Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Virus shutting down IE and Outlook-Strange icon on desktop

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Virus shutting down IE and Outlook-Strange icon on desktop

Unread postby jillo1013 » December 28th, 2011, 1:27 pm

Thank you for helping me remove whatever is affecting my computer. It's frustrating to say the least! I was running avast but it shut it down recently. Did uninstall/reinstall Avast and ran a full scan yesterday. It located the viruses, but after moving them to the chest, I didn't know what else to do. That in itself seemed to cause the symptoms of the virus to be worse.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17:36 PM, on 12/28/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windstream\Diagnostic Tools\HsdService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windstream\Service Agent\ServicepointService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Windstream\Service Agent\Windstream Service Agent.exe
C:\Program Files\Windstream\Diagnostic Tools\DiagnosticTools.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Jill\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Documents and Settings\Jill\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Documents and Settings\Jill\Application Data\Dropbox\bin\Dropbox.exe
C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Program Files\Windstream\Service Agent\Windstream Service AgentComHandler.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windstream.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [Windstream Service Agent.exe] "C:\Program Files\Windstream\Service Agent\Windstream Service Agent.exe" /AUTORUN
O4 - HKLM\..\Run: [DiagnosticTools.exe] "C:\Program Files\Windstream\Diagnostic Tools\DiagnosticTools.exe" /AUTORUN
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Jill\Local Settings\Application Data\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-21-2085009153-3855714761-1712164351-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Robbie')
O4 - HKUS\S-1-5-21-2085009153-3855714761-1712164351-1008\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Robbie')
O4 - HKUS\S-1-5-21-2085009153-3855714761-1712164351-1008\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (User 'Robbie')
O4 - HKUS\S-1-5-21-2085009153-3855714761-1712164351-1008\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" (User 'Robbie')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Jill\Application Data\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://www.support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://gsn.worldwinner.com/games/v47/sh ... Loader.cab
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} (TPIR Control) - http://www.worldwinner.com/games/v50/tpir/tpir.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d ... o-eula.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.1.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Fac ... oader3.cab
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} (SpiderSolitaire Control) - http://www.worldwinner.com/games/v56/sp ... itaire.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HsdService - Windstream - C:\Program Files\Windstream\Diagnostic Tools\HsdService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ServicepointService - Radialpoint SafeCare Inc. - C:\Program Files\Windstream\Service Agent\ServicepointService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 16157 bytes
jillo1013
Active Member
 
Posts: 13
Joined: December 28th, 2011, 1:22 pm
Advertisement
Register to Remove

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby Scolabar » December 30th, 2011, 5:24 am

Hi jillo1013,

Firstly, welcome to the Malware Removal Forum. :)
My name is Scolabar, and I'll be helping you with your malware problems.
Logs can take a while to research, so please be patient.
If you no longer require help i would be grateful if you would let me know.

Please note the following important guidelines before proceeding:
  1. The instructions that will be provided are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable
    !
  2. If you have any questions or do not understand something, please do not hesitate to ask, don't guess or assume.
  3. Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  4. Only reply to this thread, do not start another. Please, continue responding, until I give you the All Clean.
    Absence of symptoms does not necessarily mean that everything is clear.
  5. DO NOT run any other fix or removal tools unless instructed to do so!
  6. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  7. Print each set of instructions, if possible. Your Internet connection will not be available during some fix processes.
  8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  9. Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Please Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

In light of this, it would be advisable for you to back up any important files and folders that you don't want to lose before we start.


If you follow these guidelines, things should proceed smoothly. :)
I am currently reviewing your log and will return, as soon as possible, with additional instructions.

Thank you for your patience.

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby Scolabar » December 30th, 2011, 7:07 am

Hi jillo1013,

Thank you again for your patience. :)

Please read these instructions carefully before executing and perform the steps, in the order given.
lf you have any questions about or problems with, executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before we proceed please make sure any open programs are closed.

Step 1:
Business Use Computer?

Entries in the logs you have provided lead me to believe that this computer may be being used for business purposes.
Please could you confirm whether or not this is the case? If not, please proceed with Step 2 and clarify for what purposes this computer is used in your next post.

Step 2:
DDS

Please download DDS by sUBs. Save it to your Desktop.
Alternate download links: here and here.

Note: Disable any script blocking software you have running before running DDS.

  1. Double-click the DDS tool to run the program.
  2. A black screen will open. Read the contents but do nothing.
  3. When DDS finishes Notepad will open two reports ... DDS.txt and Attach.txt.
    Ignore the comments about zipping/attaching any of the report files.
    The two report files are not saved anywhere. If you close Notepad before copying and pasting the contents, you will need to run DDS again.
  4. Copy and Paste the contents of both the DDS.txt and Attach.txt reports into your next reply.

Step 3:
Security Check

  1. Please download Security Check by screen317 and Save it to your Desktop.
    Alternate download site: Link 2
  2. Double-click on the SecurityCheck.exe icon to run the program.
  3. Press the Space Bar when you see the Press any key to continue... message.
    Please Note: This scan will take a short while to complete, so please be patient.
  4. When the scan has completed, a Notepad file will automatically open called checkup.txt.
  5. Save the file checkup.txt to your Desktop.
    Please Note: This output file is NOT automatically saved!
  6. Then Copy and Paste the entire contents of the checkup.txt file into your next reply.

Step 4:
MGA Diagnostics

  1. Please download this tool from Microsoft and Save it to your Desktop.
  2. Double-click on the MGADiag.exe icon to launch the program.
  3. Click on the Continue button to proceed.
  4. The program will now run. It will take a short while to complete its diagnosis, please be patient.
  5. When it has finished click on the Copy button.
  6. Open Notepad by clicking Start > Run, type in Notepad then click OK.
  7. Paste the copied contents into the new Notepad window and Save the file as mgadiag.txt to your Desktop.
  8. Click on the OK button to exit the MGA Diagnostics program.
  9. Then Copy and Paste the entire contents of mgadiag.txt into your next reply.

Step 5:
Include in Next Post

  1. Did you have any problems carrying out the instructions?
  2. Is this computer used for business purposes? If not, please clarify for what purposes the computer is used.
  3. DDS.txt.
  4. Attach.txt.
  5. checkup.txt.
  6. mgadiag.txt.
  7. Do you have the original Windows installation media for your PC?

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby jillo1013 » December 30th, 2011, 8:39 pm

Hello,
Thank you for working with me on my problem. It's slowed me down to say the least. Currently, I am still trying to back up my files. It's elapsed 7 hours with 22 more to go. Is that normal? I don't remember it taking this long. Therefore, I have not moved on to your other post.

To answer your question, I use my computer for publishing and media work for my church. When you say business use, can you be more specific? I don't have a network.

Jill
jillo1013
Active Member
 
Posts: 13
Joined: December 28th, 2011, 1:22 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby Scolabar » December 31st, 2011, 1:33 pm

Hi Jill,

jillo1013 wrote:Currently, I am still trying to back up my files. It's elapsed 7 hours with 22 more to go. Is that normal?
No, that's not normal. What media are you trying to backup to?

jillo1013 wrote:To answer your question, I use my computer for publishing and media work for my church. When you say business use, can you be more specific?
Is the work you do for the church paid or unpaid?

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby jillo1013 » December 31st, 2011, 5:16 pm

My work for the church is unpaid.

I just walked through the backup process again, and it ran 3 hours with 18 to go. I was trying to backup to my external hard drive.
jillo1013
Active Member
 
Posts: 13
Joined: December 28th, 2011, 1:22 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby jillo1013 » December 31st, 2011, 11:29 pm

1. The only problems I had with these instructions were the delay in backing up and having to turn off avast to run the dds.
2. I answered about business above but I also do Mary Kay cosmetics on the side. I work full time outside the home. Is that a problem?
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 8/6/2006 11:47:07 PM
System Uptime: 12/29/2011 12:37:02 PM (58 hours ago)
.
Motherboard: Dell Inc. | | 0HJ054
Processor: Intel(R) Pentium(R) D CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 145 GiB total, 36.359 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
M: is FIXED (NTFS) - 1863 GiB total, 1332.221 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: TI Technologies Inc.
Description: RADEON X600 256MB HyperMemory Secondary
Device ID: PCI\VEN_1002&DEV_5B72&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Manufacturer: ATI Technologies Inc.
Name: RADEON X600 256MB HyperMemory Secondary
PNP Device ID: PCI\VEN_1002&DEV_5B72&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Service: ati2mtag
.
==== System Restore Points ===================
.
RP1604: 10/1/2011 9:20:38 AM - System Checkpoint
RP1605: 10/2/2011 1:57:34 PM - System Checkpoint
RP1606: 10/4/2011 11:03:40 PM - System Checkpoint
RP1607: 10/5/2011 11:39:27 PM - System Checkpoint
RP1608: 10/8/2011 9:44:14 PM - System Checkpoint
RP1609: 10/9/2011 9:56:52 PM - System Checkpoint
RP1610: 10/10/2011 10:39:30 PM - System Checkpoint
RP1611: 10/11/2011 11:22:34 PM - System Checkpoint
RP1612: 10/13/2011 1:15:51 AM - System Checkpoint
RP1613: 10/13/2011 3:00:27 AM - Software Distribution Service 3.0
RP1614: 10/14/2011 6:57:40 AM - System Checkpoint
RP1615: 10/15/2011 8:23:28 AM - System Checkpoint
RP1616: 10/16/2011 10:54:48 AM - System Checkpoint
RP1617: 10/18/2011 7:03:16 AM - System Checkpoint
RP1618: 10/20/2011 5:14:49 AM - System Checkpoint
RP1619: 10/21/2011 6:55:44 AM - System Checkpoint
RP1620: 10/22/2011 8:01:47 AM - System Checkpoint
RP1621: 10/23/2011 8:10:04 AM - System Checkpoint
RP1622: 10/24/2011 12:02:06 PM - System Checkpoint
RP1623: 10/26/2011 9:09:23 PM - Installed Windows XP -- Software Updates KB952011.
RP1624: 10/28/2011 1:21:17 PM - System Checkpoint
RP1625: 10/29/2011 2:09:34 PM - System Checkpoint
RP1626: 10/30/2011 4:58:08 PM - System Checkpoint
RP1627: 10/31/2011 5:26:47 PM - System Checkpoint
RP1628: 11/2/2011 5:59:56 PM - System Checkpoint
RP1629: 11/4/2011 10:15:21 PM - System Checkpoint
RP1630: 11/5/2011 11:12:15 PM - System Checkpoint
RP1631: 11/7/2011 12:22:13 AM - System Checkpoint
RP1632: 11/8/2011 2:54:27 AM - System Checkpoint
RP1633: 11/9/2011 5:32:58 AM - System Checkpoint
RP1634: 11/10/2011 3:00:42 AM - Software Distribution Service 3.0
RP1635: 11/11/2011 3:00:36 AM - Software Distribution Service 3.0
RP1636: 11/12/2011 3:23:57 AM - System Checkpoint
RP1637: 11/13/2011 4:41:37 AM - System Checkpoint
RP1638: 11/14/2011 7:31:55 PM - Installed QuickTime
RP1639: 11/16/2011 2:39:48 AM - System Checkpoint
RP1640: 11/17/2011 4:53:34 AM - System Checkpoint
RP1641: 11/18/2011 7:10:01 AM - System Checkpoint
RP1642: 11/21/2011 4:54:44 PM - System Checkpoint
RP1643: 11/22/2011 5:21:16 PM - System Checkpoint
RP1644: 11/24/2011 1:10:44 AM - System Checkpoint
RP1645: 11/25/2011 12:22:06 PM - System Checkpoint
RP1646: 11/26/2011 1:30:23 PM - System Checkpoint
RP1647: 11/27/2011 1:54:42 PM - System Checkpoint
RP1648: 11/28/2011 8:09:55 PM - System Checkpoint
RP1649: 11/29/2011 9:45:22 PM - System Checkpoint
RP1650: 11/30/2011 10:15:34 PM - System Checkpoint
RP1651: 12/3/2011 7:23:19 AM - System Checkpoint
RP1652: 12/4/2011 8:06:24 AM - System Checkpoint
RP1653: 12/5/2011 9:52:10 AM - System Checkpoint
RP1654: 12/6/2011 6:01:31 PM - System Checkpoint
RP1655: 12/7/2011 6:11:51 PM - System Checkpoint
RP1656: 12/9/2011 6:57:47 AM - System Checkpoint
RP1657: 12/10/2011 7:07:25 AM - System Checkpoint
RP1658: 12/10/2011 8:59:27 AM - Installed HiJackThis
RP1659: 12/10/2011 11:57:01 PM - Removed HiJackThis
RP1660: 12/12/2011 12:44:11 AM - System Checkpoint
RP1661: 12/13/2011 9:26:55 AM - System Checkpoint
RP1662: 12/14/2011 10:06:00 AM - System Checkpoint
RP1663: 12/15/2011 3:00:50 AM - Software Distribution Service 3.0
RP1664: 12/16/2011 4:58:06 AM - System Checkpoint
RP1665: 12/17/2011 7:20:04 PM - System Checkpoint
RP1666: 12/18/2011 7:33:42 PM - System Checkpoint
RP1667: 12/20/2011 5:54:26 AM - System Checkpoint
RP1668: 12/22/2011 7:00:13 AM - System Checkpoint
RP1669: 12/23/2011 7:33:42 AM - System Checkpoint
RP1670: 12/24/2011 7:45:29 AM - System Checkpoint
RP1671: 12/25/2011 8:34:49 AM - System Checkpoint
RP1672: 12/26/2011 9:11:02 AM - System Checkpoint
RP1673: 12/27/2011 9:53:45 AM - System Checkpoint
RP1674: 12/27/2011 10:18:35 AM - avast! Free Antivirus Setup
RP1675: 12/27/2011 10:27:43 AM - Installed HiJackThis
RP1676: 12/27/2011 10:48:48 AM - ARO 2011 - Before Installation
RP1677: 12/27/2011 10:49:10 AM - ARO 2011 - FIRST RUN
RP1678: 12/27/2011 11:01:03 AM - ARO 2011 Tue, Dec 27, 11 11:00
RP1679: 12/27/2011 11:26:58 AM - Removed EducateU
RP1680: 12/27/2011 11:28:30 AM - Removed Netflix Movie Viewer
RP1681: 12/27/2011 11:30:03 AM - Removed YouTube Downloader Toolbar v4.9.
RP1682: 12/27/2011 11:43:14 AM - avast! Free Antivirus Setup
RP1683: 12/28/2011 11:54:13 AM - System Checkpoint
RP1684: 12/29/2011 12:04:19 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
32 bit Windows Card Reader Driver
924PLC32
ABBYY FineReader 6.0 Sprint
Ad-Aware 2007
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.3.1
Adobe Shockwave Player
AIM 7
Akamai NetSession Interface
Akamai NetSession Interface Service
Amazon MP3 Downloader 1.0.12
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 3
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
avast! Free Antivirus
BasicCents
Bonjour
BufferChm
C4400
C4400_Help
CameraHelperMsi
Canon Camera Access Library
Canon Digital Camera Solution Disk 40-46 Software Starter Guide
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon PowerShot A1100 IS Camera User Guide
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Cards_Calendar_OrderGift_DoMorePlugout
CD - DVD Publishing Service
CinepPlayer 30 Update
Cinescore Studio 1.0
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Copy
Creative MediaSource
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Download Manager
Dell Driver Download Manager - 1
Dell Driver Reset Tool
Dell Media Experience
Dell System Restore
DellConnect
DellSupport
Destination Component
DeviceDiscovery
DeviceManagementQFolder
Digital Content Portal
Digital Line Detect
DocProc
DocProcQFolder
Documentation & Support Launcher
Download Updater (AOL LLC)
Dropbox
ELIcon
erLT
eSupportQFolder
Facebook Plug-In
Google Earth
Google Update Helper
GPBaseService
GPBaseService2
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix 2050 for SQL Server 2000 ENU (KB948110)
Hotfix 2055 for SQL Server 2000 ENU (KB960082)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 11.0
HP Imaging Device Functions 11.0
HP Photosmart C4400 All-In-One Driver Software 11.0 Rel .3
HP Photosmart Essential 3.5
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
iTunes
J2SE Runtime Environment 5.0 Update 2
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 17
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Learn2 Player (Uninstall Only)
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
MarketResearch
McAfee Security Scan Plus
MCU
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft DirectX SDK (November 2008)
Microsoft Easy Assist
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office PowerPoint Template Creation Wizard
Microsoft Office Small Business Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WinUsb 2.0
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
MobileMe Control Panel
Modem Helper
Mozilla Firefox (3.5.19)
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser
Musicmatch for Windows Media Player
NetActive Launcher
NetWaiting
NewBlue Cartoonr for Vegas
NewBlue VideoFX MSPP
OCR Software by I.R.I.S. 11.0
PanoStandAlone
Pinnacle Instant DVD Recorder
PS_AIO_03_C4400_ProductContext
PS_AIO_03_C4400_Software
PS_AIO_03_C4400_Software_Min
PSSWCORE
QuickTime
Radialpoint Security Advisor 2.5.15
Radialpoint Servicepoint Dashboard Extensions version 11.7.24.5
RealPlayer
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Safari
Savings Bond Wizard
Scan
Search Assist
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shop for HP Supplies
SigmaTel Audio
Skype Toolbars
SmartWebPrinting
SolutionCenter
Sonic Activation Module
Sonic Advanced Decoder
Sonic Update Manager
Sony DVD Architect Studio 4.5
Sony Sound Forge Audio Studio 9.0
Spelling Dictionaries Support For Adobe Reader 8
Status
Time Zone Data Update Tool for Microsoft Office Outlook
TomTom HOME 2.8.2.2264
TomTom HOME Visual Studio Merge Modules
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB960763)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URL Assistant
Vegas Movie Studio Platinum 9.0b
VideoToolkit01
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
WebReg
Windows Backup Utility
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
Windstream Broadband Check-up Center
Windstream Diagnostic Tools 3.0.21
Windstream Service Agent 4.1.10
WinRAR archiver
Wondershare DVD Slideshow Builder Deluxe(Build 6.1.1.44)
Yahoo! Internet Mail
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
12/31/2011 12:18:25 PM, error: VolSnap [20] - The shadow copy of volume M: was aborted because of a failed free space computation.
12/30/2011 10:56:34 AM, error: Removable Storage Service [111] - RSM could not load media in drive Drive 0 of library TEAC USB HS-SD Card USB Device.
12/28/2011 8:48:27 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.
12/27/2011 11:27:00 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
12/27/2011 10:22:58 AM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
.
==== End Of File ===========================

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Run by Jill at 22:17:31 on 2011-12-31
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2183 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Windstream\Diagnostic Tools\HsdService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Windstream\Service Agent\ServicepointService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Windstream\Service Agent\Windstream Service Agent.exe
C:\Program Files\Windstream\Diagnostic Tools\DiagnosticTools.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Jill\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Documents and Settings\Jill\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\rsmsink.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.windstream.net/
uSearch Bar =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [MoneyAgent] "c:\program files\microsoft money\system\mnyexpr.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Akamai NetSession Interface] "c:\documents and settings\jill\local settings\application data\akamai\netsession_win.exe"
mRun: [AudioDrvEmulator] "c:\program files\creative\shared files\module loader\dllml.exe" -1 audiodrvemulator "c:\program files\creative\shared files\module loader\audio emulator\AudDrvEm.dll"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [Windstream Service Agent.exe] "c:\program files\windstream\service agent\Windstream Service Agent.exe" /AUTORUN
mRun: [DiagnosticTools.exe] "c:\program files\windstream\diagnostic tools\DiagnosticTools.exe" /AUTORUN
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
dRunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy'
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\jill\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\jill\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://www.support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/produ ... wsdc32.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/200 ... oader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} - hxxp://gsn.worldwinner.com/games/v47/sh ... Loader.cab
DPF: {1D082E71-DF20-4AAF-863B-596428C49874} - hxxp://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxp://a516.g.akamai.net/f/516/25175/7d ... o-eula.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdat ... /opuc3.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/v ... .2.4.1.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/share ... insctl.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/Fac ... oader3.cab
DPF: {61900274-3323-4446-BDCD-91548D32AF1B} - hxxp://www.worldwinner.com/games/v56/sp ... itaire.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdat ... /opuc4.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
TCP: DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{23619039-C929-4F3E-95B5-9D4EDE332247} : DhcpNameServer = 192.168.254.254 192.168.254.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jill\application data\mozilla\firefox\profiles\f1a7voaw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.startup.homepage - hxxp://www.marykayintouch.com/
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8 ... &ilc=12&p=
FF - component: c:\documents and settings\jill\application data\mozilla\firefox\profiles\f1a7voaw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - component: c:\documents and settings\jill\application data\mozilla\firefox\profiles\f1a7voaw.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}\components\MailUtil.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll
FF - plugin: c:\documents and settings\jill\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\jill\application data\mozilla\firefox\profiles\f1a7voaw.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\program files\canon\zoombrowser ex\program\NPCIG.dll
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nphssb.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nptgeqplugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: AIM Toolbar: {c2f863cd-0429-48c7-bb54-db756a951760} - %profile%\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
FF - user.js: dom.disable_open_during_load - false // Popupblocker control handled by McAfee Privacy Service
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-27 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-27 314456]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2007-7-20 557056]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-10 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-27 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-27 44768]
R2 HsdService;HsdService;c:\program files\windstream\diagnostic tools\HsdService.exe [2011-9-15 1393976]
R3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2011-4-1 20448]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-1-8 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-1-8 135664]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 yeddef;YEDDEF driver;c:\windows\system32\drivers\yeddef.sys --> c:\windows\system32\drivers\yeddef.sys [?]
.
=============== Created Last 30 ================
.
2011-12-28 13:31:03 -------- d-----w- C:\spoolerlogs
2011-12-27 16:43:42 435032 ------w- c:\windows\system32\drivers\aswSnx.sys
2011-12-27 16:43:27 41184 ------w- c:\windows\avastSS.scr
2011-12-27 16:43:14 -------- d-----w- c:\program files\AVAST Software
2011-12-27 15:27:51 388096 ------r- c:\documents and settings\jill\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-12-27 15:27:48 -------- d-----w- c:\program files\Trend Micro
2011-12-10 14:11:14 205072 ------w- c:\windows\system32\drivers\tmcomm.sys
.
==================== Find3M ====================
.
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ------w- c:\windows\system32\html.iec
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-24 19:29:02 94208 ------w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29:02 69632 ------w- c:\windows\system32\QuickTime.qts
2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
============= FINISH: 22:18:40.93 ===============

Results of screen317's Security Check version 0.99.30
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Free Antivirus
McAfee Security Scan Plus
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Java(TM) 6 Update 17
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java 2 Runtime Environment, SE v1.4.2_03
Java version out of date!
Adobe Flash Player 10.3.183.7 Flash Player out of Date!
Adobe Reader 8 Adobe Reader out of date!
Mozilla Firefox (3.5.19) Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
system32 AvastUI.exe -?-
``````````End of Log````````````

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-GD6GR-K6DP3-4C8MT
Windows Product Key Hash: s2kt66ZJWfV4nS1wFD5F9bxTSDw=
Windows Product ID: 76477-OEM-2111907-00102
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010300.3.0.hom
ID: {DFF177A8-A3E4-47E1-B63A-BAE04EB34D94}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.7.18.5
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Small Business Edition 2003 - 100 Genuine
OGA Version: Registered, 1.6.20.0
Signed By: Microsoft
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{DFF177A8-A3E4-47E1-B63A-BAE04EB34D94}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.3.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-4C8MT</PKey><PID>76477-OEM-2111907-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-2085009153-3855714761-1712164351</SID><SYSTEM><Manufacturer>Dell Inc. </Manufacturer><Model>Dell DM051 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc. </Manufacturer><Version>A07</Version><SMBIOSVersion major="2" minor="3"/><Date>20070108000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>43B2316F0184E076</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Dimension DM051</name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.18.5"/><File Name="WgaLogon.dll" Version="1.7.18.5"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91CA0409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Small Business Edition 2003</Name><Ver>11</Ver><Val>B6D60A363BDEF1C</Val><Hash>Kzoqni8gtCvSJz+wquPTf15982Y=</Hash><Pid>70160-OEM-5691016-95179</Pid><PidType>6</PidType></Product></Products><Applications><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="19" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1AC4E:Dell Inc|1AC4E:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A
jillo1013
Active Member
 
Posts: 13
Joined: December 28th, 2011, 1:22 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby Scolabar » January 1st, 2012, 11:12 am

Hi jillo1013,

Thank you for the logs and feedback. :)

12/31/2011 12:18:25 PM, error: VolSnap [20] - The shadow copy of volume M: was aborted because of a failed free space computation.
It would appear that the issues you are experiencing attempting to backup your data may be related to this error. How much data are you trying to backup and how much free space is there left on the external drive?

Again, please remember to read the instructions below carefully before executing and perform the steps, in the order given.
If you have any questions about or problems executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before we proceed please make sure any open programs are closed.

Step 1:
Computer Problem(s) - Details

Please explain in more detail what the computer problem(s) are that you were/still are encountering.
The description does not need to be technically detailed, but if your computer has given you any Error Codes or flashed up any messages, then the exact wording of them can be very useful. Please provide the description in your next post.

Step 2:
Avast! Scan Report

I would like to see the contents of the Avast! Scan Report which shows the infections cleaned up.
I am hoping you should be able to retrieve the log using the following instructions, provided the process of reinstalling the software has not removed the logs:

  1. Right-click on the orange Avast! icon in the system tray and select Open Avast! User Interface.
  2. In the left pane, click on Scan Computer and then click on Scan Logs which will appear below.
  3. Find and Open the latest report under the Completed Scans list. It should be dated 27th December.
  4. Please Copy and Paste the contents of that Avast! Anti-Virus Scan Report into your next reply.

Step 3:
Disable Avast! Realtime Protection

We need to temporarily disable Avast! realtime protection as follows:

  1. Right-click on the orange Avast! icon in the system tray and select avast! shields control.
  2. Select the Disable until computer is restarted option.
  3. Then click on the OK button in the subsequent pop-up alert window.
    Note:The Avast! realtime protection will now be temporarily disabled.

Step 4:
OTL - Scan

  1. Please download OTL by Old Timer. Save it to your Desktop.
  2. Double-click on OTL.exe to run the program.
  3. Under Output, ensure that the Standard Output option is selected.
  4. Under the Extra Registry section, select the Use SafeList option.
  5. Click the Scan All Users checkbox.
    Note: Please leave the remaining selections on the default settings.
  6. Click on Run Scan at the top left hand corner.
  7. When done, two Notepad files will automatically open:
    • OTL.txt <-- Will be opened, maximized.
    • Extras.txt <-- Will be minimized on task bar.
  8. Please Copy and Paste the entire contents of both OTL.txt and Extras.txt files into your next reply.

Step 5:
TDSSKiller

  1. Please download TDSSKiller.exe by Kaspersky and save it to your Desktop. <-Important!!!
  2. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    If TDSSKiller does not run rename the program file. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  3. Click the Start Scan button. Do not use the computer during the scan!
  4. If the scan completes with nothing found, click Close to exit.
  5. If malicious objects are found, they will show in the Scan results - Select action for found objects and offer 3 options.
    • Ensure Cure (default) is selected and then click Continue > Reboot now to finish the cleaning process.
  6. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C:).
  7. Copy and Paste the entire contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt file into your next reply.

Step 6:
Re-enable Avast! Realtime Protection

Remember to re-enable Avast! realtime protection as follows:

  1. Right-click on the orange Avast! icon in the system tray and select avast! shields control.
  2. Select the Enable all shields option.
    Note:The Avast! realtime protection will now be re-enabled.

    Alternatively, you can simply restart your computer to re-enable Avast! realtime protection.

Step 7:
Include in Next Post

  1. Did you have any problems carrying out the instructions?
  2. How much data are you trying to backup and how much free space is there left on the external drive?
  3. Please provide a description of the computer problem(s) you have been encountering.
  4. Avast! Anti-Virus Scan Report.
  5. OTL.txt.
  6. Extras.txt.
  7. TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt.

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby jillo1013 » January 1st, 2012, 12:51 pm

Question about tdsskiller renaming. When I open it, there is nothing about renaming it. It shows start scan. If I right click, rename and chose a .com name, it gives me an error about being unstable. Is that what you want me to do?
jillo1013
Active Member
 
Posts: 13
Joined: December 28th, 2011, 1:22 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby Scolabar » January 2nd, 2012, 5:19 am

Hi jillo1013,

Did you try running TDSSKiller without renaming the program file and did it fail to run? If not, please try running the program as per the instructions.

To rename the file all you should need to do is right-click on the file itself while it is closed, select Rename from the pop-up menu, type in the new name and apply the change;)

Please let me know what the exact error message is when you try to rename the TDSSKiller program file.
Do you get this error message when you right-click and try to rename the program in the open program window?

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby jillo1013 » January 2nd, 2012, 10:11 am

1. My computer is not giving me any error codes. The problems started when I noticed an odd icon on my desktop. Avast had shut down, and we were going very slow. As time passed, I could not print and mozilla wouldn't open. Now, outlook won't open at all.

2. I opened the scan log, but could not figure out a way to copy/paste, nor could I do a print screen to show you. A full system scan and a boot scan were done that day. The full system scan reveals 7 severe viruses that start with win32 and have [trj] at the end. The other is a trojan but says INI: cycbot-gen [trj]. The last one is other:malware-gen.
jillo1013
Active Member
 
Posts: 13
Joined: December 28th, 2011, 1:22 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby jillo1013 » January 2nd, 2012, 10:22 am

3. Will not allow me to post or attach

4.
OTL Extras logfile created on: 1/1/2012 11:28:19 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Jill\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 70.27% Memory free
4.84 Gb Paging File | 3.53 Gb Available in Paging File | 72.99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.80 Gb Total Space | 36.34 Gb Free Space | 25.09% Space Free | Partition Type: NTFS
Drive I: | 968.25 Mb Total Space | 966.23 Mb Free Space | 99.79% Space Free | Partition Type: FAT
Drive M: | 1863.01 Gb Total Space | 1332.22 Gb Free Space | 71.51% Space Free | Partition Type: NTFS

Computer Name: DBP3RKB1 | User Name: Jill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-2085009153-3855714761-1712164351-1008\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-2085009153-3855714761-1712164351-1009\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
"C:\Documents and Settings\Jill\Application Data\Facebook\facebook.exe" = C:\Documents and Settings\Jill\Application Data\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook -- ()
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\AIM7\aim.exe" = C:\Program Files\AIM7\aim.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Documents and Settings\Jill\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Jill\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Windstream\Service Agent\ServicepointService.exe" = C:\Program Files\Windstream\Service Agent\ServicepointService.exe:*:Enabled:Servicepoint Service -- (Radialpoint SafeCare Inc.)
"C:\Documents and Settings\Kramer\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Kramer\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Jill\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\Jill\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0915B10F-8597-4FE7-BC4D-EA3E2FDA646A}" = PS_AIO_03_C4400_Software_Min
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{129AB9C2-7A42-4BE2-8903-DF7C22B98128}" = BasicCents
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20207CCE-A8FA-44A7-AA3D-1E43EB307B27}" = Sony Sound Forge Audio Studio 9.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{276E3ECB-E9E9-494E-A3F9-173BAD7D9643}" = C4400
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{46C73DE4-E96D-4F7C-8371-F28052183B12}" = Sonic Advanced Decoder
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CC59DA1-469B-49A5-9F6B-C4D26990294A}" = PS_AIO_03_C4400_ProductContext
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4FC19392-E4A5-4CCB-B45A-AB7E8126D3C9}" = Microsoft Easy Assist
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5A3FEF2D-0E14-412E-869C-421AB373EE43}" = C4400_Help
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6A4908C0-332C-434B-813E-6900E418C058}" = BasicCents
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel(R) PROSet for Wired Connections
"{86732AE7-CB91-4f15-B091-FBA3D3926CD6}" = HP Photosmart C4400 All-In-One Driver Software 11.0 Rel .3
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACECB7C-5EB2-42B3-A2E1-B91878B6C5D7}" = PS_AIO_03_C4400_Software
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94721EA3-7EA6-43EA-B99C-A5D0E3C66240}" = 924PLC32
"{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0b
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3B1D3CE-1B63-42AC-B0B8-2703141578EE}" = Microsoft Office PowerPoint Template Creation Wizard
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B7C7A59F-CF70-481E-A94F-7C2563AA5ADD}" = Sony DVD Architect Studio 4.5
"{BA165460-FCF7-4D6C-A7A2-F2321700720F}" = MobileMe Control Panel
"{BA68600E-96D9-4E92-80F2-26B9681B5A63}" = Microsoft Office Outlook 2003 with Business Contact Manager Update
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}" = Pinnacle Instant DVD Recorder
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41F4616-44B6-4E8D-BFC7-4267862A2CE1}" = CinepPlayer 30 Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6DEE87-1C87-42ED-A108-7369BFE9076F}" = 32 bit Windows Card Reader Driver
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F6C5F1A1-F459-498F-A50A-EE6C80799D3B}" = Cinescore Studio 1.0
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM_7" = AIM 7
"Akamai" = Akamai NetSession Interface Service
"All ATI Software" = ATI - Software Uninstall Utility
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.12
"AOL Connectivity Services" = AOL Connectivity Services
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AOLCoach" = AOL Coach Version 1.0(Build:20040229.1 en)
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CAL" = Canon Camera Access Library
"CameraUserGuide-PSA1100IS" = Canon PowerShot A1100 IS Camera User Guide
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CD - DVD Publishing Service" = CD - DVD Publishing Service
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Citrix ICA Web Client" = MetaFrame Presentation Server Web Client for Win32
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"GTRemote Client" = DellConnect
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft DirectX SDK (November 2008)" = Microsoft DirectX SDK (November 2008)
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.19)" = Mozilla Firefox (3.5.19)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NetActive Launcher" = NetActive Launcher
"NewBlue Cartoonr for Vegas" = NewBlue Cartoonr for Vegas
"NewBlue VideoFX MSPP" = NewBlue VideoFX MSPP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Personal Printing Guide" = Canon Personal Printing Guide
"PhotoStitch" = Canon Utilities PhotoStitch
"PROSet" = Intel(R) PRO Network Connections Drivers
"RadialpointClientGateway_is1" = Windstream Service Agent 4.1.10
"RadialpointHomeSecurityDashboard_is1" = Windstream Diagnostic Tools 3.0.21
"RadialpointSecurityAdvisorService_is1" = Radialpoint Security Advisor 2.5.15
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Savings Bond Wizard" = Savings Bond Wizard
"Shop for HP Supplies" = Shop for HP Supplies
"SoftwareStarterGuide-DCSD40_46" = Canon Digital Camera Solution Disk 40-46 Software Starter Guide
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TomTom HOME" = TomTom HOME 2.8.2.2264
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Windstream_BCUC" = Windstream Broadband Check-up Center
"WinRAR archiver" = WinRAR archiver
"winusb0200" = Microsoft WinUsb 2.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wondershare DVD Slideshow Builder Deluxe_is1" = Wondershare DVD Slideshow Builder Deluxe(Build 6.1.1.44)
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2085009153-3855714761-1712164351-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager - 1
"Facebook Plug-In" = Facebook Plug-In
"RadialpointServicepointDashboardExtensions_is1" = Radialpoint Servicepoint Dashboard Extensions version 11.7.24.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2085009153-3855714761-1712164351-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RadialpointServicepointDashboardExtensions_is1" = Radialpoint Servicepoint Dashboard Extensions version 11.7.24.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2085009153-3855714761-1712164351-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RadialpointServicepointDashboardExtensions_is1" = Radialpoint Servicepoint Dashboard Extensions version 11.7.24.5
"Spotify" = Spotify

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/11/2011 2:08:09 PM | Computer Name = DBP3RKB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 9/14/2011 5:50:19 AM | Computer Name = DBP3RKB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 9/19/2011 5:43:01 AM | Computer Name = DBP3RKB1 | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.

Error - 9/20/2011 5:17:04 PM | Computer Name = DBP3RKB1 | Source = Application Error | ID = 1000
Description = Faulting application aim.exe, version 5.9.6089.0, faulting module
unknown, version 0.0.0.0, fault address 0x1221254f.

Error - 9/25/2011 1:59:25 PM | Computer Name = DBP3RKB1 | Source = Application Hang | ID = 1002
Description = Hanging application MSPUB.EXE, version 11.0.8329.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 9/25/2011 1:59:33 PM | Computer Name = DBP3RKB1 | Source = Application Hang | ID = 1001
Description = Fault bucket -2070935690.

Error - 9/28/2011 11:15:44 PM | Computer Name = DBP3RKB1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x003a0065.

Error - 9/28/2011 11:16:20 PM | Computer Name = DBP3RKB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 12/31/2011 10:38:21 AM | Computer Name = DBP3RKB1 | Source = DCOM | ID = 10010
Description = The server {7379F0FF-EA46-4536-BEF5-68B6B5E54F9B} did not register
with DCOM within the required timeout.

Error - 12/31/2011 10:40:21 AM | Computer Name = DBP3RKB1 | Source = DCOM | ID = 10010
Description = The server {7379F0FF-EA46-4536-BEF5-68B6B5E54F9B} did not register
with DCOM within the required timeout.

Error - 12/31/2011 10:40:51 AM | Computer Name = DBP3RKB1 | Source = DCOM | ID = 10010
Description = The server {7379F0FF-EA46-4536-BEF5-68B6B5E54F9B} did not register
with DCOM within the required timeout.

Error - 12/31/2011 10:41:22 AM | Computer Name = DBP3RKB1 | Source = DCOM | ID = 10010
Description = The server {7379F0FF-EA46-4536-BEF5-68B6B5E54F9B} did not register
with DCOM within the required timeout.

Error - 12/31/2011 10:43:23 AM | Computer Name = DBP3RKB1 | Source = DCOM | ID = 10010
Description = The server {7379F0FF-EA46-4536-BEF5-68B6B5E54F9B} did not register
with DCOM within the required timeout.

Error - 12/31/2011 10:43:53 AM | Computer Name = DBP3RKB1 | Source = DCOM | ID = 10010
Description = The server {7379F0FF-EA46-4536-BEF5-68B6B5E54F9B} did not register
with DCOM within the required timeout.

Error - 12/31/2011 10:44:23 AM | Computer Name = DBP3RKB1 | Source = DCOM | ID = 10010
Description = The server {7379F0FF-EA46-4536-BEF5-68B6B5E54F9B} did not register
with DCOM within the required timeout.

Error - 12/31/2011 1:18:25 PM | Computer Name = DBP3RKB1 | Source = VolSnap | ID = 393236
Description = The shadow copy of volume M: was aborted because of a failed free
space computation.

Error - 12/31/2011 11:07:55 PM | Computer Name = DBP3RKB1 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Spooler service.

Error - 12/31/2011 11:18:03 PM | Computer Name = DBP3RKB1 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Spooler service.


< End of report >
jillo1013
Active Member
 
Posts: 13
Joined: December 28th, 2011, 1:22 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby jillo1013 » January 2nd, 2012, 10:26 am

I had to attach the otl file because everytime I would paste it, my computer would error out.

5. There was nothing found by tdsskiller.
You do not have the required permissions to view the files attached to this post.
jillo1013
Active Member
 
Posts: 13
Joined: December 28th, 2011, 1:22 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby Scolabar » January 2nd, 2012, 12:35 pm

Hi jillo1013,

Thank you for the OTL logs. :)

I really do need to see all the types of infections recorded in the Avast scan logs, where the infections were located along with the results of any actions taken by Avast in relation to those infections.

In each case, please:
  • Write down the date and time of the Avast scan.
  • Write down the full title of the type of infection: for example: WMA/TrojanDownloader.GetCodec.gen trojan.
  • Write down where the infection was located: for example: C:\Program files\Avira\xyz.exe.
  • Write down the result of the Avast scan action completed in relation to the infection. The result should appear in brackets after the infection name for example: (unable to clean).

Please post the information you have written down into your next reply along with the contents of the TDSSKiller log as previously requested. ;)

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Virus shutting down IE and Outlook-Strange icon on deskt

Unread postby jillo1013 » January 3rd, 2012, 8:38 pm

Please bear with me. Last week, I smashed my index finger and can barely type. For me to type all of those viruses is a daunting task. The boot scan has 54 (mostly high messages) and the full scan shows 9. Not to mention how discouraged I am when I figured out I could rerun the scan and save it in a report. After 4 hours last night, a full scan reported 0 viruses!!!

I am going to try again and rerun a boot scan, saving it into a report.

The tdsskiller scan reported no errors and what report it did show was not copyable.

Thanks! I really need to get my machine clean!!
jillo1013
Active Member
 
Posts: 13
Joined: December 28th, 2011, 1:22 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 22 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware