Hello i am running vista sp1 and got some virus after downloading some software which well known and i know this software is not a virus but was infected with viruses somehow by some stupid user of torrent. I ran hijackthis tool and cleared and fixed every suspicious entry found in hijackthis tool and then ran combofix twice which cleared most of the viruses. there are still some viruses in my pc and one virus open up internet explorer randomly at random times without permission and sometimes even tries to download software and stuff which i always cancel out. below is the hijackthis log please let me know what should i do to fix my pc thanks
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 2:50:12 AM, on 4/20/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\PowerISO\pwrisovm.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\ituneshelper.exe
C:\Program Files\Microsoft Office\Office12\groovemonitor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\adobearm.exe
C:\Windows\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\Nxudia.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Windows\System32\mobsync.exe
C:\Windows\explorer.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Vuze\Azureus.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
E:\Adobe Cs4 Collection\dreamweaver cs4 portable\DreamweaverPortable\DreamweaverPortable.exe
E:\Adobe Cs4 Collection\dreamweaver cs4 portable\DreamweaverPortable\App\Dreamweaver\Dreamweaver.exe
C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\cuteftppro.exe
C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\ftpte.exe
C:\Windows\System32\notepad.exe
C:\Users\Kashif\AppData\Local\Temp\Nfw.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [YVIBBBHA8C] C:\Users\Kashif\AppData\Local\Temp\Nfw.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://vexcast.com/download/vexcast.cab
O16 - DPF: {FCD61199-E187-4ADD-88E5-9AF238486D11} (ForceP2PPlayer Object) - http://paktvlive.com/tv/ForcePlayer.exe
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Adobe Cs4 Collection\dreamweaver cs4 portable\DreamweaverPortable\App\FLEXnetPublisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
--
End of file - 6517 bytes
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 2:50:12 AM, on 4/20/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\PowerISO\pwrisovm.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\ituneshelper.exe
C:\Program Files\Microsoft Office\Office12\groovemonitor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\adobearm.exe
C:\Windows\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\Nxudia.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Windows\System32\mobsync.exe
C:\Windows\explorer.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Vuze\Azureus.exe
C:\Users\Kashif\AppData\Local\Google\Chrome\Application\chrome.exe
E:\Adobe Cs4 Collection\dreamweaver cs4 portable\DreamweaverPortable\DreamweaverPortable.exe
E:\Adobe Cs4 Collection\dreamweaver cs4 portable\DreamweaverPortable\App\Dreamweaver\Dreamweaver.exe
C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\cuteftppro.exe
C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\ftpte.exe
C:\Windows\System32\notepad.exe
C:\Users\Kashif\AppData\Local\Temp\Nfw.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [YVIBBBHA8C] C:\Users\Kashif\AppData\Local\Temp\Nfw.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://vexcast.com/download/vexcast.cab
O16 - DPF: {FCD61199-E187-4ADD-88E5-9AF238486D11} (ForceP2PPlayer Object) - http://paktvlive.com/tv/ForcePlayer.exe
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Adobe Cs4 Collection\dreamweaver cs4 portable\DreamweaverPortable\App\FLEXnetPublisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
--
End of file - 6517 bytes