I followed the instructions and did hijack this, cleanup, ewido and panda.
The next day I tried to start again and do the housecall too, but there were updates for ewido which I have tried many times but can't get past 50% of the download. Housecall too requires a download which I can't complete. Maybe I don't have the memory, but AVG updates are still happening ok.
So today I did adaware and got rid of a lot of CoolWebSearch stuff and then did hijack this, cleanup and panda. I tried ewido and housecall but it doesn't download.
Anyway, this is my current Hijack log:
Logfile of HijackThis v1.99.1
Scan saved at 14:33:33, on 22/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe
C:\Program Files\HijackThis.exe
C:\Program Files\HijackThis.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft.../as5/asinst.cabO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
...and my current panda log:
Incident Status Location
Spyware:Spyware/Dyfuca No disinfected Windows Registry
Adware:Adware/CWS No disinfected C:\Documents and Settings\user new\Favorites\Online Gambling\Online Gambling.url
Adware:Adware/SideFind No disinfected Windows Registry
Adware:Adware/SuperSpider No disinfected C:\Documents and Settings\user new\Favorites\online dating.url
Spyware:Spyware/YourSiteBar No disinfected Windows Registry
Adware:Adware/IGuard No disinfected C:\WINDOWS\system32\wldr.dll
Adware:Adware/Popuper No disinfected C:\Documents and Settings\user new\Favorites\Anti Spam.url
Adware:Adware/Virmaid No disinfected Windows Registry
Adware:Adware/BlueScreenWarningNo disinfected C:\WINDOWS\SYSTEM32\wldr.dll
Adware:Adware/Virmaid No disinfected C:\WINDOWS\SYSTEM32\perfcii.ini
Adware:Adware/Popuper No disinfected C:\Program Files\backups\backup-20050513-095019-979.dll
Adware:Adware/Popuper No disinfected C:\Program Files\backups\backup-20050514-113043-880.dll
Adware:Adware/Popuper No disinfected C:\Program Files\backups\backup-20050513-092057-716.dll
Adware:Adware/Popuper No disinfected C:\Program Files\backups\backup-20050513-093151-655.dll
Adware:Adware/CWS No disinfected C:\Documents and Settings\user new\Favorites\Online Gambling\Online Gambling.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\user new\Favorites\Black Jack Online.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\user new\Favorites\Online Gambling.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\user new\Favorites\Home Loan.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\user new\Favorites\Online Pharmacy.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\user new\Favorites\Spyware Removal.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\user new\Favorites\Network Security.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\user new\Favorites\Anti Spam.url
Adware:Adware/SuperSpider No disinfected C:\Documents and Settings\user new\Favorites\Online Dating.url