Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malware Protection Icon Still Showing after Removal complete

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Malware Protection Icon Still Showing after Removal complete

Unread postby camero409 » July 26th, 2011, 2:19 am

I was fortunate enough to remove "Malware Protection" before any damage occured. The problem I have is the Icon remains on the desktop without any picture. I have tried to delete it, move it to the Recycle Bin but it says it's a hidden file or write protected or in use and can't be removed.

Here are the two files I was asked to provide:

Attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 31/03/2007 5:35:31 PM
System Uptime: 25/07/2011 9:46:04 PM (2 hours ago)
.
Motherboard: Micro-Star | | MS-7255
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | CPU 1 | 2992/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 95.396 GiB free.
D: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Officejet Pro 8500 A909a
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet Pro 8500 A909a
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4D36E979-E325-11CE-BFC1-08002BE10318}
Description: Officejet Pro 8500 A909a
Device ID: ROOT\PRINTER\0000
Manufacturer: HP
Name: Officejet Pro 8500 A909a
PNP Device ID: ROOT\PRINTER\0000
Service:
.
==== System Restore Points ===================
.
RP1131: 27/04/2011 6:23:51 PM - System Checkpoint
RP1132: 29/04/2011 7:00:20 AM - System Checkpoint
RP1133: 29/04/2011 8:11:11 AM - Software Distribution Service 3.0
RP1134: 30/04/2011 8:16:46 AM - System Checkpoint
RP1135: 01/05/2011 6:37:04 PM - System Checkpoint
RP1136: 02/05/2011 11:01:28 PM - System Checkpoint
RP1137: 08/05/2011 1:55:04 PM - System Checkpoint
RP1138: 09/05/2011 8:23:20 PM - System Checkpoint
RP1139: 10/05/2011 6:21:04 PM - Software Distribution Service 3.0
RP1140: 11/05/2011 7:20:27 PM - System Checkpoint
RP1141: 12/05/2011 7:29:59 PM - System Checkpoint
RP1142: 13/05/2011 7:32:31 PM - System Checkpoint
RP1143: 15/05/2011 10:20:57 AM - System Checkpoint
RP1144: 16/05/2011 11:28:04 AM - System Checkpoint
RP1145: 17/05/2011 2:25:53 PM - System Checkpoint
RP1146: 18/05/2011 5:00:21 PM - System Checkpoint
RP1147: 20/05/2011 7:03:43 AM - System Checkpoint
RP1148: 21/05/2011 11:18:21 AM - System Checkpoint
RP1149: 23/05/2011 7:15:11 AM - System Checkpoint
RP1150: 24/05/2011 7:57:31 AM - System Checkpoint
RP1151: 25/05/2011 8:08:50 AM - System Checkpoint
RP1152: 26/05/2011 10:45:15 AM - System Checkpoint
RP1153: 28/05/2011 7:26:42 AM - System Checkpoint
RP1154: 29/05/2011 12:13:43 PM - System Checkpoint
RP1155: 31/05/2011 12:44:14 PM - System Checkpoint
RP1156: 01/06/2011 12:51:38 PM - System Checkpoint
RP1157: 02/06/2011 6:01:00 PM - System Checkpoint
RP1158: 03/06/2011 6:54:30 PM - System Checkpoint
RP1159: 05/06/2011 6:47:55 PM - System Checkpoint
RP1160: 07/06/2011 6:52:44 PM - System Checkpoint
RP1161: 08/06/2011 9:29:57 PM - System Checkpoint
RP1162: 10/06/2011 1:16:58 PM - System Checkpoint
RP1163: 11/06/2011 3:16:43 PM - System Checkpoint
RP1164: 12/06/2011 6:45:06 PM - System Checkpoint
RP1165: 14/06/2011 4:54:49 AM - System Checkpoint
RP1166: 15/06/2011 6:05:56 AM - System Checkpoint
RP1167: 15/06/2011 10:30:10 PM - Software Distribution Service 3.0
RP1168: 16/06/2011 5:59:53 PM - Removed Badoo Desktop
RP1169: 17/06/2011 2:48:43 PM - Software Distribution Service 3.0
RP1170: 18/06/2011 3:12:19 PM - System Checkpoint
RP1171: 19/06/2011 4:40:30 PM - System Checkpoint
RP1172: 24/06/2011 10:29:13 AM - System Checkpoint
RP1173: 25/06/2011 1:04:49 PM - System Checkpoint
RP1174: 26/06/2011 7:20:25 PM - System Checkpoint
RP1175: 27/06/2011 10:11:22 PM - Software Distribution Service 3.0
RP1176: 27/06/2011 11:14:40 PM - Software Distribution Service 3.0
RP1177: 29/06/2011 6:33:36 AM - Software Distribution Service 3.0
RP1178: 30/06/2011 8:16:24 AM - System Checkpoint
RP1179: 01/07/2011 8:56:01 AM - System Checkpoint
RP1180: 02/07/2011 6:58:05 PM - System Checkpoint
RP1181: 04/07/2011 3:18:25 PM - System Checkpoint
RP1182: 05/07/2011 7:50:32 PM - System Checkpoint
RP1183: 06/07/2011 8:42:57 PM - System Checkpoint
RP1184: 07/07/2011 8:53:32 PM - System Checkpoint
RP1185: 09/07/2011 8:21:46 AM - System Checkpoint
RP1186: 10/07/2011 7:09:50 PM - System Checkpoint
RP1187: 12/07/2011 2:49:38 PM - System Checkpoint
RP1188: 13/07/2011 7:33:49 AM - Software Distribution Service 3.0
RP1189: 13/07/2011 9:12:22 PM - Installed iTunes
RP1190: 14/07/2011 10:36:52 PM - System Checkpoint
RP1191: 16/07/2011 7:43:28 PM - System Checkpoint
RP1192: 17/07/2011 11:31:04 PM - System Checkpoint
RP1193: 19/07/2011 6:30:04 AM - System Checkpoint
RP1194: 20/07/2011 9:00:21 AM - System Checkpoint
RP1195: 21/07/2011 7:05:15 PM - System Checkpoint
RP1196: 23/07/2011 8:49:57 AM - System Checkpoint
RP1197: 25/07/2011 12:04:13 AM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
8500A909_Help
8500A909a
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.0)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Software Suite
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
Bonjour
BPD_DSWizards
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
CCleaner
Compatibility Pack for the 2007 Office system
Defraggler
DepositFiles FileManager 0.9.9.206
Destination Component
DeviceDiscovery
DocMgr
DocProc
DTC Library version 2.0
Event Tracker
F-Secure PSC Prerequisites
Fax
FinePixViewer Resource
FinePixViewer Ver.5.1
FrostWire 5.0.8
FUJIFILM USB Driver
Google Earth
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
GPBaseService2
Gtk+ Runtime Environment 2.12.9-2
Highlight Viewer (Windows Live Toolbar)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 12.0
HP Document Manager 2.0
HP Driver Diagnostics
HP Imaging Device Functions 12.0
HP OrderReminder
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPProductAssistant
ImageMixer VCD2 LE for FinePix
Inkjet Printer/Scanner Extended Survey Program
InterVideo WinDVD
iTunes
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 21
Java(TM) 6 Update 7
Junk Mail filter update
LaserJet 1018
Malwarebytes' Anti-Malware version 1.51.1.1800
Map Button (Windows Live Toolbar)
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Standard 2006
Microsoft Digital Image Standard 2006 Editor
Microsoft Digital Image Standard 2006 Library
Microsoft Encarta Encyclopedia Standard 2006
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Search Enhancement Pack
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Streets & Trips 2006
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 5.0 (x86 en-GB)
MPM
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero OEM
Network
Norton 360
OCR Software by I.R.I.S. 12.0
Officejet Pro 8500 A909 Series
PDFMAILER C
Perfect Emailer 1.3
PhotoScape
Platform
ProductContext
QuickTax 2009
QuickTax Tracker
QuickTime
RAW FILE CONVERTER LE
RPS CRT
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Segoe UI
Sentrilock Card Utility
Shaw Secure
Simply Accounting by Sage 2006
Smart Menus (Windows Live Toolbar)
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Status
SUPERAntiSpyware
swMSM
Toolbox
TrayApp
TurboTax 2010
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB2541763)
VIA Platform Device Manager
VIA/S3G Display Driver
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
WebReg
Windows Driver Package - SCM Microsystems Inc. (SCR3xx USB Smart Card Reader) SmartCardReader (11/07/2006 4.35.00.01)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
25/07/2011 2:08:01 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
21/07/2011 1:46:34 PM, error: Service Control Manager [7000] - The Security Services Driver (x86) service failed to start due to the following error: The system cannot find the file specified.
21/07/2011 1:46:32 PM, error: Print [19] - Sharing printer failed + 1722, Printer pdfMailer standard share name Printer2.
19/07/2011 10:07:04 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
19/07/2011 10:03:44 PM, error: A5AGU [5001] - D-Link WUA-2340 USB Adapter : Could not allocate the resources necessary for operation.
18/07/2011 7:28:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
18/07/2011 7:24:59 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
18/07/2011 7:22:52 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm SASDIFSV SASKUTIL
.
==== End Of File ===========================

dds.txt

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Run by Ron Sward at 23:03:53 on 2011-07-25
Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.2526.1512 [GMT -7:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: Shaw Secure 9.01 *Enabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: Shaw Secure 9.01 *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\Shaw Secure\Common\FSMA32.EXE
C:\Program Files\Shaw Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\Shaw Secure\Common\FSHDLL32.EXE
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Shaw Secure\Anti-Virus\fssm32.exe
C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Shaw Secure\Anti-Virus\fsav32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Yvonne Sward\My Documents\Downloads\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mytelus.com/
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: DepositFiles IE BHO: {9dfe2fe9-cf99-4adf-a28e-9b5adb8dc74f} - c:\progra~1\deposi~1\dfmana~1\DEPOSI~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files\shaw secure\nrs\iescript\baselitmus.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Deposit IE Toolbar: {6aa40521-14e7-4b1d-b1b4-98528c1388c9} - c:\progra~1\deposi~1\dfmana~1\DEPOSI~1.DLL
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files\shaw secure\nrs\iescript\baselitmus.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [F-Secure TNB] "c:\program files\shaw secure\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
IE: {D5AD327A-A089-4F04-89FD-4EA9812B3913} - {D5AD327A-A089-4F04-89FD-4EA9812B3913} - c:\progra~1\deposi~1\dfmana~1\DEPOSI~1.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\program files\shaw secure\fsps\program\FSLSP.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/200 ... oader5.cab
DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://static.slide.com/uploader/SlideImageUploader.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/Fac ... oader3.cab
DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/Fac ... loader.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/200 ... ader55.cab
DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} - hxxp://mlslink.mlxchange.com/5.2.07.135 ... CSharc.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/ins ... csxp2k.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254 75.154.133.68
TCP: Interfaces\{7A487A0C-EC07-41F5-89C2-6A549EE6246D} : DhcpNameServer = 192.168.1.254 75.154.133.68
Handler: intu-qt2009 - {03947252-2355-4e9b-B446-8CCC75C43370} - c:\program files\quicktax 2009\ic2009pp.dll
Handler: intu-res - {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - c:\program files\common files\intuit\intu-res.dll
Handler: intu-tt2010 - {97A0575E-2309-4e75-8509-B1F9390C4DE7} - c:\program files\turbotax 2010\ic2010pp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: GoToAssist - c:\program files\citrix\gotoassist\607\G2AWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 nwprovau
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\yvonne sward\application data\mozilla\firefox\profiles\syzid733.default\
FF - prefs.js: browser.startup.homepage - hxxp://home.mytelus.com/telusen/portal/index.aspx
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\documents and settings\yvonne sward\application data\mozilla\firefox\profiles\syzid733.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\documents and settings\yvonne sward\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\yvonne sward\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\yvonne sward\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2010-7-5 42664]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2010-7-5 82120]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-2-7 64288]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2006-11-30 11264]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\shaw secure\hips\drivers\fshs.sys [2010-7-5 68064]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-12 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\shaw secure\anti-virus\fsgk32st.exe [2010-7-5 215648]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-9-7 54760]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 2151640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-5-8 366640]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R3 A5AGU;D-Link USB Wireless Network Adapter Service;c:\windows\system32\drivers\A5AGU.sys [2006-9-21 347648]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\shaw secure\anti-virus\minifilter\fsgk.sys [2010-7-5 148648]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\shaw secure\orsp client\fsorsp.exe [2010-7-5 61088]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-5-8 22712]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-28 133104]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-7-28 133104]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-12-3 15232]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-5-8 41272]
S3 SCR3xx USB Smart Card Reader;SCR3xx USB Smart Card Reader;c:\windows\system32\drivers\SCR3XX2K.sys [2011-3-23 47488]
S3 seu3bus;Sony Ericsson MD400g Mobile Broadband Composite Device driver (WDM);c:\windows\system32\drivers\seu3bus.sys --> c:\windows\system32\drivers\seu3bus.sys [?]
S3 seu3card;Sony Ericsson MD400g Device Mgmt;c:\windows\system32\drivers\seu3card.sys --> c:\windows\system32\drivers\seu3card.sys [?]
S3 seu3mdfl;Sony Ericsson MD400g Mobile Broadband Modem Filter;c:\windows\system32\drivers\seu3mdfl.sys --> c:\windows\system32\drivers\seu3mdfl.sys [?]
S3 seu3mdfl2;Sony Ericsson MD400g Mobile Broadband Data Modem Filter;c:\windows\system32\drivers\seu3mdfl2.sys --> c:\windows\system32\drivers\seu3mdfl2.sys [?]
S3 seu3mdm;Sony Ericsson MD400g Mobile Broadband Modem Driver;c:\windows\system32\drivers\seu3mdm.sys --> c:\windows\system32\drivers\seu3mdm.sys [?]
S3 seu3mdm2;Sony Ericsson MD400g Mobile Broadband Data Modem Driver;c:\windows\system32\drivers\seu3mdm2.sys --> c:\windows\system32\drivers\seu3mdm2.sys [?]
S3 seu3nd5;Sony Ericsson MD400g Mobile Broadband Network Adapter (NDIS);c:\windows\system32\drivers\seu3nd5.sys --> c:\windows\system32\drivers\seu3nd5.sys [?]
S3 seu3unic;Sony Ericsson MD400g Mobile Broadband Network Adapter (WDM);c:\windows\system32\drivers\seu3unic.sys --> c:\windows\system32\drivers\seu3unic.sys [?]
S3 seu4gps;Sony Ericsson GPS Port;c:\windows\system32\drivers\seu3gps.sys --> c:\windows\system32\drivers\seu3gps.sys [?]
S3 Sony_EricssonWWSC;Sony Ericsson PC SC Port;c:\windows\system32\drivers\seu3scard.sys --> c:\windows\system32\drivers\seu3scard.sys [?]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\shaw secure\anti-virus\win2k\fsfilter.sys [2010-7-5 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\shaw secure\anti-virus\win2k\fsrec.sys [2010-7-5 25184]
.
=============== Created Last 30 ================
.
2011-07-24 03:04:56 -------- d-----w- c:\program files\Graboid
2011-07-21 04:23:08 102400 ----a-r- c:\documents and settings\yvonne sward\application data\microsoft\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}\ARPPRODUCTICON.exe
2011-07-18 13:38:05 -------- d-----w- c:\documents and settings\yvonne sward\application data\SUPERAntiSpyware.com
2011-07-18 13:38:05 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-07-18 13:37:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-15 03:39:22 -------- d-----w- c:\documents and settings\yvonne sward\.frostwire5
2011-07-15 03:37:56 -------- d-----w- c:\program files\FrostWire 5
2011-07-14 04:12:42 -------- d-----w- c:\program files\iPod
2011-07-14 04:12:38 -------- d-----w- c:\program files\iTunes
2011-07-14 03:55:18 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-07-14 03:55:18 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-07-14 03:54:51 -------- d-----w- c:\program files\Bonjour
2011-06-30 00:31:03 -------- d-----w- c:\program files\DTCLibrary
.
==================== Find3M ====================
.
2011-07-26 04:51:01 21064 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-07-07 02:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-07 02:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-30 19:32:21 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-15 03:21:12 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-08 19:52:16 103784 ----a-w- c:\documents and settings\yvonne sward\GoToAssistDownloadHelper.exe
2011-05-03 03:47:02 0 --sha-w- c:\documents and settings\all users\application data\yue.exe
2011-05-03 03:47:02 0 --sha-w- c:\documents and settings\all users\application data\wuc.exe
2011-05-03 03:47:02 0 --sha-w- c:\documents and settings\all users\application data\vvl.exe
2011-05-03 03:47:02 0 --sha-w- c:\documents and settings\all users\application data\dbe.exe
2011-05-03 03:47:02 0 --sha-w- c:\documents and settings\all users\application data\ail.exe
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:27 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
============= FINISH: 23:04:53.18 ===============

I have tried Malwaresantibyte program and superspy malware removal program and neither have removed the blank icon. When you click on the icon nothing happens. It doesn't cause a problem but it is an annoyance. I also have a hyjackthis log if you want it.

Thanks for your assistance.
camero409
Active Member
 
Posts: 1
Joined: July 26th, 2011, 1:59 am
Advertisement
Register to Remove

Re: Malware Protection Icon Still Showing after Removal comp

Unread postby askey127 » July 28th, 2011, 6:38 pm

camero409,
-----------------------------------------------
Please Note Our Policy on the Use of P2P (Person to Person / Peer to Peer) file sharing programs
It is posted here: http://malwareremoval.com/forum/viewtopic.php?p=491394#p491394
As a condition of receiving our help, I have included the P2P program Frostwire in the removal instructions below, so we are not wasting our time.
If you have used this, and your computer is infected, you can be fairly confident this is a principal reason.

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Frostwire, Vuze, Shareaza, Bitlord.
(Limewire has been shut down by the courts).
Criminals have "planted" thousands upon thousands of infections in the "free" shared files.
Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

Ad-Aware
FrostWire 5.0.8
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 21
Java(TM) 6 Update 7

Take extra care in answering questions posed by any Uninstaller.
------------------------------------------------------------
Download and Install the latest version of Java Runtime Environment from here : http://java.sun.com/javase/downloads/index.jsp, and install it to your computer.
In the first section on the page, labeled JDK 6 Update 26 (JDK or JRE), click on the button labeled Download JRE. Do NOT choose the button labeled "Download JDK".
If it won't allow you to get past the "Agree to the license" dialog, you will need to set your browser to temporarily allow scripts.
Check the button to agree to the license
Select the link for your Platform Windows x86 offline (or Windows 64-bit if your machine is 64-bit), and click it.
Download it, choose Save, and save it to your desktop.
Then doubleclick it on your desktop, (or right click and choose "Run as administrator" in Vista/Win7) and it will install the newest version of Java for you to use.
During the Installation, be sure to UNCHECK any offer for McAfee Security Scan Plus(It's just adware) or any extra toolbars.
When it finishes, you can remove the Installer from your desktop.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • Double click on the icon to run it.
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Malware Protection Icon Still Showing after Removal comp

Unread postby askey127 » July 31st, 2011, 6:25 pm

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Malware Protection Icon Still Showing after Removal comp

Unread postby askey127 » August 1st, 2011, 8:32 am

Topic Re-Opened at the request of the poster.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Malware Protection Icon Still Showing after Removal comp

Unread postby askey127 » August 5th, 2011, 7:57 am

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 44 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware