Posts by _Jen_

Hi--it was in my previous reply.

See for more details: > http://speccy.piriform.com/results/Su22O3lMnIsE6mcGO0mGMpQ

Thanks, rproffitt, for the link. See for more details: Click Here

To your initial response: My computer's no longer under warranty. I think I void the warranty by installing a new PSU and an additional HDD, both of which I've done. I'd have to look further into th at. I realize it may be the motherboard, in which case that really sucks, but I was hoping to bring it here to see if there was anything that stuck out to anyone.

Hello,

Short Summary: My desktop unexpectedly turns off (note, does not shut down, but simply turns off), usually while I am playing high intensity games, like Playerunknown Battlegrounds. To circumvent this problem, I bought and installed a new power supply (750W). The issue happens less frequently, but has still happened twice since installing the new power supply a couple weeks ago. There are no beeps sounding when I boot, and there are no error messages or warnings given.

Specs:
See attached DxDiag.txt.

I appreciate any suggestions for how to combat this. Please let me know what I can do to assist in this process. Thanks.

"In the function, it may be going through too many times (being a logical error; that'd be the less probable cause). The other scenario is that you may be giving it a wrong number, such as a number that exceeds the list of nodes, like going to a pointer that doesn't point to anything, based on what you think is the error. I'd have to look at all the code."

-- Mike

Okay. Thanks. :) Admittedly, I only replied to remind that my thread was solved. ;) I was surprised when I woke up to a few e-mails saying I had new replies, no offense of course. I don't mind.

Um, thanks for the suggestion! :D In any case, my problem's solved, but I know that a lot of these infections are also on case-by-case basis - or so I'm told, and I'm naive enough to believe what it is that I'm told. At least, I've read that you're not supposed to follow general advice.

In any case, I would, personally, have a hard time turning off System Restore because I've had a lot of problems with it in the past (due to the age of my computer) and I wouldn't want to make any changes I'd regret.

Okay, everything that should have been downloaded, deleted and/or updated has been.

I'll certainly look into the Power Supply Unit. After having gone through all this trouble (within the past years, too), I certainly wouldn't want my computer to one day give up on me. ;)

Thank you very much for all your help, and to everyone else who offered help/advice, as well. I appreciate it a lot and couldn't have fixed my computer without the guidance.

I'm sorry for the confusion. I downloaded SP3 before that. Umm, let me check my post... Three hours ago, when I started my post with, 'Your suspicion was correct!', that was after I downloaded SP3. I installed all the other updates after that, that I could. After I installed SP3, I fixed Java, and then updated my version Internet Explorer and did those updates.

Installed and updated. :)

"You have successfully installed Java." Thank you. :D

I still had that same error. :(

Sorry it's so long!

. . . actually, i don't think that's right. please hold.

ETA: I was 99% sure I had a log. I can't locate it now. But I'll run the program again to double-check if Java components are all gone.

_________

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Jun 21 18:42:17 2011

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

------------------------------------

Finished reporting.

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Jun 21 22:22:53 2011

Found and removed: C:\Documents and Settings\Pirates Only\Application Data\Sun\Java\jre1.6.0_21

Found and removed: Software\JavaSoft\Java Update

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_21

------------------------------------

Finished reporting.

____________________

Going to be trying to install Java again.

Yes, I did. Would you like to see the log?

Your suspicion was correct! Everything is precisely as it should be and now (hopefully) everything is up-to-date. :)

ETA:

And I spoke too soon. I just went to actually run the Java Installer that I downloaded prior to updating to SP3, and this message came up as it attempted to install:

Internal Error 2753. regultils.dll

Sigh. :(

Jen, you can go here to get your java update. Much easier page.You evidently chose the 64bit version of the program and you are running a 32bit, that's why you got that message.

Thanks, much. :)

I'm also downloading SP3. Crossing my fingers that my files don't get deleted, since I'm not backing all of them up.

ETA: Haha, missed YOUR edit. :) Okay, thanks. I'm just saving some things on a flash drive now, and I'll let you know how it all turns out.

Oh, and since that scan made me feel self-conscious, I updated IE, even though I don't use it. :$ I also thought I updated Adobe, but that was right around the time the rootkit/malware got a hold of my computer, so maybe it didn't work... Or maybe my system restore reverted it.

Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

I ran into a problem on this step. I went to this website and clicked the red 'download' button under JRE. I wasn't sure which file to pick, so I went with the last Windows file available (Windows x64), saved it to my desktop, and tried to run it, and got the message that the file wasn't a valid Win32 process.

I don't want to mess anything up, but I was looking specifically for JRE. Is there something else I should be looking into?

Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt
Please post the contents of that document in your next reply.

Results of screen317's Security Check version 0.99.14
Windows XP Service Pack 2
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG Free 9.0
ESET Online Scanner v3
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
Java(TM) 6 Update 21
Out of date Java installed!
Flash Player Out of Date!
Adobe Flash Player 10.2.152.26
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
AVG …

OTL logfile created on: 6/21/2011 8:40:04 AM - Run 2
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Pirates Only\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 60.84% Memory free
2.01 Gb Paging File | 1.44 Gb Available in Paging File | 71.50% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.69 Gb Total Space | 38.49 Gb Free Space | 50.19% Space Free | Partition Type: NTFS
Drive E: | 11.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JENNYSCOMPUTER | User Name: Pirates Only | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/20 11:16:20 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pirates Only\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware-2\mbamgui.exe
PRC - [2011/05/29 09:11:28 …

Oh! I'm sorry. I forgot the Quick Scan, didn't I? :$ Ooops! I'll do that now.

Okay! I guess I jumped the gun when I last posted the log. For some reason, it seems that when I leave processes running, OTL wants to work, but once I close out of everything, it doesn't. Maybe last night was just a fluke!

I ran OTL and it killed the processes swiftly and finished the scan even faster. Reboot was normal and did not take any lengthy amount of time to actually shut down my computer. :) Also, it seems that the way the file ends is just abrupt like that, because I didn't instigate any interruptions this time.

I'd like to add, thank you again for all your help. I really appreciate it!
___________________________________

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultUrl| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\objects\ not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Application Data

User: Default User
->Flash cache emptied: 0 bytes

User: Evanescence

User: Guest
->Flash cache emptied: 0 …

I was waiting 7 - 10 minutes. Last night, OTL didn't kill processes, and I ended up dozing while it was evidently trying to do so. My computer settings are such that, after an hour of inactivity, my computer goes onto standby. I wiggled the mouse around 1 am and nothing happened, so I figured I'd let it be. When I checked my PC at 8 am, it was still on the 'Windows is preparing to go into standby' mode.

:(

Perhaps that same thing would have happened with shut down? Although OTL was unsuccessful, I'll try it again. I can't think what would have caused this.

Although I can't offer you any advice on how to fix your problem (since I'm nowhere close to a professional, and would never claim to be), I can only suggest that for other people to help you, you check out the advice given on the website itself before you actually post.

In order for anyone to be able to help you, they'll need to know a little bit more about your problem in depth. Try reading this file, and updating your thread. :)

Click here.

I ran it with the instructions, but I'm nervous that I messed something up? I was looking at the file after I rebooted, and I noticed it sort of ended abruptly. I think that's due to the fact that I was getting nervous that there was something wrong once I agreed to reboot, because my computer just stayed on the "Windows is shutting down..." screen, so I forced it to turn off.

If what I thought is correct, then sorry. :( Sort of panicked. I didn't think that things would actually be removed upon reboot.
_______________________________________________

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultUrl| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\objects\ deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Application Data

User: Default User
->Flash cache emptied: 0 bytes

User: Evanescence

User: Guest
->Flash cache emptied: 0 bytes

User: Jen
->Flash cache emptied: 32470 bytes

User: LocalService
->Flash cache emptied: 9295 bytes

User: …

Malwarebytes' Anti-Malware Log:

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6902

Windows 5.1.2600 Service Pack 2 (Safe Mode)
Internet Explorer 6.0.2900.2180

6/20/2011 1:00:44 PM
mbam-log-2011-06-20 (13-00-44).txt

Scan type: Full scan (C:\|)
Objects scanned: 301814
Time elapsed: 1 hour(s), 11 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

* When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
* Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Thanks! The results are in:

OTL logfile created on: 6/20/2011 11:16:51 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Pirates Only\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.79 Gb Available Physical …

Hi Jen, Crunchie isn't here at the moment. The TDSKiller DID remove a rootkit. It is highly likely that you do still have infection on the computer.
Your version of MBA-M is a year out of date. Current version is 1.51.0.1200 and current database is at least database version 6897. So your database is over 2800 updates behind.

You need to update your MBA-M program to the latest version and latest database and run another Full Scan with it. Have it Remove Everything found and then Reboot the computer>>>this is VERY important as some of the removals may not be completed until the computer is rebooting.
Once you have done this then post back here with that new log and we will give you additional steps.

Thank you, too, for your help. I updated MBAM last night, but after two attempts to run a full scan, I think I might try downloading a version or two earlier. Both times, I left the program to run the scan on its own and didn't touch anything, and both times when I checked, MBAM has "encountered a problem and needs to close."

I'll be sure to post the log when I get it. :)

The PSU is the unit at the back of the computer that the mains cable plugs into. To remove it, there are 2 screws that hold the side panel on, you have to remove them and the side panel. Inside the computer, the PSU will have cables running to the motherboard as well as things like the hard drive and the floppy drive. You unplug them all (taking photo's with a digital camera or a mobile phone is a good idea so you know where everything plugs). Then just remove the 4 screws that hold the PSU in at the back of the computer and pull the PSU out. There are plenty of tutorials out on the net which can easily be found with google. http://www.videojug.com/film/how-to-...s-power-supply for example.

Thanks much on the advice. I'll be sure to look into it.

Please do not attach files but paste them in your reply.

Please read carefully and follow these steps.

* Download TDSSKiller and save it to your Desktop.
* Extract its contents to your desktop.
* Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

* If an infected file is detected, the default action will be Cure, click on Continue.

* If a suspicious file is detected, the default action will be Skip, click on Continue.

* It may ask you to reboot the computer to complete the process. Click on Reboot Now.

* If no …

I'm not really sure what a PSU is, or how I'd go about installing it. Thank you for your advice, but could I try your patience a little longer and ask you to explain?

Hello!

I have Windows XP Home Edition SP2, Version 2002, which I run on eMachines version T2875. I began to run into a problem a day and a half ago, which hadn't seemed quite so drastic at the time. My default web browser is Firefox (version 3.6.17) and every time I started the process, it opened my homepage, as well as a new tab to a malicious website (they varied each time). Then, today, both Firefox and Task Manager took an excruciatingly long time to actually open. Although I'm aware of the fact I'm running an old computer, I still ran into the problem of waiting 5 - 10 minutes to see the programs open. The past two nights, I ran a full scan on Malwarebytes' Anti-Malware, and nothing was picked up. I also have AVG Free 9.0.901 and, to my knowledge that, too, picked nothing up. I ran a quick scan on MBAM earlier and still came up short. I also ran ESET Online Scanner, and that, too, came up short. Next, I ran rkill.exe - same result.

I studied my processes and couldn't find too many things out of the ordinary with what I found, with the exception of windows-kb890830-v.320-delta.exe, which I promptly ended. Evidently, it was okay to do so, because my computer certainly survived it. Anyway, following through with the instructions I was given, I ran all of the scans.

I hope that some help is able to be provided; it would be …

Okay, those "few more things" included talking to tech. support at Staples and getting advice from one of the employees, which mirrored the advice I was given here about wiping my computer if I didn't get anymore help from a website he suggested, namely tech. support guy.

They had me run ComboFix. I've run it twice, and after the second time running it, I can't seem to find any problems with my computer concerning iexplore.exe. I haven't tried to run in Safe Mode yet, but they told me there to download SP3, which I think I'll do. I also updated my anti-virus program (Grisoft's AVG) from 8.5 to 9 and it found an infection. I'll see if this'll solve it. If not, I'm going to order a CD from eMachines or Windows, I think.

The only problems I'm having now is that my web browser freezes every once in a while and is behaving very poorly as opposed to its normal standard, but I'll see if I can't fix that some other way. I'm not sure if it's because of recently downloaded programs taking up more space on my hard drive and making my PC slow since it's so old, or because of something else, but... It should be alright.

Thanks! I'll be keeping you updated, definitely.

Yes, indeed it would.
HDD stands for Hard Disk Drive (hard drive)
Reformatting is easy, once you start your PC with your Windows disc, just follow the prompts to delete the existing partition (which will erase all data on that drive) and then reformat it (which will make the drive as if it were new and ready for a clean install) to continue with the installation of Windows.
Since you currently have SP2, no need to rush in to SP3 yet.
That can wait till you get everything up and running properly.
Since you have also made it clear about being a novice, I will not attempt to guide you through any registry settings as deleting a wrong entry may render your current system unusable and at this point you have enough to think about.

Keep us posted

Don

Happy New Year!

I'm going to (with false hope) try just a few more things, but if I still can't fix my computer, I'm going to end up taking the advice to wipe it. I will keep you updated, and thanks again!

I'd edit again, but it seems I'm unable to. After uninstalling Internet Explorer and restarting my computer, I came back to find that Internet Explorer was ... still, in fact, installed, and that the virus was still, in fact, infecting my system.

... Excellent. It seems that the iexplore.exe virus isn't gone after all. That hardly lasted long.

...Are there any suggestions on its removal while I toy around with the idea of wiping my PC? I'd like to treat that as a last resort option.

Edit to Add:

I figured out how to get Internet Explorer off my system. I made all my hidden files visible and searched through my Windows files until I managed to find the uninstall package for Internet Explorer. Perhaps that will cease any virus problems, although I'm still unsure on how to search through my registry for the aforementioned "left overs."

Hello _Jen_,

Through your vigilant attempt to rid your ailing PC, I doubt that you will be able to clean it 100% and without having some sort of problem in the future, especially with XP.

If it were my PC, I would back up all important data, photos, music, etc: to disc or another HDD, if you know of anyone with a XP Home CD, see if you can borrow it and do a fresh/clean install, reformatting the HDD (just remember to use your product key). This method will ensure a virus/trouble free OS.

My title of Newbie Poster is extremely fitting, I assure you. I'll see what I can do about getting the disc, since I suppose after eight years, my computer might really benefit from being wiped, but I don't know what HDD stands for, or how I'd reformat it? Perhaps the latter could be helped with knowing what it is. Haha, sorry. . .

Download and copy to disc XPSP2 or 3 and make sure you do the install disconnected from the internet, this will prevent any install hang-ups, then install all your anti-virus and spyware programs.
Reconnect to the internet and reboot if necessary to obtain any further updates and validate XP.

Okay, download XP Service Pack 2 or 3 (currently, I have 2). The only discs that I have are ones that can hold 700 MB, which looks like it will be enough, according to Microsoft's website. ( Note: The …

First, do me a favour and run the Eset online scanner.
http://www.eset.com/onlinescan/
that will clean you up.

I downloaded it; 17 infections were found. I copied the information to my clipboard, receiving:

C:\Documents and Settings\Guest\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-352f55f0-42c5d702.class a variant of Java/TrojanDownloader.OpenStream trojan cleaned by deleting - quarantined
C:\Documents and Settings\Jenny\Local Settings\Temp\~TM557.tmp a variant of Win32/Kryptik.ANP trojan cleaned by deleting - quarantined
C:\Documents and Settings\Jenny\Local Settings\Temp\plugtmp-23\plugin-pfqe.php PDF/Exploit.Gen trojan cleaned by deleting - quarantined
C:\temp\Install_AIM.exe Win32/Adware.WBug.A application deleted - quarantined
C:\WINDOWS\system32\armbqohe.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\enubbbap.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\fPpWwyxx.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\fPpWwyxx.ini2 Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\gckaqqso.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\mljwgjxc.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\ngcoolqy.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\npurvlfn.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\poviodja.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\uhixutbw.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\ulxycham.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\WGPooUvw.ini2 Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\WINDOWS\system32\wulscxrn.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined

If it is definately still a hijacked iexplore causing an issue, uninstall it. But download a browser first, like ie8 or firefox

http://www.mozilla.com/en-US/firefox/personal.html

I have Firefox, version 3.0.16. I've been using it ever since I downloaded it I can't tell you how many months …

I have Windows XP Home Edition, Version 2002, which I run on eMachines version T2875. I also seem to have contracted a virus that uses Microsoft Internet Explorer to send pop-ups whenever I'm using Firefox, which is my main web browser. Yesterday, I noticed the virus for the first time, and ran AVG Free and Malwarebytes' Anti-Malware. AVG only managed to catch one infection, which was quarantined. MBAM caught 12 infections, and all were removed after rebooting ... or so I thought.

The virus comes up in my task manager processes as iexplore.exe. Every time it comes up, I end the task, though of course it comes back a bit later. I downloaded ATF-Cleaner and VundoFix with the intention of clearing out all my temporary internet files and running a scan while in safe mode, afterward running MBAM once more in safe mode, and then restarting my computer normally. Once the programs had been installed, I shut down my computer, then turned it back on, repeatedly pressing F8 until I was prompted into the safe mode menu. I chose Safe Mode, and received the message:

Windows could not start because the following file is missing or corrupt:
<Windows root>\system32\hal.dll.
Please re-install a copy of the file above.

My computer then re-booted and went back into safe mode. I chose to run safe mode once more, and was prompted as to whether or not I wanted to run "Windows XP Home Edition" or "Windows (default)". I …