Dangerious Virus!

[sGReseT]

For the past month I have had this virus called " Winprofile " this virus is like so dangerious I dont know what it is or how I got it.. But for some reason when I try to delete it " using stopzilla " the virus completely turns my computer off .. or even when i scan my computer.. I have a question on how i can solve this problem or any other good anti viruses i can use that is stronger.


heres what I got for Hijackthis


C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWSS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWSS\System32\svchost.exe
C:\WINDOWSS\system32\Ati2evxx.exe
C:\WINDOWSS\Explorer.EXE
C:\WINDOWSS\System32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWSS\System32\WgaTray.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\WINDOWSS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll (file missing)
O2 - BHO: (no name) - {3EA31403-E911-2CB6-D771-60557BF07368} - C:\WINDOWSS\System32\izhr.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWSS\System32\msdxm.ocx
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWSS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - http://toolbar.isearch.com/general/drm.cab
O16 - DPF: {99802379-7362-40E2-9D28-8A3B9AF880B7} - http://hotsearchbar.com/toolbar2/winhot32.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab
O16 - DPF: {D03A1C33-1913-4533-A8C1-F2C8D13045DE} - http://www.cjb.net/search.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuit.../ITDetector.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O21 - SSODL: bonspells - {11853d5f-f894-4cc7-bbc3-fc7a9dcfd896} - (no file)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWSS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWSS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Unknown owner - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe

i got this when i ran hijackthis

hows do i get rid of this!

 

[raybay]

You will likely here good stuff from the four or five members on this forum who are experts. They know how to read them. Removing the evils is more difficult.
I see you have Stopzilla and Norton, or remenants of Norton on your disc.
I am not fond of Stopzilla for serious infestations, finding it finicky, and sometimes creates its own problems.
Jot down all the reinstall id info in Stop Zilla, so you can replace it, then delete it with "Add and Remove," and reboot.
We find that AVG's three removal tools work better in concert, than does Stopzilla.
We blieve repeat removal attempts, first in regular mode, then in Safe Mode, help with difficult items.
Download AVG Antispyware, AVG Antivirus, and AVG root kit on another computer and put them on a cd to install on this computer. (You can find them with a Gurgle search for AVG Grisoft free.
Install, then run them. Reboot.
Then cold boot in SAFE MODE , and run all of them, one at a Time in SAFE MODE.
Then run again, and remove.
Install AVAST. Same procedure. Run in regular mode, then SAFE MODE and remove.
Then go to Panda, Kaspersky, Computer Associates EZArmor, Symantec, and McAfee, and run their scans free scans, one at a time to see what you find. They will usually not remove the evil stuff, but they will identify them for repeats of spyware.
I would also install and run Adaware 2007 and Spybot 14, but free, both very good.
Repeat. Cold Boot. Run AVG and AVAST again, one at a time. Removing them after the installation.

I would also download and run the free CCleaner, if you know a bit about the registry. I would not run it blind.

These exercises are normally not necessary, but helpful when you have difficult things.

You may also benefit from running your Windows Disc in Repair mode. Let it patch any damaged areas.

 

[kitty500cat]

O21 - SSODL: bonspells - {11853d5f-f894-4cc7-bbc3-fc7a9dcfd896} - (no file)

This entry indicates that a Smitfraud/SpySheriff rogue anti-spyware infection was present at one point, but a malware removal program must have removed it.

Please go and read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, ComboFix, and AVG Antispyware logs as attachments into this thread, only after doing the above. Also post here the results of the AVG Antirootkit scan.

Regards

P.S. It would be appreciated if you removed your copy-and-pasted logfile. Logfiles are to be posted as attachments only.