Subscribe RSS
Home > Hijackthis Log > HiJackThis Log - Download.Trojan - Pmnnn.dll

HiJackThis Log - Download.Trojan - Pmnnn.dll

The ewido and superantispyware programs caught a ton of malware. This uninstaller will remove all elements from all Kazaa versions, as well as all of the bundled software that comes with it. opium 22.07.2006 05:25 QUOTE(Don Pelotas @ 22.07.2006 02:46)Good, stay in safemode and do scan with Kaspersky, Ewido and SuperAntispyware, delete what they find, then in normal mode install that PrevX and Leave the scanning options at default and press "Click here to scan" to begin the scan. have a peek at these guys

Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra It seems that this worm is prettymuch gone, or atleast disfigured to such an extent that it can't function.As fot the prevx I have the trial setup downloaded and I'll install Hope someone would be able to help me out. There should be no need for a reboot...that's not part of the problem.

System still seems a little slow but it's not too big of a deal. Click OK to leave the Java Control Panel. ---------------------------------------------------------------------------------- Run a new HijackThis scan. actually i was able to sort it out after a whole days of hard research.

Click the Save as Text button to save the file to your desktop so that you may post it in your next reply * Turn off the real time scanner of Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\system32\bcihy.dll (file missing) O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft I tried to run adaware 2007, but it shuts down with error 6000. Share this post Link to post Share on other sites bucky    New Member Topic Starter Members 10 posts ID: 6   Posted February 21, 2008 ComboFix 08-02-21 - mERW 2008-02-20

I ran spybot s&d and it found and corrected some issues, but not the main issue. so i added the files to Vundo and removed the files forcefully.. It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence. --------------------------------------------------------------------------------------------- Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it. We are not here to pass judgment on file-sharing as a concept.

There are three options in the window to clear the cache - Leave ALL 3 CheckedDownloaded Applets Downloaded Applications Other Files Click OK on Delete Temporary Files Window Note: This deletes have almost every known malware on your system. Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later. Every site I have searched about this has people doing different things then finally it is resolved.

Start>Settings>Control Panel>Internet Options>General tab>under Temporary files, click on Delete Cookies. Share this post Link to post Share on other sites jpshortstuff    Regular Member Experts 88 posts Location: England ID: 9   Posted February 26, 2008 Hi, are you still after I would be glad to take a look at your log and help you with solving any malware problems. Ran vundofix.exe with the entries C:\windows\system32\mllji.dll and the 2nd entry of C:\winodws\system32\ijllm.dll.*.

Before using KazaaBegone, download WinsockFix just in case you need it (if it breaks your internet connection, run it). ---------------------------------------------------------------------------------- Download and install CleanUp! More about the author Run Hijackthis. I am going to bed for tonight, any suggestions I will try in the morning. Click Start.2.

Click the System Restore tab.4. Click Manage Attachments, a new window or tab will open. Once you have located the file, click SUBMIT and the content of the file will be uploaded by the site and analysed.4. check my blog Created on 07/28/2007 19:11:25Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:16:39 PM, on 7/28/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\CTSvcCDA.EXEC:\PROGRA~1\TRENDM~1\INTERN~3\PcCtlCom.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\WINDOWS\SOUNDMAN.EXEC:\WINDOWS\ALCWZRD.EXEC:\Program Files\Common Files\New

Quote Report Back to top Posted 4/22/2007 6:10 PM #46310 varora Member Date Joined Nov 2016 Total Posts: 2 hi there thanks a lot for your response. This may mean that my replies may take a little longer.jpshortstuff Share this post Link to post Share on other sites jpshortstuff    Regular Member Experts 88 posts Location: England ID: Speedy Gonzales19-10-2005, 10:20 AMLooks like this pmnnn.dll is part of Winfixer, some kind of Malware.

I also ran the latest stinger and it could not find the virus.

Press the CleanUp! In the last 3 days there were 0 new threads and 0 reply posts. Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? Updating Java: Go to Start > Control Panel double-click on the Software icon > add/remove programs.

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dllO4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exeO4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXEO4 - HKLM\..\Run: [SunKistEM] Unfortunately it did not let me save a report. Inc. - C:\WINDOWS\system32\YPCSER~1.EXE--End of file - 10677 bytes Back to top BC AdBot (Login to Remove) Register to remove ads #2 __RiP_ChAiN_ __RiP_ChAiN_ Eh, whatever goes here. news If someone got my college pw and change dit they could drop all my classes, so I had to check :(.

Please post the contents of C:\vundofix.txt and a new HiJackThis log. If you are asked to reboot the machine choose Yes.) Click the red Moveit! Then from your desktop double-click on jre-6u1-windows-i586-p.exe to install the newest version Please download Combofix:[/color][/url] and save to the desktop. 1. This is a lot to do, and will take you several hours.....please take your time, read the instructions carefully, and proceed step by step.

Thanks in advance.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:59:40 AM, on 7/28/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\CTSvcCDA.EXEC:\WINDOWS\Explorer.EXEC:\PROGRA~1\TRENDM~1\INTERN~3\PcCtlCom.exeC:\Program Files\Common Files\New Back to top #6 mlott132 mlott132 Topic Starter Members 8 posts OFFLINE Local time:12:24 PM Posted 28 July 2007 - 07:21 PM Here are the results from runnig otmoveit and This sucks :( I never get viruses :( I got it from a false email from our network administator here at college. If you are not logged in as an Administrator, the System Restore tab will not be displayed.

Use File, Exit to terminate Spybot Reboot your machine for the changes to take effect.Download ComboFix by sUBs from here or here**Save it to your desktop**Double click on ComboFix.exe & follow I have tried Vundo and DrWeb several times in normal mode as well as safe mode but they seem to comeback on restarting Now I downloaded the Hijackthis and posting the Here is the ouput of my hijackthis.


© Copyright 2017 All rights reserved.