Technology Forum

ok i got a virtumonde in my system32 and its been affecting my lsass.exe in windows task manager it keeps making it have a high cpu usage and slows down my comp what i did to temporarily fix it was open my avg and i would try to delete (wouldn't go away) and it would close lsass.exe and restart my comp and not high cpu usage but i still have the virus in my system32 and i've done scans with a squared and its in a few files " nnnLEULd.dll, lshimveu.dll, nnnmNHxy.dll i've searched online for help about these files but it seems like these files were made? cause no one has these files when i check google (no search results) also i've checked and it says that the virtumonde can make mozilla not work (1 of my favorite browsers) and lately since i updated to 3.0 google and other search engines won't work (just keeps saying loading) and some websites won't work either and i've asked some ppl on here what is better avg or avast! and they gave me another antivirus that just keep showing the virus and it wasn't deleted and i don't know how to fix this damn virus i would really like it if someone could help me also my avg and other tray icons has disappeared and i got this ballon thing that says my auto updates are turned off and i checked them in another place and they said they were on (this isn't antivirus virus i got rid of that along time ago) .... and here is my highjackthis log >>>> Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:06:11 PM, on 23/07/2008 Platform: windows xp SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\pmonsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\pmhk.exe C:\WINDOWS\system32\indis.exe C:\PROGRAM FILES\A-SQUARED FREE\A2FREE.EXE C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Safari\Safari.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: ALPassHelper Class - {00533B73-E574-46E9-B06A-FDF4592E67CB} - C:\Program Files\ESTsoft\ALPass\ApsHelper14.dll O2 - BHO: (no name) - {07830ED8-708B-44D8-A10C-70B39DE9CE92} - C:\WINDOWS\system32\ddcASMDW.dll (file missing) O2 - BHO: (no name) - {39539CB0-D836-4955-879E-FDBEC9D7EA1D} - (no file) O2 - BHO: (no name) - {4DE45415-F2C9-4FC4-A372-AFBE51948E8D} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {54C373CC-D430-4B9D-93F9-334518347ADC} - (no file) O2 - BHO: (no name) - {57D10F85-165C-4DB4-91C6-DEBDE891B3C1} - C:\WINDOWS\system32\nnnLEULd.dll O2 - BHO: (no name) - {5837B73F-7D3D-4173-8CE8-14E19889ADB4} - (no file) O2 - BHO: (no name) - {72E3EF62-B352-4671-9CB6-C19025EE0916} - (no file) O2 - BHO: (no name) - {764AA926-46E5-4266-9144-8B1DCDE27272} - (no file) O2 - BHO: (no name) - {7D1DE138-6795-48C8-92B3-55D7C7D53ECE} - (no file) O2 - BHO: (no name) - {80605A66-DCFA-4E34-A65D-B1D9A24982E5} - (no file) O2 - BHO: (no name) - {8E74ED98-E2C5-48C1-AB1B-D001D4DCD19B} - (no file) O2 - BHO: (no name) - {906DA81E-496D-4B0E-B447-A1A91F811E8A} - (no file) O2 - BHO: dcads - {94df42c8-aa5d-448a-84b6-e79da86459c9} - C:\WINDOWS\system32\nso29C.dll O2 - BHO: (no name) - {99F7A41E-2727-42A4-8357-AF4D89831659} - (no file) O2 - BHO: {14d5d927-e00b-fb39-eee4-459cbef858aa} - {aa858feb-c954-4eee-93bf-b00e729d5d41} - C:\WINDOWS\system32\qhnoah.dll O2 - BHO: (no name) - {ACD056AC-F9EE-41E4-9138-8133957EE4C2} - (no file) O2 - BHO: (no name) - {E154318A-BFE4-4CD9-B03D-A79723123592} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [f0a2ade0] rundll32.exe "C:\WINDOWS\system32\capjxpoy.dll",b O4 - HKLM\..\Run: [BMf3919e7c] Rundll32.exe "C:\WINDOWS\system32\lqtwvkwf.dll",s O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O20 - Winlogon Notify: nnnLEULd - C:\WINDOWS\SYSTEM32\nnnLEULd.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: COM Host (comHost) - CMD Technology, Inc. - (no file) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Profile Monitor (PMonSvc) - Salience Corporation - C:\WINDOWS\system32\pmonsvc.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Silicon Integrated Systems Corporation - (no file) O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Adaptec, Inc. - (no file) -- End of file - 5669 bytes plz if u can help me i would gladly appreciate it