Virus Came, Virus Went, Took TASKBAR with it?

Okay, so, tonight I went down to uni to do some downloading. But when I returned, I returned to see a virus. which is rare, since, well.. I havent had a virus in like 5 years.

POINT IS.

it was one of those Pops up with fake antivirus things, blocks internet, blocks this blocks that... I did a scan with malaware bytes, got rid of something, reset my computer... but thankfully my WinPatrol kicked in and stopped the virus from activating itself. SO I ran malaware bytes, cleared off the virus, reset again, no winpatrol messages of the virus trying to activate itself, did another malaware bytes scan, ect... So now the virus is basically gone, as far as I can tell its gone. I can get back on the internet, I was able to update my malaware bytes and avira... but... thats not the problem.

The problem is, something in my removal seemed to have royally screwed my task bar.

the pictures attached show what I mean, (ignor the file names and stuff, I orignally posted them on /b/ to see if they could help)

So the first and second picture shows the problem, all icons bar sound and network refuse to show. Which would be fine, if not for the other problem ive had. The grey boxes just, keep, growing. The section used by the icons keeps growing and growing until it crashes like is seen in the second picture... right now it is basically half filling the entire taskbar with em.

The third picture shows an attempt I made to fix it, on /b/ someone told me a possible way to fix it, with the following highlights

"4. Browse to the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution.options

5. Under this key there will be subkeys named explorer.exe and iexplorer.exe. Delete the explorer and iexplorer keys entirely. They should not be listed under the Image"

But as the third pic shows... those keys are not there TO delete.

I have no idea what to do, I have reset many times, kept scanning for viruses and problems, but nothing. WHAT THE HECK IS GOING ON.

Vista 64 Bit Home Premium
Service pack 3

HELP! ;-;
 

Attachments

  • wat dis.jpg
    wat dis.jpg
    40.2 KB · Views: 25
  • wat dis 2.jpg
    wat dis 2.jpg
    68.9 KB · Views: 25
  • wat dis 3.jpg
    wat dis 3.jpg
    63 KB · Views: 23

My Computer

Download DDS from one of these links:
Mirror 1 Mirror 2 Mirror 3
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--- this will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next reply.
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics Card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device.
    One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Keyboard
    Standard PS/2 Keyboard
    Mouse
    Microsoft PS/2 Mouse
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
Before I post, I must make note of THIS line.

"2010-08-29 09:40:14 190976 ----a-w- c:\windows\Iwigea.exe"

Prevx (which I downloaded just to deal with this virus) says that this is a virus, but, wont remove it because I just have a trail. No other programs like malaware bytes seems to work. I also have a program called Win Patrol on here that basically monitors new starting processes and ****. It nerfed the virus mainly when it first happened, but this taskbar thing... IM afriad I may have deleted something important to the taskbar or something, since, the bug even started to happen in safe mode.

Contents included as required.


DDS.txt

DDS (Ver_10-03-17.01) - NTFSX64
Run by Owner at 8:25:55.65 on Mon 30/08/2010
Internet Explorer: 7.0.6002.18005
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.61.1033.18.4094.1833 [GMT 10:00]

SP: Avira AntiVir PersonalEdition *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Prevx\prevx.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\gMSN.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Opera\Opera.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\msiexec.exe
C:\Users\Owner\AppData\Local\Opera\Opera\temporary_downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.neopets.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: IE to GetRight Helper: {31ff080d-12a3-439a-a2ef-4ba95a3148e8} - c:\program files (x86)\getright\xx2gr.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: &Google Web Accelerator Helper: {69a87b7d-de56-4136-9655-716ba50c19c7} - c:\program files (x86)\google\web accelerator\GoogleWebAccToolbar.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Neopets: {cd292324-974f-4224-d074-caca427aa030} - c:\progra~2\neopets\toolbar\Toolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Neopets: {cd292324-974f-4224-d074-caca427aa030} - c:\progra~2\neopets\toolbar\Toolbar.dll
TB: Google Web Accelerator: {db87bfa2-a2e3-451e-8e5a-c89982d87cbf} - c:\program files (x86)\google\web accelerator\GoogleWebAccToolbar.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files (x86)\common files\ahead\lib\NMBgMonitor.exe"
uRun: [SpybotSD TeaTimer] c:\program files (x86)\spybot - search & destroy\TeaTimer.exe
uRun: [DAEMON Tools] "c:\program files (x86)\daemon tools\daemon.exe" -lang 1033
uRun: [NVIDIA nTune] "c:\program files (x86)\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [Sony Ericsson PC Suite] "c:\program files (x86)\sony ericsson\sony ericsson pc suite\SEPCSuite.exe" /systray /nologon
uRun: [ISUSPM Startup] c:\progra~2\common~1\instal~1\update~1\isuspm.exe -startup
uRun: [BandwidthMonitor] c:\program files (x86)\bandwidthmonitor\BWMonitor.exe
uRunOnce: [Shockwave Updater] c:\windows\syswow64\adobe\shockwave 11\SwHelper_1103471.exe -Update -1103471 -"Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.15 Version/10.10" -"http://www.neopets.com/games/dgs/play_shockwave.phtml?va=&game_id=349&nc_referer=&age=1&hiscore=30885&sp=0&questionSet=&r=6865970&width=600&height=440&quality=high"
mRun: [WinPatrol] "c:\program files (x86)\billp studios\winpatrol\winpatrol.exe"
mRun: [CloneCDTray] "c:\program files (x86)\slysoft\clonecd\CloneCDTray.exe" /s
mRun: [PWRISOVM.EXE] "c:\program files (x86)\poweriso\PWRISOVM.EXE"
mRun: [avgnt] "c:\program files (x86)\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files (x86)\java\jre6\bin\jusched.exe"
mRun: [HP Software Update] c:\program files (x86)\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [VMware hqtray] "c:\program files (x86)\vmware\vmware player\hqtray.exe"
StartupFolder: c:\users\owner\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenote 2007 screen clipper and launcher.lnk - c:\program files (x86)\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\hp digital imaging monitor.lnk - c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\logitech setpoint.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\run google web accelerator.lnk - c:\program files (x86)\google\web accelerator\GoogleWebAccWarden.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with GetRight - c:\program files (x86)\getright\GRdownload.htm
IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000
IE: Open with GetRight Browser - c:\program files (x86)\getright\GRbrowse.htm
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\imvu\Run IMVU.lnk
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll
LSP: c:\program files (x86)\vmware\vmware player\vsocklib.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {2CA2C9B8-E4F6-4BE9-8601-52ED0AFBA79D} - hxxp://asp.mathxl.com/books/_Players/AccountingPlayer.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: {E4067085-D005-48CE-B3B0-8263146951D3} = 125.254.90.11 125.254.64.203
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\Skype4COM.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
TB-X64: {CD292324-974F-4224-D074-CACA427AA030} - No File
TB-X64: Google Web Accelerator: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} -
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun-x64: [CanonSolutionMenu] "c:\program files (x86)\canon\solutionmenu\CNSLMAIN.exe" /logon
mRun-x64: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun-x64: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
mRun-x64: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey

============= SERVICES / DRIVERS ===============

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-3-31 81072]

=============== Created Last 30 ================

2010-08-29 15:10:36 60928 ----a-w- c:\windows\syswow64\PxSecure.dll
2010-08-29 15:10:36 56320 ----a-w- c:\windows\system32\drivers\pxrts.sys
2010-08-29 15:10:36 34696 ----a-w- c:\windows\system32\drivers\pxscan.sys
2010-08-29 15:10:35 22336 ----a-w- c:\windows\system32\drivers\pxkbf.sys
2010-08-29 15:10:33 0 d-----w- c:\program files\Prevx
2010-08-29 14:56:47 0 d-----w- c:\programdata\PrevxCSI
2010-08-29 14:38:31 50 ----a-w- c:\windows\wininit.ini
2010-08-29 12:30:23 0 d-----w- c:\program files (x86)\Microsoft Antimalware
2010-08-29 12:29:26 0 d-----w- c:\program files\Microsoft Security Essentials
2010-08-29 12:28:07 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-29 09:40:14 190976 ----a-w- c:\windows\Iwigea.exe
2010-08-29 09:39:05 5 ----a-w- C:\zrpt.xml
2010-08-21 02:19:02 0 d-----w- c:\program files\GOG.com
2010-08-20 03:22:10 0 d-----w- c:\windows\ThePack133-TAMVersion
2010-08-14 00:49:17 0 d-----w- c:\program files (x86)\Blockland
2010-08-13 23:39:17 0 d-----w- c:\program files (x86)\PCSX2 0.9.7
2010-08-06 02:30:52 1 ----a-w- c:\windows\syswow64\SI.bin
2010-08-05 08:20:20 0 d-----w- c:\program files\NTCore

==================== Find3M ====================

2010-08-29 22:17:29 79431 ----a-w- c:\programdata\nvModes.dat
2010-07-24 03:02:01 86016 ----a-w- c:\windows\inf\infpub.dat
2010-07-24 03:02:01 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-07-24 03:01:32 143360 ----a-w- c:\windows\inf\infstor.dat
2010-06-01 18:55:30 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-01 18:55:30 74072 ----a-w- c:\windows\syswow64\XAPOFX1_5.dll
2010-06-01 18:55:30 527192 ----a-w- c:\windows\syswow64\XAudio2_7.dll
2010-06-01 18:55:30 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-01 18:55:30 239960 ----a-w- c:\windows\syswow64\xactengine3_7.dll
2010-06-01 18:55:30 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-06-01 17:37:48 270208 ------w- c:\windows\system32\MpSigStub.exe
2009-09-04 11:26:26 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-02-23 10:43:28 266240 ----a-w- c:\program files (x86)\Uninstall Pando Toolbar.dll
2008-02-11 14:29:24 174 --sha-w- c:\program files\desktop.ini
2008-02-11 14:29:24 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-09-26 09:10:22 66936 --sha-w- c:\windows\hrinfo_0.drv
2009-08-21 23:59:13 80 --sh--r- c:\windows\syswow64\39AAE13091.dll
2006-05-03 10:06:54 163328 --sh--r- c:\windows\syswow64\flvDX.dll
2007-02-21 11:47:16 31232 --sh--r- c:\windows\syswow64\msfDX.dll
2008-03-16 13:30:52 216064 --sh--r- c:\windows\syswow64\nbDX.dll

============= FINISH: 8:31:32.32 ===============

Removed the program list lol
 
Last edited:

My Computer

I should also update, last night I did another scan, got rid of some more AHEM with malaware bytes.

No change to my taskbar persay, however, it has stopped growing and turned... erm.. black. At least it isnt crashing anymore, so I can keep doing stuff now... but, eh, Im still rather annoyed that ONLY prevx seems to be able to detect this last "iwigea.exe" I dont want to delete it myself, since god knows what it is linked to in my registry.

THe reason my virus programs are mainly out of date, is since I have very limited internet where I am, and it costs lik $10 per GIG. So I can only really update anything when I go home. Thats another reason why formatting isnt really an idea, since, I wouldnt have the internet to actually download all the windows updates Id need.

Im updating them now, well, most. And yes I continued the same /b/ style naming. Just because I like having all my names well sorted lol. Hrm, I need to check my bank account... Not doing it on this though, my virtual machine isnt infected ill use that. its not internet activated anyway blarg
 
Last edited:

My Computer

My Computer

System One

  • Manufacturer/Model
    Compaq
    CPU
    intel core 2 duo T 5550 @ 1.83 MHz
    Motherboard
    intel 965 chipset family
    Memory
    2 GB DDR 2 SD RAM @ 667 MHz
    Graphics Card(s)
    On board upto 358 MB RAM
    Sound Card
    Onboard
    Monitor(s) Displays
    15"
    Hard Drives
    160 GB WDC
hey wow, It picked up iwigea like the other program did ... im glad it had a free license too

im about to reset, ill update when i have

Reset, but nothing has really changed. Im doing another scan with it to see if anything is left but my taskbar is still dead. not black anymore but im guessing it will just keep the image of anything I scroll over it anyway. yep, *sigh.

As for repair installs, that has instructions for SP1 and 2, - yeah im a moron, Didnt realise there wasnt a SP3 yet XD

Well the second scan came up with nothing new bar a tracking cookie that must have just popped up. Aka, the virus is apparently fully gone now. Though my taskbar is still ahemed
 
Last edited:

My Computer

hrm, odd. I went into performance info and tried to change the taskbar back to the vista defualt one, you know with all the colours and stuff. BUT when I did, it did not turn to the good graphics... So yeah, Odd. I couldnt change my performance options
 

My Computer

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics Card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device.
    One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Keyboard
    Standard PS/2 Keyboard
    Mouse
    Microsoft PS/2 Mouse
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio

My Computer

I realised that now that I had cleared the virus, I might as well just try a system restore to deal with the taskbar problem and it worked woo.

Thanks for the help in finding other parts of the leftover virus, and offering the prevx alternative. Ill be removing all my logs and stuff from the post, since, well, I dont want people to realise just how big of a gamer I am if they look on my programs list lol.
 

My Computer

Back
Top