Jump to content

Desktop icons won't load after running Malwarebytes? DDS.txt and Attach.txt


Recommended Posts

DDS.txt:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by aaron's at 14:57:36 on 2012-05-28

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1012.146 [GMT -6:00]

.

AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Users\aaron's\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\notepad.exe

C:\Windows\system32\rundll32.exe

C:\Users\aaron's\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uWindow Title = Internet Explorer, optimized for Bing and MSN

mStart Page = about:blank

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://my.netzero.net/s/search?r=minisearch

mSearchAssistant =

BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

BHO: {dbc80044-a445-435b-bc74-9c25c1c588a9} - Java™ Plug-In 2 SSV Helper

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

TB: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File

TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

uRun: [Google Update] "c:\users\aaron's\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [ContentTransferWMDetector.exe] c:\program files\sony\content transfer\ContentTransferWMDetector.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

uPolicies-explorer: NoDesktop = 0

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Clean Traces

IE: &Download with &DAP

IE: Download &all with DAP

IE: Download all by YouTube Robot

IE: Download by YouTube Robot

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html

IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB}

IE: {925DAB62-F9AC-4221-806A-057BFB1014AA}

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

Trusted Zone: adobe.com\kb2

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{884CF6F3-CFFC-4BB7-9187-C19679DE6405} : DhcpNameServer = 192.168.0.1

Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-31 435032]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-31 314456]

R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-5-25 27080]

R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2009-4-22 110304]

R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2012-1-2 87968]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-31 20568]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-1-31 55128]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-1-31 44768]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-12-19 21504]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-5-25 22344]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-5-28 40776]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate1c9ee41abc7afe7;Google Update Service (gupdate1c9ee41abc7afe7);c:\program files\google\update\GoogleUpdate.exe [2009-6-15 133104]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-5-25 654408]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-16 257696]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-6-15 133104]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-5-25 27192]

S3 UPnPService;UPnPService;c:\program files\common files\magix shared\upnpservice\UPnPService.exe [2009-4-22 544768]

S3 WnsDrvr;WnsDrvr;c:\windows\system32\drivers\wnsdrvr.sys [2009-6-7 25952]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

JSEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2012-05-28 20:42:24 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-05-28 05:20:19 -------- dc----w- c:\program files\Free Window Registry Repair

2012-05-26 04:57:25 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-05-26 04:57:24 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware

2012-05-26 04:45:37 -------- d-----w- c:\programdata\PC Tools

2012-05-26 04:45:35 -------- d-----w- c:\users\aaron's\appdata\roaming\Product_PT

2012-05-26 03:54:52 -------- dc----w- c:\program files\Defraggler

2012-05-26 01:46:59 -------- d-----w- c:\users\aaron's\appdata\local\VS Revo Group

2012-05-26 01:46:30 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys

2012-05-26 01:46:23 -------- dc----w- c:\program files\VS Revo Group

2012-05-26 01:00:04 27080 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys

2012-05-25 23:55:14 511328 -c--a-w- c:\program files\common files\microsoft shared\capicom\CAPICOM.DLL

2012-05-25 23:45:12 74703 ----a-w- c:\windows\system32\mfc45.dll

2012-05-09 20:22:35 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-05-09 20:22:07 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-05-09 20:21:39 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll

2012-05-09 20:21:39 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll

2012-05-09 20:20:41 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-05-09 20:20:41 1069056 ----a-w- c:\windows\system32\DWrite.dll

2012-05-09 20:20:40 683008 ----a-w- c:\windows\system32\d2d1.dll

2012-05-09 20:20:40 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2012-05-09 20:20:40 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2012-05-09 20:19:41 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-09 20:19:40 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-09 20:19:40 2044928 ----a-w- c:\windows\system32\win32k.sys

2012-05-05 07:02:46 -------- d-----w- c:\programdata\YTD YouTube Downloader & Converter

.

==================== Find3M ====================

.

2012-05-20 01:09:28 1668 ----a-w- c:\windows\system32\ASOROSet.bin

2012-05-05 06:11:12 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-05-05 06:11:12 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-02-29 15:11:45 5120 ----a-w- c:\windows\system32\wmi.dll

2012-02-29 15:11:42 172032 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 15:09:53 157696 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 13:32:37 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys

.

============= FINISH: 14:59:13.63 ===============

Attach.txt:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume3

Install Date: 3/19/2008 1:13:05 PM VIRUS!

System Uptime: 5/28/2012 2:20:53 PM VIRUS! (0 hours ago)

.

Motherboard: Dell Inc. | | 0RY007

Processor: Intel® Celeron® CPU 420 @ 1.60GHz | Socket 775 | 1596/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 139 GiB total, 25.541 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 6.293 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}

Description: USB HS-CF Card

Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_TEAC&PROD_USB___HS-CF_CARD&REV_4.08#00000211DD55&0#

Manufacturer: TEAC

Name: USB HS-CF Card

PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_TEAC&PROD_USB___HS-CF_CARD&REV_4.08#00000211DD55&0#

Service: WUDFRd

.

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}

Description: USB HS-MS Card

Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_TEAC&PROD_USB___HS-MS_CARD&REV_4.08#00000211DD55&2#

Manufacturer: TEAC

Name: USB HS-MS Card

PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_TEAC&PROD_USB___HS-MS_CARD&REV_4.08#00000211DD55&2#

Service: WUDFRd

.

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}

Description: USB HS-SD Card

Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_TEAC&PROD_USB___HS-SD_CARD&REV_4.08#00000211DD55&3#

Manufacturer: TEAC

Name: USB HS-SD Card

PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_TEAC&PROD_USB___HS-SD_CARD&REV_4.08#00000211DD55&3#

Service: WUDFRd

.

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}

Description: USB HS-xD/SM

Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_TEAC&PROD_USB___HS-XD#SM&REV_4.08#00000211DD55&1#

Manufacturer: TEAC

Name: USB HS-xD/SM

PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_TEAC&PROD_USB___HS-XD#SM&REV_4.08#00000211DD55&1#

Service: WUDFRd

.

==== System Restore Points ===================

.

RP1123: 5/27/2012 11:32:46 PM VIRUS! - Made by Regsofts

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

µTorrent

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

avast! Free Antivirus

BufferChm

CCleaner

Conexant D850 PCI V.92 Modem

Content Transfer

ConvertXtoDVD 4.1.19.365

CopyTrans Suite Remove Only

D1500

D1500_Help

Defraggler

DJ_SF_03_D1500_ProductContext

DJ_SF_03_D1500_Software

DJ_SF_03_D1500_Software_Min

Driver Reviver

eSupportQFolder

ffdshow [rev 3154] [2009-12-09]

Free PDF Tablet 0.1

Free Window Registry Repair

Google Chrome

Google Update Helper

GPBaseService

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Deskjet D1500 Printer Driver Software 10.0 Rel .3

HP Solution Center 10.0

HPProductAssistant

Intel® Network Connections 13.5.32.0

LAME v3.98.3 for Audacity

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XML Parser

Modem Diagnostic Tool

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NWZ-E350 WALKMAN Guide

OGA Notifier 2.0.0048.0

QuickConnect

Realtek High Definition Audio Driver

Revo Uninstaller Pro 2.5.8

SA30xx Media Converter

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

SolutionCenter

swMSM

Toolbox

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

WebReg

WinZip 12.1

YTD YouTube Downloader & Converter 3.6

.

==== Event Viewer Messages From Past Week ========

.

5/28/2012 2:58:20 PM VIRUS!, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.

5/28/2012 2:58:01 PM VIRUS!, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

5/28/2012 2:22:54 PM VIRUS!, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

5/28/2012 2:22:54 PM VIRUS!, Error: Service Control Manager [7000] - The SupportSoft RemoteAssist service failed to start due to the following error: The system cannot find the path specified.

5/28/2012 2:22:54 PM VIRUS!, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.

5/27/2012 11:38:35 PM VIRUS!, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

5/27/2012 11:38:35 PM VIRUS!, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

5/27/2012 10:41:07 PM VIRUS!, Error: Service Control Manager [7000] - The SupportSoft RemoteAssist service failed to start due to the following error: The system cannot find the file specified.

5/26/2012 2:09:40 AM VIRUS!, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

5/25/2012 7:55:49 PM VIRUS!, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.

5/25/2012 7:55:49 PM VIRUS!, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/25/2012 7:13:22 PM VIRUS!, Error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 2 time(s).

5/25/2012 7:12:43 PM VIRUS!, Error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites

Still no Icons, try this:

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

I suggest you do this:

Download unhide.exe & save it to your windows folder:

Right click on unhide.exe and select Run as administrator (In case you have Vista or Win7)

Reboot

This will unhide folders/files that were set to be hidden by the infection you had.

Let me know if that solved your problem.

Link to post
Share on other sites

I'm also seeing 2 anti-virus programs

avast! Free Antivirus

AV: Norton 360

Never install more than one Antivirus and Firewall! Rather than giving you extra protection, it will decrease the reliability of it seriously!

The reason for this is that if both products have their automatic (Real-Time) protection switched on, your system may lock up due to both software products attempting to access the same file at the same time.

Also because more than one Antivirus and Firewall installed are not compatible with each other, it can cause system performance problems and a serious system slowdown.

Link to post
Share on other sites

Please do the following to see if it resolves the issue: Post back and let us know please


  • Download and run mbam-clean.exe from here
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here

    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

Link to post
Share on other sites

Good, we're making progress.

Please do not attach the scan results from Combofx. Use copy/paste.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  • Double click on ComboFix.exe & follow the prompts.
    Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
    Note: If you have XP SP3, use the XP SP2 package.
    If Vista or Windows 7, skip the Recovery Console part
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.