Virus is causing a SHDOCWV error?

I'm having a bit of trouble finding that folder. I'm in C:\Windows...but nothing labeled system32.

NEVERMIND! Found it. sorry I seem so inept, I'm just really stressed about this whole thing. Thanks so much for helping me out thus far.

I can't click on your attachments.

Reatogo is telling me there's not enough memory to open the attachment in B: and you open in another. It also won't allow me to open my flash drive, so I dont' know for sure if the txt or the attachment are on it. I get the same message about there not being enough room.

I dragged both your file and the txt file onto the icon for my flash drive. I just can't open my flash drive to confirm that they're on there because I get an error messages saying there's no room. So if I reboot, I can't access them to upload. I tried copying the attachment to the desktop and again I get the error that there is no room. When I try to open it it says "there is not enough room on the disk to save B:\YFFN5a4J.zip.part."

Oh ok. I got confused because when I first made the CD it didn't matter what computer I used. I've been on the bad one still. I'll have to borrow a laptop. I know what to do now.

Almost have everything done. When you say "reboot the PC when it is done" Am I restarting it with the CD or without?

Here's the log. I also saved in to my usb. Restarting without the CD now and I've added the dll to the system32 like you said as well. Here goes nothing.


========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DFC1A8D5-F5A4-453D-BB54-0A886678B9B0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFC1A8D5-F5A4-453D-BB54-0A886678B9B0}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSetActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\Mom_2_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\Mom_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
E:\LaunchU3.exe moved successfully.
C:\Documents and Settings\Mom_2\Local Settings\Application Data\prvlcl.dat moved successfully.
C:\Documents and Settings\Mom\Local Settings\Application Data\prvlcl.dat moved successfully.
C:\WINDOWS\tasks\nyihntpn.job moved successfully.
File C:\Documents and Settings\Mom_2\Local Settings\Application Data\prvlcl.dat not found.
File C:\Documents and Settings\Mom\Local Settings\Application Data\prvlcl.dat not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 346865 bytes
->Temporary Internet Files folder emptied: 402 bytes
->FireFox cache emptied: 92979561 bytes
->Flash cache emptied: 53583 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32969 bytes
->FireFox cache emptied: 4171663 bytes

User: Mom
->Temp folder emptied: 526562534 bytes
->Temporary Internet Files folder emptied: 263853 bytes
->FireFox cache emptied: 200095377 bytes
->Flash cache emptied: 179290 bytes

User: Mom_2
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 92697392 bytes
->Flash cache emptied: 45645 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 89050844 bytes
->Flash cache emptied: 19014 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2471431 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 64672602 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

Total Files Cleaned = 1,026.00 mb


OTLPE by OldTimer - Version 3.1.39.0 log created on 07072010_202106

Ok....there's a new error now. It says that 325 could not be found on the link SHDOCVW.dll. There's still no desktop.

"the original 325 could not be located in the dynamic link library Shdocvw.dll" is what it says. But after I logged off and back on again to replicate the problem the desktop showed up. Everything seems to be working fine now except for the virus that lead me to to the system recovery which led to the desktop problem. Now I can just focus on the virus. Thank you for everything

Ok...I'm going through the list. My particular virus seems to redirect websites, and cause popups. Does this sound like anything you know personally? Just checking.