I have repeatedly tried to fix Pipas.A which was found by Spybot. But after rebooting Spybot finds it again.
At the same time a lot of infections are found by ewido which were also found and supposed to be destroyed in previous sessions.
My last action was running Ad-aware, fixing 2 entries with it, rebooting and running HiJackThis. Please find the summary below.
Thank you in advance for any help you might be able to provide.
Logfile of HijackThis v1.99.1
Scan saved at 1:23:16 PM, on 6/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\MACROE~1\MACEXP.EXE
C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\TechSmith\SnagIt 7\TSCHelp.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Spyros\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.gr/
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Watch for Browser Events - {516E2306-7ADF-47EC-AEA8-ACB6B51899F1} - C:\PROGRA~1\MACROE~1\iCapture.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Macro Express 3.lnk = ?
O4 - Global Startup: SnagIt 7.lnk = C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7CEEAB76-D59E-11D3-8394-00C04F7BDF10} (Application Class) - https://www.tradesta...ugIn/tsTemp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DCB9C35-3073-46DE-88B5-781B6623223C}: NameServer = 85.255.116.52,85.255.112.106
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A2A6ADB-AD3B-4EB8-8A7F-4E041363767E}: NameServer = 85.255.116.52,85.255.112.106
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8487492-FDF5-466D-92EA-2C54D4B8CDB7}: NameServer = 85.255.116.52,85.255.112.106
O17 - HKLM\System\CCS\Services\Tcpip\..\{B9927C7D-A2AD-41A6-B88D-DC4F657DEE9A}: NameServer = 85.255.116.52,85.255.112.106
O17 - HKLM\System\CS1\Services\Tcpip\..\{0DCB9C35-3073-46DE-88B5-781B6623223C}: NameServer = 85.255.116.52,85.255.112.106
O17 - HKLM\System\CS2\Services\Tcpip\..\{0DCB9C35-3073-46DE-88B5-781B6623223C}: NameServer = 85.255.116.52,85.255.112.106
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe