Since last week, my computer became infected with malware and trojans that BitDefender promptly identified, but could do nothing about.
Today, I was able to delete all but one - most of which I was able to delete after adding them to the quarantine and sending them into the lab. However, this one still remains and I know where it is - C:Windows\System32\d3dramp32.dll - but I cannot delete, unlocker can't even help me. I was in safe mode, I have used msconfig in both regular and safe mode but it keeps popping up. Please help me, I am so sick and tired of going through the same steps over and over with no success!!! Here is my hijack this file:
Logfile of HijackThis v1.99.1
Scan saved at 6:41:31 PM, on 11/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
\BITDEF~1.2\bdmcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
\BitDefender Professional Edition 7.2\vsserv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\WindowsXP-KB905474-ENU-x86.exe
e:\7bb0a4fc24e66892d1a99164\update\update.exe
\hijackthis\HijackThis.exe
e:\7bb0a4fc24e66892d1a99164\wgatray.exe
O4 - HKLM\..\Run: [bDMCon]
\BITDEF~1.2\bdmcon.exe
O4 - HKLM\..\Run: [bDNewsAgent]
\BitDefender Professional Edition 7.2\bdnagent.exe
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O20 - AppInit_DLLs: sockspy.dll,C:\WINDOWS\System32\d3dramp32.dll
O20 - Winlogon Notify: 58625298502 - C:\WINDOWS\System32\d3dramp32.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner -
\BitDefender Professional Edition 7.2\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)