Facebook   Twitter   Google+   YouTube Get FREE Online Help Free Download IObit Products  

Go Back   IObit.Com Forums > IObit Security Software > Spyware-Malware Removal Help!
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Spyware-Malware Removal Help! A separate area dedicated to virus, spyware, rootkit and all other forms of malware removal.

Reply
 
Thread Tools Display Modes
  #1  
Old Dec. 18th, 2012, 13:11
peterlmoran peterlmoran is offline
Junior Member
 
Join Date: 18 Dec 2012
Posts: 4
Default Windows (XP) Explorer error cannot read disk

I have almost certainly picked up an infection in Windows XPpro.

The open symptom is that I get a message to the effect that there is a disk "read" error in Windows explorer and I'm offered the choice of exiting or Dr Watson debug. This error always occurs in normal mode straight after the desktop is complete and once it arrives there is little that can be done. It sometimes occurs in safe mode and the machine can often be used afterwards. I have hooked the disk up to another computer and scanned the disk for drive errors and there do not appear to be any. I have taken a clone of the drive and get exactly the same issue on the clone which would suggest that it is not the disk. I have also swapped the motherboards to no effect which would seem to eliminate the disk controllers.

I have run a variety of malware checkers including ASC6 free in safemode (I cannot use normal mode for anything) and after the normal scan no errors are reported. I would like to rescue this installation since there are some useful programs on it for which I'm struggling to find the licence keys. I have been unable to check the system files in safemode and in any case I'm on SP3 which makes life difficult.

Any suggestions would be gratefully received. I'm willing to buy any reasonably priced program if I could be certain that it would find the solution.

Thanks in advance
Reply With Quote
  #2  
Old Dec. 19th, 2012, 02:22
Melvin_Deal's Avatar
Melvin_Deal Melvin_Deal is offline
Malware Advisor Moderator
 
Join Date: 06 Jul 2009
Posts: 2,937
Smile Hi peterlmoran;87974... welcome to the Iobit forums!

It would be most helpful if you complete the details within your User CP located at the top left of the main forum GUI (paying special attention to security softwares). It would also be helpful if you report the exact disk "read" error.
Quote:
Originally Posted by peterlmoran View Post
I have almost certainly picked up an infection in Windows XPpro.

The open symptom is that I get a message to the effect that there is a disk "read" error in Windows explorer and I'm offered the choice of exiting or Dr Watson debug. This error always occurs in normal mode straight after the desktop is complete and once it arrives there is little that can be done. It sometimes occurs in safe mode and the machine can often be used afterwards. I have hooked the disk up to another computer and scanned the disk for drive errors and there do not appear to be any. I have taken a clone of the drive and get exactly the same issue on the clone which would suggest that it is not the disk. I have also swapped the motherboards to no effect which would seem to eliminate the disk controllers.

I have run a variety of malware checkers including ASC6 free in safemode (I cannot use normal mode for anything) and after the normal scan no errors are reported. I would like to rescue this installation since there are some useful programs on it for which I'm struggling to find the licence keys. I have been unable to check the system files in safemode and in any case I'm on SP3 which makes life difficult.

Any suggestions would be gratefully received. I'm willing to buy any reasonably priced program if I could be certain that it would find the solution.

Thanks in advance

As you have posted in the Malware removal section... please complete the steps in these guidelines. Please make sure to post both of the DDS logs.

Sincerely,
-Mel
Live long and prosper!

EDIT: I have moved that post.
__________________



Last edited by enoskype : Dec. 19th, 2012 at 09:50. Reason: EDIT:
Reply With Quote
  #3  
Old Dec. 19th, 2012, 15:12
peterlmoran peterlmoran is offline
Junior Member
 
Join Date: 18 Dec 2012
Posts: 4
Default Reply 1

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Administrator at 15:58:24 on 2012-12-19
.
============== Running Processes ================
.
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrow serrecordplugin.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: <No Name>: {95B7759C-8C7F-4BF1-B163-73684A933233} - LocalServer32 - <no file>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Steganos Internet Anonym: {00000000-5736-4205-0008-781cd0e19f00} - c:\program files\steganos internet anonym pro 7\siapro7iep.dll
TB: <No Name>: {95B7759C-8C7F-4BF1-B163-73684A933233} - LocalServer32 - <no file>
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [Advanced SystemCare 6] "c:\program files\iobit\advanced systemcare 6\ASCTray.exe" /AutoStart
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\msconfig.exe /auto
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\documents and settings\all users\application data\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [SIAPRO7] "c:\program files\steganos internet anonym pro 7\SIAPRO7.exe" -firstboot
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoFileAssociate = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\secure surfing engine\sselsp.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340440287765
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340440262562
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{18EE7D51-B2FE-4BB1-826E-CAB154745E30} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{50131B70-DEE5-4B0F-AE00-8D576936DD22} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - <Clsid value has no data>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - <Clsid value has no data>
Notify: AtiExtEvent - Ati2evxx.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
ShellExec: FRONTPG.EXE: edit=c:\progra~1\micros~2\office\FRONTPG.EXE
.
=============== Created Last 30 ================
.
2012-12-18 07:25:01 22400 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-12-18 07:18:00 -------- d-sh--w- c:\documents and settings\administrator\PrivacIE
2012-12-18 07:15:24 -------- d-----w- c:\documents and settings\administrator\application data\IObit
2012-12-17 22:34:12 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2012-12-10 17:09:56 -------- d-----w- c:\documents and settings\administrator\application data\TuneUp Software
2012-12-10 17:06:40 -------- d-----w- c:\documents and settings\administrator\local settings\application data\MFAData
2012-12-10 17:06:38 -------- d-----w- c:\documents and settings\administrator\application data\AVG2013
2012-12-10 17:05:20 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Avg2013
2012-12-10 15:55:07 15224 ----a-w- c:\windows\system32\sdnclean.exe
2012-12-10 15:54:40 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-12-10 12:58:24 80488 ----a-r- c:\windows\system32\RtNicProp32.dll
2012-12-10 12:58:24 102416 ----a-r- c:\windows\system32\RTNUninst32.dll
2012-12-10 12:42:32 65640 ----a-r- c:\windows\system32\RtkCoInstIIXP.dll
2012-12-10 12:42:32 1691480 ----a-r- c:\windows\system32\drivers\Ambfilt.sys
2012-12-10 12:42:32 11368 ----a-r- c:\windows\system32\RtkCoLDRXP.dll
2012-12-10 12:42:29 1395800 ----a-r- c:\windows\system32\drivers\Monfilt.sys
2012-12-10 12:42:15 359016 ----a-r- c:\windows\vncutil.exe
2012-12-10 12:42:14 129640 ----a-r- c:\windows\RtkAudioService.exe
2012-12-10 12:41:58 25548 ----a-r- c:\windows\system32\drivers\RTAIODAT.DAT
2012-12-10 12:35:08 69472 ----a-w- c:\windows\system32\drivers\asahxp32.sys
2012-12-10 12:35:08 43104 ----a-w- c:\windows\system32\ahcipp32.dll
2012-12-10 12:35:05 -------- d-----w- c:\program files\ASM106xSATA
2012-12-10 12:33:43 313832 ----a-w- c:\windows\system32\drivers\asmtxhci.sys
2012-12-10 12:33:42 102888 ----a-w- c:\windows\system32\drivers\asmthub3.sys
2012-12-10 12:33:33 -------- d-----w- c:\program files\ASM104xUSB3
2012-12-10 12:31:06 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\int el32\ctor.dll
2012-12-10 12:31:06 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\int el32\iscript.dll
2012-12-10 12:31:06 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\int el32\iuser.dll
2012-12-10 12:31:05 724992 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\int el32\iKernel.dll
2012-12-10 12:31:05 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\int el32\DotNetInstaller.exe
2012-12-10 12:31:05 184452 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\int el32\iGdi.dll
2012-12-10 12:31:04 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\int el32\Setup.dll
2012-12-10 12:19:28 6400 -c--a-w- c:\windows\system32\dllcache\enum1394.sys
2012-12-10 12:19:28 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2012-12-10 12:19:28 61696 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys
2012-12-10 12:19:28 61696 ----a-w- c:\windows\system32\drivers\ohci1394.sys
2012-12-10 12:19:27 53376 -c--a-w- c:\windows\system32\dllcache\1394bus.sys
2012-12-10 12:19:27 53376 ----a-w- c:\windows\system32\drivers\1394bus.sys
2012-11-22 10:34:38 5885632 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
.
==================== Find3M ====================
.
2012-12-05 17:54:47 1392304 ----a-w- c:\windows\system32\AutoPartNt.exe
2012-11-30 07:22:23 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-30 07:22:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-07 16:29:48 65848 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2012-10-17 17:51:27 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-17 17:51:26 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-17 17:51:26 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-09-29 19:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2005-07-25 06:41:49 110657 ----a-w- c:\program files\common files\UninstallDrv.exe
2003-04-07 14:13:14 7856352 ----a-w- c:\program files\MDAC_TYP.EXE
2003-04-07 14:08:48 1822520 ----a-w- c:\program files\instmsiw.exe
2003-04-07 14:07:46 1708856 ----a-w- c:\program files\instmsia.exe
2003-04-07 14:06:36 2039000 ----a-w- c:\program files\FloorPlan 3D v8.msi
.
============= FINISH: 15:58:30.50 ===============
Reply With Quote
  #4  
Old Dec. 19th, 2012, 15:13
peterlmoran peterlmoran is offline
Junior Member
 
Join Date: 18 Dec 2012
Posts: 4
Default Reply 2

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
.
==== Disk Partitions =========================
.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
7-Zip 4.65
Acronis*Disk Director Suite
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop 4.0 LE
Adobe Photoshop 7.0
Adobe Photoshop Elements 2.0
Adobe Photoshop Elements 8.0
Adobe Premiere Elements 8.0
Adobe Reader XI
Advanced SystemCare 6
Amazon MP3 Downloader 1.0.17
AMD Catalyst Install Manager
AMD Power Monitor
AMD Processor Driver
AMDAway INF
Apple Application Support
Apple Software Update
Ashampoo Burning Studio 2012 v.10.0.15
Ashampoo Home Designer1.0.0
Ashampoo Registry Cleaner v.1.00
Ashampoo Snap 5 v.5.1.2
Ashampoo Snap 6 v.6.0.2
Ashampoo WinOptimizer 2010 Advanced
Ashampoo WinOptimizer 2012 v.8.1.4
Asmedia ASM104x USB 3.0 Host Controller Driver
Asmedia ASM106x SATA Host Controller Driver
ASUS VGA Driver
ATI AVIVO Codecs
ATI Parental Control & Encoder
AutoUpdate
AVIcodec (remove only)
AxCrypt 1.7.2867.0
Basic PAYE Tools
Basic PAYE Tools 2012
BlueSoleil 7.0.390.0
Canon i950
Carrara 7
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-preinstall
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Classic PhoneTools
Cool & Quiet
Cordless DUALphone Suite
Corel Applications
DiskCheckup v3.1
DivX Player
DivX Pro
DVB-T USB 2.0
DVD To MPEG Converter 1.10
DVDZip 4.0
eXPert PDF V3
EyeOneDriverInstaller
Firebird SQL Server - MAGIX Edition
FloorPlan 3D v8
Game Booster 3
GetDataBack for NTFS
GoodSync
Google Earth Plug-in
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photo and Imaging 2.0 - Scanners
ICC Profile Inspector 2.4.0
Intashield Device Driver Suite
InterVideo WinDVD
Jasc Paint Shop Photo Album 5
JascUpdate
Java 2 Runtime Environment, SE v1.4.1_02
Java 7 Update 9
Java Auto Updater
Java Web Start
Java(TM) 6 Update 20
JPEG Recovery Pro 4.0
MAGIX 3D Maker (embeded)
MAGIX audio cleaning lab 10 e-version (UK)
MAGIX Movie Edit Pro 10 e-version (UK)
MAGIX Movie Edit Pro 15 Plus 8.0.5.8 (UK)
MAGIX Screenshare 4.3.6.1987 (UK)
MAGIX Xtreme Photo Designer 6 6.0.27.0 (UK)
Malwarebytes Anti-Malware version 1.65.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft ActiveSync
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2000 Premium
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XML Parser
Minolta Dimage Scan Speed ver.1.0
Morpheus Photo Morpher v3.00
Mozilla Firefox 11.0 (x86 en-GB)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser
Navigator 4.1.0-27
Nero Suite
NetObjects Fusion 10.0
Netscape (7.2)
Nitro PDF Professional
Nokia PC Suite 4.81
NVIDIA Drivers
NVIDIA PureVideo Decoder
OLYMPUS Master 2
OpenOffice.org 3.4.1
Paragon Disk Wiper
PC Probe II
PerfectSuite Plus
PhotoNow! 1.0
Pivot Software
Post-it® Software Notes Lite
PowerDirector
PrintFIX PLUS
proDAD Vitascene StarterKit 1.0
QuarkXPress 5.0
QuickTime
Rapport
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
Registry Mechanic 4.0
Samsung New PC Studio
Samsung Universal Print Driver
SAMSUNG USB Driver for Mobile Phones
SDK
SeaTools for Windows
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB923789)
Serif MoviePlus X3
Serif MoviePlus X3 Resources
SiSoftware Sandra Lite 2010.SP1a
Skins
Skype Click to Call
Skype™ 5.10
Skype™ for Windows Mobile 3.0
SmartSound Quicktracks for Premiere Elements 8.0
SmartSound Quicktracks Plugin
Spybot - Search & Destroy
SpyderPRINT
Steganos Internet Anonym Pro 7.1.6
Steganos Safe 2008
Stellar Phoenix Photo Recovery
TClockEx
TheSage
TomTom HOME 2.8.0.2146
TomTom HOME Visual Studio Merge Modules
TreeSize Professional 4.0.2
TurboCAD Professional v9
TurboFLOORPLAN Home & Landscape Pro
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2718704)
ViewSonic Monitor Drivers
VueScan
WebFldrs XP
Windows Media Format 11 runtime
Windows Media Player 11
Windows Support Tools
Windows XP Service Pack 3
WinRAR archiver
WinZip
Wise Registry Cleaner 7.53
.
==== End Of File ===========================
Reply With Quote
  #5  
Old Dec. 19th, 2012, 15:15
peterlmoran peterlmoran is offline
Junior Member
 
Join Date: 18 Dec 2012
Posts: 4
Default Reply 3

Advanced SystemCare Log
====================================
Application Version: 6.0.8.170
Database Version: 53692
Scan Mode: Manual
x64 Bit:No
Windows XP
2012-12-19(15-55-34)
====================================
[Privacy Fix]: 3 problems fixed
------Details------
Deleted C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat
Deleted HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Applets\Regedit|LastKey
Deleted HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\RunMRU

[System Optimization]: 3 problems fixed
------Details------
Modified HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\dmserver\|Start
Modified HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\helpsvc\|Start
Modified HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\TrkWks\|Start
Reply With Quote
  #6  
Old Dec. 19th, 2012, 17:29
Superdave's Avatar
Superdave Superdave is offline
Malware Fighter
 
Join Date: 07 Mar 2010
Posts: 808
Default

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
************************************************** ***********
I really don't understand. What is this disk you're talking about? Are you booting the computer with the disk in the drive?

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.
*********************************************

Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Get FREE Online Help



Free Download IObit Products




Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
System progressive protection/Spyhunter tdlarsen Spyware-Malware Removal Help! 22 Nov. 19th, 2012 19:01
Problem with hard-to-get-rid-of Malware (e-markettop) Zoberraz Spyware-Malware Removal Help! 18 Jul. 9th, 2011 23:01
Xp Inspiron mini Ulfhere Spyware-Malware Removal Help! 34 Jun. 4th, 2011 23:16
ie browser search hijack dhammer Spyware-Malware Removal Help! 56 Mar. 21st, 2011 06:11
Virus? blue321 Spyware-Malware Removal Help! 26 Dec. 23rd, 2010 19:45


All times are GMT +0. The time now is 09:34.


Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.