I cant open programs in my pc such as: spybot, AVG and adaware..
Now its infested with spywares and many other nonsense. I gotta rename hijackthis file to something else in order for it to run.. So i scanned both my C and D drive just in case.
Logfile of HijackThis v1.99.1
Scan saved at 11:20:26 PM, on 8/24/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
D:\WINNT\System32\smss.exe
D:\WINNT\system32\winlogon.exe
D:\WINNT\system32\services.exe
D:\WINNT\system32\lsass.exe
D:\WINNT\system32\Ati2evxx.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\system32\spoolsv.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\WINNT\system32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\WINNT\system32\MSTask.exe
D:\Program Files\Spyware Doctor\sdhelp.exe
D:\WINNT\System32\WBEM\WinMgmt.exe
D:\WINNT\system32\Ati2evxx.exe
D:\WINNT\system32\chh.exe
D:\WINNT\Explorer.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\WINNT\system32\soundmax.exe
D:\WINNT\system32\rundll32.exe
C:\nwnmff_12.exe
C:\dfndrff_12.exe
C:\kybrdff_12.exe
D:\winnt\system32\stonedrv.exe
D:\winnt\system32\taskmgn.exe
D:\WINNT\system32\rpcc.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINNT\system32\cmd.exe
D:\WINNT\system32\cscript.exe
D:\Stupid.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R3 - URLSearchHook: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - D:\Program Files\Deskbar\deskbar.dll
F2 - REG:system.ini: Shell=Explorer.exe chh.exe
F2 - REG:system.ini: UserInit=D:\WINNT\system32\userinit.exe,chh.exe
O1 - Hosts: 235.214.107.41 http://www.virustotal.com
O1 - Hosts: 33.3.169.44 virusscan.jotti.org
O1 - Hosts: 95.95.239.187 sandbox.norman.no
O1 - Hosts: 236.16.252.76 http://www.symantec.com
O1 - Hosts: 81.237.212.190 securityresponse.symantec.com
O1 - Hosts: 153.77.69.6 symantec.com
O1 - Hosts: 101.81.142.37 http://www.sophos.com
O1 - Hosts: 51.92.5.83 sophos.com
O1 - Hosts: 22.84.63.236 http://www.mcafee.com
O1 - Hosts: 204.205.34.167 mcafee.com
O1 - Hosts: 243.212.96.143 liveupdate.symantecliveupdate.com
O1 - Hosts: 61.96.74.78 http://www.viruslist.com
O1 - Hosts: 104.47.238.203 viruslist.com
O1 - Hosts: 109.147.117.22 f-secure.com
O1 - Hosts: 13.244.51.53 http://www.f-secure.com
O1 - Hosts: 57.5.230.76 kaspersky.com
O1 - Hosts: 17.115.16.33 http://www.avp.com
O1 - Hosts: 90.161.208.139 http://www.kaspersky.com
O1 - Hosts: 50.145.99.80 avp.com
O1 - Hosts: 233.168.246.216 http://www.networkassociates.com
O1 - Hosts: 64.114.128.249 http://www.ca.com
O1 - Hosts: 236.121.110.141 ca.com
O1 - Hosts: 54.114.43.161 mast.mcafee.com
O1 - Hosts: 118.182.103.146 my-etrust.com
O1 - Hosts: 221.234.42.53 http://www.my-etrust.com
O1 - Hosts: 78.49.5.243 download.mcafee.com
O1 - Hosts: 11.207.240.9 dispatch.mcafee.com
O1 - Hosts: 185.176.201.53 secure.nai.com
O1 - Hosts: 219.150.202.149 nai.com
O1 - Hosts: 192.252.18.2 http://www.nai.com
O1 - Hosts: 21.236.30.16 update.symantec.com
O1 - Hosts: 19.195.32.170 updates.symantec.com
O1 - Hosts: 130.65.67.206 us.mcafee.com
O1 - Hosts: 115.196.49.111 liveupdate.symantec.com
O1 - Hosts: 117.157.101.252 customer.symantec.com
O1 - Hosts: 183.213.47.157 rads.mcafee.com
O1 - Hosts: 68.79.239.155 trendmicro.com
O1 - Hosts: 211.47.228.251 http://www.trendmicro.com
O2 - BHO: (no name) - {61CD4101-FB0D-4316-8FFA-A1010BC677B3} - D:\WINNT\system32\awtqn.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-sg\msntb.dll
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - D:\Program Files\ToolBar888\MyToolBar.dll
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - D:\Program Files\TheSearchAccelerator\UCMTSAIE.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Soundmax Audio Drivers] soundmax.exe
O4 - HKLM\..\Run: [WinDLL (nope.dll)] rundll32.exe D:\WINNT\system32\nope.dll,start
O4 - HKLM\..\Run: [newname] C:\\nwnmff_12.exe
O4 - HKLM\..\Run: [defender] C:\\dfndrff_12.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_12.exe
O4 - HKLM\..\Run: [stonedrv] d:\winnt\system32\stonedrv.exe
O4 - HKLM\..\Run: [Windows Task Manager] d:\winnt\system32\taskmgn.exe
O4 - HKLM\..\RunServices: [Ms Java for Windows NT] 86541_netapi.exe
O4 - HKLM\..\RunServices: [Soundmax Audio Drivers] soundmax.exe
O4 - HKLM\..\RunServices: [stonedrv] d:\winnt\system32\stonedrv.exe
O4 - HKLM\..\RunServices: [Asus MotherBoard Utility] asus.exe
O4 - HKLM\..\RunServices: [Windows firewall manager] chh.exe
O4 - HKCU\..\Run: [Internet Explorer6.0] iexplore.exe
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Soundmax Audio Drivers] soundmax.exe
O4 - HKCU\..\Run: [stonedrv] d:\winnt\system32\stonedrv.exe
O4 - HKCU\..\Run: [shell] "D:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00013.exe"
O4 - HKCU\..\RunServices: [Ms Java for Windows NT] 17751_netapi.exe
O4 - HKCU\..\RunServices: [Asus MotherBoard Utility] asus.exe
O4 - HKCU\..\RunServices: [Windows firewall manager] chh.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = D:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4774493781
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5036379656
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://D:\TempEI4\EI40_\msxml4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{63237AC7-4347-480A-BEF0-A947B53D157E}: NameServer = 165.21.100.88 165.21.83.88
O20 - Winlogon Notify: awtqn - D:\WINNT\system32\awtqn.dll
O20 - Winlogon Notify: Installer - D:\WINNT\system32\l44q0eh5eh4.dll
O20 - Winlogon Notify: Internet Settings - D:\WINNT\system32\rwm.dll (file missing)
O20 - Winlogon Notify: IPConfMSP - D:\WINNT\system32\gppml3711.dll (file missing)
O20 - Winlogon Notify: Nls - D:\WINNT\system32\hwd.dll (file missing)
O20 - Winlogon Notify: policies - D:\WINNT\system32\iocvid.dll (file missing)
O20 - Winlogon Notify: Reliability - D:\WINNT\system32\mfdtcui.dll (file missing)
O20 - Winlogon Notify: Syncmgr - D:\WINNT\system32\k0lq0a35ed.dll (file missing)
O20 - Winlogon Notify: WindowsUpdate - D:\WINNT\system32\k0lq0a35ed.dll (file missing)
O21 - SSODL: SysTray - {E61B5E20-DE35-11CF-9C87-1579005127ED} - D:\WINNT\system32\msc.cpl
O21 - SSODL: msp.cpl - {E21B5E20-DE35-11CF-9C87-157900512701} - D:\WINNT\system32\msp.cpl
O23 - Service: 62804 - Unknown owner - \\220.255.25.200\Admin$\eraseme_40880.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINNT\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - D:\WINNT\System32\dmadmin.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - D:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Windows Vista/NT Runtime Compatibility Service (ntrcs) - Unknown owner - D:\WINNT\system32\7.tmp (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Windows Genuine Advantage Registration Service (wgareg) - Unknown owner - D:\WINNT\system32\wgareg.exe
O23 - Service: Microsoft Windows Spooler Service (Windows Spooler Service) - Unknown owner - D:\WINNT\services.exe (file missing)