Hello!

Okay, I'll try this again. I had a long message typed out and was attaching the DDS reports and I got the blue screen. So long story short, this is my kids computer so I have no idea what happened or how long it has been going on but I got curious a few days ago when I realized none of my kids had been on the computer for a long time. I get on and it is chaos. Fake antivirus messages popping up everywhere, error messages, it was impossible to function. My real antivirus (McAfee) was rendered useless so. Apparently the virus got to that too. I got on safe mode and downloaded MalwareBytes. It found 99 issues including worm.koobface and the following trojans: .Vundo.H, .Hiloti, .BHO, .Ertfor, .Agent, .Zbot, .Dropper, .FakeAlert, and .Banker.

I quarantined everything and deleted it all. I thought my problem was fixed but when I restarted it was worse than before. I tried running MalwareBytes again but it is not working correctly now. I uninstalled it, ran mbam clean, and reinstalled it and it still wont work. During this process I thought maybe my McAfee antivirus was causing the problem so I uninstalled it, it wasn't working anyway. I tried downloading MANY other antivirus programs when I realized I wasnt going to get mbam to work. NONE of them will run. I tried doing an online virus scan, that won't work properly either. Even RootRepeal wont work properly so I don't have that report. When I try to run it the box comes up that says it is initializing for a while then I get the Windows blue screen. Heres the reports I did get. Any help will be very appreciated! Thanks bunches! Jen

PS It wont let me upload the attach file. Let me know if you need it, I'll try to do it from my laptop.

DDS:


DDS (Ver_09-06-26.01) - NTFSx86 NETWORK
Run by Wenninger at 23:45:41.12 on Tue 11/03/2009
Internet Explorer: 8.0.6001.18702

============== Running Processes ===============


============== Pseudo HJT Report ===============

uStart Page = hxxp://www.aol.com/
uDefault_Page_URL = hxxp://www.dellnet.com
uDefault_Search_URL = hxxp://search.msn.com
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = http=localhost:7171
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uURLSearchHooks: FCToolbarURLSearchHook Class: {19a0f032-27d7-4227-bbb5-51aa9e5904f5} -
uURLSearchHooks: H - No File
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No File
BHO: This BHO has been enabled by BHODemon. - No File
TB: Dogpile Toolbar: {c53fe659-316a-4f56-a194-a5be491be866} -
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AOL Fast Start] "c:\program files\aol 9.1\AOL.EXE" -b
uRun: [rundll32.exe]
uRun: [WAB] c:\documents and settings\wenninger\application data\macromedia\common\ec0fe01c19.exe
uRun: [SYSDLL] SYSDLL
uRun: [svchost] c:\documents and settings\wenninger\application data\svcst.exe
uRun: [mserv] c:\documents and settings\wenninger\application data\svcst.exe
uRunOnce: [<NO NAME>] "c:\program files\internet explorer\iexplore.exe" http://www.symantec.com/techsupp/servlet/P...000028.000000D8
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~3.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; IEMB3; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; NET_mmhpset)" -"http://www.cartoonnetwork.com/games/tj/cheesechase/index.html"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [New.net Startup] rundll32 c:\progra~1\newdot~1\NEWDOT~2.DLL,NewDotNetStartup
mRun: [MyWebSearch Plugin] rundll32 c:\progra~1\mywebs~1\bar\2.bin\M3PLUGIN.DLL,UPF
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HostManager] c:\program files\common files\aol\1157574114\ee\AOLSoftware.exe
mRun: [DwlClient] "c:\program files\common files\dell\eusw\Support.exe"
mRun: [DVDSentry] c:\windows\system32\DSentry.exe
mRun: [AdaptecDirectCD] "c:\program files\roxio\easy cd creator 5\directcd\DirectCD.exe"
mRun: [WildTangent CDA] RUNDLL32.exe "c:\program files\wildtangent\apps\cda\cdaEngine0400.dll",cdaEngineMain
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [Microsoft Works Update Detection] "c:\program files\common files\microsoft shared\works shared\WkUFind.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [LimeShop] wjview /cp:p "c:\program files\limeshop\system\code" main lp: "c:\program files\LimeShop"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup
mRun: [Detect Kbd Daemon] SK2000DM.EXE
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc1~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpohmr08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
uPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoColorChoice = 0 (0x0)
uPolicies-system: NoSizeChoice = 0 (0x0)
uPolicies-system: NoVisualStyleChoice = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
uPolicies-system: EnableProfileQuota = 1 (0x1)
mPolicies-explorer: <NO NAME> =
IE:
IE: &AIM Search - c:\program files\aim toolbar\AIMBar.dll/aimsearch.htm
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {DD6687B5-CB43-4211-BFC9-2942CCBDCB3E} - c:\program files\microsoft money\system\mnyside.dll
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: microsoft.com\v5.windowsupdate
Trusted Zone: windowsupdate.com
DPF: Aces Up! by pogo - hxxp://game1.pogo.com/v/8.1.1.1/applet/aces/aces-en_US.cab
DPF: Backgammon by pogo - hxxp://game1.pogo.com/applet-8.0.9.41/backgammon/backgammon-en_US.cab
DPF: Bingo Luau by pogo - hxxp://game1.pogo.com/v/8.1.7.44/applet/freebingo/freebingo-en_US.cab
DPF: Blackjack by pogo - hxxp://game3.pogo.com/v/8.1.7.44/applet/blackjack/blackjack-en_US.cab
DPF: Blackjack Carnival by pogo - hxxp://game1.pogo.com/v/8.1.1.1/applet/vbjack2/vbjack2-en_US.cab
DPF: Blooop by pogo - hxxp://game1.pogo.com/v/8.1.0.23/applet/cascade/cascade-en_US.cab
DPF: Canasta by pogo - hxxp://game1.pogo.com/v/8.1.1.13/applet/canasta/canasta-en_US.cab
DPF: Checkers by pogo - hxxp://game1.pogo.com/applet-8.0.9.41/checkers2/checkers-en_US.cab
DPF: Chess by pogo - hxxp://game1.pogo.com/v/8.1.1.13/applet/chess2/chess2-en_US.cab
DPF: Dice City Roller by pogo - hxxp://game3.pogo.com/v/8.1.9.1/applet/ytz/ytz-en_US.cab
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Dominoes by pogo - hxxp://game1.pogo.com/v/8.1.0.23/applet/domino/domino-en_US.cab
DPF: Double Deuce Poker by pogo - hxxp://game1.pogo.com/v/8.1.1.1/applet/videopoker2/doubledeuce-en_US.cab
DPF: Fortune Bingo by pogo - hxxp://game1.pogo.com/applet-8.0.9.41/superbingo/superbingo-en_US.cab
DPF: Hangman Hijinks by pogo - hxxp://game3.pogo.com/v/8.1.8.10/applet/hangman/hangman-en_US.cab
DPF: Hearts by pogo - hxxp://game3.pogo.com/v/8.1.7.44/applet/hearts/hearts-en_US.cab
DPF: High Stakes Poker by pogo - hxxp://game1.pogo.com/applet-8.0.9.41/drawpoker/drawpoker-en_US.cab
DPF: High Stakes Pool by pogo - hxxp://game1.pogo.com/v/8.1.0.23/applet/pool2/pool-en_US.cab
DPF: Hog Heaven Slots by pogo - hxxp://game1.pogo.com/v/8.1.7.44/applet/fancy/fancy-en_US.cab
DPF: Jungle Gin by pogo - hxxp://game1.pogo.com/v/8.1.1.13/applet/gin2/gin2-en_US.cab
DPF: Lost Temple Poker by pogo - hxxp://game1.pogo.com/v/8.1.0.23/applet/mhpoker/mhpoker-en_US.cab
DPF: Lottso by pogo - hxxp://game3.pogo.com/v/8.1.9.1/applet/lottso/lottso-en_US.cab
DPF: Makeover Madness by pogo - hxxp://game3.pogo.com/v/8.1.7.44/applet/shoes/shoes-en_US.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: NASCAR Web Racing by pogo - hxxp://game1.pogo.com/v/8.1.1.1/applet/nascar/nascar-en_US.cab
DPF: No-Limit Texas Hold'em by pogo - hxxp://game1.pogo.com/v/8.1.1.21/applet/allin/allin-en_US.cab
DPF: Pai Gow by pogo - hxxp://game1.pogo.com/v/8.1.1.1/applet/paigow/paigow-en_US.cab
DPF: Payday Freecell Solitaire by pogo - hxxp://game1.pogo.com/v/8.1.1.1/applet/freecell2/freecell2-en_US.cab
DPF: Perfect Pair Solitaire by pogo - hxxp://game1.pogo.com/v/8.1.7.44/applet/waterwheel/waterwheel-en_US.cab
DPF: Phlinx by pogo - hxxp://game1.pogo.com/v/8.1.1.1/applet/flinger/flinger-en_US.cab
DPF: Poppit by pogo - hxxp://game1.pogo.com/v/8.1.0.23/applet/poppit2/poppit2-en_US.cab
DPF: Quick Quack by pogo - hxxp://game1.pogo.com/v/8.1.7.44/applet/hotstreak/hotstreak-en_US.cab
DPF: QWERTY by pogo - hxxp://game1.pogo.com/v/8.1.1.13/applet/squares/squares-en_US.cab
DPF: Ride The Tide by pogo - hxxp://game1.pogo.com/v/8.1.0.23/applet/ride/ride-en_US.cab
DPF: Showbiz Slots by pogo - hxxp://game1.pogo.com/v/8.1.0.24/applet/slots/showbiz-en_US.cab
DPF: Spooky Slots - hxxp://game1.pogo.com/v/8.1.1.35/applet/spooky/spooky-en_US.cab
DPF: Squelchies by pogo - hxxp://game1.pogo.com/v/8.1.1.1/applet/squelchies/squelchies-en_US.cab
DPF: Stax by pogo - hxxp://game1.pogo.com/v/8.1.1.1/applet/stax/stax-en_US.cab
DPF: Sweet Tooth TM by pogo - hxxp://game1.pogo.com/v/8.1.1.13/applet/sweettooth/sweettooth-en_US.cab
DPF: Thousand Island Solitaire by pogo - hxxp://game3.pogo.com/v/8.1.9.1/applet/millbrae/millbrae-en_US.cab
DPF: Turbo 21 v2 by pogo - hxxp://game1.pogo.com/v/8.1.9.7/applet/turbo22/turbo22-en_US.cab
DPF: Wonderland Memories by pogo - hxxp://game1.pogo.com/v/8.1.0.23/applet/memories/memories-en_US.cab
DPF: Word Search Daily by pogo - hxxp://game3.pogo.com/v/8.1.9.4/applet/wordsearch/wordsearch-en_US.cab
DPF: Word Whomp by pogo - hxxp://game1.pogo.com/v/8.1.0.23/applet/wordwhomp2/whomp2-en_US.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1104984549012
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1157565582500
DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - hxxp://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
DPF: {F55C25D3-D16A-11D3-81DF-00A0C91F5E7D} - hxxp://www.kiddonet.com/kiddonet/GtekPrt.ocx
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = :\windows\system32\srrstr.dll cli scecli

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-11-03 22:57 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-03 22:57 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-11-03 22:57 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-11-03 21:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-11-03 01:23 <DIR> --d----- c:\docume~1\wennin~1\applic~1\AVG8
2009-11-03 00:34 <DIR> --d----- c:\windows\LastGood.Tmp
2009-11-02 14:32 <DIR> --d----- c:\program files\Panda Security
2009-11-02 05:07 18,525 a------- c:\windows\system32\wifigewor.db
2009-11-02 05:07 17,607 a------- c:\program files\common files\emytecos.bin
2009-11-02 05:07 13,103 a------- c:\windows\izotepoz.reg
2009-11-02 05:07 17,671 a------- c:\windows\ezihojekiv.exe
2009-11-02 05:07 17,495 a------- c:\windows\ixozak.ban
2009-11-02 05:07 14,396 a------- c:\windows\ajogiz.vbs
2009-11-02 05:07 13,015 a------- c:\windows\ycizuxyk._sy
2009-11-02 05:07 17,974 a------- c:\windows\system32\ubohinake.lib
2009-11-02 05:07 16,269 a------- c:\windows\system32\imukyboq.db
2009-11-02 05:07 11,462 a------- c:\windows\bevepotah.dat
2009-11-02 05:07 13,387 a------- c:\windows\linusimypo.dat
2009-11-02 02:16 <DIR> --d----- c:\docume~1\wennin~1\applic~1\Malwarebytes
2009-11-01 23:29 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-11-01 10:12 36 a------- c:\windows\rasqervy.dll
2009-11-01 10:12 8 a------- c:\windows\sdfinacs.dll
2009-11-01 10:12 5 a------- c:\windows\sdfixwcs.dll
2009-11-01 02:40 552 a------- c:\windows\system32\d3d8caps.dat
2009-10-31 22:56 12,211 a------- c:\windows\abipy.lib
2009-10-31 22:56 10,668 a------- c:\windows\tepavil.pif
2009-10-31 22:56 14,450 a------- c:\docume~1\wennin~1\applic~1\emosican.com
2009-10-31 22:56 19,953 a------- c:\windows\system32\wifaru.db
2009-10-31 22:56 14,266 a------- c:\program files\common files\jewicelimu.scr
2009-10-31 22:56 16,692 a------- c:\windows\ipuba.ban
2009-10-31 22:56 16,032 a------- c:\docume~1\alluse~1\applic~1\xobexoq.scr
2009-10-31 22:56 12,117 a------- c:\docume~1\wennin~1\applic~1\usewygi.dll

==================== Find3M ====================

2009-11-02 05:07 13,365 a------- c:\program files\common files\itawiqimy._sy
2009-11-02 05:07 18,281 a------- c:\program files\common files\ijeq.dl
2009-10-31 22:56 13,578 a------- c:\program files\common files\abawogyrob.lib
2008-12-16 16:22 139,112 ac------ c:\docume~1\wennin~1\applic~1\GDIPFONTCACHEV1.DAT
2004-12-25 19:47 35,121,138 a------- c:\program files\NIS_Retail.EXE
2003-12-10 20:39 457 a------- c:\program files\INSTALL.LOG
2008-10-17 01:18 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008101720081018\index.dat

============= FINISH: 0:01:57.87 ===============

Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 7.0.5
Adobe Shockwave Player 11
Ainsworth Keyboard Trainer 4
AOL Coach Version 1.0(Build:20030807.3)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Instant Messenger
AOL Pictures Tools (version 10.4.0.3)
AOL Spyware Protection
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
Bonjour
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.0
Canon MP250 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CardRd81
CCScore
Conexant D850 56K V.9x DFVc Modem
Conexant SmartHSFi V92 56K DF PCI Modem
Control Pad
Coupon Printer for Windows
CR2
Critical Update for Windows Media Player 11 (KB959772)
CueCard (remove only)
Dell ResourceCD
Dell Solution Center
Dell Support
DivX Player 2.1
DivX Pro Codec
DVDSentry
Easy CD Creator 5 Basic
ESET Online Scanner v3
ESSBrwr
ESSCDBK
ESScore
ESSCT
ESSEMAIL
ESSgui
ESShelp
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
ESSTUTOR
essvcpt
ESSvpaht
ESSvpot
Eusing Free Registry Cleaner
Express Burn
Help and Support Customization
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HLPIndex
HLPSFO
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
HP Driver Diagnostics
hp instant support
HP Memories Disc
hp psc 1200 series
IBM Rapid Access Keyboard (III, IIIe)
Intel® PRO Network Adapters and Drivers
Intel® PROSet
iPod for Windows 2006-03-23
iTunes
Java™ 6 Update 17
Kodak EasyShare software
KSU
Malwarebytes' Anti-Malware
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Encarta Encyclopedia Standard 2003
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2003
Microsoft Money 2003 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2003
Microsoft Picture It! Photo 7.0
Microsoft Publisher 2002
Microsoft Security Essentials
Microsoft Streets and Trips 2002
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Windows Journal Viewer
Microsoft Word 2002
Microsoft Works 2003 Setup Launcher
Microsoft Works 7.0
Microsoft Works Suite Add-in for Microsoft Word
Move Networks Media Player for Internet Explorer
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Notifier
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
OfotoXMI
OTtBP
OTtBPSDK
Photo Viewer s2.5
Pixillion Image Converter
PowerDVD
Qualxserve Service Agreement
QuickTime
RealPlayer
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SFR
Shareaza 2.3.1.0
SHASTA
Shockwave
SKIN0001
SKINXSDK
Sound Blaster Live!
StudioLine
Ulead PhotoImpact 8 ESD
Uninstall Dual Mode Camera
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Verizon Online DSL
Viewpoint Media Player
Visual IP InSight(Verizon Online)
VPRINTOL
WavePad Sound Editor
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows XP Service Pack 3
WinZip
WIRELESS
Works Suite OS Pack

Hi,

Please do the following:

Visit ADOBEand download the latest version of Acrobat Reader (version 9.2)
Having the latest updates ensures there are no security vulnerabilities in your system.

The MS security Essentials is a good program.

If you wanted to invest in a good security program, i would go with Kaspersky, if you shop around you can get the whole suite for around $60.00 that includes a parental control feature.

Now we just need to clean up our tools:

Please do the following:

Follow these steps to uninstall Combofix

• Click START then RUN
• Now type Combofix /uninstall in the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

NEXT

Now to remove the rest of the tools that we have used in fixing your machine:

• Make sure you have an Internet Connection.
• Download OTC to your desktop and run it
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Note: If there are any other logs/tools remaining on your desktop > right click and delete them.


NEXT


Below I have included a number of recommendations for how to protect your computer against malware infections.

• It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
  Strong passwords: How to create and use them
  Then consider a password keeper, to keep all your passwords safe.
  
• Keep Windows updated by regularly checking their website at :
  http://windowsupdate.microsoft.com/
  This will ensure your computer has always the latest security updates available installed on your computer.
  
  
• SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.
  
  
• SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.
  
  
• Make Internet Explorer more secure
  
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
  
  
• ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  
  
• MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.
  
  WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
  • Green to go
  • Yellow for caution
  • Red to stop
  WOT has an addon available for both Firefox, IE and chrome.
  
  
• Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
  secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
  blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
  Here
  
  
  If you choose to use Firefox, I highly recommend this add-on to keep your PC even more secure.
  
  • NoScript - for blocking ads and other potential website attacks
  
  
• Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  
• ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
  
• In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:
  Think Prevention.
  PC Safety and Security--What Do I Need?.

**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.


Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Wow! Thank you so much! All done! One more quick question, I will probably end up getting the Kaspersky Suite however I won't be able to do that until after Christmas sometime. Can you suggest a good free one until then?

Oh no, I may have another problem. I'm trying to install that printer and it wont install the drivers. It says a newer version on MD drivers is installed. Also, there are absolutely no divices in the Divice manager in the System Properties under Hardware. Am I doing something wrong?

Hi,

Try going to Start> Control Panel >printers and faxes


If the printer is there > delete it and try installing it again




Choose from one of these excellent free antivirus programs

Avira AntiVir
Avast

Note:

You may need to uninstall the related software as well, in order to start the installation over again.

The printer is not there but I uninstalled the old printer and still no go.

Also, it will not play sound. It says there is no sound device installed on my computer. :-(

Hi,

OK, couple of things to do:

Please do the following:

For the printer:

uninstall all Canon software and hp psc 1200 series in add/remove programs list - reboot then reinstall following the instructions carefully, some printers need to be attached during installation, some after.


For the Sound:

Go to Device Manager > Start > Right Click My Computer > Properties > Hardware Tab> Device Manager and right click on your sound driver and choose enable

also look to see if there are any errors being reported in Device Manager.

Next go to control panel > music or system sounds > sounds and audio devices > audio tab

see what is available for playback > choose an audio device for playback

if it is just system sounds that are not working ...select a sound theme while there

make sure your volume is up and not muted.

Hi,

Can you please verify something you mentioned earlier.

Is all of Device Manager empty?

Yes, all pf device manager is completely empty. This is bad...

Your Plug and Play service is probably turned off.

Please try the following:

set the startup type for Plug and Play to Automatic.
To do so, follow these steps:

1. Click Start, click Run, type services.msc and then click OK.

2. Double-click Plug and Play.
If you receive a Configuration Manager message, click OK.

3. In the Startup Type list, click Automatic, and then click OK.

4. Close Services.

5. Restart the computer.

You are an angel! We have sound, device manager is full, AND the printer is installed and working! Thank you SO much for your help! You have been super patient with me and I can't thank you enough!

Excellent!!!

I'm happy that's all it was.

If there are no outstanding issues, you should be good to go.


stay safe

~CB

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.