this computer has been actin screwed up for a while...I did everything I could possibly think of to fix it but yea it's better but not runnin like it's suppose to so I think it has things the virus/spyware programs aren't detecting. I even deleted XP and installed windows Vista!!! I can't do anything else with it. I even fixed the registry...I'm lost haha HELP!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:00:16 AM, on 8/3/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - http://h20264.www2.hp.com/ediags/dd/instal...osticsVista.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} - http://h20264.www2.hp.com/ediags/dd/instal...osticsVista.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 5015 bytes
Full Version: trojan horse downloader.wimad.E
Isn't someone gonna help me with my last post...there has to be someone that knows...haha PLEASE!!!
Hey darkenedworld666,
QUOTE
this computer has been actin screwed up for a while...I did everything I could possibly think of to fix it but yea it's better but not runnin like it's suppose to so I think it has things the virus/spyware programs aren't detecting. I even deleted XP and installed windows Vista!!! I can't do anything else with it. I even fixed the registry...I'm lost haha HELP!!
Can you tell me what you mean with acting screwed up? What happpens? When did you install Vista? Vista is way more secure from the ground up, and as your log looks clean so far I am not sure what the problem is, or even if it is malware related.QUOTE (Bobbi Flekman @ Aug 6 2008, 05:39 AM) 
Hey darkenedworld666,
QUOTE
this computer has been actin screwed up for a while...I did everything I could possibly think of to fix it but yea it's better but not runnin like it's suppose to so I think it has things the virus/spyware programs aren't detecting. I even deleted XP and installed windows Vista!!! I can't do anything else with it. I even fixed the registry...I'm lost haha HELP!!
Can you tell me what you mean with acting screwed up? What happpens? When did you install Vista? Vista is way more secure from the ground up, and as your log looks clean so far I am not sure what the problem is, or even if it is malware related.Yea the internet is mad slow now it takes a long time for me to even open the internet. Sometimes the internet will keep loading more windows that it should like last time 23 internet explorers opened that was unbelieveable. I put windows vista on 2 months ago or so. The computer itself is being really slow. things just take a really long time loading up especialy when I sign on. This wasn't like this before it just started happening last month or so. I got more than a enough CPU space I keep it cleaned up, I do daily scans and hard drive cleans, and registry fixes. I just don't understand I'm really good with computers so I don't want you thinking I'm computer illiterate so don't think that. I just can't think of anything else to do so I'm turning to you guys for help... so I hope you can help haha have a good one
Hey darkenedworld666,
Are you on a wireless network? I know that those are sometimes extremely slow to build-up. Let's see if this shows something.
Download Deckard's System Scanner (DSS) from here
http://www.techsupportforum.com/sectools/Deckard/dss.exe and Save to your Desktop.
(Note: You must be logged onto an account with administrator privileges).
By the way I am out of the country this weekend. I am back on monday. Enjoy the weekend.
Are you on a wireless network? I know that those are sometimes extremely slow to build-up. Let's see if this shows something.
Download Deckard's System Scanner (DSS) from here
http://www.techsupportforum.com/sectools/Deckard/dss.exe and Save to your Desktop.
(Note: You must be logged onto an account with administrator privileges).
- Close all applications and windows.
- Double-click on dss.exe to run it, and follow the prompts. OK what it wants to do.
- When the scan is complete, two text files will open
main.txt <- this one will be maximized
extra.txt <- this one will be minimized
( Default location for both files is C:\Deckard\SystemScanner ) - Copy/Paste the contents of main.txt and extra.txt into your next post please.
By the way I am out of the country this weekend. I am back on monday. Enjoy the weekend.
QUOTE (Bobbi Flekman @ Aug 8 2008, 07:21 AM)
Hey darkenedworld666,
Are you on a wireless network? I know that those are sometimes extremely slow to build-up. Let's see if this shows something.
Download Deckard's System Scanner (DSS) from here
http://www.techsupportforum.com/sectools/Deckard/dss.exe and Save to your Desktop.
(Note: You must be logged onto an account with administrator privileges).
By the way I am out of the country this weekend. I am back on monday. Enjoy the weekend.
Are you on a wireless network? I know that those are sometimes extremely slow to build-up. Let's see if this shows something.
Download Deckard's System Scanner (DSS) from here
http://www.techsupportforum.com/sectools/Deckard/dss.exe and Save to your Desktop.
(Note: You must be logged onto an account with administrator privileges).
- Close all applications and windows.
- Double-click on dss.exe to run it, and follow the prompts. OK what it wants to do.
- When the scan is complete, two text files will open
main.txt <- this one will be maximized
extra.txt <- this one will be minimized
( Default location for both files is C:\Deckard\SystemScanner ) - Copy/Paste the contents of main.txt and extra.txt into your next post please.
By the way I am out of the country this weekend. I am back on monday. Enjoy the weekend.
Hey no I'm not on a wireless network and your url didn't work....Sorry I haven't been online in awhile to reply to you. Well get back at me with a workin URL thanks
Hiya...
I thought you were gone.
Save Silent Runners.vbs to your desktop and double click on it to run. This will make a file called something like "Startup Programs (UserName) DateTime.txt". Double click on it, so it'll open in Notepad. Post the text here.
I thought you were gone.
QUOTE (darkenedworld666 @ Aug 24 2008, 12:28 AM)
Hey no I'm not on a wireless network and your url didn't work....Sorry I haven't been online in awhile to reply to you. Well get back at me with a workin URL thanks
Yeah.... two days after I posted the link they took the program down because it inadvertently killed some computers. I expected you to be one of them since you didn't reply. Let's try a different scanner:Save Silent Runners.vbs to your desktop and double click on it to run. This will make a file called something like "Startup Programs (UserName) DateTime.txt". Double click on it, so it'll open in Notepad. Post the text here.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.