edbink

Can you help with this, I had several people using my computer this weekend and now it's useless. Evertime I turn it on this XP security pops up and it's now taken over IE so it won't let me go online. I have a second computer so I downloaded the defogger and DDS programs and copied them over. I ran Defogger then DDS and I have attached the log. I tried to run the GMER but got an error that "Windows can not access specified device, path or file. You do not have apporiate premission to access them" So I can't go any furhter. Thanks for the help. . DDS (Ver_11-03-05.01) - NTFSx86 Run by Ed Binkley at 4:43:51.50 on Tue 04/26/2011 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2473 [GMT -4:00] . AV: Trend Micro Client/Server Security Agent Antivirus *Enabled/Updated* {0D13DF07-CD7C-49F9-864B-C8C621D3AE6A} FW: Trend Micro Personal Firewall *Enabled* . ============== Running Processes =============== . C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\WiFi\bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IDT\WDM\stacsv.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\dlcqcoms.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\WINDOWS\system32\svchost.exe -k HPService C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 c:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe C:\Program Files\Intel\WiFi\bin\WLKeeper.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\SearchIndexer.exe c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe c:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe c:\Program Files\Trend Micro\BM\TMBMSRV.exe c:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\HostedAgent.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\DellTPad\Apoint.exe C:\WINDOWS\system32\AESTFltr.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\OA015Mon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe C:\Documents and Settings\Ed Binkley\Local Settings\Application Data\juq.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\iPod\bin\iPodService.exe c:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter c:\Program Files\Trend Micro\Client Server Security Agent\CNTAoSMgr.exe c:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe E:\Malware\dds.pif . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.bing.com uSearch Bar = hxxp://www.bing.com/sphome.aspx uInternet Settings,ProxyOverride = *.local mSearchAssistant = hxxp://www.bing.com/sphome.aspx BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\client server security agent\bho\1010\TmIEPlg.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg mRun: [nwiz] nwiz.exe /installquiet mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start mRun: [OA015Mon] c:\windows\OA015Mon.exe mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe mRun: [intelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe" mRun: [intelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray mRun: [intelWirelessWiMAX] "c:\program files\intel\wimax\bin\WiMAXCU.exe" /tasktray /nosplash mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe" mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe mRun: [uSCService] c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2 mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\client server security agent\pccntmon.exe" -HideWindow mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume mRun: [OE] "c:\program files\trend micro\client server security agent\tmas_oe\TMAS_OEMon.exe" mRun: [dlcqmon.exe] "c:\program files\dell photo aio printer 966\dlcqmon.exe" mRun: [MemoryCardManager] mRun: [DLCQCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCQtime.dll,_RunDLLEntry@16 mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tdmnot~1.lnk - c:\program files\wave systems corp\trusted drive manager\TdmNotify.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\client server security agent\bho\1010\TmIEPlg.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Authentication Packages = msv1_0 wvauth . ============= SERVICES / DRIVERS =============== . R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdfltn.sys [2010-9-11 17072] R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2009-11-20 278304] R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2010-3-24 812448] R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2010-3-24 27040] R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2010-2-8 376688] R2 DMAgent;Intel Attach.txt