I'm not sure where they came from. My only thought is a .pdf file on how to instal drop shackles in my pickup. But that seems kind of strange. I'm running WinXP.
One day I opened up my laptop and AVG (free edition) opened a window titled "Resident Shield alert." Multiple threat detection. This is what is in the menu:
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Moved to Virus Vault"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP242\A0066899.dll";"Trojan horse Downloader.Generic11.BIFK";"Object is inaccessible."
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066919.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
"c:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP243\A0066918.exe";"Trojan horse SHeur3.CJVI";"Infected"
Then I came here and read the Cleaning Guide. I saved and tried to run OTL but it failed, all the different names for it did. I clicked the link that took me to "Malware Removal tools won't run tutorial." Downloaded and ran Malwarebytes' Anti-Malware (MBAM) and it came up with the following:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7332
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7/31/2011 1:53:50 AM
mbam-log-2011-07-31 (01-53-41).txt
Scan type: Full scan (C:\|)
Objects scanned: 256415
Time elapsed: 2 hour(s), 38 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\V71IQL7HI7 (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\AppSecDll (Trojan.Agent) -> Value: AppSecDll -> No action taken.
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\Tasks\{35dc3473-a719-4d14-b7c1-fd326ca84a0c}.job (Trojan.Downloader) -> No action taken.
c:\WINDOWS\Tasks\{8c3fdd81-7ae0-4605-a46a-2488b179f2a3}.job (Trojan.Downloader) -> No action taken.
c:\WINDOWS\Tasks\mswd-63fdda30.job (Trojan.DNSChanger) -> No action taken.
No further action has been taken. Both the Resident Shield alert from AVG and the MBAM results are still open, untouched. Where do I go from here? Thank you very much in advanced. We'd all be broke paying geek squad $200 an hour if it weren't for people like you