Author Topic: Major Virus  (Read 13265 times)

0 Members and 1 Guest are viewing this topic.

Offline klov43921

  • Jr. Member
  • **
  • Posts: 19
    • View Profile
Major Virus
« on: May 29, 2013, 01:16:12 PM »
Not sure what virus I have but am unable to run Internet Explorer. Unable to run Norton. Unable to restore computer to earlier date. Have run the DDS.scr and Security Check and here are the txts from that.  Appreciate any help. Thanks.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 8/15/2005 1:19:25 PM
System Uptime: 5/28/2013 10:47:49 PM (10 hours ago)
.
Motherboard: Dell Inc.           |  | 0M3918
Processor:               Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 71 GiB total, 4.662 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2443: 3/1/2013 5:01:41 AM - System Checkpoint
RP2444: 3/2/2013 9:47:48 AM - System Checkpoint
RP2445: 3/3/2013 10:46:57 AM - System Checkpoint
RP2446: 3/4/2013 12:10:20 PM - System Checkpoint
RP2447: 3/5/2013 1:19:00 PM - System Checkpoint
RP2448: 3/6/2013 6:09:03 PM - System Checkpoint
RP2449: 3/7/2013 7:14:00 PM - System Checkpoint
RP2450: 3/8/2013 8:19:02 PM - System Checkpoint
RP2451: 3/9/2013 9:36:38 PM - System Checkpoint
RP2452: 3/11/2013 1:43:32 AM - System Checkpoint
RP2453: 3/12/2013 3:41:53 AM - System Checkpoint
RP2454: 3/13/2013 4:48:35 AM - System Checkpoint
RP2455: 3/14/2013 3:00:23 AM - Software Distribution Service 3.0
RP2456: 3/15/2013 8:43:49 AM - System Checkpoint
RP2457: 3/16/2013 9:36:02 AM - System Checkpoint
RP2458: 3/17/2013 11:41:26 AM - System Checkpoint
RP2459: 3/19/2013 7:05:22 AM - System Checkpoint
RP2460: 3/19/2013 7:19:46 AM - Installed iTunes
RP2461: 3/20/2013 3:00:18 AM - Software Distribution Service 3.0
RP2462: 3/21/2013 7:32:21 AM - System Checkpoint
RP2463: 3/22/2013 7:54:04 AM - System Checkpoint
RP2464: 3/24/2013 4:10:56 AM - System Checkpoint
RP2465: 3/25/2013 3:11:25 PM - System Checkpoint
RP2466: 3/26/2013 6:36:06 PM - System Checkpoint
RP2467: 3/28/2013 12:07:14 PM - System Checkpoint
RP2468: 3/29/2013 7:12:57 PM - System Checkpoint
RP2469: 3/30/2013 9:59:52 PM - System Checkpoint
RP2470: 4/2/2013 12:52:49 AM - System Checkpoint
RP2471: 4/3/2013 3:09:34 AM - System Checkpoint
RP2472: 4/4/2013 5:07:06 AM - System Checkpoint
RP2473: 4/5/2013 6:34:33 AM - System Checkpoint
RP2474: 4/8/2013 6:56:47 AM - System Checkpoint
RP2475: 4/9/2013 6:42:08 PM - System Checkpoint
RP2476: 4/11/2013 3:00:20 AM - Software Distribution Service 3.0
RP2477: 4/12/2013 7:50:11 AM - System Checkpoint
RP2478: 4/13/2013 9:29:40 AM - System Checkpoint
RP2479: 4/14/2013 11:53:29 AM - System Checkpoint
RP2480: 4/15/2013 3:24:12 PM - System Checkpoint
RP2481: 4/17/2013 6:59:21 AM - System Checkpoint
RP2482: 4/18/2013 8:37:38 AM - System Checkpoint
RP2483: 4/19/2013 1:59:05 PM - System Checkpoint
RP2484: 4/20/2013 7:38:14 PM - System Checkpoint
RP2485: 4/21/2013 8:04:55 PM - System Checkpoint
RP2486: 4/23/2013 8:16:34 AM - System Checkpoint
RP2487: 4/25/2013 7:41:12 AM - System Checkpoint
RP2488: 4/26/2013 10:33:48 AM - System Checkpoint
RP2489: 4/28/2013 7:37:35 AM - System Checkpoint
RP2490: 4/29/2013 8:41:47 AM - System Checkpoint
RP2491: 4/30/2013 12:12:53 PM - System Checkpoint
RP2492: 5/1/2013 1:08:41 PM - System Checkpoint
RP2493: 5/2/2013 7:30:00 PM - System Checkpoint
RP2494: 5/3/2013 9:44:57 PM - System Checkpoint
RP2495: 5/7/2013 11:18:10 PM - System Checkpoint
RP2496: 5/9/2013 5:25:00 AM - System Checkpoint
RP2497: 5/10/2013 9:40:08 AM - System Checkpoint
RP2498: 5/11/2013 9:43:35 AM - System Checkpoint
RP2499: 5/12/2013 11:02:52 PM - System Checkpoint
RP2500: 5/14/2013 8:29:07 AM - System Checkpoint
RP2501: 5/15/2013 10:19:03 AM - System Checkpoint
RP2502: 5/16/2013 3:00:20 AM - Software Distribution Service 3.0
RP2503: 5/17/2013 4:52:59 AM - System Checkpoint
RP2504: 5/18/2013 5:26:26 AM - System Checkpoint
RP2505: 5/19/2013 9:16:56 PM - System Checkpoint
RP2506: 5/21/2013 12:15:55 AM - System Checkpoint
RP2507: 5/22/2013 7:16:03 AM - System Checkpoint
RP2508: 5/22/2013 9:48:19 AM - Printer Driver PDFCreator Installed
RP2509: 5/22/2013 10:12:23 AM - Removed ASPCA Reminder by We-Care.com v4.1.22.1
RP2510: 5/23/2013 11:42:34 AM - System Checkpoint
RP2511: 5/25/2013 1:19:01 PM - System Checkpoint
RP2512: 5/27/2013 11:33:37 AM - System Checkpoint
RP2513: 5/27/2013 7:50:06 PM - Software Distribution Service 3.0
RP2514: 5/27/2013 8:25:18 PM - Restore Operation
RP2515: 5/28/2013 9:28:24 PM - Restore Operation
RP2516: 5/28/2013 9:42:03 PM - Restore Operation
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Photoshop CS3
Adobe Reader X (10.1.7)
Adobe Setup
Adobe Type Manager 4.0
Age of Mythology
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Display Driver
Bonjour
BUM
Civilization III
Civilization III: Conquests
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Download Manager
Dell Driver Reset Tool
Dell Picture Studio v3.0
Dell Support 3.2.1
Dell Support Center (Support Software)
Dell System Restore
EarthLink setup files
Easy Phone Tunes
Free M4a to MP3 Converter 7.2
Garmin Communicator Plugin with myGarmin Agent
Garmin USB Drivers
GearDrvs
Google Earth
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP eServices Local Prints and Save
Intel(R) 537EP V9x DF PCI Modem
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
iPod To Computer Transfer 4.4
iSEEK AnswerWorks English Runtime
iTunes
Jasc Paint Shop Pro 8
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 29
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
KODAK EASYSHARE Gallery Easy Upload, v2.1
Macromedia Flash Player
MediaWidget 4.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 4.5
MobileMe Control Panel
Modem Event Monitor
Modem Helper
MSN
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML4 Parser
Musicmatch® Jukebox
My Way Search Assistant
Netflix Movie Viewer
Norton 360
Norton PC Checkup
Qualxserve Service Agreement
Quicken 2012
Quicken WillMaker Plus 2009
QuickTime
RealArcade
RealUpgrade 1.0
Rhapsody Player Engine
Risk II
Savings Bond Wizard
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Segoe UI
Sonic RecordNow Copy
Spelling Dictionaries Support For Adobe Reader 8
Stronghold
Stronghold Crusader
TomTom HOME 2.7.6.2056
TomTom HOME Visual Studio Merge Modules
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
WordPerfect Office 12
Yahoo! Photos Easy Upload Tool 1v7
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
5/28/2013 10:43:21 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  ATMhelpr BHDrvx86 eeCtrl Fips intelppm SRTSP SRTSPX SymIRON SYMTDI
5/28/2013 10:42:35 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/27/2013 7:21:02 PM, error: Service Control Manager [7023]  - The Application Management service terminated with the following error:  The specified module could not be found.
5/27/2013 10:29:36 AM, error: ATMhelpr [43]  -
5/26/2013 9:45:14 AM, error: Service Control Manager [7023]  - The Google Updater Service service terminated with the following error:  %%2147942402
.
==== End Of File ===========================


 Results of screen317's Security Check version 0.99.64 
 Windows XP Service Pack 3 x86   
``````````````Antivirus/Firewall Check:``````````````[/u]
 Windows Security Center service is not running! This report may not be accurate!
 Windows Firewall Disabled! 
 Norton 360     
`````````Anti-malware/Other Utilities Check:`````````[/u]
 Java(TM) 6 Update 29 
 Java(TM) 6 Update 3 
 Java(TM) 6 Update 5 
 Java(TM) 6 Update 7 
 Java 2 Runtime Environment, SE v1.4.2_03
 Java version out of Date!
 Adobe Reader 8 Adobe Reader out of Date!
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
````````Process Check: objlist.exe by Laurent````````[/u] 
 Norton ccSvcHst.exe
`````````````````System Health check`````````````````[/u]
 Total Fragmentation on Drive C:: 5%
````````````````````End of Log``````````````````````[/u]


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Mary Klovstad at 8:41:32 on 2013-05-29
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1534.506 [GMT -5:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.6.11\SymcPCCULaunchSvc.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.6.11\ccSvcHst.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.6.11\ccSvcHst.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Mary Klovstad\Application Data\U3\45271211A75285BD\LaunchPad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uInternet Connection Wizard,ShellNext = iexplore
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: <No Name>: {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - LocalServer32 - <no file>
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360\engine\5.2.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360\engine\5.2.2.3\ips\ipsbho.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - <orphaned>
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - LocalServer32 - <no file>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\5.2.2.3\coieplg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\documents and settings\mary klovstad\start menu\programs\startup\PowerReg Scheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-System: NoDispAppearancePage = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: ameritrade.com
Trusted Zone: tdameritrade.com
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxp://www.mpix.com/customer/uploading/activex/ImageUploader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} - hxxp://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{AAB97C13-7DE1-4014-8CC9-EFEBC6FE1DA4} : DHCPNameServer = 192.168.1.1
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502020.003\symds.sys [2012-6-11 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502020.003\symefa.sys [2012-6-11 744568]
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [2010-7-8 4064]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\bashdefs\20130515.001\BHDrvx86.sys [2013-5-20 1000024]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502020.003\ironx86.sys [2012-6-11 136312]
R2 N360;Norton 360;c:\program files\norton 360\engine\5.2.2.3\ccsvchst.exe [2012-6-11 130008]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup\engine\2.0.6.11\SymcPCCULaunchSvc.exe [2010-10-11 177080]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\norton pc checkup\engine\2.0.6.11\ccSvcHst.exe [2010-10-11 126392]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2010-8-24 92008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-10-11 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\ipsdefs\20130528.001\IDSXpx86.sys [2013-5-28 373728]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\virusdefs\20130528.032\NAVENG.SYS [2013-5-29 93272]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\virusdefs\20130528.032\NAVEX15.SYS [2013-5-29 1611992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-5-28 40776]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
2013-05-22 15:10:58   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-22 15:10:58   692104   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-05-08 06:10:12   770384   ----a-w-   c:\windows\system32\msvcr100.dll
2013-04-16 22:17:15   920064   ----a-w-   c:\windows\system32\wininet.dll
2013-04-16 22:17:14   43520   ------w-   c:\windows\system32\licmgr10.dll
2013-04-16 22:17:14   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2013-04-12 23:28:55   385024   ------w-   c:\windows\system32\html.iec
2013-04-10 01:31:19   1876352   ----a-w-   c:\windows\system32\win32k.sys
2013-03-08 08:36:22   293376   ----a-w-   c:\windows\system32\winsrv.dll
2013-03-07 01:32:25   2149888   ----a-w-   c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:30   2028544   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2013-02-28 16:29:20   56   --sh--r-   c:\windows\system32\2A3B073306.sys
2013-02-28 16:29:20   2516   --sha-w-   c:\windows\system32\KGyGaAvL.sys
2006-10-07 14:00:50   774144   -c--a-w-   c:\program files\RngInterstitial.dll
.
============= FINISH:  8:43:25.34 ===============

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19564
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Major Virus
« Reply #1 on: May 29, 2013, 02:07:36 PM »
    Hi, klov43921.  Welcome to LandzDown Forum.

    We will do our best to assist you.  However, in order to do so, please follow all instructions provided in the sequence given.  Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use.  This may cause conflicts with the tools being used in the cleanup process.   

    If you have questions regarding any of the instructions or problems running any tools, please let us know.

    I am not seeing an alternate browser installed on your computer so am a bit confused as to what you meant when you indicated you cannot run Internet Explorer. 

    Let's start by getting the
extremely old and vulnerable versions of Java off your computer.  We'll deal with Adobe Reader a bit later.

Please go to Add/Remove programs and uninstall all Java entries:

Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 29
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7


To get the current version of Java go to http://java.com/en/download/manual.jsp and select the version identified as Windows Offline (32-bit).  Be careful to uncheck any additional options offered.

Please download Malwarebytes' Anti-Malware to your desktop from here.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    -- Update Malwarebytes' Anti-Malware and
    -- Launch Malwarebytes' Anti-Malware
  • Click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, check the following settings:
    -- On the Scanner tab, check Perform quick scan.
    -- On the Settings tab, Scanner Settings, leave the default boxes checked but change the drop-down boxes to Show in results list and check for removal.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
  • Click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See the Note below)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Please post contents of that file in your next reply.

** Note **

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.[/list]


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline klov43921

  • Jr. Member
  • **
  • Posts: 19
    • View Profile
Re: Major Virus
« Reply #2 on: May 29, 2013, 03:08:31 PM »
I'm unable to connect to the internet. When I try to open Internet Explorer it starts and quits immediately.

In trying to remove the Java stuff I receive an error.
The Windows Installer d not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

I am not running in safe mode.

Offline klov43921

  • Jr. Member
  • **
  • Posts: 19
    • View Profile
Re: Major Virus
« Reply #3 on: May 29, 2013, 03:18:51 PM »
I tried to run Mbam from a flash drive on the corrupt computer.  I get this error message:

Run-time error "372":
Failed to load control 'WebBrowser' from ieframe.dll. Your version of ieframe.dll may be outdated. Make sure you are using the version of the control that was provided with your application.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19564
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Major Virus
« Reply #4 on: May 29, 2013, 04:03:49 PM »
Hi, klov43921.

You need MBAM installed on the infected computer.  The installer for Malwarebytes is mbam-setup.exe. This is the executable that can install Malwarebytes on your computer. For instance, you download that executable onto your flash-drive and stick the flash-drive in another system and try running the mbam-setup.exe file, it will work to install Malwarebytes.  Then, install Malwarebytes to a location you wish. Default is :\Program Files\Malwarebytes' Anti-Malware.



Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline klov43921

  • Jr. Member
  • **
  • Posts: 19
    • View Profile
Re: Major Virus
« Reply #5 on: May 29, 2013, 04:17:45 PM »
ran the setup from flashdrive. Got this message:

CoCreateInstance failed; code 0x80040154. Class not registered.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19564
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Major Virus
« Reply #6 on: May 29, 2013, 05:37:04 PM »
I was going to suggest you try Safe Mode with Networking and launch IE via command prompt but I think it would be better to see what Windows Defender Offline can find since it is run by booting from a flash drive or CD/DVD.  Please see the instructions here Setting Up the Microsoft Standalone System Sweeper Beta, Now Windows Defender Offline.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline klov43921

  • Jr. Member
  • **
  • Posts: 19
    • View Profile
Re: Major Virus
« Reply #7 on: May 31, 2013, 11:14:39 AM »
No threats were found with the quick scan.

After running the full scan it detected
Exploit:Java/CVE-2010-0840
SettingsModifier:Win32/PossibleHostsFileHijack
Exploit:Java/CVE-2009-3867
TrojanDownloader:Java/OpenConnection.LM

It removed the cleaned them.

Can I now restart my computer?

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19564
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Major Virus
« Reply #8 on: May 31, 2013, 12:43:11 PM »
Yes, restart your computer.  The Java detection isn't major if that is all that was found.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline klov43921

  • Jr. Member
  • **
  • Posts: 19
    • View Profile
Re: Major Virus
« Reply #9 on: June 01, 2013, 10:33:22 PM »
Restarted computer and does the same thing.
Now what?

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19564
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Major Virus
« Reply #10 on: June 02, 2013, 04:22:58 PM »
Download the tools needed to a flash drive or other removable media, and transfer them to the infected computer.

***************************************************

Download ComboFix from Link 1

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

Note:  If you do not know if you have the Windows Recover Console installed, proceed to running ComboFix.  If you are prompted by ComboFix to install the Recovery Console, return to this step and follow the instructions below.

With malware infections being as they are today, it's strongly recommended to have the Windows Recovery Console pre-installed on your machine before doing any malware removal. 

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Go to Microsoft's website => http://support.microsoft.com/kb/310994

Select the download that's appropriate for your Operating System



Download the file & save it as it's originally named.

---------------------------------------------------------------------

Transfer all files you just downloaded, to the desktop of the infected computer.

--------------------------------------------------------------------

Disable your antivirus and anti-malware security applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray. 

Note:  If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum:  How to disable your security applications.



  • Drag the setup package onto ComboFix.exe and drop it.
  • Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.


  • At the next prompt, click 'Yes' to run the full ComboFix scan.
  • When the tool is finished, it will produce a report for you.
Please post the C:\ComboFix.txt in your next reply.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline klov43921

  • Jr. Member
  • **
  • Posts: 19
    • View Profile
Re: Major Virus
« Reply #11 on: June 02, 2013, 06:22:17 PM »
Here it is:
ComboFix 13-06-02.02 - Mary Klovstad 06/02/2013  13:58:21.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1534.830 [GMT -5:00]
Running from: c:\documents and settings\Mary Klovstad\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Mary Klovstad\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Mary Klovstad\Application Data\PriceGong
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\1.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\3702.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\5352.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\a.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\b.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\c.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\d.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\e.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\f.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\g.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\h.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\i.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\j.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\k.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\l.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\m.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\n.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\o.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\p.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\q.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\r.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\s.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\t.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\u.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\v.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\w.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\x.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\y.txt
c:\documents and settings\Mary Klovstad\Application Data\PriceGong\Data\z.txt
c:\documents and settings\Mary Klovstad\WINDOWS
C:\drvrtmp
c:\windows\system32\SET1ED.tmp
c:\windows\system32\SET1F9.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-02 to 2013-06-02  )))))))))))))))))))))))))))))))
.
.
2013-05-30 04:44 . 2013-06-01 06:21   --------   d-----w-   c:\windows\Microsoft Antimalware
2013-05-29 17:16 . 2013-05-29 17:20   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2013-05-29 17:16 . 2013-04-04 19:50   22856   ----a-w-   c:\windows\system32\drivers\mbam.sys
2013-05-29 02:43 . 2013-06-01 03:14   40776   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2013-05-22 15:00 . 2013-05-22 15:00   --------   d-----w-   c:\documents and settings\All Users\Application Data\APN
2013-05-22 14:43 . 2013-05-08 06:10   421200   ----a-w-   c:\windows\system32\msvcp100.dll
2013-05-22 14:43 . 2013-05-28 00:33   --------   d-----w-   c:\documents and settings\Mary Klovstad\Local Settings\Application Data\MixiDJ_V30
2013-05-22 14:43 . 2013-05-28 00:21   --------   d-----w-   c:\documents and settings\Mary Klovstad\Local Settings\Application Data\Conduit
2013-05-10 07:57 . 2013-05-10 07:57   187456   ----a-w-   c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-22 15:10 . 2012-03-30 12:17   692104   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-05-22 15:10 . 2011-06-08 13:14   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-08 06:10 . 2011-02-19 05:40   770384   ----a-w-   c:\windows\system32\msvcr100.dll
2013-04-16 22:17 . 2004-08-10 17:51   920064   ----a-w-   c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-10 17:51   43520   ------w-   c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-10 17:51   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-10 17:51   385024   ------w-   c:\windows\system32\html.iec
2013-04-10 01:31 . 2004-08-10 17:51   1876352   ----a-w-   c:\windows\system32\win32k.sys
2013-03-08 08:36 . 2004-08-10 17:51   293376   ----a-w-   c:\windows\system32\winsrv.dll
2013-03-07 01:32 . 2004-08-10 17:51   2149888   ----a-w-   c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-04 03:59   2028544   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2006-10-07 14:00 . 2006-10-07 14:00   774144   -c--a-w-   c:\program files\RngInterstitial.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\documents and settings\Mary Klovstad\Start Menu\Programs\Startup\
PowerReg Scheduler.exe [2009-6-8 256000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0502020.003\symds.sys [6/11/2012 7:32 PM 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0502020.003\symefa.sys [6/11/2012 7:32 PM 744568]
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [7/8/2010 7:22 AM 4064]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130515.001\BHDrvx86.sys [5/20/2013 11:20 AM 1000024]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0502020.003\ironx86.sys [6/11/2012 7:32 PM 136312]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\5.2.2.3\ccsvchst.exe [6/11/2012 7:32 PM 130008]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Engine\2.0.6.11\SymcPCCULaunchSvc.exe [10/11/2010 6:17 AM 177080]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Engine\2.0.6.11\ccSvcHst.exe [10/11/2010 6:17 AM 126392]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [8/24/2010 4:38 AM 92008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [10/11/2012 12:43 AM 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130531.001\IDSXpx86.sys [5/31/2013 9:05 PM 373728]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [5/29/2013 12:16 PM 418376]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/29/2013 12:16 PM 701512]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5/29/2013 12:16 PM 22856]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [5/28/2013 9:43 PM 40776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 09:32   128512   ----a-w-   c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 15:11]
.
2013-05-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 17:34]
.
2013-05-23 c:\windows\Tasks\Disk Cleanup.job
- c:\windows\system32\cleanmgr.exe [2004-08-10 00:12]
.
2013-06-01 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-18.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 04:09]
.
2013-06-01 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-13019283-1629566494-648981902-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 04:09]
.
2013-05-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-18.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 04:09]
.
2013-05-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-13019283-1629566494-648981902-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 04:09]
.
2013-06-02 c:\windows\Tasks\User_Feed_Synchronization-{B252565D-3D2D-487D-9220-9A683F78D571}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
Trusted Zone: ameritrade.com
Trusted Zone: tdameritrade.com
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxp://www.mpix.com/customer/uploading/activex/ImageUploader6.cab
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{A057A204-BACC-4D26-CEC4-75A487FD6484} - (no file)
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-02 14:10
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.2.2.3\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCCUJobMgr]
"ImagePath"="\"c:\program files\Norton PC Checkup\Engine\2.0.6.11\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Engine\2.0.6.11\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-06-02  14:15:23
ComboFix-quarantined-files.txt  2013-06-02 19:15
.
Pre-Run: 4,643,528,704 bytes free
Post-Run: 4,795,351,040 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - DBD3085AF32DB1C9A08938E2893DB5A1


Please advice my next step

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19564
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Major Virus
« Reply #12 on: June 02, 2013, 06:50:28 PM »
Are you able to connect to the Internet with this computer now?  If not in Normal Mode, what about Safe Mode with Networking?  Control Panel?


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline klov43921

  • Jr. Member
  • **
  • Posts: 19
    • View Profile
Re: Major Virus
« Reply #13 on: June 02, 2013, 08:14:49 PM »
Still will not connect to internet in normal or safe mode. Still get same error in control panel when trying to remove any of the Java programs.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19564
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Major Virus
« Reply #14 on: June 02, 2013, 09:22:29 PM »
Please download Farbar Service Scanner and run it on the computer with the issue.  Make sure the following options are checked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
Press "Scan".  The tool will create a log (FSS.txt) in the same directory the tool is run.  Please copy and paste the log to your reply.
 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.