Hi Gene11.
There are a lot of Worm Infections showing in your Logfile, I did hope the Sasser Tool would deal with them, as it looks like a Sasser infection. But we can do this manually.
Please re-open HijackThis, close all browser windows other than HijackThis, place a check next to these items and click FIX.
C:\WINDOWS\System32\wstdmode.exe
C:\WINDOWS\System32\vmhevnet.exe
O2 - BHO: XBTB02398 - {ABA3A849-F2C5-4712-B568-C9D018A46457} - (no file)
O20 - AppInit_DLLs: mp4sglmf.dll e1.dll confaud.dll audstat.dll wmasvsin.dll confbrw.dll brwstat.dll
O20 - Winlogon Notify: audmgr - C:\WINDOWS\SYSTEM32\audmgr32.dll
O20 - Winlogon Notify: brwmgr - C:\WINDOWS\SYSTEM32\brwmgr32.dll
O20 - Winlogon Notify: vmhevnet - C:\WINDOWS\system32\vmhevnet.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O20 - Winlogon Notify: wstdmode - C:\WINDOWS\system32\wstdmode.dll
Close HijackThis.
Next, reboot into safe mode (You can do this by switching off your machine, and continually tapping the F8 key while your machine reboots)
While in safe mode, navigate to the following folder/s, and delete the following file/s (if present).
C:\WINDOWS\SYSTEM32\audmgr32.dll
C:\WINDOWS\SYSTEM32\brwmgr32.dll
C:\WINDOWS\system32\wstdmode.dll
C:\WINDOWS\system32\vmhevnet.dll
Reboot to normal windows.
Download CCleaner to clean temp files from your computer.
- Double click on the file to start the installation of the program.
- Select your language and click OK, then next.
- Read the license agreement and click I Agree.
- Click next to use the default install location. Click Install then finish to complete installation.
- Double click the CCleaner shortcut on the desktop to start the program.
- On the "Windows" tab, under "Internet Explorer," uncheck "Cookies" if you do not want them deleted. (If deleted, you will likely need to reenter your passwords at all sites where a cookie is used to recognize you when you visit).
- If you use either the Firefox or Mozilla browsers, the box to uncheck for "Cookies" is on the Applications tab, under Firefox/Mozilla.
- Click Run Cleaner to run the program.
- Caution: It is not recommended that you use the "Issues" feature unless you are very familiar with the registry as it has been known to find legitimate items.
- After CCleaner has completed its process, click Exit.
Next we need to clean all your system restore points. Virus's/Spyware are mostly backed up by system restore making the likelyhood of them returning when cleaned a certainty.
Firstly, click Start, right click My Computer and click Properties.
At the top of the window, click the system restore Tab.
Place a tick in the Turn off System Restore box, click Apply then Ok.
Now we need to turn on system restore.
Follow the above instructions, but Uncheck Turn off System Restore.
Next please run an Online Kaspersky Antivirus Scan.
This scan will generate a Logfile report, please post the report here, and a fresh HijackThis Logfile.
Kind Regards.
Tron.
