Hey everyone, i have just fixed my computer, had 2 wipe everything and now after a few days i have had some probs with viruses/trojans maybe. I havent had time 2 install my firewall software and already got some probs. My windows firewall keeps getting switched off, i get loads of popups and my internet connection is running fine but my pages r very slow, maybe other probs but that seems what my small knowledge so far can muster.

I think some of the probs will be that from my previous bk up restore in windows i had limewire n winmx installed and that was my last restore point so when i restored bk to that point i had these problems maybe....?

Attached is my log, any help would be greatly appreciated, thanku!!!!

Attached Files

hijackthis.log (7.8 KB, 2 views)

Hya Edgie , welcome to PCHF.

You have indeed a hole bunch of unwanted guests on there.



First uninstall "Network Monitor" in add/remove programs if present.

Download the Hoster from here. Press "Restore Original Hosts" and press "OK". Exit Program. This will restore the original Hosts file.

Download and run delcmdservice.zip
Unzip to youre desktop , open the folder and doubleclick on delreg.bat.

And also run these 3 tools:
http://securityresponse.symantec.com...r/FxDtcmtb.exe
http://www.softpedia.com/get/Antivir...val-Tool.shtml
http://www.simplytech.it/L2MRemover/index_e.htm

Then after that please follow the "Prework" instructions (see link below in my sig) and post back the Ewido log and a new hjt log.

Also you have no AV and firewall installed , you already mentioned the firewall , you really should install those first before connecting to the net to prevent problems like this. Have a look in our download section for free AV's and firewalls.


Also windows is not updated , but you should wait with updating that untill youre pc is malware free.

Hey, thankyou for your quick response!!

I followed your instructions and guide!!

My internet although running quickly in the status bar, webpages take a long time to load if they load at all and also i keep getting kicked out of msn, not sure if these have any significance or not, i still seem 2 be getting popups and stuff.

There was one problem i missed out, when i log on and start up my computer, a ms dos prompt pops up called dl.exe, this file seems 2 get everywhere, on my other users desktops, in random folders, it even appeared in my hjt folder and as soon as a started hijackthis up, dl.exe popped up again......?

Oh and another thing, when i used that program to replace my hosts file, i tried 2 use it again to check and it had a list of websites on it that i think were some of the popups i get, so i replaced it again and made it read only and it got rid of all the website n ip addresses, i tried it again later and the list of websites were bk on my hosts file??
Here r both of my logs from ewido and hjt

Thankyou for your help!!

Attached Files

	hijackthis1.txt (5.0 KB, 1 views)
	Scan report_20060316.txt.txt (15.0 KB, 1 views)

It looks alot better already.

First run the Look2me remover again , then boot in safemode and fix these with hjt:
(if still present)

Delete the folder in bold , and run Ccleaner again.

And also run Hoster again to be sure since it gave some problems the first time , i dont see any wrong hosts entrys in youre log anymore but it never hurts.

Then reboot to normal mode and run a Panda AV scan here:

http://www.pandasoftware.com/products/activescan

And save the log from it.
That should get rid of that dl.exe (W32.Bagz@mm worm) problem.


When done , please post the Panda log , and a new hjt log.