i couldnt open my task manager so i downloaded security task manager.
it shows 2 files name is:
name is: process id 1812
C:\WINDOWS\SYSTEM32\MOULEDLG.EXE
and the text within the files says Error: The system cannot find the file specified.
well its there cause its running a process....
name is: proccess id 3356
C:\PROGRAM FILES\AIMFTNYX\DAVKRSRC.EXE
Error: The system cannot find the file specified
both of these when i try to kill process just come back somehow... i ran spyware doctor and it doesnt find anything...
and then i have a process
C:\Program Files\winupdates\winupdates.exe
which seems to be wierd since it takes 93% of my cpu
under the security rating it says functions: monitor and inpute data.
my hjk log is:
Logfile of HijackThis v1.99.1
Scan saved at 7:02:09 PM, on 10/26/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\wnntwbm.exe
C:\Program Files\winupdates\winupdates.exe
C:\program files\advanced system optimizer\memtuneup.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\U29rb2wA\command.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Security Task Manager\TaskMan.exe
C:\Documents and Settings\Sokol\Desktop\HijackThis.exe
N3 - Netscape 7: # Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the browser is running,
* the changes will be overwritten when the browser exits.
*
* To make a manual change to preferences, you can visit the URL about:config
* For more information, see http://www.mozilla.org/unix/customizing.html#prefs
*/
user_pref("browser.activation.checkedNNFlag", true);
user_pref("browser.bookmarks.added_static_root", true);
user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src");
user_pref("browser.startup.homepage_override.mstone", "rv:1.7.2");
user_pref("dom.disable_open_during_load", true);
user_pref("intl.charsetmenu.browser.cache", "ISO-8859-1");
user_pref("network.cookie.prefsMigrated", true);
user_pref("prefs.converted-to-utf8", true);
user_pref("privacy.popups.first_popup", false);
user_pref("signon.SignonFileName", "6785254.s");
user_pref("browser.helperApps.neverAsk.openFile", "app
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [wnntwbm] C:\WINDOWS\wnntwbm.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKCU\..\Run: [Systweak Memory Optimizer] c:\program files\advanced system optimizer\memtuneup.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\U29rb2wA\command.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Windows Tracks Washer Registry Service (WTWService) - Unknown owner - C:\Program Files\Windows Tracks Washer\washservice.exe (file missing)
it shows 2 files name is:
name is: process id 1812
C:\WINDOWS\SYSTEM32\MOULEDLG.EXE
and the text within the files says Error: The system cannot find the file specified.
well its there cause its running a process....
name is: proccess id 3356
C:\PROGRAM FILES\AIMFTNYX\DAVKRSRC.EXE
Error: The system cannot find the file specified
both of these when i try to kill process just come back somehow... i ran spyware doctor and it doesnt find anything...
and then i have a process
C:\Program Files\winupdates\winupdates.exe
which seems to be wierd since it takes 93% of my cpu
under the security rating it says functions: monitor and inpute data.
my hjk log is:
Logfile of HijackThis v1.99.1
Scan saved at 7:02:09 PM, on 10/26/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\wnntwbm.exe
C:\Program Files\winupdates\winupdates.exe
C:\program files\advanced system optimizer\memtuneup.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\U29rb2wA\command.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Security Task Manager\TaskMan.exe
C:\Documents and Settings\Sokol\Desktop\HijackThis.exe
N3 - Netscape 7: # Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the browser is running,
* the changes will be overwritten when the browser exits.
*
* To make a manual change to preferences, you can visit the URL about:config
* For more information, see http://www.mozilla.org/unix/customizing.html#prefs
*/
user_pref("browser.activation.checkedNNFlag", true);
user_pref("browser.bookmarks.added_static_root", true);
user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src");
user_pref("browser.startup.homepage_override.mstone", "rv:1.7.2");
user_pref("dom.disable_open_during_load", true);
user_pref("intl.charsetmenu.browser.cache", "ISO-8859-1");
user_pref("network.cookie.prefsMigrated", true);
user_pref("prefs.converted-to-utf8", true);
user_pref("privacy.popups.first_popup", false);
user_pref("signon.SignonFileName", "6785254.s");
user_pref("browser.helperApps.neverAsk.openFile", "app
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [wnntwbm] C:\WINDOWS\wnntwbm.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKCU\..\Run: [Systweak Memory Optimizer] c:\program files\advanced system optimizer\memtuneup.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\U29rb2wA\command.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Windows Tracks Washer Registry Service (WTWService) - Unknown owner - C:\Program Files\Windows Tracks Washer\washservice.exe (file missing)
