i was unable to gey spy bot because the link said the site was down then i couldnt find the second ad aware i have the first not the second.
i do have the hijack this logfile and the scan summmary from the first scan i did.
heres is the hijack this
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\adpntvol.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
C:\WINDOWS\System32\vidctrl\vidctrl.exe
C:\WINDOWS\System32\kapjua.exe
C:\Program Files\WeirdOnTheWeb\WeirdOnTheWeb.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
c:\windows\system32\kedvlmb.exe
C:\Program Files\Cas\Client\casclient.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Joe Maione\Local Settings\Temp\Temporary Directory 1 for HijackThis[1].zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL =
http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PSof1] C:\WINDOWS\System32\PSof1.exe
O4 - HKLM\..\Run: [ps4X3pU] adpntvol.exe
O4 - HKLM\..\Run: [regsync] C:\WINDOWS\System32\regsync.exe
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitezvs32.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [vidctrl] C:\WINDOWS\System32\vidctrl\vidctrl.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBouncer\VirtualBouncer.exe
O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\System32\kapjua.exe reg_run
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [WeirdOnTheWeb] "C:\Program Files\WeirdOnTheWeb\WeirdOnTheWeb.exe"
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [stb] C:\WINDOWS\System32\stb.exe
O4 - HKLM\..\Run: [SrchfstUpdate] C:\WINDOWS\srchupdt.exe
O4 - HKLM\..\Run: [ivyaau] c:\windows\system32\kedvlmb.exe r
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [CAS Client] "C:\Program Files\Cas\Client\casclient.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\RECYCLER\NPROTECT\00034698.exe
O8 - Extra context menu item: &Search -
http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocache/fu ... .0.0.8.cab
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) -
https://gold.domino.cooksonelectronics.com/iNotes.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) -
http://www.miniclip.com/puzzlepirates/m ... Loader.dll
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -
http://www.miniclip.com/ricochet/Reflex ... Loader.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -
http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\WINDOWS\System32\qlink32.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Then finally is the scan summary which was the first thing i did
There are 103 non cleanable problems Since i cannot copy and paste it would take me hours to do so i will give virus name and wat folder or file it is in
1. Java Bytever.A-1 C:/documents and settings
2. Java Bytever.A-1 C:/documents and settings
3. Java Bytever.m C:/documents and settings
4. Java Bytever.A C:/documents and settings
5. Java Bytever.A C:/documents and settings
6. Java Bytever.m C:/documents and settings
7. Java Bytever.m C:/documents and settings
8. Java Bytever.A C:/documents and settings
9. Java Bytever.A C:/documents and settings
10. Java Bytever.k C:/documents and settings
11. Java Bytever.k C:/documents and settings
12. Java Bytever.A-1 C:/documents and settings
13. Java Bytever.k C:/documents and settings
14. Java Bytever.A C:/documents and settings
15. Troj Startpage.A C:/documents and settings
16. Js Dialogarg.A C:/documents and settings
17. Java Bytever.A C:/documents and settings
18. Java Bytever.A-1 C:/documents and settings
19. Html MHTREDIR.A C:/documents and settings
20. Java Bytever.A C:/documents and settings
21. Java Bytever.A C:/documents and settings
22. Java Bytever.A-1 C:/documents and settings
23. Java Bytever.b C:/documents and settings
24. Java Bytever.b C:/documents and settings
25. Java Bytever.b C:/documents and settings
26. Java Bytever.a C:/documents and settings
27. Java Bytever.k C:/documents and settings
28. Java Bytever.k C:/documents and settings
29. Java Bytever.a-1 C:/documents and settings
30. Java Bytever.k C:/documents and settings
31. Troj Startpage.A C:/documents and settings
32. Troj Qoologic.d C:/documents and settings
33. Troj StartPag.QY C:/documents and settings
34. Troj Small.gr C:/documents and settings
35. Troj VB.Dk C:/documents and settings
36. troj RVP.A C:/ program Files
37. Troj Startpag.qy C:/Program files
38. Troj Downloadr.G C:/System Volume information
39. Troj Buddy.F C:/System Volume information
40. Troj Downloadr.g C:/System Volume information
41. Troj Buddy.F C:/System Volume information
42. Troj Agent.Pz C:/System Volume information
43. Troj agent.pz C:/System Volume information
44. Troj agent.pz C:/System Volume information
45. Troj agent.pz C:/System Volume information
46. Troj Downloadr.G C:/System Volume information
47. Troj Buddy.F C:/System Volume information
48. Troj Downloadr.G C:/System Volume information
49. Troj Buddy.F C:/System Volume information
50. Troj agent.pz C:/System Volume information
51. Troj agent.pz C:/System Volume information
52. Trog Startpag.Qy C:/System Volume information
53. Troj dropper.Dm C:/System Volume information
54. Troj Dloader.ot C:/System Volume information
55. Troj agent.pz C:/System Volume information
56. Troj agent.pz C:/System Volume information
57. Troj agent.pz C:/System Volume information
58. Troj Downloadr.G C:/System Volume information
59. Troj Buddy.F C:/System Volume information
60. Troj agent.pz C:/System Volume information
61. Troj agent.pz C:/System Volume information
62. Troj Downloadr.G C:/System Volume information
63. Troj agent.pz C:/System Volume information
64. Troj agent.pz C:/System Volume information
65. Troj Buddy.F C:/System Volume information
66. Troj Buddy.F C:/System Volume information
67. Trog Startpag.Qy C:/System Volume information
68. Troj Downloadr.G C:/System Volume information
69. Troj Buddy.F C:/System Volume information
70. Trog Startpag.Qy C:/System Volume information
71. Troj Buddy.F C:/System Volume information
72. Troj agent.pz C:/System Volume information
73. Troj Buddy.F C:/System Volume information
74. Trog Startpag.Qy C:/System Volume information
75. Troj Stervis.c C:/System Volume information
76. Troj Nail.b C:/System Volume information
77. Troj dropper.Dm C:/System Volume information
78. Troj agent.mj C:/System Volume information
79. Troj agent.pz C:/System Volume information
80. Troj agent.pz C:/System Volume information
81. Troj agent.pz C:/System Volume information
82. Troj agent.pz C:/System Volume information
83. Troj agent.pz C:/System Volume information
84. Troj Qoologic.d C:/System Volume information
85. Troj dropper.Dm C:/System Volume information
86. Troj agent.pz C:/System Volume information
87. Troj agent.pz C:/System Volume information
88. Troj Downloadr.G C:/System Volume information
89. Troj Buddy.F C:/System Volume information
90. Troj dropper.Dm C:/System Volume information
91. Trog Startpag.Qy C:/System Volume information
92. Troj agent.mj C:/System Volume information
93. Troj dropper.Dm C:/System Volume information
94. troj Small.ape C:/windows/system
95. Troj dloader.ot C:/windows/system32
96. troj dloader.qi C:/windows/system32
97. worm Sdbot.Bvi C:/windows/system32
98. Troj agent.pz C:/windows/system32
99. troj small.gr C:/windows/system32
100. troj buddy.F C:/windows
101. troj nail.B C:/windows
102. troj startpag.Qy C:/windows
103. troj stervis.c C:/windows