Inactive [InActive] viruses

can anyone help me i have about 3 seperate viruses on my computer i have avast virus protection but apparently it didn't catch this viruses if u have a suggestion please let me know thanks sprtsfn193

 

Please click on this link and follow the instructions there. Post the requested logs in this thread.

 

virues

DDS (Ver_09-03-16.01) - NTFSx86
Run by HP_Administrator at 10:15:04.09 on Wed 04/22/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_12

============== Running Processes ===============


============== Pseudo HJT Report ===============

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: Gamevance: {0ed403e8-470a-4a8a-85a4-d7688cfe39a3} - c:\program files\gamevance\gamevancelib32.dll
BHO: {9283052b-f054-417b-9187-a740282e424e} - c:\windows\system32\budamata.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Gamevance class: {f02fabcb-92dd-475a-98af-14217bd50746} - c:\program files\gamevance\gvtl.dll
TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AOL Fast Start] "c:\program files\aol 9.0\AOL.EXE" -b
uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [hikifizodu] Rundll32.exe "c:\windows\system32\rokipoto.dll ",s
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [443ad27b] rundll32.exe "c:\windows\system32\niyihese.dll ",b
mRun: [CPM4709e1e7] Rundll32.exe "c:\windows\system32\bulopazo.dll ",a
mRunOnce: [NSSInstallation] c:\windows\system32\adobe\shockwave 11\nssstub.exe /RunOnce
uPolicies-system: DisableTaskMgr = 1 (0x1)
mPolicies-system: DisableTaskMgr = 1 (0x1)
IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJxdm088QSUS
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxps://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.1.4.cab
DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {1D082E71-DF20-4AAF-863B-596428C49874} - hxxp://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://uk.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} - hxxp://www.worldwinner.com/games/v57/wof/wof.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-yahtzee/zylomplayer.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} - hxxp://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab
DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - hxxp://es6-scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v10.cab
TCP: {60D557A1-70C9-4044-9AD1-8546C3B00478} = 64.160.192.70,206.13.29.12
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs: c:\windows\system32\lizatefa.dll c:\windows\system32\hewurogo.dll c:\windows\system32\bulopazo.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\bulopazo.dll
STS: STS: {ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} - c:\windows\system32\bulopazo.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli c:\windows\system32\lizatefa.dll

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-04-22 07:48 27,656 a------- c:\windows\system32\drivers\pxsec.sys
2009-04-22 07:48 22,024 a------- c:\windows\system32\drivers\pxscan.sys
2009-04-22 07:48 <DIR> --d----- c:\program files\Prevx
2009-04-22 07:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PrevxCSI
2009-04-22 06:33 1,408,564 ---sh--- c:\windows\system32\esehiyin.ini
2009-04-21 18:22 8,704 a------- c:\windows\instsp2.exe
2009-04-21 07:04 67 a------- c:\windows\wininit.ini
2009-04-21 06:22 121 ---sh--- c:\windows\system32\ivegolat.ini
2009-04-20 12:27 121 ---sh--- c:\windows\system32\ujolehas.ini
2009-04-19 00:34 121 ---sh--- c:\windows\system32\amovujes.ini
2009-04-18 09:58 1,409,571 ---sh--- c:\windows\system32\usekimij.ini
2009-04-17 21:55 1,409,605 ---sh--- c:\windows\system32\atowulan.ini
2009-04-17 09:55 1,409,580 ---sh--- c:\windows\system32\abafojok.ini
2009-04-16 11:44 1,409,795 ---sh--- c:\windows\system32\osulamuy.ini
2009-04-15 22:15 1,417,650 ---sh--- c:\windows\system32\aliyowot.ini
2009-04-15 10:05 1,417,623 ---sh--- c:\windows\system32\owuralam.ini
2009-04-14 22:02 <DIR> --d----- c:\windows\system32\NtmsData
2009-04-12 21:03 1,408,917 ---sh--- c:\windows\system32\urelizud.ini
2009-04-12 07:54 1,403,910 ---sh--- c:\windows\system32\apugapir.ini
2009-04-07 20:44 17,857 a------- c:\windows\system32\drivers\SGuard.sys
2009-04-05 22:37 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\FloodLightGames
2009-04-05 22:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\FloodLightGames
2009-04-05 08:18 <DIR> --d----- c:\program files\Common
2009-04-03 13:57 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\Oberonv1001
2009-03-28 20:09 <DIR> --d----- C:\temp
2009-03-28 18:58 917,504 a------- c:\windows\system32\FLASH.OCX

==================== Find3M ====================

2009-04-22 06:32 88,576 a--sh--- c:\windows\system32\bulopazo.dll
2009-04-22 06:32 81,408 a--sh--- c:\windows\system32\niyihese.dll
2009-04-22 06:32 47,104 a--sh--- c:\windows\system32\tabahebe.exe
2009-04-21 18:22 89,600 a--sh--- c:\windows\system32\hewurogo.dll.vir
2009-04-21 18:22 81,408 a--sh--- c:\windows\system32\mivohilu.dll
2009-04-21 18:22 47,616 a--sh--- c:\windows\system32\foyorere.exe
2009-04-21 06:22 89,600 a--sh--- c:\windows\system32\wemipipo.dll
2009-04-21 06:22 81,408 a--sh--- c:\windows\system32\talogevi.dll
2009-04-21 06:22 47,104 a--sh--- c:\windows\system32\nivedusa.exe
2009-04-20 12:27 81,408 a--sh--- c:\windows\system32\saheloju.dll
2009-04-20 12:27 47,104 a--sh--- c:\windows\system32\liwoduki.exe
2009-04-20 12:27 89,600 a--sh--- c:\windows\system32\fokitape.dll
2009-04-19 12:34 50,176 a--sh--- c:\windows\system32\siyipino.dll
2009-04-19 12:33 89,600 a--sh--- c:\windows\system32\pujosove.dll
2009-04-19 12:33 81,408 a--sh--- c:\windows\system32\hefihiru.dll
2009-04-19 12:33 47,104 a--sh--- c:\windows\system32\kevupavo.exe
2009-04-19 00:33 89,600 a--sh--- c:\windows\system32\niwogepi.dll
2009-04-19 00:33 47,104 a--sh--- c:\windows\system32\hulawira.exe
2009-04-19 00:33 81,408 a--sh--- c:\windows\system32\sejuvoma.dll
2009-04-18 09:58 81,408 a--sh--- c:\windows\system32\jimikesu.dll
2009-04-18 09:58 47,104 a--sh--- c:\windows\system32\fosajugu.exe
2009-04-18 09:58 89,600 a--sh--- c:\windows\system32\panosuba.dll
2009-04-17 21:54 89,600 a--sh--- c:\windows\system32\kivihude.dll
2009-04-17 21:54 47,104 a--sh--- c:\windows\system32\wevoyira.exe
2009-04-17 09:54 89,088 a--sh--- c:\windows\system32\vevinaho.dll
2009-04-16 11:42 88,576 a--sh--- c:\windows\system32\gebegimi.dll
2009-04-16 11:42 81,408 a--sh--- c:\windows\system32\yumaluso.dll
2009-04-15 22:15 81,408 a--sh--- c:\windows\system32\towoyila.dll
2009-04-15 22:15 89,088 a--sh--- c:\windows\system32\bikuhagu.dll
2009-04-15 10:05 89,600 a--sh--- c:\windows\system32\yuvamifi.dll
2009-04-15 10:05 80,384 -------- c:\windows\system32\malaruwo.dll
2009-04-14 22:05 88,576 a--sh--- c:\windows\system32\norebare.dll
2009-04-14 10:05 89,088 a--sh--- c:\windows\system32\wobupobu.dll
2009-04-13 21:57 89,088 a--sh--- c:\windows\system32\ruzunife.dll
2009-04-13 21:57 47,104 a--sh--- c:\windows\system32\ruzunife.exe
2009-04-13 09:57 89,088 a--sh--- c:\windows\system32\yelosuso.dll
2009-04-13 09:57 47,104 a--sh--- c:\windows\system32\gomuzidi.exe
2009-04-12 21:03 50,688 a--sh--- c:\windows\system32\yaruvofo.dll
2009-04-12 21:02 88,576 a--sh--- c:\windows\system32\memibubu.dll
2009-04-12 21:02 47,104 a--sh--- c:\windows\system32\gitadumi.exe
2009-04-12 21:02 81,408 -------- c:\windows\system32\duzileru.dll
2009-04-12 07:54 89,088 a--sh--- c:\windows\system32\bedamifu.dll
2009-04-12 07:54 81,408 a--sh--- c:\windows\system32\ripagupa.dll
2009-04-12 07:54 47,104 a--sh--- c:\windows\system32\yizodonu.exe
2009-03-19 16:31 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-12 09:25 123,929 a------- c:\windows\HPHins12.dat
2009-01-27 17:56 28,672 a------- c:\windows\system32\f3PSSavr.scr
2008-05-14 14:34 0 ac------ c:\program files\temp01
2008-02-21 22:52 32 a----r-- c:\documents and settings\all users\hash.dat
2009-01-19 12:34 50,176 a--sh--- c:\windows\system32\budamata.dll
2009-01-12 21:03 50,688 a--sh--- c:\windows\system32\kiyajeru.dll
2009-01-19 12:34 50,176 a--sh--- c:\windows\system32\lizatefa.dll.vir
2009-01-19 12:34 50,176 a--sh--- c:\windows\system32\rokipoto.dll
2008-09-30 15:05 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008093020081001\index.dat

============= FINISH: 10:19:59.87 ===============

 

virues

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)


==== Disk Partitions =========================


==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

Adobe Acrobat - Reader 6.0.2 Update
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 6.0.1
Adobe Shockwave Player
Agatha Christie Death on the Nile
Agere Systems PCI Soft Modem
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
Apple Mobile Device Support
Apple Software Update
avast! Antivirus
Bonjour
CameraDrivers
CCleaner (remove only)
CustomerResearchQFolder
D1300_Help
DeviceManagementQFolder
Easy Internet Sign-up
Enhancement Browser Tools Bannerstyles15
eSupportQFolder
Gamevance
GemMaster Mystic
Google Earth
Google Earth Plugin
Google Update Helper
Google Updater
Help and Support Additions
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
HP Boot Optimizer
HP Customer Participation Program 7.0
HP Deskjet Printer Preload
HP Help and Support 4.0
HP Image Zone for Media Center PC
HP Image Zone Plus 4.8.6
HP Imaging Device Functions 7.0
HP Photosmart and Deskjet 7.0 Software
HP Photosmart Cameras 4.5
HP Photosmart Essential
HP Software Update
HP Solution Center 7.0
HP Tunes
hph_readme
hph_software
hph_software_req
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
Imikimi Plugin
Intel(R) Graphics Media Accelerator Driver
IntelliMover Data Transfer Demo
InterVideo WinDVD Player
iolo technologies' System Mechanic 5
iTunes
Java(TM) 6 Update 12
KBD
Learn2 Player (Uninstall Only)
LimeWire 5.0.11
LS_HSI
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft ActiveSync
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft VC9 runtime libraries
Microsoft Works
MP3 Player Utilities 4.18
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
OpenOffice.org Installer 1.0
Otto
PC-Doctor for Windows
Prevx 3.0
QuickTime
RealPlayer
Remove Microsoft Money 2005 installer
Remove Quicken New User Edition installer
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Status
SUPERAntiSpyware Free Edition
Toolbox
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
Updates from HP
Viewpoint Media Player
WebFldrs XP
WebReg
Windows Internet Explorer 7
Windows Media Player 10 Hotfix - KB894476
Windows Media Player 10 Hotfix [See KB889858 for more information]
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB895678
Windows XP Service Pack 3

==== End Of File ===========================

 

Hi and welcome, sorry for the delay.


Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3





--------------------------------------------------------------------
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

(Click on this link to see a list of programs that should be disabled.)
http://www.bleepingcomputer.com/forums/topic114351.html


Double click on Combo-Fix.exe & follow the prompts.

Please allow ComboFix to install, if needed, Windows Recovery Console. It is a simple procedure that will only take a few moments of your time.

No Validation is Required.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.



** Please Note:
At times ComboFix may appear to stall, please be patient.

• When finished, it will produce a report for you.
• Please post the C:\ComboFix.txt along with a HijackThis log so we can continue cleaning the system.

Please only run the tool once, ty.

Extra note: After you have installed the Recovery Console - if you reboot your computer, right after reboot, you'll see the option for the Recovery Console now as well.
Don't select to run the Recovery Console as we don't need it.
By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows.

You may need several replies to post the requested logs, otherwise they might get cut off.

 

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please contact a Staff member. Include the address of this thread in your request. This applies only to the original topic starter.