this is my first time posting, But considering that i'm certain my computer is infected with some sorta virus. I cleaned the spyware, made a virus scan with updates using AVG, and also someother free scans that were posted on your site. I downloaded HIjack this, and from the sounds of it. If you don't know what your doing results could be potentially hazardous. Considering that I spent a pretty penny on this computer, I would hate to go through the trouble all over again with reformatting etc. etc. My question is what files would be safe to delete? My log file is as follows:
Logfile of HijackThis v1.99.1
Scan saved at 1:19:45 AM, on 6/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:LiteSteplitestep.exe
C:Program FilesJavajre1.5.0_01binjusched.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesCreativeSB Live! 24-bitSurround MixerCTSysVol.exe
C:PROGRA~1GrisoftAVGFRE~1avgcc.exe
C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
C:PROGRA~1Yahoo!MESSEN~1ypager.exe
C:WINDOWSsystem32hookdump.exe
C:Program FilesSpyware Doctorswdoctor.exe
C:WINDOWSDOWNLO~1MyWebEx319raagtx.exe
C:WINDOWSDOWNLO~1MyWebEx319atnthost.exe
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
C:WINDOWSDOWNLO~1MyWebEx319RAAGTAPP.EXE
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:WINDOWSsystem32CTsvcCDA.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wdfmgr.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:WINDOWSSystem32alg.exe
C:Program FilesAvant Browseravant.exe
C:Program FilesLimeWireLimeWire.exe
C:Program FilesFlashGetflashget.exe
C:Program FilesInternet Exploreriexplore.exe
C:DownloadsHijackThis1991.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.top20results.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Kiwaku
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 213.219.251.81 astalavista.com
O1 - Hosts: 213.219.251.81 www.astalavista.com
O1 - Hosts: 213.219.251.81 astalavista.box.sk
O1 - Hosts: 213.219.251.81 www.astalavista.box.sk
O1 - Hosts: 213.219.251.81 cracks.com
O1 - Hosts: 213.219.251.81 www.cracks.com
O1 - Hosts: 213.219.251.80 go.com
O1 - Hosts: 213.219.251.80 www.go.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:PROGRA~1SPYWAR~1toolsiesdsg.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [sunJavaUpdateSched] C:Program FilesJavajre1.5.0_01binjusched.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [CTSysVol] C:Program FilesCreativeSB Live! 24-bitSurround MixerCTSysVol.exe /r
O4 - HKLM..Run: [updReg] C:WINDOWSUpdReg.EXE
O4 - HKLM..Run: [msxct] msxct.exe
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
O4 - HKCU..Run: [updateMgr] C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU..Run: [Yahoo! Pager] C:PROGRA~1Yahoo!MESSEN~1ypager.exe -quiet
O4 - HKCU..Run: [intel system tool] C:WINDOWSsystem32hookdump.exe
O4 - HKCU..Run: [spyware Doctor] "C:Program FilesSpyware Doctorswdoctor.exe" /Q
O4 - Global Startup: MyWebEx PC.LNK = ?
O8 - Extra context menu item: Add to AD Black List - C:Program FilesAvant BrowserAddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:Program FilesAvant BrowserAddAllToADBlackList.htm
O8 - Extra context menu item: Download All by FlashGet - C:Program FilesFlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:Program FilesFlashGetjc_link.htm
O8 - Extra context menu item: Highlight - C:Program FilesAvant BrowserHighlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:Program FilesAvant BrowserOpenAllLinks.htm
O8 - Extra context menu item: Search - C:Program FilesAvant BrowserSearch.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll
O9 - Extra button: 50 FREE MP3s! - {686C970F-1D7D-4469-85D1-4B35763B56CC} - http://www.emusic.com?fref=149133 (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://pc.mywebexpc.com/client/v_mywebex-aa/ra/ieatgpc.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AT Host Service (atnthost) - WebEx - C:WINDOWSDOWNLO~1MyWebEx319atnthost.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:Program FilesTuneUp Utilities 2004WinStylerThemeSvc.exe