Odd trojan.. HJT and screenshot included

Hey there,

I'm a new member to the forums, looking for some help.

I recently moved to a new house. As soon as I se up the internet connection in there, I began to have trouble with my connectivity on my desktop. I find my connection to be extremely inconsistent and unreliable. There's definitely a reduction in speed, and a lot of time, I can't even get to a website at all. The browser gives me the regular page not found error. It's really wierd - sometimes it works, but a lot of the time, I might as well be disconnected. I have a cable connection with Comcast. I've done the ipconfig release & renews, and I know for a fact that I'm able to ping to my modem successfully. Also, I know that my service is not a problem, because I've tried the same connection on 3 other laptops, and the internet works fine on them.

This has lead me to believe that it's probably a worm or trojan. I remember shortly before moving, whenever all my browsers ( I use firefox & IE) were closed, task manager still listed IEXPLORE.EXE as open. Trying to shut down the process didn't work; it would start back up immediately. This seems evidence enough that there's another background process doing the dirty work.

The link takes you to a screenshot of a list of processes on my computer, dated today. Please note that I had my browsers closed, but IEXPLORE.EXE is still apparently running.

https://umdrive.memphis.edu/sgonslvs/public/1.bmp

Below is my HJT log, scanned today. Any help I can get on fixing this would be appreciated.

Oh, one more thing - I tried running Lavasoft Adware and Norton's AV in safe mode. Adware detected nothing, NAV picked up a Trojan Horse in a subdirectory of my /System32 directory. I forget the name of the file, but i know it was a wmip****.dll file, that when I googled a few days ago, was listed as a known trojan. I'm sorry this sounds so vague, but I'm posting this from work, and don't know the exact details right this second.

Also, I won't be able to go home till later tonight, so I won't be able to try anything out you guys advise till tonight. So please bear with me about the slow responses.

Once again, thanks a lot for you help in advance.

Hello and welcome to Techspot.

Your system is infected with quite a few nasties.

Go HERE and follow the instructions exactly.

Post fresh HJT and Ewido logs as attachments into this thread, only after doing the above.

Regards Howard :wave: :wave:

This thread is for the use of Zandro only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.