Bkdr Coreflood.a

Ran Housecall and found the following;
BKDR COREFLOOD.A
VBS STARTPAGE.EE
JAVA BYTEVER.A
TROJ MENDWAR.A
WORM KLEZ.H
Found the FixKlez.com and removed Klez. How do I remove the others?

 

Do this:
go to http://www.lurkhere.com/~nicefiles/ , and download 'Hijack This!'.....
Unzip it to its own folder, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and please copy & paste its contents to the forum.

It will possibly show other issues deserving our attention, but most of what it lists will be harmless or even required, so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.

If you have anything disabled by MSConfig or any other startup manager, please re-enable it before scanning to post.

 

Went to Houscall webpage then overlay problem appeared on next page. Went to this Forum and was unreadable due to page overlay. Had to reboot.
clicked on ZoneAlarm update but can not access,due to blank window.


Logfile of HijackThis v1.97.7
Scan saved at 6:48:32 PM, on 4/26/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\HAMPANEL.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
C:\VSTASCAN\VSACCESS.EXE
C:\ATI\ATIDESK\ATISCHED.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0\CSTRAY.EXE
C:\PROGRAM FILES\SUPREME OFFICE SUITE3.0\PROGRAM\SOFFICE.EXE
C:\PROGRAM FILES\RINGCENTRAL\BUZME\RCUI.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTOIMPACT 5\ABMTSR.EXE
D:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0\WCS2000.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [HaMFrontPanel] C:\WINDOWS\hampanel /B:Software\Intel\HaM
O4 - HKLM\..\Run: [Atikey] Atitask.exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - Startup: PrintMaster Event Reminder.lnk = C:\Program Files\Canon Creative\PrintMaster\Pmremind.exe
O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe
O4 - Startup: Supreme Office Suite 3.0.lnk = C:\Program Files\Supreme Office Suite3.0\program\quickstart.exe
O4 - Startup: ATI Scheduler.lnk = C:\ati\atidesk\atisched.exe
O4 - Startup: CompuServe 7.0 Tray Icon.lnk = C:\Program Files\CompuServe 7.0\cstray.exe
O4 - Startup: Check for TWS Updates.lnk = C:\jts\WiseUpdt.exe
O4 - Startup: BuzMe.lnk = C:\Program Files\RingCentral\BuzMe\RCUI.exe
O4 - Startup: Album Fast Start.lnk = C:\Program Files\Ulead Systems\Ulead PhotoImpact 5\ABMTSR.EXE
O4 - Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab

 

Looked through several websites today then suddenly the webpage was unreadable due to another page overlay. Reboot eliminated the problem temporarily. Can someone tell me how to remove the pests?