TechSpot

Unable to Delete File From Desktop

Resolved
By VvWolverinevV
Feb 5, 2011
Topic Status:
Not open for further replies.
  1. Hi :)

    I'm cleaning this Dell laptop as a favor. The biggest symptom I can see is a file on the desktop that I am not able to delete. The error message when I try to delete it is something to the effect of "[Unable to access the volume or device]". Please find the logs pasted below. Is the computer clean?


    Symantec AntiVirus Corporate Edition 10
    (no findings)


    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5685

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    2/5/2011 3:10:39 PM
    mbam-log-2011-02-05 (15-10-39).txt

    Scan type: Quick scan
    Objects scanned: 139582
    Time elapsed: 8 minute(s), 30 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 7
    Registry Values Infected: 4
    Registry Data Items Infected: 1
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\documents and settings\Ara\application data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.


    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit quick scan 2011-02-05 15:23:04
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST912081 rev.3.AD
    Running: 2kz4g8od.exe; Driver: C:\DOCUME~1\Ara\LOCALS~1\Temp\uxtyiaog.sys


    ---- Devices - GMER 1.0.15 ----

    Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

    AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

    ---- EOF - GMER 1.0.15 ----


    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Ara at 15:28:43.87 on Sat 02/05/2011
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2350 [GMT -5:00]

    AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\PixArt\PAC7311\Monitor.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\PhoTags Express\Photags AutoDetect.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Documents and Settings\Ara\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = https://my.rutgers.edu/portal
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
    mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Google Update] "c:\documents and settings\ara\local settings\application data\google\update\GoogleUpdate.exe" /c
    mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /installquiet
    mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
    mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
    mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [PAC7311_Monitor] c:\windows\pixart\pac7311\Monitor.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\photag~1.lnk - c:\program files\photags express\Photags AutoDetect.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Notify: NavLogon - c:\windows\system32\NavLogon.dll
    AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    LSA: Authentication Packages = msv1_0 nwprovau

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\ara\applic~1\mozilla\firefox\profiles\s4l4libi.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=100000000000000002&tb_oid=07-07-2009&tb_mrud=07-07-2010
    FF - prefs.js: browser.startup.homepage - hxxp://gmail.com/
    FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&tb_uuid=100000000000000002&tb_oid=07-07-2009&tb_mrud=07-07-2010&query=
    FF - plugin: c:\documents and settings\ara\application data\move networks\plugins\npqmp071505000010.dll
    FF - plugin: c:\documents and settings\ara\application data\move networks\plugins\npqmp071505000011.dll
    FF - plugin: c:\documents and settings\ara\application data\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\documents and settings\ara\application data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\documents and settings\ara\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
    FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\ara\application data\Move Networks

    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    FF - user.js: browser.sessionstore.resume_from_crash - false
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
    ============= SERVICES / DRIVERS ===============

    R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]
    R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
    R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-7-19 192160]
    R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-7-19 169632]
    R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-9-27 1813232]
    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-1-24 24652]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]
    R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110205.002\naveng.sys [2011-2-5 86008]
    R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110205.002\navex15.sys [2011-2-5 1360760]
    S0 cerc6;cerc6; [x]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 EraserUtilDrv11010;EraserUtilDrv11010;\??\c:\program files\common files\symantec shared\eengine\eraserutildrv11010.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrv11010.sys [?]
    S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-2-19 30192]
    S3 PAC7311;PC VGA Camera;c:\windows\system32\drivers\PA707UCM.SYS [2010-3-7 449024]
    S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-9-27 116464]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

    =============== Created Last 30 ================

    2011-02-05 19:59:52 -------- d-----w- c:\docume~1\ara\applic~1\Malwarebytes
    2011-02-05 19:59:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-02-05 19:59:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2011-02-05 19:59:37 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-02-05 19:59:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-02-05 17:13:53 -------- d-----w- c:\windows\system32\winrm
    2011-02-05 17:13:47 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
    2011-02-05 16:59:28 -------- d-----w- c:\docume~1\ara\locals~1\applic~1\ApplicationHistory
    2011-02-05 16:38:00 -------- d-sh--w- c:\documents and settings\ara\PrivacIE
    2011-02-05 16:35:14 -------- d-sh--w- c:\documents and settings\ara\IETldCache
    2011-02-05 16:16:50 -------- d-----w- c:\program files\common files\Windows Live
    2011-02-05 16:14:41 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
    2011-02-05 16:13:32 -------- d-----w- c:\windows\ie8updates
    2011-02-05 16:13:17 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
    2011-02-05 16:13:16 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
    2011-02-05 16:13:16 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
    2011-02-05 16:11:49 -------- dc-h--w- c:\windows\ie8
    2011-02-05 15:57:45 -------- d-----w- c:\windows\system32\XPSViewer
    2011-02-05 15:57:05 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2011-02-05 15:56:41 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2011-02-05 15:56:41 117760 ------w- c:\windows\system32\prntvpt.dll
    2011-02-05 15:56:40 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2011-02-05 15:56:40 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2011-02-05 15:56:40 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2011-02-05 15:56:40 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2011-02-05 15:56:40 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2011-02-05 15:56:40 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2011-02-05 15:56:39 -------- d-----w- C:\d922c995927a91e91940
    2011-02-05 15:48:49 -------- d-----w- c:\docume~1\ara\applic~1\Windows Desktop Search
    2011-02-05 15:47:41 -------- d-----w- c:\windows\system32\GroupPolicy
    2011-02-05 15:47:41 -------- d-----w- c:\program files\Windows Desktop Search
    2011-02-05 15:46:10 -------- d-----w- c:\program files\Windows Media Connect 2
    2011-02-05 15:43:36 -------- d-----w- c:\windows\system32\LogFiles
    2011-02-05 15:40:38 -------- d-----w- c:\windows\system32\URTTemp
    2011-02-05 15:09:32 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
    2011-02-05 15:09:32 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
    2011-02-05 15:09:32 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
    2011-02-05 15:09:32 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
    2011-02-05 15:09:31 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
    2011-02-05 15:09:31 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
    2011-02-05 15:09:31 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
    2011-02-05 15:09:31 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll

    ==================== Find3M ====================

    2010-11-27 23:31:20 2146304 ----a-w- c:\windows\system32\python31.dll
    2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
    2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll

    ============= FINISH: 15:30:00.53 ===============


    DDS (Ver_10-12-12.02)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume3
    Install Date: 1/24/2009 12:58:47 PM
    System Uptime: 2/5/2011 3:12:02 PM (0 hours ago)

    Motherboard: Dell Inc. | | 0WM416
    Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz | Microprocessor | 778/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 110 GiB total, 73.471 GiB free.
    D: is FIXED (NTFS) - 2 GiB total, 1.126 GiB free.
    E: is CDROM (UDF)

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP363: 11/7/2010 3:51:29 PM - System Checkpoint
    RP364: 11/8/2010 5:19:33 PM - System Checkpoint
    RP365: 11/10/2010 7:40:35 AM - System Checkpoint
    RP366: 11/11/2010 7:22:42 AM - Software Distribution Service 3.0
    RP367: 11/12/2010 9:47:23 AM - System Checkpoint
    RP368: 11/13/2010 12:55:44 PM - System Checkpoint
    RP369: 11/15/2010 5:32:45 PM - System Checkpoint
    RP370: 11/16/2010 6:34:54 PM - System Checkpoint
    RP371: 11/17/2010 7:30:11 PM - System Checkpoint
    RP372: 11/18/2010 8:58:23 PM - System Checkpoint
    RP373: 11/20/2010 9:10:24 PM - System Checkpoint
    RP374: 11/23/2010 8:40:54 AM - System Checkpoint
    RP375: 11/28/2010 5:54:05 PM - System Checkpoint
    RP376: 11/30/2010 8:32:15 PM - System Checkpoint
    RP377: 12/1/2010 10:50:34 PM - System Checkpoint
    RP378: 12/5/2010 10:01:32 AM - System Checkpoint
    RP379: 12/7/2010 7:36:11 PM - System Checkpoint
    RP380: 12/9/2010 5:47:26 PM - System Checkpoint
    RP381: 12/10/2010 8:31:26 PM - System Checkpoint
    RP382: 12/11/2010 9:06:41 PM - System Checkpoint
    RP383: 12/13/2010 7:52:39 PM - Removed Ask Toolbar.
    RP384: 12/15/2010 7:41:22 PM - Installed Python 3.1.3
    RP385: 12/16/2010 11:55:33 AM - Software Distribution Service 3.0
    RP386: 12/19/2010 2:23:37 PM - System Checkpoint
    RP387: 12/22/2010 10:02:36 PM - System Checkpoint
    RP388: 12/23/2010 11:53:37 PM - System Checkpoint
    RP389: 12/26/2010 1:40:46 PM - System Checkpoint
    RP390: 12/27/2010 2:58:43 PM - System Checkpoint
    RP391: 12/28/2010 8:58:23 PM - System Checkpoint
    RP392: 12/29/2010 11:22:18 AM - Configured Microsoft Office Professional Plus 2007
    RP393: 12/30/2010 7:47:46 AM - Software Distribution Service 3.0
    RP394: 1/2/2011 8:53:16 PM - Software Distribution Service 3.0
    RP395: 1/6/2011 7:39:43 AM - Software Distribution Service 3.0
    RP396: 1/7/2011 8:11:20 PM - System Checkpoint
    RP397: 1/8/2011 8:51:05 PM - System Checkpoint
    RP398: 1/10/2011 7:59:44 PM - System Checkpoint
    RP399: 1/11/2011 9:37:53 PM - Software Distribution Service 3.0
    RP400: 1/12/2011 10:24:44 PM - System Checkpoint
    RP401: 1/17/2011 9:26:50 PM - System Checkpoint
    RP402: 1/18/2011 9:40:53 PM - System Checkpoint
    RP403: 1/19/2011 9:45:41 PM - System Checkpoint
    RP404: 1/22/2011 6:34:41 PM - System Checkpoint
    RP405: 1/23/2011 6:52:09 PM - System Checkpoint
    RP406: 1/24/2011 10:03:33 PM - System Checkpoint
    RP407: 1/27/2011 11:44:04 AM - System Checkpoint
    RP408: 1/28/2011 7:32:09 PM - System Checkpoint
    RP409: 1/31/2011 8:41:43 PM - System Checkpoint
    RP410: 2/1/2011 9:00:46 PM - System Checkpoint
    RP411: 2/3/2011 2:02:30 PM - System Checkpoint
    RP412: 2/5/2011 9:59:53 AM - Software Distribution Service 3.0
    RP413: 2/5/2011 10:17:26 AM - Software Distribution Service 3.0
    RP414: 2/5/2011 10:23:59 AM - Software Distribution Service 3.0
    RP415: 2/5/2011 10:40:24 AM - Software Distribution Service 3.0
    RP416: 2/5/2011 11:35:35 AM - Printer Driver Microsoft XPS Document Writer Installed
    RP417: 2/5/2011 11:53:48 AM - Software Distribution Service 3.0
    RP418: 2/5/2011 12:51:35 PM - Software Distribution Service 3.0
    RP419: 2/5/2011 12:55:07 PM - Software Distribution Service 3.0

    ==== Installed Programs ======================

    32 Bit HP BiDi Channel Components Installer
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9
    AIM 7
    AIM Toolbar
    Alarm 2.0.4
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Bonjour
    Broadcom Gigabit Integrated Controller
    Conexant HDA D330 MDC V.92 Modem
    Dell Resource CD
    Dell Wireless WLAN Card
    Documents To Go Desktop for iPhone
    Download Updater (AOL LLC)
    Foxit Reader
    Google Chrome
    Google Desktop
    Google Talk Plugin
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB915800-v4)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    IrfanView (remove only)
    iTunes
    Java(TM) 6 Update 13
    LiveUpdate 3.1 (Symantec Corporation)
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    MobileMe Control Panel
    Move Media Player
    Mozilla Firefox (3.6.13)
    MSN
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nike+ Mini Screen Saver
    NVIDIA Drivers
    OGA Notifier 2.0.0048.0
    Oz776 SCR Driver V1.1.4.2
    PC VGA Camer@
    PhoTags Express
    PowerDVD
    Python 3.1.3
    QuickTime
    Roxio Activation Module
    Roxio Creator Audio
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator DE
    Roxio Creator Tools
    Roxio Update Manager
    Safari
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2289158)
    Security Update for 2007 Microsoft Office System (KB2344875)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2345035)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Security Update for Windows Internet Explorer 7 (KB2360131)
    Security Update for Windows Internet Explorer 7 (KB2416400)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Search 4 - KB963093
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2183461)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360131)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2416400)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371-v2)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972260)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974455)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB976325)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982381)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Shutterfly Express Uploader
    SigmaTel Audio
    Sonic CinePlayer Decoder Pack
    Symantec AntiVirus
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office Outlook 2007 (KB2412171)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Microsoft Windows (KB971513)
    Update for Outlook 2007 Junk Email Filter (KB2483110)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update for Windows XP (KB976749)
    Update for Windows XP (KB978207)
    Update for Windows XP (KB980182)
    Viewpoint Media Player
    VLC media player 1.0.1
    WebFldrs XP
    Willis - Medical Terminology A Programmed Approach
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Management Framework Core
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Search 4.0

    ==== Event Viewer Messages From Past Week ========

    2/5/2011 2:48:06 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
    2/5/2011 2:48:02 PM, error: Service Control Manager [7034] - The Viewpoint Manager Service service terminated unexpectedly. It has done this 1 time(s).
    2/5/2011 2:48:00 PM, error: Service Control Manager [7034] - The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s).
    2/5/2011 2:47:59 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
    2/5/2011 2:47:59 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    2/5/2011 2:47:59 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
    2/5/2011 2:47:58 PM, error: Service Control Manager [7034] - The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s).
    2/5/2011 2:47:58 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    2/5/2011 11:15:54 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x800f020b: Hewlett-Packard - Printing - HP LaserJet P3005.
    2/5/2011 10:48:54 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Update for WMDRM-enabled Media Players (KB902344).
    2/1/2011 11:38:20 AM, error: Dhcp [1002] - The IP address lease 172.20.21.17 for the Network Card with network address 00225F5F2F80 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    1/30/2011 10:38:32 AM, error: Dhcp [1002] - The IP address lease 172.20.21.17 for the Network Card with network address 00225F5F2F80 has been denied by the DHCP server 172.20.21.1 (The DHCP Server sent a DHCPNACK message).
    1/29/2011 9:50:48 AM, error: Dhcp [1002] - The IP address lease 172.20.21.17 for the Network Card with network address 00225F5F2F80 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

    ==== End Of File ===========================
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Okay then- Welcome to this part of the board! Close as I could get to a 'wolverine!
    [​IMG]

    You probably know the drill by now- although you have to wait for me to tell you to do it!

    Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
    =====================================
    Download Combofix to your desktop from one of these locations:
    Link 1
    Link 2
    • Double click combofix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Query- Recovery Console image
      [​IMG]
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
      [​IMG]
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes it will open a text window. Please paste that log in your next reply.
    Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    =============================
    Java is way out of dat! Current is v6u23:
    Check this site> Java Updates Uninstall any earlier versions in Add/Remove Programs as they are vulnerabilities for the system. (I see v6u13)

    Also, friend is running both Adobe Reader and FoxIt Reader for PDF files. I recommend uninstalling Adobe Reader (and all it's bloat!) in Add/Remove Programs. FoxIt will handle the PDF files- without the bloat!
  3. VvWolverinevV

    VvWolverinevV TS Enthusiast Topic Starter Posts: 120

    The ESET scan didn't find anything, but ComboFix removed that file from the desktop! Please find the ComboFix log pasted below. Is the computer clean?


    ComboFix 11-02-05.01 - Ara 02/06/2011 8:31.1.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2365 [GMT -5:00]
    Running from: c:\documents and settings\Ara\Desktop\ComboFix.exe
    AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Start Menu\Programs\PC VGA Camer@
    c:\documents and settings\All Users\Start Menu\Programs\PC VGA Camer@ \Amcap.lnk
    c:\documents and settings\All Users\Start Menu\Programs\PC VGA Camer@ \Uninstall.lnk
    c:\documents and settings\Ara\Desktop\[Torrentsworld.net] - Ghosts of Girlfriends Past (2009) DvDrip TS HQ-OR.torrent

    .
    ((((((((((((((((((((((((( Files Created from 2011-01-06 to 2011-02-06 )))))))))))))))))))))))))))))))
    .

    2011-02-05 21:17 . 2011-02-05 21:17 -------- d-----w- c:\documents and settings\Ara\Local Settings\Application Data\WMTools Downloaded Files
    2011-02-05 21:15 . 2011-02-05 21:15 -------- d-----w- c:\program files\Common Files\Adobe
    2011-02-05 21:04 . 2011-02-05 21:04 -------- d-----w- c:\program files\Common Files\Java
    2011-02-05 21:03 . 2010-11-12 23:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-02-05 21:03 . 2010-11-12 23:53 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
    2011-02-05 20:32 . 2011-02-05 20:32 -------- d--h--w- c:\windows\PIF
    2011-02-05 19:59 . 2011-02-05 19:59 -------- d-----w- c:\documents and settings\Ara\Application Data\Malwarebytes
    2011-02-05 19:59 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-02-05 19:59 . 2011-02-05 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2011-02-05 19:59 . 2011-02-05 19:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-02-05 19:59 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-02-05 18:23 . 2011-02-05 18:35 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
    2011-02-05 17:56 . 2011-02-05 17:56 -------- d-----w- c:\program files\Microsoft.NET
    2011-02-05 17:13 . 2011-02-05 17:13 -------- d-----w- c:\windows\system32\winrm
    2011-02-05 17:13 . 2011-02-05 17:14 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
    2011-02-05 16:59 . 2011-02-05 17:54 -------- d-----w- c:\documents and settings\Ara\Local Settings\Application Data\ApplicationHistory
    2011-02-05 16:38 . 2011-02-05 16:38 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
    2011-02-05 16:38 . 2011-02-05 16:38 -------- d-sh--w- c:\documents and settings\Ara\PrivacIE
    2011-02-05 16:35 . 2011-02-05 16:35 -------- d-sh--w- c:\documents and settings\Ara\IETldCache
    2011-02-05 16:16 . 2011-02-05 16:16 -------- d-----w- c:\program files\Common Files\Windows Live
    2011-02-05 16:14 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
    2011-02-05 16:13 . 2010-11-06 00:26 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
    2011-02-05 16:13 . 2010-11-06 00:26 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
    2011-02-05 16:13 . 2010-11-06 00:26 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
    2011-02-05 16:11 . 2011-02-05 16:12 -------- dc-h--w- c:\windows\ie8
    2011-02-05 15:57 . 2011-02-05 15:57 -------- d-----w- c:\windows\system32\XPSViewer
    2011-02-05 15:57 . 2011-02-05 15:57 -------- d-----w- c:\program files\Reference Assemblies
    2011-02-05 15:57 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2011-02-05 15:56 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2011-02-05 15:56 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2011-02-05 15:56 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2011-02-05 15:56 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2011-02-05 15:56 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2011-02-05 15:56 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2011-02-05 15:56 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2011-02-05 15:56 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2011-02-05 15:56 . 2011-02-05 15:57 -------- d-----w- C:\d922c995927a91e91940
    2011-02-05 15:48 . 2011-02-05 15:48 -------- d-----w- c:\documents and settings\Ara\Application Data\Windows Desktop Search
    2011-02-05 15:47 . 2011-02-05 17:43 -------- d-----w- c:\program files\Windows Desktop Search
    2011-02-05 15:47 . 2011-02-05 15:47 -------- d-----w- c:\windows\system32\GroupPolicy
    2011-02-05 15:46 . 2011-02-05 15:46 -------- d-----w- c:\program files\Windows Media Connect 2
    2011-02-05 15:43 . 2011-02-05 15:44 -------- d-----w- c:\windows\system32\drivers\UMDF
    2011-02-05 15:43 . 2011-02-05 15:43 -------- d-----w- c:\windows\system32\LogFiles
    2011-02-05 15:40 . 2011-02-05 15:41 -------- d-----w- c:\windows\system32\URTTemp
    2011-02-05 15:09 . 2010-11-06 00:26 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
    2011-02-05 15:09 . 2010-11-06 00:26 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
    2011-02-05 15:09 . 2010-11-06 00:26 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
    2011-02-05 15:09 . 2010-10-21 12:11 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
    2011-02-05 15:09 . 2010-11-06 00:26 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
    2011-02-05 15:09 . 2009-03-08 09:31 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
    2011-02-05 15:09 . 2009-03-08 09:11 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
    2011-02-05 15:09 . 2009-02-07 02:07 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-11-27 23:31 . 2010-11-27 23:31 2146304 ----a-w- c:\windows\system32\python31.dll
    2010-11-18 18:12 . 2009-01-24 17:54 81920 ----a-w- c:\windows\system32\isign32.dll
    2010-11-12 21:34 . 2009-04-04 03:55 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
    2010-08-04 01:30 . 2009-02-19 15:45 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
    "Google Update"="c:\documents and settings\Ara\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-11 136176]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-10-10 2183168]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-29 8429568]
    "nwiz"="nwiz.exe" [2007-04-29 1626112]
    "NVHotkey"="nvHotkey.dll" [2007-04-29 67584]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-29 81920]
    "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
    "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-20 52896]
    "vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-09-28 125168]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-04 30192]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "PAC7311_Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-18 421160]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Photags AutoDetect.lnk - c:\program files\PhoTags Express\Photags AutoDetect.exe [2010-3-7 364544]
    Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\AIM\\aim.exe"=
    "c:\\WINDOWS\\system32\\sessmgr.exe"=
    "c:\\Documents and Settings\\Ara\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/24/2009 4:46 PM 24652]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/28/2010 7:02 PM 102448]
    S0 cerc6;cerc6; [x]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
    S3 EraserUtilDrv11010;EraserUtilDrv11010;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11010.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11010.sys [?]
    S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2/19/2009 10:44 AM 30192]
    S3 PAC7311;PC VGA Camera;c:\windows\system32\drivers\PA707UCM.SYS [3/7/2010 1:08 PM 449024]
    S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [9/27/2006 8:33 PM 116464]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [4/14/2008 7:00 AM 14336]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    WINRM REG_MULTI_SZ WINRM
    .
    Contents of the 'Scheduled Tasks' folder

    2011-02-01 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

    2011-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1547161642-1801674531-1003Core.job
    - c:\documents and settings\Ara\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-11 01:14]

    2011-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1547161642-1801674531-1003UA.job
    - c:\documents and settings\Ara\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-11 01:14]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = https://my.rutgers.edu/portal
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    FF - ProfilePath - c:\documents and settings\Ara\Application Data\Mozilla\Firefox\Profiles\s4l4libi.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=100000000000000002&tb_oid=07-07-2009&tb_mrud=07-07-2010
    FF - prefs.js: browser.startup.homepage - hxxp://gmail.com/
    FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&tb_uuid=100000000000000002&tb_oid=07-07-2009&tb_mrud=07-07-2010&query=
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\Ara\Application Data\Move Networks
    FF - user.js: yahoo.homepage.dontask - true
    FF - user.js: browser.sessionstore.resume_from_crash - false
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
    .
    - - - - ORPHANS REMOVED - - - -

    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    HKLM-Run-SigmatelSysTrayApp - %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
    AddRemove-Alarm_is1 - c:\program files\Alarm\unins000.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-02-06 08:42
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'explorer.exe'(2652)
    c:\windows\system32\WININET.dll
    c:\program files\Windows Desktop Search\deskbar.dll
    c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
    c:\program files\Windows Desktop Search\dbres.dll
    c:\program files\Windows Desktop Search\wordwheel.dll
    c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
    c:\program files\Windows Desktop Search\msnlExtRes.dll
    c:\windows\system32\ieframe.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
    c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
    c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\windows\System32\WLTRYSVC.EXE
    c:\windows\System32\bcmwltry.exe
    c:\windows\System32\SCardSvr.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Symantec AntiVirus\DefWatch.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\system32\nvsvc32.exe
    c:\program files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
    c:\program files\Symantec AntiVirus\Rtvscan.exe
    c:\windows\system32\SearchIndexer.exe
    c:\windows\system32\wscntfy.exe
    c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe
    c:\windows\system32\rundll32.exe
    c:\windows\system32\RUNDLL32.EXE
    c:\program files\iPod\bin\iPodService.exe
    .
    **************************************************************************
    .
    Completion time: 2011-02-06 08:48:45 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-02-06 13:48

    Pre-Run: 78,935,818,240 bytes free
    Post-Run: 78,830,940,160 bytes free

    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

    - - End Of File - - 2007172F94A043BADCDD93B459CD1A1B
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Please run this Custom CFScript:

    • [1]. Close any open browsers.
      [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3]. Open notepad> click on Format> Uncheck 'Word Wrap'> and copy/paste the text in the code below into it:Be sure to scroll down to include ALL lines.
    Code:
    File::
    c:\program files\Viewpoint\Common\ViewpointService.exe
    Extra::
    File::
    c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    Firefox::
    Firefox-: - Profile- c:\documents and settings\Ara\Application Data\Mozilla\Firefox\Profiles\s4l4libi.default\
    Registry::
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=-
    Driver::
    Viewpoint Manager Service
    cerc6
    
    Save this as CFScript.txt, in the same location as ComboFix.exe
    [​IMG]

    Referring to the picture above, drag CFScript into ComboFix.exe

    When finished, it will produce a log for you at C:\ComboFix.txt . Please paste in your next reply.
    ====================
    Please uninstall any entry for Viewpoint Manager in Add/Remove Progtams.
    =====================
    Please update Java: Check this site .Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs as they are vulnerabilities for the system.
    ====================
    Download HijackThis and save to your desktop.
    • Extract it to a directory on your hard drive called c:\HijackThis.
    • Then navigate to that directory and double-click on the hijackthis.exe file.
    • When started click on the Scan button and then the Save Log button to create a log of your information.
    • The log file and then the log will open in notepad. Be sure to click on Format> Uncheck Word Wrap when you open Notepad
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and paste (Ctrl+V) the log in your next reply.

    NOTE: Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
  5. VvWolverinevV

    VvWolverinevV TS Enthusiast Topic Starter Posts: 120

    Thanks Bobbye :) I will have to do this in a few weeks as I will not have access to the infected computer until then.
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Okay. Closing thread.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.