Attack of the virus?

[Iluvpenguins]

Today all of a sudden i'm starting to get spammed by windows security centre saying i have spyware and crap,it obviously tells me to go download the piece of crap software that costs 60 bucks,and trial it but not remove the problem.I've scanned using Rogers Yahoo!Online anti spyware and virus thing...and i used Avira's AntiVir Personal Edition and got rid of many things..but the problem has not receeded,help me?

EDIT:Here is my Hijackthis log file
Logfile of HijackThis v1.99.1
Scan saved at 2:13:44 PM, on 8/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\nvsvc32.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINNT\system32\wscntfy.exe
C:\WINNT\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Plaxo\2.6.2.9\PlaxoHelper.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Steam\Steam.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINNT\system32\smartdrv.exe
C:\WINNT\system32\officescan.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://rogers.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sp/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rogers.yahoo.com
O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file)
O2 - BHO: (no name) - {00000000-C1EC-0345-6EC2-4D0300000000} - (no file)
O2 - BHO: (no name) - {00000000-F09C-02B4-6EC2-AD0300000000} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3ceff6cd-6f08-4e4d-bccd-ff7415288c3b} - (no file)
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O2 - BHO: (no name) - {7b55bb05-0b4d-44fd-81a6-b136188f5deb} - (no file)
O2 - BHO: (no name) - {8333c319-0669-4893-a418-f56d9249fca6} - (no file)
O2 - BHO: (no name) - {87185E78-A61B-4DB3-965A-3235BBD7A622} - C:\WINNT\system32\win32hp.dll
O2 - BHO: (no name) - {9c691a33-7dda-4c2f-be4c-c176083f35cf} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: office_pnl.office_panel - {B53455DB-5527-4041-AC41-F86E6947AA47} - C:\WINNT\system32\office_pnl.dll
O2 - BHO: (no name) - {e52dedbb-d168-4bdb-b229-c48160800e81} - (no file)
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O2 - BHO: (no name) - {ffd2825e-0785-40c5-9a41-518f53a8261f} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SW20] C:\WINNT\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINNT\system32\sw24.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Transponder] C:\WINNT\system32\susp.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adware.Srv32] C:\WINNT\system32\runsrv32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [SHS] "C:\Program Files\Rogers\SelfHealing\SHS.exe" /background
O4 - HKCU\..\Run: [Update Manager] "C:\Program Files\Rogers\Update Manager\UpdateManager.exe" /background
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.6.2.9\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [P2kAutostart] C:\DOCUME~1\zayd\LOCALS~1\Temp\Rar$EX09.563\P2kAutostart.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - Global Startup: E-Color.lnk = C:\Program Files\E-Color\Common\IconMgr.exe
O4 - Global Startup: m-trip Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Rogers Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potg_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://download.games.yahoo.com/games/web_games/playfirst/trijinx/TriJinx.1.0.0.55.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/games/web_games/gamehouse/frenzy/SproutLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.games.yahoo.com/games/web_games/tikgames/cinematycoon/cinematycoon.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/chuzzle/popcaploader_v6.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - (no file)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MrobeService - Unknown owner - C:\WINNT\system32\MRobeService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINNT\system32\YPCSER~1.EXE

 

[Iluvpenguins]

My Panda scan result

Here is the log from the Panda scan thing.Please!I urgently need help!

Incident Status Location

Adware:adware/superspider Not disinfected c:\winnt\system32\a.exe
Adware:adware/alexa-toolbar Not disinfected c:\winnt\system32\alxres.dll
Spyware:spyware/bridge Not disinfected c:\winnt\system32\bridge.dll
Adware:adware/dailytoolbar Not disinfected c:\winnt\system32\dailytoolbar.dll
Adware:adware/antivirus-gold Not disinfected c:\winnt\system32\runsrv32.exe
Adware:adware/admess Not disinfected c:\winnt\system32\tcpservice2.exe
Adware:adware/topspyware Not disinfected c:\winnt\system32\txfdb32.dll
Adware:adware/btgrab Not disinfected c:\winnt\BTGrab.dll
Adware:adware/transponder Not disinfected c:\winnt\dlmax.dll
Spyware:spyware/betterinet Not disinfected c:\winnt\susp.exe
Potentially unwanted tool:application/adwaresheriff Not disinfected hkey_current_user\software\ADV
Adware:adware/wupd Not disinfected Windows Registry
Dialer:dialer.du Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B55BB05-0B4D-44FD-81A6-B136188F5DEB}
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Reem\Cookies\reem@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Reem\Cookies\reem@888[3].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Reem\Cookies\[email protected][2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Reem\Cookies\[email protected][2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Reem\Cookies\reem@adultfriendfinder[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Reem\Cookies\reem@atwola[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Reem\Cookies\reem@belnk[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Reem\Cookies\reem@burstnet[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Reem\Cookies\reem@cassava[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Reem\Cookies\reem@cgi-bin[3].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Reem\Cookies\reem@cgi-bin[5].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Reem\Cookies\reem@cgi-bin[6].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Reem\Cookies\reem@cgi-bin[9].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Reem\Cookies\reem@com[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Reem\Cookies\[email protected][2].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Reem\Cookies\reem@go[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Reem\Cookies\[email protected][1].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Reem\Cookies\reem@rn11[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Reem\Cookies\[email protected][1].txt
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\Reem\Cookies\reem@tucows[1].txt
Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Reem\Cookies\[email protected][1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Reem\Cookies\[email protected][2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Reem\Cookies\reem@xiti[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Reem\Cookies\reem@xmts[2].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Reem\Cookies\reem@yadro[1].txt
Adware:Adware/DollarRevenue Not disinfected C:\Documents and Settings\Reem\Local Settings\Temp\ymdc.exe[²ÜÇ\System.dll]

 

[cell4me]

You have a mess try to clean things up alittle bit first.

Download superantispyware here http://www.superantispyware.com/

Then download ewido here http://www.ewido.net/en/download/

Then download ATF cleaner here http://www.majorgeeks.com/ATF_Cleaner_d4949.html

After you download these programs update the definitions for ewido and superantispyware then reboot into safemode.

Once in safemode run ewido first and fix what it finds then run superantispyware and fix what it finds...then open up atf cleaner check the box that says (Select all) and then empty selected.

Reboot your computer and repost a new hijackthis log.