Hi,
Your system is quite horribly infected.
Also, please do not use the "New Thread" feature in the main forum. Go to your post, and click on "Post Reply". I've deleted all your other posts.
Important: Please read this thread HERE before you decide whether to clean or reformat your system.
Should you decide to clean your computer, please do the following.
I noticed that your AVG log displays 'No Action Taken' for all the files detected.
I require you to run AVG again and quarantine the files. Pictorial instructions HERE.
Download the attached "
Combofix-Do.txt" (
from my attachment) and save it to the same folder as Combofix.
You may wish to copy and paste these instructions on notepad for easier reference later.
Boot into safe mode under your normal user name. See how
HERE
Next turn on "Show all files and folders, including hidden and system". See how
HERE
Go to start > Control Panel > Add and Remove Programs.
Remove anything related to the following:
Video ActiveX Access
After that,
run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - _{53DCB1D2-2939-58E0-1484-232755F3EA9F} - (no file)
O2 - BHO: (no name) - {184746EC-9E9D-4C7D-B9E7-9039EBD801A9} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - (no file)
O8 - Extra context menu item: &Search -
http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYUS_ZBxdm197YYUS
Fix ALL O15 entries.
O20 - Winlogon Notify: logons - C:\WINDOWS\System32\redist.dll (file missing)
O22 - SharedTaskScheduler: fagging - {94524218-9af3-4643-9687-cbc2880e54da} - C:\WINDOWS\system32\nuqjici.dll
Close HJT.
Drag the
Combofix-Do.txt that you downloaded earlier over on to
Combofix.exe and release.
This will ask Combofix to execute the instructions within my file.
Let Combofix run normally and do its job. Attach the resultant log in your reply.
Reboot into normal mode and rehide your protected OS files.
Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread.
Regards,
Your friendly momok =)
This thread is for the use of King_Mufasa only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.