C:\WINDOWS\system\wnpui.dll
C:\WINDOWS\system\wnpui.dll
C:\WINDOWS\system\wnpui.dll
C:\WINDOWS\system\wpstream.dll
C:\WINDOWS\system\wpstream.dll
C:\WINDOWS\system\wpstream.dll
C:\WINDOWS\system\wpstream.dll
C:\WINDOWS\system\WZBCHECK.DLL
C:\WINDOWS\system\WZBCHECK.DLL
C:\WINDOWS\system\WZBCHECK.DLL
C:\WINDOWS\system\WZBCHECK.DLL

************

Registry entries found:

[HKEY_CLASSES_ROOT\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}\InProcServer32]
@="C:\\WINDOWS\\SYSTEM\\DMBAND.DLL"
--
[HKEY_CLASSES_ROOT\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}\InProcServer32]
@="C:\\WINDOWS\\SYSTEM\\DMBAND.DLL"
--
[HKEY_CLASSES_ROOT\CLSID\{92187326-72B4-11d0-A1AC-0000F8026977}\InProcHandler32]
@="C:\\WINDOWS\\SYSTEM\\gchand.dll"
[HKEY_CLASSES_ROOT\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}\InProcServer32]
@="C:\\WINDOWS\\SYSTEM\\DMBAND.DLL"
--
[HKEY_CLASSES_ROOT\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}\InProcServer32]
@="C:\\WINDOWS\\SYSTEM\\DMBAND.DLL"
--
[HKEY_CLASSES_ROOT\CLSID\{92187326-72B4-11d0-A1AC-0000F8026977}\InProcHandler32]
@="C:\\WINDOWS\\SYSTEM\\gchand.dll"
[HKEY_CLASSES_ROOT\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}\InProcServer32]
@="C:\\WINDOWS\\SYSTEM\\DMBAND.DLL"
--
[HKEY_CLASSES_ROOT\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}\InProcServer32]
@="C:\\WINDOWS\\SYSTEM\\DMBAND.DLL"
--
[HKEY_CLASSES_ROOT\CLSID\{92187326-72B4-11d0-A1AC-0000F8026977}\InProcHandler32]
@="C:\\WINDOWS\\SYSTEM\\gchand.dll"
[HKEY_CLASSES_ROOT\CLSID\{AF3D92C0-F751-11D9-8D93-00D009D1AFD4}\InprocServer32]
@="C:\\WINDOWS\\SYSTEM\\MOCUIA32.DLL"
[HKEY_CLASSES_ROOT\CLSID\{AF3D92C0-F751-11D9-8D93-00D009D1AFD4}\InprocServer32]
@="C:\\WINDOWS\\SYSTEM\\MOCUIA32.DLL"
[HKEY_CLASSES_ROOT\CLSID\{AF3D92C0-F751-11D9-8D93-00D009D1AFD4}\InprocServer32]
@="C:\\WINDOWS\\SYSTEM\\MOCUIA32.DLL"
[HKEY_CLASSES_ROOT\CLSID\{AF3D92C0-F751-11D9-8D93-00D009D1AFD4}\InprocServer32]
@="C:\\WINDOWS\\SYSTEM\\MOCUIA32.DLL"


************

Killing Explorer
Done!

Killing Rundll32
Done!

Removing malicious CLSID(s)
Done!

Restarting Explorer
Done!

Deleting malicious files
Done!


Finished!
  • 0

#5
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Looks good. :tazz:

Can you post the fresh HijackThis log and let me know if the popups stopped.

Regards,

[EDITED] Noticed the log too late [/EDITED]

Edited by Metallica, 15 August 2005 - 07:49 AM.

  • 0

#6
Mikey127

Mikey127

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
no popups so far, thx ^^ ill post about in about 6hrs after work to see if anything happens
  • 0

#7
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
That's OK. :tazz:
  • 0

#8
Mikey127

Mikey127

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
no more popups/trojan warnings. thanks lol im cured
  • 0

#9
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
That's good to hear. :tazz:


Please have a look at my site for some tips on how to remove and prevent spyware.

Regards,
  • 0

#10
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP