please help

ooggieboogie · May 4, 2009

looking for virus ... computer will just go slow i have norton the new one and i got advanced system care v3 .. i run them both but my computer keeps messing up it will slow right down for a bit then go back to normal its strange its like some one else is on it at the same time ... i got a new ip adress so thats not hackers... windows live messenger keeps saying it cant be online from two places but its just me .. some times it sends out links on msn ... i do the two scanners and its still the same crap .. ive been having problems for a month i dont no wat it is ... please help me . oh i got vista . this is the scan report i got .
thanks alot.

Type Status Entry Describe
Process Unknown System No Record
Process S smss.exe Session Manager Subsystem
Process S csrss.exe Client/Server Runtime Server Subsystem
Process S csrss.exe Client/Server Runtime Server Subsystem
Process Unknown wininit.exe No Record
Process S winlogon.exe Windows Logon Process
Process S services.exe Windows Service Controller
Process S lsass.exe Local Security Service
Process Unknown lsm.exe No Record
Process S svchost.exe Service Host Process
Process S svchost.exe Service Host Process
Process S svchost.exe Service Host Process
Process S svchost.exe Service Host Process
Process S svchost.exe Service Host Process
Process Unknown audiodg.exe No Record
Process Unknown SLsvc.exe No Record
Process S svchost.exe Service Host Process
Process S svchost.exe Service Host Process
Process S spoolsv.exe Printer Spooler Service
Process S svchost.exe Service Host Process
Process Unknown IAANTmon.exe No Record
Process Unknown ijplmsvc.exe No Record
Process Unknown iWinGamesInstaller.exe No Record
Process Unknown LVPrcSrv.exe No Record
Process Unknown ccSvcHst.exe No Record
Process Unknown npkcmsvc.exe No Record
Process S svchost.exe Service Host Process
Process Unknown PSIService.exe No Record
Process Unknown RoxWatch9.exe No Record
Process Unknown SeaPort.exe No Record
Process S svchost.exe Service Host Process
Process Unknown TeamViewer_Service.exe No Record
Process Unknown ViewpointService.exe No Record
Process S svchost.exe Service Host Process
Process Unknown SearchIndexer.exe No Record
Process Unknown XAudio.exe No Record
Process S alg.exe Application-Level Gateways
Process Unknown taskeng.exe No Record
Process Unknown wmpnetwk.exe No Record
Process Unknown ccSvcHst.exe No Record
Process Unknown taskeng.exe No Record
Process Unknown taskeng.exe No Record
Process G AWC.exe Advanced WindowsCare
Process G explorer.exe Windows Explorer
Process Unknown dwm.exe No Record
Process Unknown msnmsgr.exe No Record
Process Unknown GoogleToolbarNotifier.exe No Record
Process Unknown IMVUClient.exe No Record
Process S conime.exe Console IME
Process Unknown IMVUQualityAgent.exe No Record
Process Unknown wlcomm.exe No Record
Services L GoogleUpdaterService.exe Related to Google_Updater_Service Note: Located in C:\Program Files\Google\Common\Google Updater\
Services L Iaantmon.exe Intel related
Services L IDriverT.exe Related to Macrovision Corporation.
Services Unknown IJPLMSVC.EXE No Record
Services Unknown iWinGamesInstaller.exe No Record
Services L LVPrcSrv.exe Related to Logitech QuickCam Provides additional configuration options for these devices.
Services L ccSvcHst.exe Related to Symantec_Lic_NetConnect service. Note: Located in \%Program Files%\Common Files\Symantec Shared\
Services L npkcmsvc.exe Related to KeyCrypt Encryption Manager Service from INCA Internet Co. Note: Located in \%WINDIR%\System32\
Services L PSIService.exe Added by the Protexis Note: Located in C:\Windows\System (Win9x/Me), C:\%WINDIR%\System32 (XP/WinNT/2K)
Services L RoxMediaDB9.exe Related to Roxio_Inc
Services L RoxWatch9.exe Related to Roxio_Inc
Services L stllssvr.exe Related to SureThing_CD_Labeler from MicroVision Development, Inc. designed for MP3 and DVD buffs Note: Located in C:\Program Files\Common Files\SureThing Shared\
Services Unknown TeamViewer_Service.exe No Record
Services O ViewpointService.exe Related to viewpoint which is usually considered foistware, usually installed with AOL
Services L wmpnetwk.exe Related to Windows_Media_Player Network Sharing Service. Note: Located in %ProgramFiles%\Windows Media Player\
Start UP Unknown background No Record
Start UP U GoogleToolbarNotifier.exe Companion to the Google Toolbar that lets you keep Google as your default search engine and prevents this setting from being changed without your consent. Shouldn't remain in memory after the feature is disabled as it's a bug - see here
Start UP Unknown auto No Record
Start UP Unknown ISUSPM.exe -startup No Record
BHO L 02478D38-C3F9-4efb-9B51-7695ECA05670 Ycomp*_*_*_*.dll, Ycomp*,*,*,*.dll, yt.dll - Yahoo Companion, http://companion.yahoo.com/
BHO L 06849E9F-C8D7-4D59-B87D-784B7D6BE0B3 AcroIEhelper.ocx, AcroIEhelper.dll - Adobe Acrobat reader, http://www.adobe.com/products/acrobat/readstep2.html
BHO L 2F364306-AA45-47B5-9F9D-39A8B94E7EF7 jccatch.dll - FlashGet, http://www.flashget.com/index_en.htm download manager
BHO L 3CA2F312-6F6E-4B53-A66E-4E65E497C8C0 LinkScannerIE.dll - LinkScanner, http://linkscanner.explabs.com/linkscanner/default.asp
BHO Unknown 5C255C8A-E604-49b4-9D64-90988571CECB No Record
BHO L 6D53EC84-6AAE-4787-AEEE-F4628F01010C IPSBHO.dll - Symantec Intrusion Prevention - see here, http://investor.symantec.com/phoenix.zhtml?c=89422&p=irol-newsArticle&ID=738300&highlight=
BHO Unknown 6EBF7485-159F-4bff-A14F-B9E3AAC4465B No Record
BHO L 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 ssv.dll - Related to Sun_Java_software, http://java.com/en/download/index.jsp
BHO L 9030D464-4C02-4ABF-8ECC-5164760863C6 WindowsLiveLogin.dll - Microsoft Windows_Live, http://ideas.live.com/
BHO L AA58ED58-01DD-4d91-8333-CF10577473F7 googletoolbar.dll, googletoolbar*.dll, googlenav.dll, googletoolbar_en_*.**-big.dll, googletoolbar_en_*.*.**-deleon.dll - Google Toolbar, http://toolbar.google.com/
BHO O AF69DE43-7D58-4638-B6FA-CE66B5AD205D swg.dll - Google Toolbar Notifier, http://googlesystem.blogspot.com/2006/07/google-is-your-default-search.html
BHO Unknown C84D72FE-E17D-4195-BB24-76C02E2E7C4E No Record
BHO L CA6319C0-31B7-401E-A518-A07C3DB8F777 GoogleAE.dll, GoogleAFE.dll, BAE.dll - Google.com Search related, found on Dell computers. Responsible for redirecting 404s to a Google/Dell placeholder web page
BHO Unknown DBC80044-A445-435b-BC74-9C25C1C588A9 No Record
BHO Unknown E15A8DC0-8516-42A1-81EA-DC94EC1ACF10 No Record
Tool Bar L E0E899AB-F487-11D5-8D29-0050BA6940E3 FGIEBAR.DLL - FlashGet, //www.flashget.com/index_en.htm download manager
Tool Bar L D0943516-5076-4020-A3B5-AEFAF26AB263 VeohToolbar.dll - Veoh, //www.veoh.com/ toolbar
Tool Bar Unknown 21FA44EF-376D-4D53-9B0F-8A89D3229068 No Record
Tool Bar L 2318C2B1-4965-11d4-9B18-009027A5CD4F googletoolbar.dll, googletoolbar*.dll, googlenav.dll, googletoolbar_en_*.**-big.dll, googletoolbar_en_*.*.**-deleon.dll - Google Toolbar, //toolbar.google.com/
Button Unknown {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} No Database
Button Unknown {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} No Database
Button Unknown {d9288080-1baa-4bc4-9cf8-a92d743db949} No Database
ActiveX X 1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB http://www.nwfusion.com/newsletters/web/2003/1208web2.html
ActiveX Unknown 8FFBE65D-2C9C-4669-84BD-5829DC0B603C No Record
ActiveX Unknown CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA No Record

chaslang · May 8, 2009

Welcome to Major Geeks!

Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.

If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.

TDSSserv Non-Plug & Play Driver Disable

If something does not run, write down the info to explain to us later but keep on going.

Do not assume that because one step does not work that they all will not.

READ & RUN ME FIRST. Malware Removal Guide

After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!

Helpful Notes:

If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.

To avoid additional delay in getting a response, it is strongly advised that after completing the READ & RUN ME you also read this sticky:

Don't Bump! It Only Hurts You!!!

Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.

Log in or Sign up

please help

ooggieboogie Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member