I was checking my e-mail two days ago(Jan 26, 2010), and I started getting pop-ups saying that my system may be at risk from a malicious virus, and a systray icon that I couldn't right-click on. I would close the pop-up window and it would re-appear in about three minutes with the same pop-up. It wouldn't let me access my taskmanager, or any systems opperations. After doing some searching I downloaded, "Hijackthis", and was able to close, and delete the virus, or so I thought! I deleted it with the "delete on re-boot" option. When I restarted my system, it would log on, and then immediately log off. I contacted Dell and they said that it seemed to have deleted my "logon file" when I deleted the virus, but dell tecs would not offer anymore help unless I brought it to them for $129. So I tried re-installing my Windows XP home edition, and it wouldn't work. It said that there was a missing file. I tried it again yesterday and it did work but I use a screen reader because I'm blind and when it got to the registration section I had to stop and wait until someone came over to help me. About eight hours later the computer had shut down and when I cut the computer back on, it went to the original windows program, but now it will logon. When it came on my screen reader(Zoomtext 8) would not launch because of an "OSC" problem. I re installed Zoomtext, and it worked. Now Internet Explorer won't work from the desktop, and I can access the desktop properties but I can't change my background image. I have a background that says "YOUR SYSTEM IS INFECTED","System has been stopped due to serious malfunction spyware activity has been detected","It is recommended to use spyware removal tool to prevent data loss do not use computer before all spyware removed". Please help me fix this, and thank you for your time.
Here is a copy of my log
DDS (Ver_09-12-01.01) - NTFSx86
Run by Schmann Thompson at 9:02:03.56 on Thu 01/28/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.152 [GMT -5:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Broadcom\Security Platform Software\PSDsrvc.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ZoomText 8.1\Zt8.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Schmann Thompson\Local Settings\Temporary Internet Files\Content.IE5\2SOSWCM8\dds[1].scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\winlogon32.exe
BHO: Gamevance: {0ed403e8-470a-4a8a-85a4-d7688cfe39a3} - c:\program files\gamevance\gamevancelib32.dll
BHO: AhIeBho Class: {10384d0e-2bc1-48b6-844b-ad0e9e6d2511} - c:\program files\zoomtext 8.1\ahoi\ah_ie_bho.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Gamevance Text: {beac7dc8-e106-4c6a-931e-5a42e7362883} - c:\program files\gamevance\gvtl.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_C5284CC30AB3000E.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Internet Security 2010] c:\program files\internetsecurity2010\IS2010.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [IfxSecurePlatformIndication] c:\program files\broadcom\security platform software\SpTNA.exe
mRun: [PSDruntime] c:\program files\broadcom\security platform software\PSDrt.EXE
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0\bin\jusched.exe
mRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\mobile2\application launcher\Application Launcher.exe" /startoptions
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Gamevance] c:\program files\gamevance\gamevance32.exe a
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [smss32.exe] c:\windows\system32\smss32.exe
mRun: [Xzugi] rundll32.exe "c:\windows\ozumiyap.dll",Startup
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\setpoint.lnk - c:\program files\setpoint\SetPoint.exe
uPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
uPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
uPolicies-system: DisableTaskMgr = 1 (0x1)
mPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_803138DCE93649E4.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
LSP: c:\windows\system32\helper32.dll
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_C5284CC30AB3000E.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: IfxWlxEN - IfxWlxEN.dll
Notify: PSDNtfy - c:\program files\broadcom\security platform software\PSDNtfy.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli rus3d40.dll
============= SERVICES / DRIVERS ===============
R1 Ai2sXP;Ai2sXP;c:\windows\system32\drivers\Ai2sXP.sys [2009-9-21 7168]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-9-21 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-9-21 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-9-21 108552]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2005-3-11 29283]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-9-21 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-9-21 297752]
R2 dmsmbios;dmsmbios;c:\windows\system32\dmsmbios.sys [2001-5-30 16480]
=============== Created Last 30 ================
2010-01-28 12:12:31 0 d-----w- c:\windows\system32\CatRoot_bak
2010-01-27 14:45:05 28288 -c--a-w- c:\windows\system32\dllcache\xjis.nls
2010-01-27 14:43:58 36927 -c--a-w- c:\windows\system32\dllcache\padrs411.dll
2010-01-27 14:42:55 13463552 -c--a-w- c:\windows\system32\dllcache\hwxjpn.dll
2010-01-27 14:41:53 45056 -c--a-w- c:\windows\system32\dllcache\EXCH_aqadmin.dll
2010-01-27 14:39:44 488 ---ha-r- c:\windows\system32\logonui.exe.manifest
2010-01-27 14:39:37 749 ---ha-r- c:\windows\WindowsShell.Manifest
2010-01-27 14:39:37 749 ---ha-r- c:\windows\system32\wuaucpl.cpl.manifest
2010-01-27 14:39:37 749 ---ha-r- c:\windows\system32\sapi.cpl.manifest
2010-01-27 14:39:37 749 ---ha-r- c:\windows\system32\ncpa.cpl.manifest
2010-01-27 14:39:26 0 d-----w- c:\program files\Online Services
2010-01-27 14:39:16 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-01-27 14:38:37 32768 -c--a-w- c:\windows\system32\dllcache\icwdl.dll
2010-01-26 17:32:07 0 d-----w- c:\program files\Trend Micro
2010-01-26 15:15:20 0 ----a-w- c:\windows\system32\15724.exe
2010-01-26 14:55:15 0 ----a-w- c:\windows\system32\19169.exe
2010-01-26 14:35:07 38912 ----a-w- c:\windows\system32\26500.exe
2010-01-26 14:15:06 0 ----a-w- c:\windows\system32\6334.exe
2010-01-26 13:55:04 38912 ----a-w- c:\windows\system32\18467.exe
2010-01-26 13:51:16 0 d-----w- c:\program files\InternetSecurity2010
2010-01-26 13:38:51 0 ----a-w- c:\windows\Mfucanimifi.bin
2010-01-26 13:38:50 120 ----a-w- c:\windows\Lpaqumezimimi.dat
2010-01-26 13:35:02 38912 ----a-w- c:\windows\system32\41.exe
2010-01-26 13:34:37 25088 ----a-w- c:\windows\system32\helper32.dll
2010-01-26 13:34:18 2931 ----a-w- c:\windows\system32\warning.html
2010-01-26 13:30:17 1 ----a-w- C:\s
2010-01-21 17:18:54 33846 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp FLAC Codec.bmp
2010-01-21 17:18:54 3018 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
2010-01-20 15:48:29 0 d-----w- c:\program files\Windows Media Connect 2
2010-01-20 15:45:42 0 d-----w- c:\windows\system32\LogFiles
==================== Find3M ====================
2010-01-27 14:38:07 22720 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-21 17:17:56 522928 ----a-w- c:\windows\system32\SpoonUninstall.exe
============= FINISH: 9:02:57.25 ===============