Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post Google Hijacker/Google Search Result vir ...
Go to first new post server not found
Go to first new post slow computer, downloads over a few mb f ...
Go to first new post Ramnit virus, nearly cleared
Go to first new post Trojan: Win32/Alureon.FK - hijack this l ...
Go to first new post Network, good; Internet, bad
Go to first new post Windows live Messenger Virus
Go to first new post We Got System Checked :-(
Go to first new post This setup thing keeps popping up everyd ...
Go to first new post Extremely unresponsive, massive hang-ups ...
Go to first new post Trojan:dos/alureon.E still here!
Go to first new post Cannot access any google sites - youtube ...
Go to first new post "Congratulations, you won" &am ...
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Microsoft Visual C++ Runtime Library Buf ...
Tag Cloud
access acer asus bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory modem monitor motherboard network printer problem ram registry router security slow software sound toshiba trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Solved: Hijack this log w/ problems associated

Page 2 of 3 1 2 3
Reply  
Thread Tools
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
09-Nov-2009, 04:21 PM #16

Forgot to mention this before..

MSUTB.dll I suppose has been deleted somehow, it tells me this on startup. I also get the messages of "new hardware installed" and the little usb link in the toolbar but then it goes away.
I have not installed anything on my comp lately that I recall.

That is all I notice so far.

***All problems have been fixed that I am aware of that were active before.
THANK YOU!!!
Last edited by lemons12; 09-Nov-2009 at 04:37 PM..
Register for free to hide this ad!
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
09-Nov-2009, 05:20 PM #17
Just ran a Full MBAM scan...

Malwarebytes' Anti-Malware 1.41
Database version: 3135
Windows 5.1.2600 Service Pack 3

11/9/2009 4:12:57 PM
mbam-log-2009-11-09 (16-12-57).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 200484
Time elapsed: 44 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Evan\Application Data\Sun\Java\Deployment\cache\6.0\61\161398bd-6ce6df47 (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP261\A0434541.exe (Rogue.WindowsPolicePro) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP261\A0435585.exe (Rogue.WindowsPolicePro) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP262\A0437393.EXE (Rogue.PCMightyMax) -> Quarantined and deleted successfully.
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
09-Nov-2009, 05:21 PM #18
And HJT after MBAM full----

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:38, on 11/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Documents and Settings\Evan\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=3070619
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {fe99290b-2469-4106-a208-1a03b2346c1f} - dalusulo.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [PhilipsDM] C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe OS_STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LxrAutorun] C:\Documents and Settings\Evan\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MtdAcqu] "C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1182544253984
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1195533471045
O20 - AppInit_DLLs: c:\windows\system32\yagifiza.dll yabuvasu.dll c:\windows\system32\nonegetu.dll
O21 - SSODL: dorogepit - {a3fe8ea4-2502-498c-91fd-6d6e8a8fcb4a} - c:\windows\system32\yagifiza.dll (file missing)
O21 - SSODL: huhodulod - {df70f86f-0628-4e96-bc99-d35ad596db0f} - c:\windows\system32\nonegetu.dll (file missing)
O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)
O22 - SharedTaskScheduler: jugezatag - {a3fe8ea4-2502-498c-91fd-6d6e8a8fcb4a} - c:\windows\system32\yagifiza.dll (file missing)
O22 - SharedTaskScheduler: kupuhivus - {df70f86f-0628-4e96-bc99-d35ad596db0f} - c:\windows\system32\nonegetu.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8200 bytes
shinybeast's Avatar
Computer Specs
Senior Member with 513 posts.
  
Join Date: Sep 2008
Location: Western North Carolina
Experience: Intermediate
09-Nov-2009, 07:23 PM #19
Hi lemons12,

That is good news. We still have some work to do to get your computer clean and secure.

Please refrain from running anymore self fixes as this may hinder the malware removal process, thank you.


Run a command

Click Start, click Run... and paste the text in the codebox below into the Open: box and click OK.

Code:
cmd /c dir c:\*.* /L /B /S | Find "msutb.dll" >> "%userprofile%\desktop\look.txt"
Wait for it to finish. Afterwards, there will be a file called look.txt on your desktop. Post the contents of that file in your next reply.


OTL

  • Double-click OTL.exe to start the program
  • Copy all of the text in the code box below and paste it in the white area under Custom Scans/Fixes (under the cyan line at the bottom of the window)
    Code:
    :Files
C:\WINDOWS\System32\gidudele
C:\WINDOWS\System32\dakotari.dll

:OTL
SRV - (AntiPol) -- File not found
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - AppInit_DLLs: (c:\windows\system32\yagifiza.dll) - C:\WINDOWS\System32\yagifiza.dll File not found
O20 - AppInit_DLLs: (yabuvasu.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\nonegetu.dll) - C:\WINDOWS\System32\nonegetu.dll File not found
O21 - SSODL: dorogepit - {a3fe8ea4-2502-498c-91fd-6d6e8a8fcb4a} - C:\WINDOWS\System32\yagifiza.dll File not found
O21 - SSODL: huhodulod - {df70f86f-0628-4e96-bc99-d35ad596db0f} - C:\WINDOWS\System32\nonegetu.dll File not found
O22 - SharedTaskScheduler: {a3fe8ea4-2502-498c-91fd-6d6e8a8fcb4a} - jugezatag - C:\WINDOWS\System32\yagifiza.dll File not found
O22 - SharedTaskScheduler: {df70f86f-0628-4e96-bc99-d35ad596db0f} - kupuhivus - C:\WINDOWS\System32\nonegetu.dll File not found

:commands
[emptytemp]
  • Close all running programs except for OTL, including all browser windows.
  • Then click Run Fix at the top of the window.
  • Once done, OTL will require a reboot. Please allow it.
  • After reboot, the log should open. Please save the log and post it in your next reply.
    Note: If the OTL log does not open, the log can be found in the C:\_OTL\MovedFIles folder.


Please include the contents of look.txt and the OTL log in your next reply.
__________________
Graduate of Malware Removal University. You too could train to help others.

Threads not responded to for 5 days will no longer be part of my subscriptions.
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
09-Nov-2009, 09:14 PM #20
OTL log----


All processes killed
========== FILES ==========
C:\WINDOWS\System32\gidudele moved successfully.
C:\WINDOWS\System32\dakotari.dll moved successfully.
========== OTL ==========
No service named AntiPol was found to stop!
Unable to stop service AntiPol!
File File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\system32\yagifiza.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:yabuvasu.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\system32\nonegetu.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad\\dorogepit deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a3fe8ea4-2502-498c-91fd-6d6e8a8fcb4a}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad\\huhodulod deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df70f86f-0628-4e96-bc99-d35ad596db0f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Share dTaskScheduler\\{a3fe8ea4-2502-498c-91fd-6d6e8a8fcb4a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a3fe8ea4-2502-498c-91fd-6d6e8a8fcb4a}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Share dTaskScheduler\\{df70f86f-0628-4e96-bc99-d35ad596db0f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df70f86f-0628-4e96-bc99-d35ad596db0f}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Evan
->Temp folder emptied: 1872395256 bytes
->Temporary Internet Files folder emptied: 160555553 bytes
->Java cache emptied: 10803837 bytes
->FireFox cache emptied: 97656657 bytes
->Google Chrome cache emptied: 7165902 bytes

User: Guest
->Temp folder emptied: 1667653 bytes
->Temporary Internet Files folder emptied: 150551003 bytes
->Java cache emptied: 61640 bytes
->FireFox cache emptied: 44347806 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 65412 bytes

User: Megan
->Temp folder emptied: 13709365 bytes
->Temporary Internet Files folder emptied: 11828325 bytes
->Java cache emptied: 1252349 bytes
->FireFox cache emptied: 57586046 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 439083 bytes

User: Owner

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 8234513 bytes
Windows Temp folder emptied: 205665069 bytes
RecycleBin emptied: 1120941 bytes

Total Files Cleaned = -1573.35 mb


OTL by OldTimer - Version 3.1.4.0 log created on 11092009_200536

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
10-Nov-2009, 12:55 AM #21
I ran the "look" and the log/notepad did not have any information in it whatsoever.
shinybeast's Avatar
Computer Specs
Senior Member with 513 posts.
  
Join Date: Sep 2008
Location: Western North Carolina
Experience: Intermediate
10-Nov-2009, 01:27 AM #22
Hello lemons12,

I'm pretty sure you did it correctly. That command searched your hard drive for any backups of msutb.dll to replace the missing one in C:\Windows\system32 (there are usually copies of system .dlls in other locations). It seems it was thoroughly wiped out. If you want, you can use the windows search feature to look for it. Make sure you select the "search system folders" under "more advanced options" in the search pane in explorer. I'll have more instructions tomorrow when they get approved. Take care.
__________________
Graduate of Malware Removal University. You too could train to help others.

Threads not responded to for 5 days will no longer be part of my subscriptions.
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
10-Nov-2009, 01:55 AM #23
Search pulled up nothing, pretty sure it is gone. I have thought about DL it a few times but wanted to make sure it was a legit site.

Thanks!
shinybeast's Avatar
Computer Specs
Senior Member with 513 posts.
  
Join Date: Sep 2008
Location: Western North Carolina
Experience: Intermediate
10-Nov-2009, 10:33 AM #24
I advise you not to download that file from anywhere at the moment. I am seeking a solution for the missing .dll. It is not a critical file to Windows so in the meantime please carry out the below and we will return to the missing .dll later.


Uninstall Programs

Older versions of Java and Adobe Reader have vulnerabilities that can be exploited by malware.
Please follow the steps below to update the Java Runtime Enviornment

Remove older version(s):
Click Start, click Run...
Type appwiz.cpl and press Enter to open Add or Remove Programs
For each of the programs listed below, highlight them in the list and click Remove

J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Adobe Reader 7.0.8

Once finished, close Add or Remove Programs window


Install Java Runtime Environment

  • Click here to visit Sun Java download page
  • Scroll down the page a bit and click under
  • Select your platform and agree to the license agreement (after having read it, of course) by clicking the checkbox. Click Continue.
  • Click the link (jre-6u17-windows-i586-p.exe) under Available Files and download the offline installer to your desktop.
  • Close any programs you may have running, including web browsers.
  • From your desktop, double-click on the download to install the newest version.
  • Reboot your computer.



An online Kaspersky Scan is warranted to seek out any leftovers.


Kaspersky Online Scan

Please visit Kaspersky

  • Read the information and requirements. Once you have disabled your anti-virus, and met the requirements, click Accept. The Information box in the left panel will tell you if the requirements have been met.
    Note: If you need information on disabling your anti-virus, click here
  • The scanning program and virus definitions will then be downloaded to your computer.
  • Once that is complete, click Settings in the bottom left of the window.
  • Confirm that all boxes under settings are checked. If not, check any unchecked ones and click Save.
  • Then click My Computer under Scan in the left panel and the scan will start.


This could take quite a long time, depending on how much data you have to be scanned. Please be patient.

  • Once the scan is complete, click Scan Report in the left panel.
  • Click Save Report As... at the bottom of the right panel.
  • Change Files of Type: from Web Page to Text file (.txt).
  • Name the file, and save in a convenient place.
  • Copy the contents of the report and post it in your next reply


Don't forget to re-enable your anti-virus after the scan.


Adobe Reader

You can get the newest version of Adobe Reader from http://get.adobe.com/reader/.



Please post the results of the Kaspersky scan and a new HijackThis log in your next reply.
__________________
Graduate of Malware Removal University. You too could train to help others.

Threads not responded to for 5 days will no longer be part of my subscriptions.
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
10-Nov-2009, 09:47 PM #25
HJT log-----

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:46:21, on 11/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Documents and Settings\Evan\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=3070619
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {fe99290b-2469-4106-a208-1a03b2346c1f} - dalusulo.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [PhilipsDM] C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe OS_STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LxrAutorun] C:\Documents and Settings\Evan\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MtdAcqu] "C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1182544253984
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1195533471045
O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 7998 bytes
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
10-Nov-2009, 09:48 PM #26
There was no log for the "Kaspersky" scan. Just a blank report. Ran for almost 2 hours.

MSUTB of course is still popping up and "found new hardware" but only shows on reboot/start up.

Everything else seems to be running without any hiccups whatsoever.
Last edited by lemons12; 11-Nov-2009 at 01:03 AM..
shinybeast's Avatar
Computer Specs
Senior Member with 513 posts.
  
Join Date: Sep 2008
Location: Western North Carolina
Experience: Intermediate
11-Nov-2009, 09:06 PM #27
Hello lemons12,

I asked you to disable AVG, not uninstall it. You are now running unprotected which is unwise.

If you want to re-install AVG, please do that. The current version can be found here.
Note: If you install AVG, I suggest you uncheck the optional "Security Toolbar" during installation.

Otherwise, I can recommend the free versions from the vendors listed below. Please install one and only one now.
Note: Running more than one antivirus can make your computer unstable and provides no additional benefit.

Avast! Home Edition
Avira AntiVir


Scan with Antivirus

Once you install an Antivirus, please update it's definitions and perform a scan of your system with it. After you scan with your chosen Antivirus, please save a report and post results here.


As for the missing .dll, my best suggestion is to get it from another computer running XP SP3, if you have access to one (a friend or family member perhaps). The ones floating around the internet are for earlier versions of XP and I do not recommend you use them. The file should be placed in C:\Windows\System32\ should you find a copy.


Please describe the "little USB link" you are seeing at bootup in more detail. At the moment I don't have any idea what it could be.


Please post the virus scan report and a new HijackThis log in your next reply with info about the tray icon.
__________________
Graduate of Malware Removal University. You too could train to help others.

Threads not responded to for 5 days will no longer be part of my subscriptions.
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
12-Nov-2009, 02:59 AM #28
Avast is not user friendly at all IMHO. I can navigate around on electronics/programs pretty fairly and it is not easy on Avast.
I can't comment on the protection because I just got it.. But for overall it gets a in my book.
As far as protection, in your opinion, what is the best anti virus out there right now? I would like it to be user friendly, but I will figure it out if it is a good anti virus.

As for the other thing. Window pops up saying "new hardware wizard helps you DL hardware" or something of the sort. It helps to download: unknown. After I close that window the little icon that tells you a thumb drive is in the USB port pops up and then goes away.
I don't think this is effecting anything, just is annoying on start up is all. Computer is running much faster now and not as many errors as before.

I ran Avast one time and it didn't give me a log and I looked around for it with no luck. I changed the setting to "show log" and am running one currently. I will post up that log and a new HJT log. The Avast scan did not come back with anything. I ran a "quick" scan. I will run a "full" scan tomorrow when I have time, if it reveals anything I will give that log along with a new HJT log.

Thanks
shinybeast's Avatar
Computer Specs
Senior Member with 513 posts.
  
Join Date: Sep 2008
Location: Western North Carolina
Experience: Intermediate
12-Nov-2009, 05:12 PM #29
Hi lemons12,

Any of the three free antivirus programs mentioned are OK. Whatever works for you. What is user-friendly is a matter of individual preference. If you want a non-free solution, I would recommend (in no particular order) Avast, Bitdefender, ESET, F-Secure. Antivirus programs are important for their ability to keep baddies from getting a foothold in your computer. I don't really ever interact with mine much. It just quietly does it's job. But with my online habits, it doesn't ever have to do any heavy work. Your habits online greatly impact how much malware your computer will be exposed to.


Please inform me of any USB devices attached to computer when you boot up.
__________________
Graduate of Malware Removal University. You too could train to help others.

Threads not responded to for 5 days will no longer be part of my subscriptions.
lemons12's Avatar
Computer Specs
Member with 30 posts.
  
Join Date: Nov 2009
Experience: Beginner
12-Nov-2009, 10:19 PM #30
0 files are infected after scanning with Avast, still no log (I guess if nothing is there to log, it doesn't make one.. Obviously).

HJT------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:16:41, on 11/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Documents and Settings\Evan\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=3070619
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {fe99290b-2469-4106-a208-1a03b2346c1f} - dalusulo.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [PhilipsDM] C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe OS_STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LxrAutorun] C:\Documents and Settings\Evan\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MtdAcqu] "C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1182544253984
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1195533471045
O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8389 bytes





QUESTION---


If I want to run a scan on my comp for a virus/' would I need to manually do it with malwarebytes (free version)/manually do it with Avast (free version). Or do both those programs scan everything on their own?

Thanks!
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
Page 2 of 3 1 2 3

Tags
red x blue background

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 10:13 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.