You freakin rawk. Thank you so much. No pop ups anymore!!!!!!
Here's my L2Me log...
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 6/8/2006 4:52:05 PM
Infected! C:\WINDOWS\system32\s288lclu1fq8.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015528.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015540.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015561.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015565.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015577.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015581.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015591.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015638.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015648.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015711.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015726.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015730.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015770.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015772.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015888.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015893.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015924.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015971.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015984.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015988.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015995.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0016017.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0016021.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016048.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016053.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016061.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016066.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016073.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016074.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016079.dll
Infected! C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016083.dll
Infected! C:\WINDOWS\system32\dnutil.dll
Infected! C:\WINDOWS\system32\e8jm0i11e8.dll
Infected! C:\WINDOWS\system32\kodsl.dll
Infected! C:\WINDOWS\system32\kvdukx.dll
Infected! C:\WINDOWS\system32\pFnmap.dll
Infected! C:\WINDOWS\system32\s288lclu1fq8.dll
Infected! C:\WINDOWS\system32\wfiscmgr.dll
Attempting to delete infected files...
Attempting to delete: C:\WINDOWS\system32\s288lclu1fq8.dll
C:\WINDOWS\system32\s288lclu1fq8.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015528.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015528.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015540.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015540.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015561.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015561.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015565.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015565.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015577.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015577.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015581.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015581.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015591.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP254\A0015591.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015638.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015638.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015648.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015648.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015711.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015711.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015726.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015726.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015730.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP255\A0015730.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015770.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015770.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015772.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015772.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015888.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015888.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015893.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015893.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015924.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP256\A0015924.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015971.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015971.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015984.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015984.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015988.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015988.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015995.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0015995.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0016017.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0016017.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0016021.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP257\A0016021.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016048.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016048.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016053.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016053.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016061.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016061.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016066.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016066.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016073.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016073.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016074.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016074.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016079.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016079.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016083.dll
C:\System Volume Information\_restore{DCE2DC31-8FBB-445F-A9EC-354D1801E59B}\RP258\A0016083.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\dnutil.dll
C:\WINDOWS\system32\dnutil.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\e8jm0i11e8.dll
C:\WINDOWS\system32\e8jm0i11e8.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\kodsl.dll
C:\WINDOWS\system32\kodsl.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\kvdukx.dll
C:\WINDOWS\system32\kvdukx.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\pFnmap.dll
C:\WINDOWS\system32\pFnmap.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\s288lclu1fq8.dll
C:\WINDOWS\system32\s288lclu1fq8.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\wfiscmgr.dll
C:\WINDOWS\system32\wfiscmgr.dll Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\BITS
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{224CADA4-A287-43AD-9D41-F78123C766F4}"
HKCR\Clsid\{224CADA4-A287-43AD-9D41-F78123C766F4}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{CAC2C2E5-1F39-4BE2-85EF-844A692209FC}"
HKCR\Clsid\{CAC2C2E5-1F39-4BE2-85EF-844A692209FC}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrators - Succeeded
Here's my HJT Log....
Logfile of HijackThis v1.99.1
Scan saved at 5:13:11 PM, on 6/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\MSSQL7\binn\sqlservr.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\TalktoDino\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1\bin\npjpi141.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1\bin\npjpi141.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) -
http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) -
http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
http://www.symantec....rl/SymAData.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
Anything else I need to do?