The trouble I am having is occasionally I here website sounds even when I don't have a browser open. My preferred browser is Firefox. I noticed in my logs that I still have IE. I thought I removed that from my system. ??? Microtrend housecall wanted to just keep doing scans over and over. Every time I did one they found more stuff. I know when I picked this virus stuff up ... I was googling the other day and tried to open a website and a download started and then my virus and spyware software went crazy alerting me. I started scanning to remove them but they attached somewhere because they are still in my system. My son did use limewire but I removed it today. This is his laptop. I am trying to tell you as much as I can. After I scanned the other day I defragmented and then did a system restore to last week sometime. That worked temporarily but I know the viruses are still in the system and would come back. I did the steps you encouraged me to do. I couldn't do panda online scan because the window would open but nothing would appear after I hit the "scan my pc" button.
I did have the biohazard screen appear once, but it is not appearing anymore. One more thing, Avast won't allow me to use the chest in safe mode. It says there is a RGP communication failure. Thanks for all your help.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:27:54 AM, on 3/18/2008
Platform: Windows XP SP2 (WinNT
5.01.2600)
MSIE: Internet Explorer v6.00 SP2
(6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4
\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4
\ashServ.exe
C:\Program Files\hpq\HP Wireless
Assistant\HP Wireless Assistant.exe
C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Grisoft\AVG Anti-
Spyware 7.5\avgas.exe
C:\Program
Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.
exe
C:\Program Files\Yahoo!\Yahoo! Music
Jukebox\ymetray.exe
C:\PROGRA~1\Yahoo!\MESSEN~1
\ymsgr_tray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program
Files\Symantec\LiveUpdate\ALUSchedulerSv
c.exe
C:\Program Files\Grisoft\AVG Anti-
Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec
Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4
\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4
\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla
Firefox\firefox.exe
C:\Program Files\Trend
Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?
TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pr
esario&pf=laptop
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Bar =
http://us.rd.yahoo.c...stomize/ie/defa
ults/sb/msgr8/*http://www.yahoo.com/ext/
search/search.html
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet
Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...stomize/ie/defa
ults/su/msgr8/*http://www.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-
4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper
.dll
O2 - BHO: SSVHelper Class - {761497BB-
D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06
\bin\ssv.dll
O4 - HKLM\..\Run: [hpWirelessAssistant]
C:\Program Files\hpq\HP Wireless
Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [High Definition Audio
Property Page Shortcut]
CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RecGuard]
C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder]
C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program
Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed
Launcher] "C:\Program Files\Adobe\Reader
8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [YSearchProtection]
"C:\Program Files\Yahoo!\Search
Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [FCUR Agent]
C:\WINDOWS\system32\28463\FCUR.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1
\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Monitor]
C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG Anti-
Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager]
~"C:\PROGRA~1\Yahoo!\MESSEN~1
\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SweetIM] C:\Program
Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Windows update
loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware]
C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.
exe
O4 - .DEFAULT User Startup: Vongo
Tray.lnk = C:\Program
Files\Vongo\Tray.exe (User 'Default
user')
O4 - Global Startup: ymetray.lnk =
C:\Program Files\Yahoo!\Yahoo! Music
Jukebox\ymetray.exe
O8 - Extra context menu item: E&xport to
Microsoft Excel - res://C:\PROGRA~1
\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06
\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java
Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:\Program Files\Yahoo!
\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo!
Messenger - {E5D12C4E-7B4F-11D3-B5C9-
0050045C3C96} - C:\Program Files\Yahoo!
\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O14 - IERESET.INF:
START_PAGE_URL=http://ie.redirect.hp.com
/svs/rdr?
TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pr
esario&pf=laptop
O16 - DPF: {30528230-99f7-4bb4-88d8-
fa1d4f56a2ab} (Installation Support) -
C:\Program Files\Yahoo!
\Common\Yinsthelper.dll
O20 - Winlogon Notify: !SASWinLogon -
C:\Program
Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: KbdBoot - {7e4d90e6-ce3a-
4e8d-bc16-592ea01438cc} -
C:\WINDOWS\Installer\{7e4d90e6-ce3a-
4e8d-bc16-592ea01438cc}\KbdBoot.dll
O21 - SSODL: altvxvm - {93ACF0B8-2E42-
4B19-95EA-7A98BBC3954A} -
C:\WINDOWS\altvxvm.dll (file missing)
O21 - SSODL: BootUnknown - {9238daa6-
4f28-4187-b82b-2d081c6257d8} -
C:\WINDOWS\Installer\{9238daa6-4f28-
4187-b82b-2d081c6257d8}\BootUnknown.dll
O23 - Service: avast! iAVS4 Control
Service (aswUpdSv) - ALWIL Software -
C:\Program Files\Alwil Software\Avast4
\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate
Scheduler - Symantec Corporation -
C:\Program
Files\Symantec\LiveUpdate\ALUSchedulerSv
c.exe
O23 - Service: avast! Antivirus - ALWIL
Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner -
ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner -
ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard -
GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5
\guard.exe
O23 - Service: InstallDriver Table
Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32
\IDriverT.exe
O23 - Service: LiveUpdate - Symantec
Corporation - C:\PROGRA~1
\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC -
Unknown owner - C:\Program Files\Common
Files\Symantec Shared\CCPD-
LC\symlcsvc.exe
O24 - Desktop Component 0: (no name) -
http://images.wikia....ncyclopedia/ima
ges/8/87/Alqitty.jpg
O24 - Desktop Component 1: (no name) -
http://images.jupite...es.com/common/d
etail/44/33/23473344.jpg
O24 - Desktop Component 2: (no name) -
http://www.hollyscoo.../BlogImages/724
00514---michael_jackson.jpg
O24 - Desktop Component 3: (no name) -
http://www.greenash....u/sites/default
/files/images/teletubbies-
happy.preview.png
O24 - Desktop Component 4: (no name) -
http://www.freequali...lpapers.com/./i
mages/bikini-girl-wallpapers/thumb-
blonde-red-white-lingerie-beach-girl.jpg
O24 - Desktop Component 5: (no name) -
http://www.pennfoster.com/images/main-
image-12.jpg
--
End of file - 7521 bytes
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.0
Adobe Shockwave Player
ArcSoft VideoImpression 2
avast! Antivirus
AVG Anti-Spyware 7.5
Conexant HD Audio
Customer Experience Enhancement
DivX
Easy Internet Sign-up
ESPNMotion
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 2.0.2
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB912436)
HP DVD Play 2.3
HP Help and Support
HP Imaging Device Functions 6.0
HP Photosmart Premier Software 6.0
HP Software Update
HP User Guides 0037
HP User Guides--System Recovery
HP Wireless Assistant 2.00 G2
Intel® Graphics Media Accelerator Driver
J2SE Runtime Environment 5.0 Update 6
LiveUpdate 3.0 (Symantec Corporation)
Macrogaming SweetIM 2.1
Macromedia Flash Player 8
Macromedia Shockwave Player
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Works
Mozilla Firefox (2.0.0.12)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
muvee autoProducer 5.0
NetWaiting
Office 2003 Trial Assistant
Otto
PC Camer@
RealArcade
Rhapsody Player Engine
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
SmartAudio
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
SonicAC3Encoder
SonicMPEGEncoder
SUPERAntiSpyware Free Edition
Symantec KB-DocID:2003093015493306
Synaptics Pointing Device Driver
TourSetup
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB896727)
Update for Windows XP (KB911164)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Vongo
Watchtower Library 2005 - English Edition
Watchtower Library 2006 - English Edition
WildTangent Web Driver
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB890546
Windows XP Hotfix - KB891220
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892559
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB915381
Wireless Home Network Setup
Yahoo! Messenger
Yahoo! Music Jukebox
UPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 03/17/2008 at 04:27 PM
Application Version : 4.0.1154
Core Rules Database Version : 3420
Trace Rules Database Version: 1412
Scan type : Complete Scan
Total Scan Time : 00:45:35
Memory items scanned : 427
Memory threats detected : 0
Registry items scanned : 5319
Registry threats detected : 3
File items scanned : 55148
File threats detected : 30
Adware.Tracking Cookie
C:\Documents and Settings\User\Cookies\user@statcounter[1].txt
C:\Documents and Settings\User\Cookies\user@cgi-bin[3].txt
C:\Documents and Settings\User\Cookies\user@adecn[1].txt
C:\Documents and Settings\User\Cookies\user@xiti[1].txt
C:\Documents and Settings\User\Cookies\user@pro-market[1].txt
C:\Documents and Settings\User\Cookies\user@adrevolver[2].txt
C:\Documents and Settings\User\Cookies\[email protected][2].txt
C:\Documents and Settings\User\Cookies\user@roiservice[1].txt
C:\Documents and Settings\User\Cookies\user@apmebf[1].txt
C:\Documents and Settings\User\Cookies\[email protected][2].txt
C:\Documents and Settings\User\Cookies\user@tribalfusion[2].txt
C:\Documents and Settings\User\Cookies\[email protected][1].txt
C:\Documents and Settings\User\Cookies\user@casalemedia[1].txt
C:\Documents and Settings\User\Cookies\[email protected][3].txt
C:\Documents and Settings\User\Cookies\user@atdmt[2].txt
C:\Documents and Settings\User\Cookies\[email protected][1].txt
C:\Documents and Settings\User\Cookies\user@overture[1].txt
C:\Documents and Settings\User\Cookies\user@findwhat[1].txt
C:\Documents and Settings\User\Cookies\[email protected][2].txt
C:\Documents and Settings\User\Cookies\[email protected][2].txt
C:\Documents and Settings\User\Cookies\user@doubleclick[1].txt
C:\Documents and Settings\User\Cookies\user@specificclick[2].txt
C:\Documents and Settings\User\Cookies\user@toseeka[1].txt
C:\Documents and Settings\User\Cookies\user@linksynergy[1].txt
C:\Documents and Settings\User\Cookies\[email protected][2].txt
C:\Documents and Settings\User\Cookies\user@1071769317[1].txt
C:\Documents and Settings\User\Cookies\user@advertising[1].txt
C:\Documents and Settings\User\Cookies\user@fastclick[2].txt
C:\Documents and Settings\User\Cookies\user@zedo[2].txt
C:\Documents and Settings\User\Cookies\user@tracker[1].txt
Trojan.Net-MSV/VPS
HKCR\MSVPS.MSVPSApp
HKCR\MSVPS.MSVPSApp\CLSID
HKCR\MSVPS.MSVPSApp\CurVer