Multiple iexplore.exe - Unable to log into websites

[Phylster29]

Hi

Recently i have encountered a problem when trying to log into websites that require username and password, the page just seems to reload and ask me for my details again. I know i am logged in as after returning to a website it will say 'session timed out'.
There are upto 3 iexplore.exe processes running in task manager at anyone time (when connected to the internet) along with maybe upto 8 or 9 svchost.exe processes too. 2 of the iexplore.exe processes are only using 350Kb.
I can browse the internet fine and don't encounter any strange pop ups or re-directs.
I have run multiple AV and Anti-Malware programmes and only ever found remnants of the koobface worm of which malwarebytes removed.
I did run a free scan with Spyware Doctor which found registry files Zlob.Trojan.

There seems to be no obvious or visible problem that i can see but would obviously appreciate any help in resolving the issue.

Many Thanks in advance

DDS Log as follows:-


DDS (Ver_09-06-26.01) - NTFSx86
Run by Sheryl at 19:44:20.46 on 29/06/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1015.336 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ZoneAlarm Security Suite Antivirus *On-access scanning enabled* (Updated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Security Suite Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\TalkTalk\bin\sprtsvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Sheryl\Desktop\Spyware Utils\dds.pif
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.mytalktalk.co.uk
mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
uInternet Settings,ProxyServer = http=127.0.0.1:9090
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\RegistryBooster.exe /S
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SMSystemAnalyzer] "c:\program files\iolo\system mechanic professional 7\SMSystemAnalyzer.exe"
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~3.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; YPC 3.2.0; SIMBAR={68DE6F97-3B51-459B-A88F-AA3873A3BDAB}; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" -"http://www.miniclip.com/games/skyboard/en/"
mRun: [LXCGCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCGtime.dll,_RunDLLEntry@16
mRun: [VTTrayp] VTtrayp.exe
mRun: [VTTimer] VTTimer.exe
mRun: [snpstd] c:\windows\vsnpstd.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [lxcgmon.exe] "c:\program files\lexmark 2300 series\lxcgmon.exe"
mRun: [HDAudDeck] c:\program files\viaudioi\hdadeck\HDeck.exe 1
mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s
mRun: [EzPrint] "c:\program files\lexmark 2300 series\ezprint.exe"
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TalkTalk] "c:\program files\talktalk\bin\sprtcmd.exe" /P TalkTalk
mRun: [Zone Labs Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: Open in new background tab - c:\program files\windows live toolbar\components\en-gb\msntabres.dll.mui/229?1e727690eefd402d81b471bf6e26609c
IE: Open in new foreground tab - c:\program files\windows live toolbar\components\en-gb\msntabres.dll.mui/230?1e727690eefd402d81b471bf6e26609c
IE: Open with WordPerfect - c:\program files\wordperfect office x3\programs\WPLauncher.hta
IE: {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - c:\microgaming\poker\ladbrokesmpp\MPPoker.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://preview.licenseacquisition.org/69/1055309096.96838/PiratePoppers.1.0.0.32.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1161258127281
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161258242125
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://skyonline.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - hxxps://register3.valueactive.com/mpp_236/webolr/OCX/FlashAX.cab
DPF: {EA516A52-D223-47AF-80B3-DCDDEFD34BD0} - hxxp://download.fra.real.com/dmgr/HelixDownloadManager.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sheryl\applic~1\mozilla\firefox\profiles\wvbv005x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.mytalktalk.co.uk
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\real\rnpsdmgr\npdmanager.dll

============= SERVICES / DRIVERS ===============

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2006-10-12 11264]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-22 327688]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-6-22 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-22 108552]
R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2009-3-5 21605]
R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2009-3-5 15668]
R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2009-3-5 114856]
R1 VETMONNT;VET File and Macro Monitor;c:\windows\system32\drivers\vetmonnt.sys [2009-3-5 896472]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-3-5 280344]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-22 298776]
R2 CAISafe;CA ISafe;c:\windows\system32\zonelabs\isafe.exe [2009-3-5 184320]
R2 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\talktalk\bin\sprtsvc.exe [2007-10-12 202016]
R2 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\common files\supportsoft\bin\tgsrvc.exe [2007-8-2 148768]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]

============== File Associations ===============

JSEFile=NOTEPAD.EXE %1
regfile=NOTEPAD.EXE %1
scrfile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2009-06-25 20:41 406 a------- c:\windows\system32\ioloBootDefrag.cfg
2009-06-25 20:38 696,320 a------- c:\windows\system32\libeay32.dll
2009-06-25 20:38 155,648 a------- c:\windows\system32\ssleay32.dll
2009-06-25 20:38 9,341 a------- c:\windows\system32\drivers\filedisk.sys
2009-06-25 20:37 41,472 a------- c:\windows\system32\iolobtdfg.exe
2009-06-25 20:37 25,264 a------- c:\windows\system32\smrgdf.exe
2009-06-25 20:37 422,504 a------- c:\windows\system32\Incinerator.dll
2009-06-25 20:37 <DIR> --d----- c:\program files\iolo
2009-06-25 20:35 <DIR> --d----- c:\docume~1\sheryl\applic~1\iolo
2009-06-25 20:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\iolo
2009-06-22 22:34 <DIR> --dsh--- c:\documents and settings\sheryl\IECompatCache
2009-06-22 22:33 <DIR> --dsh--- c:\documents and settings\sheryl\PrivacIE
2009-06-22 22:15 <DIR> --dsh--- c:\documents and settings\sheryl\IETldCache
2009-06-22 22:05 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll
2009-06-22 22:05 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll
2009-06-22 22:05 <DIR> --d----- c:\windows\ie8updates
2009-06-22 22:04 102,912 -c------ c:\windows\system32\dllcache\iecompat.dll
2009-06-22 22:02 <DIR> -cd-h--- c:\windows\ie8
2009-06-22 20:55 327,688 a------- c:\windows\system32\drivers\avgldx86.sys
2009-06-22 20:55 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-06-22 20:55 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-06-22 20:55 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-06-22 19:57 28,160 ac------ c:\windows\system32\dllcache\irmon.dll
2009-06-22 19:57 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2009-06-22 19:57 28,160 a------- c:\windows\system32\irmon.dll
2009-06-22 19:57 8,192 a------- c:\windows\system32\wshirda.dll
2009-06-22 19:56 151,552 ac------ c:\windows\system32\dllcache\irftp.exe
2009-06-22 19:56 151,552 a------- c:\windows\system32\irftp.exe
2009-06-22 19:52 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-06-22 19:37 454 a------- c:\windows\system32\.crusader
2009-06-22 19:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Hitman Pro
2009-06-21 13:22 <DIR> --d----- C:\$AVG8.VAULT$
2009-06-13 12:38 11,952 a------- c:\windows\system32\avgrsstx(2).dll
2009-06-13 12:38 <DIR> --d----- c:\windows\system32\drivers\Avg(2)
2009-06-13 12:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2009-06-13 12:38 <DIR> --d----- c:\program files\AVG
2009-06-13 12:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-06-13 12:28 <DIR> --d----- c:\docume~1\sheryl\applic~1\AVG8

==================== Find3M ====================

2009-05-29 19:28 1,353,016 a------- c:\windows\system32\vete.dll
2009-05-29 19:27 896,472 a------- c:\windows\system32\drivers\vetmonnt.sys
2009-05-29 19:27 114,856 a------- c:\windows\system32\drivers\vetfddnt.sys
2009-05-13 06:15 915,456 a------- c:\windows\system32\wininet.dll
2009-05-07 16:32 345,600 a------- c:\windows\system32\localspl.dll
2009-04-18 21:38 4,212 ----h--- c:\windows\system32\zllictbl.dat
2009-04-17 13:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 15:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-02-19 18:28 220,692 a------- c:\program files\CM2008_4-1-3-2_.zip
2008-12-30 18:22 68,756,776 a------- c:\program files\iTunesSetup.exe
2008-12-08 22:47 16,168,344 a------- c:\program files\jre-6u11-windows-i586-p.exe
2008-11-22 17:26 15,083,520 a------- c:\program files\spybotsd160.exe
2008-11-15 17:37 4,865,408 a------- c:\program files\Silverlight.2.0.exe
2007-10-14 23:31 29,736 a------- c:\docume~1\sheryl\applic~1\GDIPFONTCACHEV1.DAT
2007-01-14 10:29 848 a--sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 19:49:09.39 ===============

[Phylster29]

---bump---

[Ried]

Hello Phylster29,

You currently have 2 Anti Virus programs installed. I realize you likely installed another AV in an attempt to clean your system, but it is never a good idea to have more than 1 AV installed at a given time. More than 1 Anti Virus will cause conflicts and confusion between the AV programs as well as system instability. Please choose and run only 1 and uninstall the other via the Add/Remove Programs in the Control Panel.

After you've done that, it would be prudent to run an online scan to search for remnants of the infection you said was already removed.

It can take some time, so please be patient and allow it to run it's full course:


Using Internet Explorer or Firefox, visit http://www.kaspersky.com/kos/eng/par...avwebscan.html

1. Click Accept, when prompted to download and install the program files and database of malware definitions.


2. To optimize scanning time and produce a more sensible report for review:

• Close any open programs
  
• Turn off the real time scanner of any existing antivirus program while performing the online scan

3. Click Run at the Security prompt. The program will then begin downloading and installing and will also update the database. Please be patient as this can take several minutes.

• Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
• Click View scan report at the bottom.
  
  
  
  
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

[Phylster29]

Hi

I uninstalled Zonealarm and then proceeded to carry out the online scan. The scan came back clean and i am also now able to log into websites again.
There is however still 2 instances of iexplore.exe running when opening IE.

Do you see any sign of infection from the logs i have already posted?


Thanks

[Ried]

No, I see no malware in your logs. You do have Windows Internet Explorer 8 installed, although I'm not sure why it's showing as IE7 in your dds.txt.

More than 1 iexplore.exe is normal for IE8. Please see these links for more info:

What's New in Internet Explorer 8

IE 8 and Reliability

[Phylster29]

Should i uninstall any remnants of IE7 or would you advise to actually revert back to IE7?

to have 2 x iexplore.exe running while only one IE window open is normal?

I shall take your word for it and thank you for your help and information.

Grately appreciated.

Thank You

[Ried]

No, do not uninstall any portions of IE7. As explained in my previous post, more than 1 instance of iexplore.exe in the running processes is normal and expected.