Damn trojan!! help me boys!

installed a software adn the forum i donwlaoded it fdrom say it has a trojan. can u search me?

Logfile of HijackThis v1.99.1
Scan saved at 22:39:10, on 29/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&query=%s
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O1 - Hosts: 127.255.255.255 www.alcohol-soft.com
O1 - Hosts: 127.255.255.255 images.alcohol-soft.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: FreelineSchedule.lnk = C:\Freeline\FreelineSchedule.exe
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.co.uk/save/makeover.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130184847234
O16 - DPF: {90F7E144-984F-4FA6-83A7-C9C8DCB9974C} (RSActiveXObj Control) - http://go.radarsync.com/RSActiveX.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{CA6B6D3D-F481-4DB0-8581-7C5BFF0F6B58}: NameServer = 192.168.0.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)


here attached is the bit defender scan log....


//-----------------------------------------------------------------
//
// Product: BitDefender 9 Professional Plus
// Version: 9.5
//
// Created on: 30/01/2007 20:16:37
//
//-----------------------------------------------------------------


Virus Statistics

Scan path : C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Folders : 14430
Files : 498199
Archives : 8818
Packed files : 37099
Identified viruses : 15
Infected files : 14
Warnings : 0
Suspect files : 0
Disinfected files : 0
Deleted files : 4
Copied files : 0
Moved files : 3
Renamed files : 0
I/O errors : 43
Scan time : 02:06:22
Scan speed (files/sec) : 65

Spyware Statistics

Memory processes scanned : 42
Memory processes infected : 0
Registry keys scanned : 2732
Registry keys infected : 2
Cookies scanned : 69
Cookies infected : 2
Spyware files infected : 0
Spyware threats detected : 3


Virus definitions : 475754
Scan plugins : 15
Archive plugins : 42
Unpack plugins : 5
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Program Files\Softwin\BitDefender9\Logs\vscan_1170188197.log

Spyware scan options

[X] Memory Processes
[X] Registry keys
[X] Cookies


Summary:

<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MAGNET Detected: magne3t
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MAGNET Deleted
<System> Update
<System>=>HKEY_CLASSES_ROOT\MAGNET Detected: magne2t
<System>=>HKEY_CLASSES_ROOT\MAGNET Deleted
<System> Update
<System>=>C:\Documents and Settings\Touran\Cookies\touran@adrevolver[2].txt Detected: Cookie.adrevolver
<System>=>C:\Documents and Settings\Touran\Cookies\touran@adrevolver[2].txt Deleted
<System> Update
<System>=>C:\Documents and Settings\Touran\Cookies\touran@media.adrevolver[2].txt Detected: Cookie.adrevolver
<System>=>C:\Documents and Settings\Touran\Cookies\touran@media.adrevolver[2].txt Deleted
<System> Update
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0003 Detected: Application.Morpheus.D
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0003 Disinfection failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0003 Move failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0011 Detected: Application.Morpheus.C
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0011 Disinfection failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0011 Move failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0015 Detected: Application.Xolox.B
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0015 Disinfection failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0015 Move failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0027 Detected: Application.Atomwire.B
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0027 Disinfection failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0027 Move failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0029 Detected: Application.Atomwire.E
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0029 Disinfection failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0029 Move failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0030 Detected: Application.Atomwire.A
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0030 Disinfection failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0030 Move failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0033 Detected: Application.Atomwire.D
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0033 Disinfection failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0033 Move failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0034 Detected: Application.Atomwire.G
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0034 Disinfection failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0034 Move failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0035 Detected: Application.Atomwire.C
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0035 Disinfection failed
C:\Documents and Settings\Tahmina\Local Settings\Temp\Morpheus492_b354.exe=>(NSIS o)=>zlib_nsis0035 Move failed
C:\Documents and Settings\Touran\Local Settings\Temp\SHNT288.exe Detected: Adware.Newdotnet.A
C:\Documents and Settings\Touran\Local Settings\Temp\SHNT288.exe Disinfection failed
C:\Documents and Settings\Touran\Local Settings\Temp\SHNT288.exe Moved
C:\Documents and Settings\Touran\Local Settings\Temp\wile5vnl.wm Infected: Exploit.Win32.WMF-PFV
C:\Documents and Settings\Touran\Local Settings\Temp\wile5vnl.wm Disinfection failed
C:\Documents and Settings\Touran\Local Settings\Temp\wile5vnl.wm Moved
C:\Documents and Settings\Touran\Local Settings\Temporary Internet Files\Content.IE5\FII71Z9U\RKSCv1[1].exe=>(NSIS o)=>lzma_nsis0001 Detected: Adware.Relevant.A
C:\Documents and Settings\Touran\Local Settings\Temporary Internet Files\Content.IE5\FII71Z9U\RKSCv1[1].exe=>(NSIS o)=>lzma_nsis0001 Disinfection failed
C:\Documents and Settings\Touran\Local Settings\Temporary Internet Files\Content.IE5\FII71Z9U\RKSCv1[1].exe=>(NSIS o)=>lzma_nsis0001 Move failed
C:\Documents and Settings\Touran\Local Settings\Temporary Internet Files\Content.IE5\PHYUWVQM\NNSCv1[1].exe=>(NSIS o)=>lzma_nsis0001 Detected: Adware.Newdotnet.A
C:\Documents and Settings\Touran\Local Settings\Temporary Internet Files\Content.IE5\PHYUWVQM\NNSCv1[1].exe=>(NSIS o)=>lzma_nsis0001 Disinfection failed
C:\Documents and Settings\Touran\Local Settings\Temporary Internet Files\Content.IE5\PHYUWVQM\NNSCv1[1].exe=>(NSIS o)=>lzma_nsis0001 Move failed
C:\WINDOWS\system32\RKInstaller.exe Detected: Adware.Relevant.A
C:\WINDOWS\system32\RKInstaller.exe Disinfection failed
C:\WINDOWS\system32\RKInstaller.exe Moved

 

can some 1 help plz!!

 

any one?!?!?

 

hello, from your hijackthis log, i didnt really find anything that would be a trojan/virus, but i did find this:

O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe

This is nothing real important, exept for a program that runs on startup, so deleting this will probably just make your computer boot faster.

i have also found some entrys that arent real familiar to me, so maybe you should take a look at them and see if you recignize them, and if you dont then just delete them, but dont forget to make a backup! Here the are:

O4 - Global Startup: FreelineSchedule.lnk = C:\Freeline\FreelineSchedule.exe

O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.co.uk/save/makeover.cab

O16 - DPF: {90F7E144-984F-4FA6-83A7-C9C8DCB9974C} (RSActiveXObj Control) - http://go.radarsync.com/RSActiveX.ocx

The second and third I think should be removed, but im not sure. But, hopefully you will get this stuff sorted out and sorry for no one answering you!!!

 

thanks bro!! also, how do u overclock your PC... i saw on your sig u rote 3.2ghz overclocked to 4.2ghz OMG!!!!!!!!!!!!!!!!!!!

ive got 3.0ghz so i tmust be overlcoked to something better right...?

Also once overclocked does the computer run better? any downsides?