Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Saturday 30.8.2025 / 01:25
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > can you help i have an msn virus
Show topics
 
Forums
Forums
can you help i have an msn virus
  Jump to:
 
Posted Message
missay
Newbie
_ 		22. January 2007 @ 09:00 _ Link to this message    Send private message to this user   
hi i have an email virus.. i dont speak english well and hope you can help me ... this is my hijack this log...

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\QXlhbiBNb2hhbW1vdWQgaGFjaGk\command.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\dcomcfg.exe
C:\WINDOWS\System32\atmclk.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ATITEC~1\ATICON~1\atiptaxx.exe
C:\PROGRA~1\USBSTO~1\shwicon.exe
C:\PROGRA~1\Java\JRE15~1.0_0\bin\jusched.exe
C:\PROGRA~1\COMMON~1\MICROS~1\WORKSS~1\WkUFind.exe
C:\PROGRA~1\MALWAR~1\MALWAR~1.EXE
C:\PROGRA~1\Picasa2\PICASA~2.EXE
C:\PROGRA~1\DRIVEC~1\UDC2006.exe
C:\PROGRA~1\COMMON~1\uiww\uiwwm.exe
C:\WINDOWS\System32\sysmsn.exe
C:\WINDOWS\System32\icpldrvx.exe
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe
C:\PROGRA~1\COMMON~1\Real\UPDATE~1\REALSC~1.EXE
C:\PROGRA~1\MALWAR~1\MALWAR~1.EXE
C:\PROGRA~1\DRIVEC~1\udc6cw.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\uiww\uiwwa.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.home.nl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door @Home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {73364D99-1240-4dff-B11A-67E448373048} - C:\WINDOWS\System32\ipv6monk.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Nothing - {f79fd28e-36ee-4989-aa61-9dd8e30a82fa} - C:\WINDOWS\System32\hp100.tmp
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SECRETSERVICE] C:\WINDOWS\System32\Ghost.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [REGEDIT] C:\DOCUME~1\EIGENA~1.003\LOCALS~1\Temp\IXP000.TMP\zlip.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [ISPSERVICE] C:\WINDOWS\System32\Ghost.exe
O4 - HKLM\..\Run: [Microsoft Updote] mod.exe
O4 - HKLM\..\Run: [Microsoft Machine Script] iexplorersis.exe
O4 - HKLM\..\Run: [AdobeReaderPro] msnzones.exe
O4 - HKLM\..\Run: [Windows Print Monitor] pia.exe
O4 - HKLM\..\Run: [MalwareWipe] C:\Program Files\MalwareWipe\MalwareWipe.exe /h
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [Avg Antivirus] C:\WINDOWS\System32\icpldrvx.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeReaderPros] sysmsn.exe
O4 - HKLM\..\Run: [Winsock2 driver] \SYSADW~1.EXE
O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe" /min
O4 - HKLM\..\Run: [udc6cw] "C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe" -c
O4 - HKLM\..\RunServices: [Microsoft Updote] mod.exe
O4 - HKLM\..\RunServices: [Microsoft Machine Script] iexplorersis.exe
O4 - HKLM\..\RunServices: [AdobeReaderPro] msnzones.exe
O4 - HKLM\..\RunServices: [Windows Print Monitor] pia.exe
O4 - HKLM\..\RunServices: [AdobeReaderPros] sysmsn.exe
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe\ers.exe" /min
O4 - HKCU\..\Run: [uiww] C:\PROGRA~1\COMMON~1\uiww\uiwwm.exe
O4 - Startup: Thumbs.db
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O14 - IERESET.INF: START_PAGE_URL=http://start.home.nl/
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_nl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache...tup1.0.0.15.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/08269801fe86...ip/RdxIE601.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.hotbar.com/installs/hbtools/programs/hbtools.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie...53541421d6ed125
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QXlhbiBNb2hhbW1vdWQgaGFjaGk\command.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


can you please help me and tell me what to delete
[ + quote]
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > can you help i have an msn virus
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork