Infected - Spam using my E-mail account - Security 360 Log

[brada220]

I have 3 suspect computers that might be the cause - Working on the main desk computer right now. Attached is the Security 360 Log -

 

Logfile of IObit HijackScan v0.2.0.0

Scan saved at 15:0:29, on 2011-3-21

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\cisvc.exe

G:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe

C:\WINDOWS\system32\HPZipm12.exe

G:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\system32\cidaemon.exe

G:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

G:\Program Files\Mozilla Firefox\firefox.exe

 

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - G:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - G:\Program Files\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - G:\Program Files\Java\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -

O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "G:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O8 - Extra context menu item: Open with WordPerfect - g:\Program Files\Corel\WordPerfect Office X5\Programs\WPLauncher.hta

O9 - Extra button: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824}LogitechDDC.OCXCtrl.1 - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}SysProWmi.1 - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034}SysReqLab.Detection_SRLX.1 - http://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_22 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}Java Plug-in 1.6.0_22 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_22 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7}PCPitstop2.Exam.1 - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll

O23 - Service: Google Desktop Manager 5.9.1005.12335 - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IMF Service - IObit - G:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: Intuit Update Service - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

O23 - Service: IS360service - IObit - G:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter - Sun Microsystems, Inc. - G:\Program Files\Java\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: Norton Security Suite - Symantec Corporation - G:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: Intel NCS NetService - Intel® Corporation - G:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Protexis Licensing V2 - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Trend Micro RUBotted Service - Trend Micro Inc. - C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe

O23 - Service: spkrmon - Unknown - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe

O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

[brada220]

Attach Log

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 6/21/2009 8:21:42 PM

System Uptime: 3/21/2011 9:59:34 AM (4 hours ago)

.

Motherboard: Dell Computer Corp. | | 0N6381

Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/533mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 24 GiB total, 6.391 GiB free.

D: is FIXED (NTFS) - 73 GiB total, 54.58 GiB free.

E: is FIXED (NTFS) - 230 GiB total, 54.611 GiB free.

F: is FIXED (NTFS) - 6 GiB total, 4.33 GiB free.

G: is FIXED (NTFS) - 59 GiB total, 40.283 GiB free.

H: is CDROM ()

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP398: 3/13/2011 11:15:52 AM - System Checkpoint

RP399: 3/14/2011 12:15:52 PM - System Checkpoint

RP400: 3/15/2011 1:00:08 PM - System Checkpoint

RP401: 3/17/2011 11:17:17 PM - System Checkpoint

RP402: 3/18/2011 6:46:49 PM - Software Distribution Service 3.0

RP403: 3/19/2011 9:07:24 AM - Software Distribution Service 3.0

RP404: 3/19/2011 9:14:39 AM - Norton Security Suite Registry

RP405: 3/20/2011 3:26:06 PM - System Checkpoint

.

==== Installed Programs ======================

.

.

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3.4

Adobe Shockwave Player 11.5

Advanced SystemCare 3

Advertising Center

Apple Application Support

Apple Software Update

Ashampoo WinOptimizer 2010 Advanced

Avery Wizard 3.1

BitComet 1.23

Canon MF Toolbox 4.9.1.1.mf03

Canon MF4100 Series

CCleaner

CDDRV_Installer

Comcast Access

Comcast Rhapsody

Corel WordPerfect Office - iFilter

Data Lifeguard Diagnostic for Windows

Data Lifeguard Tools

Dell Driver Reset Tool

Dell Support 3.2.1

DolbyFiles

Dragon NaturallySpeaking 9

EasyCleaner

erLT

Exterminate It!

Garmin City Navigator North America NT 2010.40

GearDrvs

Google Desktop

Google Toolbar for Internet Explorer

Google Update Helper

Hardware sensors monitor 4.5

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB979306)

HP Photosmart, Officejet and Deskjet 7.0.A

ImagXpress

Intel® 537EP V9x DF PCI Modem

Intel® Extreme Graphics 2 Driver

Intel® PROSet for Wired Connections

IObit Malware Fighter

IObit Security 360

Java Auto Updater

Java 6 Update 22

Junk Mail filter update

KhalInstallWrapper

Logitech SetPoint

Malwarebytes' Anti-Malware

Menu Templates - Starter Kit

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft IntelliType Pro 7.1

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Live Add-in 1.4

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Modem Helper

Move Media Player

Movie Templates - Starter Kit

Mozilla Firefox (3.6.15)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

MSXML 6.0 Parser (KB933579)

Nero 9 Trial

Nero BurnRights

Nero ControlCenter

Nero CoverDesigner

Nero DiscSpeed

Nero DriveSpeed

Nero InfoTool

Nero Installer

Nero PhotoSnap

Nero Recode

Nero Rescue Agent

Nero ShowTime

Nero StartSmart

Nero Vision

Nero WaveEditor

NeroBurningROM

NeroExpress

neroxml

nLite 1.4.9.1

Norton Security Scan

Norton Security Suite

O&O Defrag Professional

OGA Notifier 2.0.0048.0

PDF-Viewer

PeaZip 3.1

PowerISO

QFolder

QuickTime

Revo Uninstaller 1.90

Scan

ScanSoft OmniPage 16

ScanSoft PaperPort 11

ScanSoft PDF Create! 3.0

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office Groove 2007 (KB2494047)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB975558)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2124261)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2290570)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB975254)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB976323)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Segoe UI

Skins

Smart Defrag 2

Software Informer 1.0 BETA

SoundMAX

SoundTrax

Startup Optimizer 1.6

SUPERAntiSpyware Free Edition

Symantec Technical Support Web Controls

Terminal Services Client

Trend Micro RUBotted

TurboTax 2009

TurboTax 2009 WinPerFedFormset

TurboTax 2009 WinPerReleaseEngine

TurboTax 2009 WinPerTaxSupport

TurboTax 2009 wnjiper

TurboTax 2009 wrapper

TurboTax 2010

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wnhiper

TurboTax 2010 wnjiper

TurboTax 2010 wrapper

Uniblue DriverScanner 2009

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2412171)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (KB2508979)

Update for Windows Internet Explorer 8 (KB2362765)

Update for Windows Internet Explorer 8 (KB2447568)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows Internet Explorer 8 (KB980302)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB971029)

WebFldrs XP

Winamp

Winamp Detector Plug-in

Windows Internet Explorer 8

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

Windows Management Framework Core

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows Search 4.0

Windows XP Service Pack 3

WordPerfect Lightning

WordPerfect Lightning - IPM

WordPerfect Lightning - Messages

WordPerfect Lightning - MSOM

WordPerfect Office X5

WordPerfect Office X5 - Common

Wordperfect Office X5 - EN

WordPerfect Office X5 - Filters

WordPerfect Office X5 - Graphics

WordPerfect Office X5 - IPM

WordPerfect Office X5 - LegalTools

WordPerfect Office X5 - Migration Manager

WordPerfect Office X5 - Oxford

WordPerfect Office X5 - PerfectExperts EN

WordPerfect Office X5 - PR

WordPerfect Office X5 - QP

WordPerfect Office X5 - Setup Files

WordPerfect Office X5 - Sharepoint

WordPerfect Office X5 - Skins

WordPerfect Office X5 - System EN

WordPerfect Office X5 - Templates

WordPerfect Office X5 - WP

WordPerfect Office X5 - WT

XP Codec Pack

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

3/17/2011 7:30:29 PM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service IISADMIN with arguments "" in order to run the server: {A9E69610-B80D-11D0-B9B9-00A0C922E750}

3/17/2011 7:25:29 PM, error: Service Control Manager [7001] - The IIS Admin service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

3/17/2011 4:00:00 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: General access denied error

3/17/2011 4:00:00 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: General access denied error

3/17/2011 1:35:11 PM, error: Service Control Manager [7001] - The Distributed Transaction Coordinator service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

3/16/2011 5:47:13 AM, error: Serial [45] - The serial driver detected a hardware failure on device \Device\Serial0 and will disable this device.

3/14/2011 11:32:41 PM, error: NetBT [4321] - The name "HOMEOFFICE :1d" could not be registered on the Interface with IP address 192.168.1.21. The machine with the IP address 192.168.1.6 did not allow the name to be claimed by this machine.

3/14/2011 11:09:39 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer FIONA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{4F74FC6C-7BA4-42EB-. The master browser is stopping or an election is being forced.

3/14/2011 10:58:05 PM, error: Service Control Manager [7022] - The IPv6 Helper Service service hung on starting.

3/14/2011 10:57:10 PM, error: Service Control Manager [7001] - The World Wide Web Publishing service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start.

3/14/2011 10:57:10 PM, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

3/14/2011 10:57:10 PM, error: Service Control Manager [7001] - The Simple Mail Transfer Protocol (SMTP) service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start.

3/14/2011 10:57:10 PM, error: Service Control Manager [7001] - The FTP Publishing service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start.

3/14/2011 10:57:10 PM, error: Service Control Manager [7000] - The TCAITDI Protocol service failed to start due to the following error: The system cannot find the file specified.

3/14/2011 10:57:10 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.

.

==== End Of File ===========================

[brada220]

DDS Log

 

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by William at 13:11:11.95 on Mon 03/21/2011

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1259 [GMT -4:00]

.

AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton Security Suite *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\System32\svchost.exe -k NetworkService

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\cisvc.exe

G:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe

C:\WINDOWS\system32\HPZipm12.exe

G:\Program Files\IObit\IObit Security 360\IS360tray.exe

G:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\system32\cidaemon.exe

G:\Program Files\IObit\IObit Security 360\is360.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

G:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

G:\Program Files\Mozilla Firefox\firefox.exe

G:\Downloads\dds.scr

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.msn.com

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - g:\program files\norton security suite\engine\4.3.0.5\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - g:\program files\norton security suite\engine\4.3.0.5\IPSBHO.DLL

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - g:\program files\java\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - g:\program files\java\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - g:\program files\norton security suite\engine\4.3.0.5\coIEPlg.dll

TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

mRun: [iObit Security 360] "g:\program files\iobit\iobit security 360\IS360tray.exe" /autostart

mPolicies-explorer: NoResolveTrack = 1 (0x1)

mPolicies-explorer: NoFileAssociate = 0 (0x0)

mPolicies-system: NoDispSettingsPage = 0 (0x0)

IE: Open with WordPerfect - g:\program files\corel\wordperfect office x5\programs\WPLauncher.hta

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C}

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - g:\progra~1\micros~1\office12\REFIEBAR.DLL

Trusted Zone: intuit.com\ttlc

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java

DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab

DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB

DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll

TCP: {4F74FC6C-7BA4-42EB-B950-5E88232FA669} = 8.8.8.8,129.250.35.250,74.82.42.42

Notify: !SASWinLogon - g:\program files\superantispyware\SASWINLO.DLL

Notify: igfxcui - igfxdev.dll

Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - g:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\docume~1\william\applic~1\mozilla\firefox\profiles\fdovvp1v.default\

FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coffplgn\components\coFFPlgn.dll

FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll

FF - plugin: c:\documents and settings\william\application data\move networks\plugins\npqmp071706000001.dll

FF - plugin: c:\documents and settings\william\application data\mozilla\firefox\profiles\fdovvp1v.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: g:\program files\java\bin\new_plugin\npdeployJava1.dll

FF - plugin: g:\program files\java\bin\new_plugin\npjp2.dll

FF - plugin: g:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: g:\program files\quicktime\plugins\npqtplugin.dll

FF - plugin: g:\program files\quicktime\plugins\npqtplugin2.dll

FF - plugin: g:\program files\quicktime\plugins\npqtplugin3.dll

FF - plugin: g:\program files\quicktime\plugins\npqtplugin4.dll

FF - plugin: g:\program files\quicktime\plugins\npqtplugin5.dll

FF - plugin: g:\program files\quicktime\plugins\npqtplugin6.dll

FF - plugin: g:\program files\quicktime\plugins\npqtplugin7.dll

FF - plugin: g:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - g:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - g:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}

FF - Ext: Garmin Communicator: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E} - %profile%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

FF - Ext: Xmarks: foxmarks@kei.com - %profile%\extensions\foxmarks@kei.com

FF - Ext: Torrent Finder Toolbar: TFToolbarX@torrent-finder - %profile%\extensions\TFToolbarX@torrent-finder

FF - Ext: Java Quick Starter: jqs@sun.com - g:\program files\java\lib\deploy\jqs\ff

FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\IPSFFPlgn

FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coFFPlgn

FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\william\application data\Move Networks

.

============= SERVICES / DRIVERS ===============

.

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-2-2 14776]

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0403000.005\symds.sys [2010-10-28 328752]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0403000.005\symefa.sys [2010-10-28 173104]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20110309.001\BHDrvx86.sys [2011-3-10 800376]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys [2010-10-28 501888]

R1 SASDIFSV;SASDIFSV;g:\program files\superantispyware\SASDIFSV.SYS [2008-11-17 12872]

R1 SASKUTIL;SASKUTIL;g:\program files\superantispyware\SASKUTIL.SYS [2008-11-17 67656]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0403000.005\ironx86.sys [2010-10-28 116784]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-7-3 54752]

R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2010-2-10 10384]

R2 N360;Norton Security Suite;g:\program files\norton security suite\engine\4.3.0.5\ccsvchst.exe [2010-10-28 126392]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-10-27 102448]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20110317.002\IDSXpx86.sys [2011-3-17 341944]

R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20110321.002\NAVENG.SYS [2011-3-21 86008]

R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20110321.002\NAVEX15.SYS [2011-3-21 1360760]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 TCAITDI;TCAITDI Protocol; [x]

S3 ASUSHWIO;ASUSHWIO; [x]

S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\docume~1\william\locals~1\temp\onlinescanner\anti-virus\fsgk.sys --> c:\docume~1\william\locals~1\temp\onlinescanner\anti-virus\fsgk.sys [?]

S3 FileMonitor;FileMonitor;g:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2011-2-2 239344]

S3 FIXUSTOR;FIXUSTOR;c:\windows\system32\drivers\fixustor.sys [2006-11-7 12672]

S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [2010-10-27 16968]

S3 NDISKIO;NDISKIO;\??\c:\docume~1\william\locals~1\temp\000004e1.nmc\nse\bin\ndiskio.sys --> c:\docume~1\william\locals~1\temp\000004e1.nmc\nse\bin\ndiskio.sys [?]

S3 RegFilter;RegFilter;g:\program files\iobit\iobit malware fighter\drivers\wxp_x86\RegFilter.sys [2011-2-2 41200]

S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2010-2-11 24416]

S3 SASENUM;SASENUM;g:\program files\superantispyware\SASENUM.SYS [2008-11-17 12872]

S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]

S3 UrlFilter;UrlFilter;g:\program files\iobit\iobit malware fighter\drivers\wxp_x86\UrlFilter.sys [2011-2-2 24200]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2009-6-21 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-1-27 30192]

S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]

S4 IMFservice;IMF Service;g:\program files\iobit\iobit malware fighter\IMFsrv.exe [2011-2-2 821592]

S4 IS360service;IS360service;g:\program files\iobit\iobit security 360\is360srv.exe [2010-2-11 312152]

S4 RUBotted;Trend Micro RUBotted Service;c:\program files\trend micro\rubotted\TMRUBotted.exe [2010-2-11 582992]

.

=============== Created Last 30 ================

.

2011-03-21 13:13:20 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-03-21 13:13:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-03-03 02:51:28 -------- d-----w- c:\program files\AV Vcs 7.0 DIAMOND

.

==================== Find3M ====================

.

2011-03-14 02:33:05 6164 --sha-w- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys

2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll

2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll

2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll

2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll

2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll

2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys

2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll

.

============= FINISH: 13:12:12.56 ===============

[Superdave]

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************

P2P - I see you have P2P software installed on your machine (BitComet 1.23 ). We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

 

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

 

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

********************************************

Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.

EasyCleaner

There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

 

For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

 

Further reading: XP Fixes Myth #1: Registry Cleaners

*****************************************************

SUPERAntiSpyware

 

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

 

Download SuperAntispyware Free Edition (SAS)

* Double-click the icon on your desktop to run the installer.

* When asked to Update the program definitions, click Yes

* If you encounter any problems while downloading the updates, manually download and unzip them from here

* Next click the Preferences button.

 

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts

* Click the Scanning Control tab.

* Under Scanner Options make sure only the following are checked:

 

•Close browsers before scanning

•Scan for tracking cookies

•Terminate memory threats before quarantining

•Please leave the others unchecked

 

•Click the Close button to leave the control center screen.

 

* On the main screen click Scan your computer

* On the left check the box for the drive you are scanning.

* On the right choose Perform Complete Scan

* Click Next to start the scan. Please be patient while it scans your computer.

* After the scan is complete a summary box will appear. Click OK

* Make sure everything in the white box has a check next to it, then click Next

* It will quarantine what it found and if it asks if you want to reboot, click Yes

 

•To retrieve the removal information please do the following:

•After reboot, double-click the SUPERAntiSpyware icon on your desktop.

•Click Preferences. Click the Statistics/Logs tab.

 

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

 

•It will open in your default text editor (preferably Notepad).

•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

 

* Save the log somewhere you can easily find it. (normally the desktop)

* Click close and close again to exit the program.

*Copy and Paste the log in your post.

******************************************

 

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

*********************************************

Download Security Check by screen317 from one of the following links and save it to your desktop.

 

Link 1

Link 2

 

* Unzip SecurityCheck.zip and a folder named Security Check should appear.

* Open the Security Check folder and double-click Security Check.bat

* Follow the on-screen instructions inside of the black box.

* A Notepad document should open automatically called checkup.txt

* Post the contents of that document in your next reply.

 

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.