Win32.exe Corruption will not let me install Antivirus disc.

View previous topic View next topic Go down

Win32.exe Corruption will not let me install Antivirus disc.

Post by mylizard_14 on 13th March 2010, 1:59 am

...Someone please help.


So many problems with my notebook. MSi -Operating Windows XP

...I keep getting this error and I don't know what it means.

(The file or folder 'xuixus.scr' that this shortcut refers to cannot be found)

also the computer is running very slowly and when I try to search on the internet it

redirects me to some random site. It will no longer load Google Chrome and Internet

Explorer is running poorly. I bought an external disc drive and an anti-virus program

to try and fix the problem, and it will not load the Anit-Virus program. It keeps giving

me a Win32 corruption error. PLease help.

mylizard_14
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-03-12
OS OS : Windows XP
Points Points : 24813
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by mylizard_14 on 13th March 2010, 3:34 am

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:30:10 PM, on 3/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxebserv.exe
C:\WINDOWS\system32\lxebcoms.exe
C:\Program Files\System Control Manager\MSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\MSI\MSI Q-Face\webtest.exe
C:\Program Files\Lexmark 7300 Series\lxcimon.exe
C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\lxcicoms.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\me\xuicus.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\DefenderPro5in1.exe
C:\Program Files\Alltel\QuickLink Mobile\QuickLink Mobile.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\me\Local Settings\Temporary Internet Files\Content.IE5\1IMAPX4E\winlogon[2].scr

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Paltalk Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [Q-Face agent] C:\Program Files\MSI\MSI Q-Face\webtest.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [lxebmon.exe] "C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [isCfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe" -G:{77CCBE0B-A541-49a9-883E-14F8337EC861} -T:Config -REBOOT
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [xuicus] C:\Documents and Settings\me\xuicus.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Google Sidewiki... - [You must be registered and logged in to see this link.] Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.msi.com.tw
O15 - Trusted Zone: *.download.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CCS\Services\Tcpip\..\{25312377-BB0C-4BCD-9C7A-AD7300078650}: NameServer = 75.116.127.154 75.116.63.154
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Update Service (gupdate1ca715047a88cd2) (gupdate1ca715047a88cd2) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: lxci_device - - C:\WINDOWS\system32\lxcicoms.exe
O23 - Service: lxebCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe
O23 - Service: lxeb_device - - C:\WINDOWS\system32\lxebcoms.exe
O23 - Service: Micro Star SCM - Unknown owner - C:\Program Files\System Control Manager\MSIService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 11599 bytes

mylizard_14
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-03-12
OS OS : Windows XP
Points Points : 24813
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by Belahzur on 13th March 2010, 1:19 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (file missing)
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
    O3 - Toolbar: Paltalk Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
    O4 - HKCU\..\Run: [xuicus] C:\Documents and Settings\me\xuicus.exe
    O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)



  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by mylizard_14 on 13th March 2010, 8:18 pm

Thank you so much I'v done what you've asked. I then installed my antivirus program.

Defender Pro - and I ran the scan...had 3 infections tried to remove them.

is removed 2 infections and it said that the disinfection failed for

' GEN:Trojan.Heur.GM.50449000000 '

Well it told me to reboot ...when I rebooted another alert

told me that ISProd could not be loaded?


PLEASE HELP

mylizard_14
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-03-12
OS OS : Windows XP
Points Points : 24813
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by Belahzur on 13th March 2010, 8:54 pm

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by mylizard_14 on 14th March 2010, 2:09 am

oh god. now when i tried to turn on my comp. defender pro keeps popping up saying it keeps turning off explorer.exe there for my comp keeps flashing it will not let me load anything. only thing that works is tsk manager. ...i have my recovery disc and a driver disc.......Sad tearing i just dont know how they work. please help me. im on my cell phone.

mylizard_14
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-03-12
OS OS : Windows XP
Points Points : 24813
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by mylizard_14 on 14th March 2010, 3:22 am

OTL Extras logfile created on: 3/13/2010 8:54:12 PM - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\me\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 531.00 Mb Available Physical Memory | 52.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.07 Gb Total Space | 21.21 Gb Free Space | 54.29% Space Free | Partition Type: NTFS
Drive D: | 106.07 Gb Total Space | 105.95 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
Drive E: | 18.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MELISSA
Current User Name: me
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Paltalk Messenger\paltalk.exe" = C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:PaltalkScene -- (AVM Software Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found
"C:\WINDOWS\system32\lxebcoms.exe" = C:\WINDOWS\system32\lxebcoms.exe:*:Enabled:Pro200-S500 Series Server -- ( )
"C:\Program Files\Defender Pro\Defender Pro\DpReg.exe" = C:\Program Files\Defender Pro\Defender Pro\DpReg.exe:*:Enabled:Defender Pro 5 in 1 -- (BitDefender S.R.L.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{081550BD-CB40-48FA-A772-F38262C3B049}" = Defender Pro 5-in-1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{558C02DD-1EC8-4835-889C-B13EE02FBE36}" = Chicken Shake Game MSI
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84A37E15-BCA3-4488-B406-090C9DAD6F05}" = Star Miision Game MSI
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9AE395DB-6BC3-4CA9-B894-351CB8DE915A}" = BurnRecovery
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D10CB652-9332-4242-B7A9-2D61570144F7}" = USB 2.0 Card Reader
"{E30037F1-29B8-4A98-B673-C47C27641793}" = MSI Q-Face
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"22F0BEF1FEF235D1ECEC14DA60E19006CC07BAC4" = Windows Driver Package - Realtek (rtl8187Se) Net (08/22/2008 5.9071.0822.2008)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"E0E22E828DBDB1F29F3D91CF328727F39AF8062B" = Windows Driver Package - Atheros (AR5416) Net (04/08/2008 7.6.0.200)
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5 SE
"Lexmark 7300 Series" = Lexmark 7300 Series
"Lexmark Pro200-S500 Series" = Lexmark Pro200-S500 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PalTalk8.2" = PaltalkScene
"PROHYBRIDR" = 2007 Microsoft Office system
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"QuickLink Mobile" = QuickLink Mobile
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/13/2010 1:42:30 PM | Computer Name = MELISSA | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module Flash10d.ocx, version 10.0.42.34, fault address 0x000e6f6a.

Error - 3/13/2010 2:58:07 PM | Computer Name = MELISSA | Source = Application Error | ID = 1000
Description = Faulting application symcuw.exe, version 8.0.0.103, faulting module
symcuw.exe, version 8.0.0.103, fault address 0x0000603d.

Error - 3/13/2010 3:04:50 PM | Computer Name = MELISSA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.5730.13, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/13/2010 3:06:02 PM | Computer Name = MELISSA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.5730.13, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/13/2010 3:10:02 PM | Computer Name = MELISSA | Source = Application Hang | ID = 1001
Description = Fault bucket 529734960.

Error - 3/13/2010 10:27:25 PM | Computer Name = MELISSA | Source = Application Error | ID = 1000
Description = Faulting application symcuw.exe, version 8.0.0.103, faulting module
symcuw.exe, version 8.0.0.103, fault address 0x0000603d.

[ System Events ]
Error - 3/13/2010 8:51:30 PM | Computer Name = MELISSA | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 3/13/2010 8:56:45 PM | Computer Name = MELISSA | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 3/13/2010 9:02:00 PM | Computer Name = MELISSA | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 3/13/2010 10:24:27 PM | Computer Name = MELISSA | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate1ca715047a88cd2) service failed
to start due to the following error: %%2

Error - 3/13/2010 10:24:42 PM | Computer Name = MELISSA | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 3/13/2010 10:24:42 PM | Computer Name = MELISSA | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 3/13/2010 10:31:02 PM | Computer Name = MELISSA | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the crd service to connect.

Error - 3/13/2010 10:31:02 PM | Computer Name = MELISSA | Source = Service Control Manager | ID = 7000
Description = The crd service failed to start due to the following error: %%1053

Error - 3/13/2010 10:33:45 PM | Computer Name = MELISSA | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the crd service to connect.

Error - 3/13/2010 10:33:45 PM | Computer Name = MELISSA | Source = Service Control Manager | ID = 7000
Description = The crd service failed to start due to the following error: %%1053


< End of report >

mylizard_14
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-03-12
OS OS : Windows XP
Points Points : 24813
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by mylizard_14 on 14th March 2010, 3:52 am

OTL logfile created on: 3/13/2010 8:54:11 PM - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\me\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 531.00 Mb Available Physical Memory | 52.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.07 Gb Total Space | 21.21 Gb Free Space | 54.29% Space Free | Partition Type: NTFS
Drive D: | 106.07 Gb Total Space | 105.95 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
Drive E: | 18.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MELISSA
Current User Name: me
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/13 20:52:39 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\me\Desktop\OTL.exe
PRC - [2010/03/13 14:06:48 | 001,595,016 | ---- | M] (Defender Pro) -- C:\Program Files\Defender Pro\Defender Pro\vsserv.exe
PRC - [2010/03/13 14:00:13 | 001,086,232 | ---- | M] (Defender Pro) -- C:\Program Files\Defender Pro\Defender Pro\seccenter.exe
PRC - [2010/03/13 13:53:44 | 001,114,536 | ---- | M] (Defender Pro) -- C:\Program Files\Defender Pro\Defender Pro\bdagent.exe
PRC - [2010/03/13 13:53:09 | 000,346,168 | ---- | M] (Defender Pro) -- C:\Program Files\Common Files\Defender Pro\Defender Pro Update Service\livesrv.exe
PRC - [2010/02/17 02:30:48 | 005,244,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/01/18 12:19:35 | 000,139,944 | ---- | M] () -- C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe
PRC - [2010/01/18 12:19:32 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe
PRC - [2010/01/07 16:01:26 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxebcoms.exe
PRC - [2010/01/07 16:01:21 | 000,098,984 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxebserv.exe
PRC - [2008/11/25 12:44:56 | 000,012,288 | ---- | M] (MSI) -- C:\Program Files\MSI\MSI Q-Face\WebTest.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/09 12:19:00 | 000,688,128 | ---- | M] (Mirco-Star International CO., LTD.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2008/08/26 18:52:14 | 000,159,744 | ---- | M] () -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/22 12:04:42 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008/01/22 22:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2007/10/29 16:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007/10/04 20:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007/09/28 18:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/08/24 17:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2005/10/24 07:33:04 | 000,491,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxcicoms.exe
PRC - [2005/09/30 09:47:22 | 000,200,704 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 7300 Series\lxcimon.exe


========== Modules (SafeList) ==========

MOD - [2010/03/13 20:52:39 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\me\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - File not found [Auto | Stopped] -- -- (gupdate1ca715047a88cd2) Google Update Service (gupdate1ca715047a88cd2)
SRV - [2010/03/13 14:15:48 | 000,323,584 | ---- | M] (S.C. Defender Pro S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Threat Scanner\scan.dll -- (scan)
SRV - [2010/03/13 14:15:19 | 000,183,880 | ---- | M] (BitDefender S.R.L. [You must be registered and logged in to see this link.] [On_Demand | Stopped] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2010/03/13 14:06:48 | 001,595,016 | ---- | M] (Defender Pro) [Auto | Running] -- C:\Program Files\Defender Pro\Defender Pro\vsserv.exe -- (VSSERV)
SRV - [2010/03/13 13:53:09 | 000,346,168 | ---- | M] (Defender Pro) [Auto | Running] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Update Service\livesrv.exe -- (LIVESRV)
SRV - [2010/01/07 16:01:26 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxebcoms.exe -- (lxeb_device)
SRV - [2010/01/07 16:01:21 | 000,098,984 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe -- (lxebCATSCustConnectService)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/26 18:52:14 | 000,159,744 | ---- | M] () [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2007/09/28 18:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/08/24 17:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2007/08/24 17:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/08/24 17:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/23 08:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/23 08:35:00 | 000,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/21 19:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2005/10/24 07:33:04 | 000,491,520 | ---- | M] ( ) [On_Demand | Running] -- C:\WINDOWS\System32\lxcicoms.exe -- (lxci_device)


========== Driver Services (SafeList) ==========

DRV - [2010/03/13 14:28:05 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Threat Scanner\profos.sys -- (Profos)
DRV - [2010/03/13 14:27:43 | 000,152,328 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)
DRV - [2010/03/13 14:13:28 | 000,118,536 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Firewall\bdftdif.sys -- (bdftdif)
DRV - [2010/03/13 13:53:21 | 000,110,728 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (bdfndisf)
DRV - [2010/03/12 12:42:37 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/07/24 12:26:08 | 000,285,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2009/05/07 04:22:06 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Threat Scanner\trufos.sys -- (Trufos)
DRV - [2009/01/12 12:27:58 | 000,008,832 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Defender Pro\Defender Pro\bdselfpr.sys -- (BDSelfPr)
DRV - [2008/09/24 22:30:08 | 000,704,384 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2008/08/22 20:25:14 | 000,308,608 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8187Se.sys -- (rtl8187Se)
DRV - [2008/06/10 21:23:07 | 000,106,368 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/06/10 21:23:01 | 000,156,160 | R--- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR)
DRV - [2008/05/27 07:34:44 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/05/07 22:21:40 | 004,739,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/14 06:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/08 19:45:42 | 001,309,504 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/02/15 17:01:06 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/01/31 17:55:06 | 000,074,240 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/01/22 22:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2008/01/22 12:09:10 | 000,100,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2007/12/19 12:32:12 | 005,854,688 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/11/29 11:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/10/18 16:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 13:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/08/13 08:50:00 | 000,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/08/13 08:50:00 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/08/09 12:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007/08/09 12:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2007/01/29 09:40:22 | 000,449,408 | ---- | M] (MSI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MSILiveVirtualCamera.sys -- (MSILiveVirtualCamera)
DRV - [2006/10/10 21:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2005/01/07 07:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/23 06:47:10 | 000,027,392 | R--- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010/03/10 18:17:16 | 000,006,950 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 99.189.54
O1 - Hosts: 127.0.0.1 99.189.52
O1 - Hosts: 127.0.0.1 99.14.103
O1 - Hosts: 127.0.0.1 98.223.73
O1 - Hosts: 127.0.0.1 97.80.137
O1 - Hosts: 127.0.0.1 95.134.16
O1 - Hosts: 127.0.0.1 95.133.8.
O1 - Hosts: 127.0.0.1 95.133.23
O1 - Hosts: 127.0.0.1 95.133.23
O1 - Hosts: 127.0.0.1 95.133.14
O1 - Hosts: 127.0.0.1 95.133.11
O1 - Hosts: 127.0.0.1 95.105.17
O1 - Hosts: 127.0.0.1 94.53.2.1
O1 - Hosts: 127.0.0.1 94.23.201
O1 - Hosts: 127.0.0.1 94.179.55
O1 - Hosts: 127.0.0.1 94.179.48
O1 - Hosts: 127.0.0.1 94.179.19
O1 - Hosts: 127.0.0.1 94.179.11
O1 - Hosts: 127.0.0.1 94.178.65
O1 - Hosts: 127.0.0.1 93.39.197
O1 - Hosts: 127.0.0.1 93.186.17
O1 - Hosts: 127.0.0.1 93.136.83
O1 - Hosts: 127.0.0.1 93.112.91
O1 - Hosts: 127.0.0.1 92.86.197
O1 - Hosts: 272 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - Reg Error: Value error. File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Defender Pro Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\Defender Pro\Defender Pro\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Defender Pro Antiphishing Helper] C:\Program Files\Defender Pro\Defender Pro\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [DPAgent] C:\Program Files\Defender Pro\Defender Pro\bdagent.exe (Defender Pro)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe ()
O4 - HKLM..\Run: [isCfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe (Symantec Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LXCICATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItime.DLL ()
O4 - HKLM..\Run: [lxcimon.exe] C:\Program Files\Lexmark 7300 Series\lxcimon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [lxebmon.exe] C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe ()
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Mirco-Star International CO., LTD.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [Q-Face agent] C:\Program Files\MSI\MSI Q-Face\WebTest.exe (MSI)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: download.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Value error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\etex32wi.dll ()
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\TEMP\3588820572.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\me\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\me\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/08 14:21:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/06/04 12:46:20 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2005/05/27 09:48:50 | 000,042,166 | R--- | M] () - E:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2008/03/25 23:57:04 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4d2b433e-ea7c-11de-b0e2-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{4d2b433e-ea7c-11de-b0e2-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4fcbcca8-ddc2-11de-b0d2-0024216b5b45}\Shell - "" = AutoRun
O33 - MountPoints2\{4fcbcca8-ddc2-11de-b0d2-0024216b5b45}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4fcbcca8-ddc2-11de-b0d2-0024216b5b45}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/06/04 12:46:20 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{55527b82-23d8-11df-b117-002185ed7503}\Shell - "" = AutoRun
O33 - MountPoints2\{55527b82-23d8-11df-b117-002185ed7503}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/06/04 12:46:20 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

mylizard_14
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-03-12
OS OS : Windows XP
Points Points : 24813
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by mylizard_14 on 14th March 2010, 3:53 am

========== Files/Folders - Created Within 30 Days ==========

[2010/03/13 20:52:39 | 000,555,008 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\me\Desktop\OTL.exe
[2010/03/13 20:32:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\MSNInstaller
[2010/03/13 20:29:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/03/13 15:07:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/13 15:07:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/13 15:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/13 15:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/13 12:09:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\me\Recent
[2010/03/13 10:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010/03/13 10:14:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/03/13 10:12:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2010/03/13 10:12:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2010/03/13 10:11:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2010/03/12 12:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2010/03/12 12:35:40 | 000,123,952 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/03/12 12:35:40 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/03/12 12:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/03/11 23:26:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\Malwarebytes
[2010/03/11 23:26:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/11 23:26:16 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/11 23:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/11 23:26:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/11 23:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/03/11 23:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\AVG8
[2010/03/11 23:01:10 | 000,000,000 | ---D | C] -- C:\Program Files\Paltalk Messenger
[2010/03/11 23:01:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\PaltalkScene
[2010/03/11 23:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/03/11 22:13:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Local Settings\Application Data\PCHealth
[2010/03/11 19:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/03/11 19:50:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\Defender Pro
[2010/03/11 19:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\Defender Pro
[2010/03/11 19:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Defender Pro
[2010/03/11 19:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Defender Pro
[2010/03/11 19:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/03/11 19:02:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010/03/11 19:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/03/11 19:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/03/10 22:04:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2010/03/10 22:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2010/03/10 22:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2010/03/10 20:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/03/10 20:24:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\Skype(2)
[2010/03/10 13:59:04 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll
[2010/03/10 13:59:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_iscii.dll
[2010/03/10 13:59:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll
[2010/03/10 13:58:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftlx041e.dll
[2010/03/10 13:35:25 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/03/10 11:14:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\My Documents\My Received Files
[2010/03/02 10:11:49 | 000,077,824 | RHS- | C] (EENVflgy) -- C:\Documents and Settings\me\xuicus.scr
[2010/03/02 10:11:49 | 000,077,824 | RHS- | C] (EENVflgy) -- C:\Documents and Settings\me\xuicus.exe
[2010/02/27 10:03:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/02/26 15:51:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Lx_cats
[2010/02/26 15:49:58 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcoin.dll
[2010/02/26 15:49:56 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lxk_gf.dll
[2010/02/26 15:49:46 | 000,372,736 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXEBwupd.dll
[2010/02/26 15:49:46 | 000,213,672 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXEBwupd.exe
[2010/02/26 15:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2010/02/26 15:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2010/02/26 15:49:16 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebserv.dll
[2010/02/26 15:49:16 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebusb1.dll
[2010/02/26 15:49:16 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebhbn3.dll
[2010/02/26 15:49:16 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebpmui.dll
[2010/02/26 15:49:16 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeblmpm.dll
[2010/02/26 15:49:16 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebinpa.dll
[2010/02/26 15:49:16 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEBhcp.dll
[2010/02/26 15:49:16 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebiesc.dll
[2010/02/26 15:49:16 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebih.exe
[2010/02/26 15:49:15 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcomc.dll
[2010/02/26 15:49:15 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcoms.exe
[2010/02/26 15:49:15 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcfg.exe
[2010/02/26 15:49:15 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcomm.dll
[2010/02/26 15:49:15 | 000,086,183 | ---- | C] (Lexmark International) -- C:\WINDOWS\System32\LXEBcfg.dll
[2010/02/26 15:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Pro200-S500 Series
[2010/02/24 10:17:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2010/02/24 10:17:26 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2009/12/02 12:32:43 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxciserv.dll
[2009/12/02 12:32:43 | 001,122,304 | ---- | C] ( ) -- C:\WINDOWS\System32\lxciusb1.dll
[2009/12/02 12:32:43 | 000,770,048 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcihbn3.dll
[2009/12/02 12:32:43 | 000,630,784 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcipmui.dll
[2009/12/02 12:32:43 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxciprox.dll
[2009/12/02 12:32:43 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcipplc.dll
[2009/12/02 12:32:42 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcicomc.dll
[2009/12/02 12:32:42 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcilmpm.dll
[2009/12/02 12:32:42 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcicomm.dll
[2009/11/29 18:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/11/29 18:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/13 20:52:39 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\me\Desktop\OTL.exe
[2010/03/13 20:37:08 | 003,407,872 | ---- | M] () -- C:\Documents and Settings\me\ntuser.dat
[2010/03/13 20:30:51 | 000,001,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2010/03/13 20:24:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/13 20:24:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/13 20:24:13 | 1062,526,976 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/13 19:13:54 | 000,000,132 | ---- | M] () -- C:\WINDOWS\System32\rezumatenoi.dat
[2010/03/13 19:13:51 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\me\ntuser.ini
[2010/03/13 14:27:48 | 000,105,736 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdhv.sys
[2010/03/13 14:27:43 | 000,152,328 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdfm.sys
[2010/03/13 14:23:27 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/03/13 13:53:21 | 000,110,728 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\System32\drivers\bdfndisf.sys
[2010/03/13 11:59:55 | 000,000,000 | ---- | M] () -- C:\pcconf.ini
[2010/03/13 10:42:08 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\Q7CF5GRB.ocx
[2010/03/13 10:42:08 | 000,003,120 | ---- | M] () -- C:\WINDOWS\HMHS4FFF.ocx
[2010/03/13 10:40:41 | 000,001,864 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Defender Pro 5-in-1.lnk
[2010/03/13 10:12:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Video .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Pictures .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Passwords .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\New Folder .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Music .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Documents .lnk
[2010/03/12 19:36:19 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/12 18:01:56 | 000,068,456 | ---- | M] () -- C:\Documents and Settings\me\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/12 12:42:37 | 000,123,952 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/03/12 12:42:37 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/03/12 12:42:37 | 000,010,652 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/03/12 12:42:37 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/03/12 10:06:24 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\me\Desktop\Windows Media Player.lnk
[2010/03/12 09:14:24 | 000,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/03/11 23:02:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/11 23:02:39 | 000,288,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/11 22:05:10 | 000,000,850 | ---- | M] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2010/03/11 22:05:09 | 000,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/03/11 21:21:47 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\asdict.dat
[2010/03/11 21:21:47 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\aspdict-en.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | M] () -- C:\pcwords2.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | M] () -- C:\pcwords.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | M] () -- C:\pc_sign.slf
[2010/03/11 21:21:47 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ab_bl.sig
[2010/03/11 11:46:37 | 000,003,566 | ---- | M] () -- C:\WINDOWS\System32\anb
[2010/03/10 18:17:16 | 000,006,950 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/03/10 13:41:02 | 000,000,125 | RHS- | M] () -- C:\Documents and Settings\me\autorun.inf
[2010/03/02 10:12:06 | 000,077,824 | RHS- | M] (EENVflgy) -- C:\Documents and Settings\me\xuicus.scr
[2010/03/02 10:12:06 | 000,077,824 | RHS- | M] (EENVflgy) -- C:\Documents and Settings\me\xuicus.exe
[2010/02/26 15:51:18 | 000,224,477 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2010/02/26 15:49:36 | 000,000,824 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Launch Lexmark Printer Home.LNK
[2010/02/26 15:20:58 | 000,359,924 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/26 15:20:58 | 000,315,076 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/26 15:20:58 | 000,041,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/16 18:59:59 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\me\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/13 20:30:51 | 000,001,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2010/03/13 14:23:27 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/03/13 11:59:55 | 000,000,000 | ---- | C] () -- C:\pcconf.ini
[2010/03/13 10:42:08 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\Q7CF5GRB.ocx
[2010/03/13 10:42:08 | 000,003,120 | ---- | C] () -- C:\WINDOWS\HMHS4FFF.ocx
[2010/03/13 10:40:41 | 000,001,864 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Defender Pro 5-in-1.lnk
[2010/03/12 12:35:40 | 000,010,652 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/03/12 12:35:40 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/03/11 23:26:22 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/11 22:54:43 | 000,000,132 | ---- | C] () -- C:\WINDOWS\System32\rezumatenoi.dat
[2010/03/11 22:05:10 | 000,000,850 | ---- | C] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2010/03/11 22:05:09 | 000,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/03/11 21:21:47 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2010/03/11 21:21:47 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | C] () -- C:\pcwords2.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | C] () -- C:\pcwords.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | C] () -- C:\pc_sign.slf
[2010/03/11 21:21:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ab_bl.sig
[2010/03/11 11:46:37 | 000,003,566 | ---- | C] () -- C:\WINDOWS\System32\anb
[2010/03/10 20:25:27 | 1062,526,976 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/10 13:58:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/03/10 13:58:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_864.nls
[2010/03/10 13:58:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/03/10 13:58:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_720.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_708.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28596.NLS
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10004.nls
[2010/03/10 13:58:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/03/10 13:58:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_862.nls
[2010/03/10 13:58:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/03/10 13:58:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10005.nls
[2010/03/10 13:58:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/03/10 13:58:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10021.nls
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Video .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Pictures .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Passwords .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\New Folder .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Music .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Documents .lnk
[2010/03/10 13:40:57 | 000,000,125 | RHS- | C] () -- C:\Documents and Settings\me\autorun.inf
[2010/03/03 17:50:37 | 003,407,872 | ---- | C] () -- C:\Documents and Settings\me\ntuser.dat
[2010/02/26 15:49:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxebvs.dll
[2010/02/26 15:49:56 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxebcui.dll
[2010/02/26 15:49:56 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxebcuir.dll
[2010/02/26 15:49:56 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxebgcfg.dll
[2010/02/26 15:49:56 | 000,065,106 | ---- | C] () -- C:\WINDOWS\System32\lxebprpr.chm
[2010/02/26 15:49:56 | 000,008,694 | ---- | C] () -- C:\WINDOWS\System32\lxebcommuilogo_rtl.bmp
[2010/02/26 15:49:56 | 000,008,694 | ---- | C] () -- C:\WINDOWS\System32\lxebcommuilogo.bmp
[2010/02/26 15:49:36 | 000,000,824 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Launch Lexmark Printer Home.LNK
[2010/02/26 15:49:16 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXEBinst.dll
[2010/02/26 15:49:16 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxebins.dll
[2010/02/26 15:49:16 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxebinsb.dll
[2010/02/26 15:49:16 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lxebinsr.dll
[2010/02/26 15:49:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxebjswr.dll
[2010/02/26 15:49:15 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxebcu.dll
[2010/02/26 15:49:15 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxebgrd.dll
[2010/02/26 15:49:15 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxebcub.dll
[2010/02/26 15:49:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxebcur.dll
[2010/02/26 15:49:15 | 000,002,110 | ---- | C] () -- C:\WINDOWS\System32\lxeb.loc
[2010/02/26 15:49:08 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEBsm.dll
[2010/02/26 15:49:08 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LXEBsmr.dll
[2010/01/22 06:28:15 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\me\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/21 23:21:06 | 003,817,644 | ---- | C] () -- C:\WINDOWS\System32\witoupex.dll
[2009/12/21 23:21:06 | 001,689,204 | ---- | C] () -- C:\WINDOWS\System32\exfoloh.dll
[2009/12/21 23:21:06 | 001,178,978 | ---- | C] () -- C:\WINDOWS\System32\wincoexni.dll
[2009/12/02 12:32:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcivs.dll
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil(2).dll
[2008/12/08 18:56:30 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/12/08 16:17:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2008/12/08 15:01:46 | 006,184,960 | R--- | C] () -- C:\WINDOWS\System32\RTS5121icon.dll
[2008/12/08 14:50:02 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2008/12/08 13:05:39 | 000,001,188 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007/12/21 18:46:32 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2007/08/13 18:54:10 | 001,660,404 | ---- | C] () -- C:\WINDOWS\System32\etex32wi.dll
[2007/08/13 18:54:10 | 001,083,705 | ---- | C] () -- C:\WINDOWS\System32\uppdoasu.dll
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2005/07/22 23:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

< End of report >
PRC - [2010/03/13 20:52:39 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\me\Desktop\OTL.exe
PRC - [2010/03/13 14:06:48 | 001,595,016 | ---- | M] (Defender Pro) -- C:\Program Files\Defender Pro\Defender Pro\vsserv.exe
PRC - [2010/03/13 14:00:13 | 001,086,232 | ---- | M] (Defender Pro) -- C:\Program Files\Defender Pro\Defender Pro\seccenter.exe
PRC - [2010/03/13 13:53:44 | 001,114,536 | ---- | M] (Defender Pro) -- C:\Program Files\Defender Pro\Defender Pro\bdagent.exe
PRC - [2010/03/13 13:53:09 | 000,346,168 | ---- | M] (Defender Pro) -- C:\Program Files\Common Files\Defender Pro\Defender Pro Update Service\livesrv.exe
PRC - [2010/02/17 02:30:48 | 005,244,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/01/18 12:19:35 | 000,139,944 | ---- | M] () -- C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe
PRC - [2010/01/18 12:19:32 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe
PRC - [2010/01/07 16:01:26 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxebcoms.exe
PRC - [2010/01/07 16:01:21 | 000,098,984 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxebserv.exe
PRC - [2008/11/25 12:44:56 | 000,012,288 | ---- | M] (MSI) -- C:\Program Files\MSI\MSI Q-Face\WebTest.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/09 12:19:00 | 000,688,128 | ---- | M] (Mirco-Star International CO., LTD.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2008/08/26 18:52:14 | 000,159,744 | ---- | M] () -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/22 12:04:42 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008/01/22 22:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2007/10/29 16:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007/10/04 20:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007/09/28 18:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/08/24 17:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2005/10/24 07:33:04 | 000,491,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxcicoms.exe
PRC - [2005/09/30 09:47:22 | 000,200,704 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 7300 Series\lxcimon.exe

mylizard_14
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-03-12
OS OS : Windows XP
Points Points : 24813
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by mylizard_14 on 14th March 2010, 3:54 am

========== Modules (SafeList) ==========

MOD - [2010/03/13 20:52:39 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\me\Desktop\OTL.exe
MOD - [2008/07/18 15:39:04 | 000,053,248 | ---- | M] () -- C:\Program Files\System Control Manager\MGKBHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - File not found [Auto | Stopped] -- -- (gupdate1ca715047a88cd2) Google Update Service (gupdate1ca715047a88cd2)
SRV - [2010/03/13 14:15:48 | 000,323,584 | ---- | M] (S.C. Defender Pro S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Threat Scanner\scan.dll -- (scan)
SRV - [2010/03/13 14:15:19 | 000,183,880 | ---- | M] (BitDefender S.R.L. [You must be registered and logged in to see this link.] [On_Demand | Stopped] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2010/03/13 14:06:48 | 001,595,016 | ---- | M] (Defender Pro) [Auto | Running] -- C:\Program Files\Defender Pro\Defender Pro\vsserv.exe -- (VSSERV)
SRV - [2010/03/13 13:53:09 | 000,346,168 | ---- | M] (Defender Pro) [Auto | Running] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Update Service\livesrv.exe -- (LIVESRV)
SRV - [2010/01/07 16:01:26 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxebcoms.exe -- (lxeb_device)
SRV - [2010/01/07 16:01:21 | 000,098,984 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe -- (lxebCATSCustConnectService)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/26 18:52:14 | 000,159,744 | ---- | M] () [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2007/09/28 18:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/08/24 17:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2007/08/24 17:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/08/24 17:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/23 08:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/23 08:35:00 | 000,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/21 19:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2005/10/24 07:33:04 | 000,491,520 | ---- | M] ( ) [On_Demand | Running] -- C:\WINDOWS\System32\lxcicoms.exe -- (lxci_device)


========== Driver Services (SafeList) ==========

DRV - [2010/03/13 14:28:05 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Threat Scanner\profos.sys -- (Profos)
DRV - [2010/03/13 14:27:43 | 000,152,328 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)
DRV - [2010/03/13 14:13:28 | 000,118,536 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Firewall\bdftdif.sys -- (bdftdif)
DRV - [2010/03/13 13:53:21 | 000,110,728 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (bdfndisf)
DRV - [2010/03/12 12:42:37 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/07/24 12:26:08 | 000,285,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2009/05/07 04:22:06 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Threat Scanner\trufos.sys -- (Trufos)
DRV - [2009/01/12 12:27:58 | 000,008,832 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Defender Pro\Defender Pro\bdselfpr.sys -- (BDSelfPr)
DRV - [2008/09/24 22:30:08 | 000,704,384 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2008/08/22 20:25:14 | 000,308,608 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8187Se.sys -- (rtl8187Se)
DRV - [2008/06/10 21:23:07 | 000,106,368 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/06/10 21:23:01 | 000,156,160 | R--- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR)
DRV - [2008/05/27 07:34:44 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/05/07 22:21:40 | 004,739,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/14 06:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/08 19:45:42 | 001,309,504 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/02/15 17:01:06 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/01/31 17:55:06 | 000,074,240 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/01/22 22:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2008/01/22 12:09:10 | 000,100,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2007/12/19 12:32:12 | 005,854,688 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/11/29 11:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/10/18 16:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 13:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/08/13 08:50:00 | 000,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/08/13 08:50:00 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/08/09 12:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007/08/09 12:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2007/01/29 09:40:22 | 000,449,408 | ---- | M] (MSI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MSILiveVirtualCamera.sys -- (MSILiveVirtualCamera)
DRV - [2006/10/10 21:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2005/01/07 07:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/23 06:47:10 | 000,027,392 | R--- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010/03/10 18:17:16 | 000,006,950 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 99.189.54
O1 - Hosts: 127.0.0.1 99.189.52
O1 - Hosts: 127.0.0.1 99.14.103
O1 - Hosts: 127.0.0.1 98.223.73
O1 - Hosts: 127.0.0.1 97.80.137
O1 - Hosts: 127.0.0.1 95.134.16
O1 - Hosts: 127.0.0.1 95.133.8.
O1 - Hosts: 127.0.0.1 95.133.23
O1 - Hosts: 127.0.0.1 95.133.23
O1 - Hosts: 127.0.0.1 95.133.14
O1 - Hosts: 127.0.0.1 95.133.11
O1 - Hosts: 127.0.0.1 95.105.17
O1 - Hosts: 127.0.0.1 94.53.2.1
O1 - Hosts: 127.0.0.1 94.23.201
O1 - Hosts: 127.0.0.1 94.179.55
O1 - Hosts: 127.0.0.1 94.179.48
O1 - Hosts: 127.0.0.1 94.179.19
O1 - Hosts: 127.0.0.1 94.179.11
O1 - Hosts: 127.0.0.1 94.178.65
O1 - Hosts: 127.0.0.1 93.39.197
O1 - Hosts: 127.0.0.1 93.186.17
O1 - Hosts: 127.0.0.1 93.136.83
O1 - Hosts: 127.0.0.1 93.112.91
O1 - Hosts: 127.0.0.1 92.86.197
O1 - Hosts: 272 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - Reg Error: Value error. File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Defender Pro Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\Defender Pro\Defender Pro\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Defender Pro Antiphishing Helper] C:\Program Files\Defender Pro\Defender Pro\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [DPAgent] C:\Program Files\Defender Pro\Defender Pro\bdagent.exe (Defender Pro)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe ()
O4 - HKLM..\Run: [isCfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe (Symantec Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LXCICATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItime.DLL ()
O4 - HKLM..\Run: [lxcimon.exe] C:\Program Files\Lexmark 7300 Series\lxcimon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [lxebmon.exe] C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe ()
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Mirco-Star International CO., LTD.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [Q-Face agent] C:\Program Files\MSI\MSI Q-Face\WebTest.exe (MSI)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: download.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Value error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\etex32wi.dll ()
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\TEMP\3588820572.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\me\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\me\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/08 14:21:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/06/04 12:46:20 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2005/05/27 09:48:50 | 000,042,166 | R--- | M] () - E:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2008/03/25 23:57:04 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4d2b433e-ea7c-11de-b0e2-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{4d2b433e-ea7c-11de-b0e2-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4fcbcca8-ddc2-11de-b0d2-0024216b5b45}\Shell - "" = AutoRun
O33 - MountPoints2\{4fcbcca8-ddc2-11de-b0d2-0024216b5b45}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4fcbcca8-ddc2-11de-b0d2-0024216b5b45}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/06/04 12:46:20 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{55527b82-23d8-11df-b117-002185ed7503}\Shell - "" = AutoRun
O33 - MountPoints2\{55527b82-23d8-11df-b117-002185ed7503}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/06/04 12:46:20 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/13 20:52:39 | 000,555,008 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\me\Desktop\OTL.exe
[2010/03/13 20:32:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\MSNInstaller
[2010/03/13 20:29:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/03/13 15:07:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/13 15:07:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/13 15:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/13 15:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/13 12:09:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\me\Recent
[2010/03/13 10:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010/03/13 10:14:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/03/13 10:12:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2010/03/13 10:12:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2010/03/13 10:11:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2010/03/12 12:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2010/03/12 12:35:40 | 000,123,952 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/03/12 12:35:40 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/03/12 12:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/03/11 23:26:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\Malwarebytes
[2010/03/11 23:26:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/11 23:26:16 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/11 23:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/11 23:26:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/11 23:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/03/11 23:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\AVG8
[2010/03/11 23:01:10 | 000,000,000 | ---D | C] -- C:\Program Files\Paltalk Messenger
[2010/03/11 23:01:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\PaltalkScene
[2010/03/11 23:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/03/11 22:13:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Local Settings\Application Data\PCHealth
[2010/03/11 19:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/03/11 19:50:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\Defender Pro
[2010/03/11 19:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\Defender Pro
[2010/03/11 19:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Defender Pro
[2010/03/11 19:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Defender Pro
[2010/03/11 19:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/03/11 19:02:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010/03/11 19:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/03/11 19:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/03/10 22:04:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2010/03/10 22:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2010/03/10 22:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2010/03/10 20:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/03/10 20:24:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\Application Data\Skype(2)
[2010/03/10 13:59:04 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll
[2010/03/10 13:59:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_iscii.dll
[2010/03/10 13:59:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll
[2010/03/10 13:58:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftlx041e.dll
[2010/03/10 13:35:25 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/03/10 11:14:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\me\My Documents\My Received Files
[2010/03/02 10:11:49 | 000,077,824 | RHS- | C] (EENVflgy) -- C:\Documents and Settings\me\xuicus.scr
[2010/03/02 10:11:49 | 000,077,824 | RHS- | C] (EENVflgy) -- C:\Documents and Settings\me\xuicus.exe
[2010/02/27 10:03:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/02/26 15:51:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Lx_cats
[2010/02/26 15:49:58 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcoin.dll
[2010/02/26 15:49:56 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lxk_gf.dll
[2010/02/26 15:49:46 | 000,372,736 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXEBwupd.dll
[2010/02/26 15:49:46 | 000,213,672 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXEBwupd.exe
[2010/02/26 15:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2010/02/26 15:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2010/02/26 15:49:16 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebserv.dll
[2010/02/26 15:49:16 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebusb1.dll
[2010/02/26 15:49:16 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebhbn3.dll
[2010/02/26 15:49:16 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebpmui.dll
[2010/02/26 15:49:16 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeblmpm.dll
[2010/02/26 15:49:16 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebinpa.dll
[2010/02/26 15:49:16 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEBhcp.dll
[2010/02/26 15:49:16 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebiesc.dll
[2010/02/26 15:49:16 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebih.exe
[2010/02/26 15:49:15 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcomc.dll
[2010/02/26 15:49:15 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcoms.exe
[2010/02/26 15:49:15 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcfg.exe
[2010/02/26 15:49:15 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcomm.dll
[2010/02/26 15:49:15 | 000,086,183 | ---- | C] (Lexmark International) -- C:\WINDOWS\System32\LXEBcfg.dll
[2010/02/26 15:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Pro200-S500 Series
[2010/02/24 10:17:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2010/02/24 10:17:26 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2009/12/02 12:32:43 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxciserv.dll
[2009/12/02 12:32:43 | 001,122,304 | ---- | C] ( ) -- C:\WINDOWS\System32\lxciusb1.dll
[2009/12/02 12:32:43 | 000,770,048 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcihbn3.dll
[2009/12/02 12:32:43 | 000,630,784 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcipmui.dll
[2009/12/02 12:32:43 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxciprox.dll
[2009/12/02 12:32:43 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcipplc.dll
[2009/12/02 12:32:42 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcicomc.dll
[2009/12/02 12:32:42 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcilmpm.dll
[2009/12/02 12:32:42 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcicomm.dll
[2009/11/29 18:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/11/29 18:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/13 20:52:39 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\me\Desktop\OTL.exe
[2010/03/13 20:37:08 | 003,407,872 | ---- | M] () -- C:\Documents and Settings\me\ntuser.dat
[2010/03/13 20:30:51 | 000,001,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2010/03/13 20:24:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/13 20:24:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/13 20:24:13 | 1062,526,976 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/13 19:13:54 | 000,000,132 | ---- | M] () -- C:\WINDOWS\System32\rezumatenoi.dat
[2010/03/13 19:13:51 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\me\ntuser.ini
[2010/03/13 14:27:48 | 000,105,736 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdhv.sys
[2010/03/13 14:27:43 | 000,152,328 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdfm.sys
[2010/03/13 14:23:27 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/03/13 13:53:21 | 000,110,728 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\System32\drivers\bdfndisf.sys
[2010/03/13 11:59:55 | 000,000,000 | ---- | M] () -- C:\pcconf.ini
[2010/03/13 10:42:08 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\Q7CF5GRB.ocx
[2010/03/13 10:42:08 | 000,003,120 | ---- | M] () -- C:\WINDOWS\HMHS4FFF.ocx
[2010/03/13 10:40:41 | 000,001,864 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Defender Pro 5-in-1.lnk
[2010/03/13 10:12:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Video .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Pictures .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Passwords .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\New Folder .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Music .lnk
[2010/03/12 19:43:19 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\me\Documents .lnk
[2010/03/12 19:36:19 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/12 18:01:56 | 000,068,456 | ---- | M] () -- C:\Documents and Settings\me\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/12 12:42:37 | 000,123,952 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/03/12 12:42:37 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/03/12 12:42:37 | 000,010,652 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/03/12 12:42:37 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/03/12 10:06:24 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\me\Desktop\Windows Media Player.lnk
[2010/03/12 09:14:24 | 000,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/03/11 23:02:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/11 23:02:39 | 000,288,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/11 22:05:10 | 000,000,850 | ---- | M] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2010/03/11 22:05:09 | 000,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/03/11 21:21:47 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\asdict.dat
[2010/03/11 21:21:47 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\aspdict-en.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | M] () -- C:\pcwords2.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | M] () -- C:\pcwords.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | M] () -- C:\pc_sign.slf
[2010/03/11 21:21:47 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ab_bl.sig
[2010/03/11 11:46:37 | 000,003,566 | ---- | M] () -- C:\WINDOWS\System32\anb
[2010/03/10 18:17:16 | 000,006,950 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/03/10 13:41:02 | 000,000,125 | RHS- | M] () -- C:\Documents and Settings\me\autorun.inf
[2010/03/02 10:12:06 | 000,077,824 | RHS- | M] (EENVflgy) -- C:\Documents and Settings\me\xuicus.scr
[2010/03/02 10:12:06 | 000,077,824 | RHS- | M] (EENVflgy) -- C:\Documents and Settings\me\xuicus.exe
[2010/02/26 15:51:18 | 000,224,477 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2010/02/26 15:49:36 | 000,000,824 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Launch Lexmark Printer Home.LNK
[2010/02/26 15:20:58 | 000,359,924 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/26 15:20:58 | 000,315,076 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/26 15:20:58 | 000,041,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/16 18:59:59 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\me\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/13 20:30:51 | 000,001,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2010/03/13 14:23:27 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/03/13 11:59:55 | 000,000,000 | ---- | C] () -- C:\pcconf.ini
[2010/03/13 10:42:08 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\Q7CF5GRB.ocx
[2010/03/13 10:42:08 | 000,003,120 | ---- | C] () -- C:\WINDOWS\HMHS4FFF.ocx
[2010/03/13 10:40:41 | 000,001,864 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Defender Pro 5-in-1.lnk
[2010/03/12 12:35:40 | 000,010,652 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/03/12 12:35:40 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/03/11 23:26:22 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/11 22:54:43 | 000,000,132 | ---- | C] () -- C:\WINDOWS\System32\rezumatenoi.dat
[2010/03/11 22:05:10 | 000,000,850 | ---- | C] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2010/03/11 22:05:09 | 000,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/03/11 21:21:47 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2010/03/11 21:21:47 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | C] () -- C:\pcwords2.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | C] () -- C:\pcwords.dat
[2010/03/11 21:21:47 | 000,000,000 | ---- | C] () -- C:\pc_sign.slf
[2010/03/11 21:21:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ab_bl.sig
[2010/03/11 11:46:37 | 000,003,566 | ---- | C] () -- C:\WINDOWS\System32\anb
[2010/03/10 20:25:27 | 1062,526,976 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/10 13:58:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/03/10 13:58:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_864.nls
[2010/03/10 13:58:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/03/10 13:58:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_720.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_708.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28596.NLS
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/03/10 13:58:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10004.nls
[2010/03/10 13:58:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/03/10 13:58:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_862.nls
[2010/03/10 13:58:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/03/10 13:58:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10005.nls
[2010/03/10 13:58:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/03/10 13:58:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10021.nls
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Video .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Pictures .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Passwords .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\New Folder .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Music .lnk
[2010/03/10 13:41:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\me\Documents .lnk
[2010/03/10 13:40:57 | 000,000,125 | RHS- | C] () -- C:\Documents and Settings\me\autorun.inf
[2010/03/03 17:50:37 | 003,407,872 | ---- | C] () -- C:\Documents and Settings\me\ntuser.dat
[2010/02/26 15:49:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxebvs.dll
[2010/02/26 15:49:56 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxebcui.dll
[2010/02/26 15:49:56 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxebcuir.dll
[2010/02/26 15:49:56 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxebgcfg.dll
[2010/02/26 15:49:56 | 000,065,106 | ---- | C] () -- C:\WINDOWS\System32\lxebprpr.chm
[2010/02/26 15:49:56 | 000,008,694 | ---- | C] () -- C:\WINDOWS\System32\lxebcommuilogo_rtl.bmp
[2010/02/26 15:49:56 | 000,008,694 | ---- | C] () -- C:\WINDOWS\System32\lxebcommuilogo.bmp
[2010/02/26 15:49:36 | 000,000,824 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Launch Lexmark Printer Home.LNK
[2010/02/26 15:49:16 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXEBinst.dll
[2010/02/26 15:49:16 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxebins.dll
[2010/02/26 15:49:16 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxebinsb.dll
[2010/02/26 15:49:16 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lxebinsr.dll
[2010/02/26 15:49:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxebjswr.dll
[2010/02/26 15:49:15 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxebcu.dll
[2010/02/26 15:49:15 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxebgrd.dll
[2010/02/26 15:49:15 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxebcub.dll
[2010/02/26 15:49:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxebcur.dll
[2010/02/26 15:49:15 | 000,002,110 | ---- | C] () -- C:\WINDOWS\System32\lxeb.loc
[2010/02/26 15:49:08 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEBsm.dll
[2010/02/26 15:49:08 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LXEBsmr.dll
[2010/01/22 06:28:15 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\me\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/21 23:21:06 | 003,817,644 | ---- | C] () -- C:\WINDOWS\System32\witoupex.dll
[2009/12/21 23:21:06 | 001,689,204 | ---- | C] () -- C:\WINDOWS\System32\exfoloh.dll
[2009/12/21 23:21:06 | 001,178,978 | ---- | C] () -- C:\WINDOWS\System32\wincoexni.dll
[2009/12/02 12:32:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcivs.dll
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil(2).dll
[2008/12/08 18:56:30 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/12/08 16:17:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2008/12/08 15:01:46 | 006,184,960 | R--- | C] () -- C:\WINDOWS\System32\RTS5121icon.dll
[2008/12/08 14:50:02 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2008/12/08 13:05:39 | 000,001,188 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007/12/21 18:46:32 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2007/08/13 18:54:10 | 001,660,404 | ---- | C] () -- C:\WINDOWS\System32\etex32wi.dll
[2007/08/13 18:54:10 | 001,083,705 | ---- | C] () -- C:\WINDOWS\System32\uppdoasu.dll
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2005/07/22 23:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

< End of report >

mylizard_14
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-03-12
OS OS : Windows XP
Points Points : 24813
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by Belahzur on 14th March 2010, 7:52 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by mylizard_14 on 15th March 2010, 4:16 am

I'm sorry I thought this was the forum? Didn't know this was a private message. Thank you for all of the help. Here is the combofix.txt.


ComboFix 10-03-14.04 - me 03/14/2010 22:36:15.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1013.654 [GMT -5:00]
Running from: c:\documents and settings\me\Desktop\Combo-Fix.exe
AV: Defender Pro Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Defender Pro Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\me\autorun.inf
c:\documents and settings\me\Documents .lnk
c:\documents and settings\me\Music .lnk
c:\documents and settings\me\New Folder .lnk
c:\documents and settings\me\Passwords .lnk
c:\documents and settings\me\Pictures .lnk
c:\documents and settings\me\Video .lnk
c:\documents and settings\me\xuicus.exe
c:\documents and settings\me\xuicus.scr
c:\recycler\S-1-5-21-3205150330-2663277876-108140700-500
c:\windows\system32\ide.txt
c:\windows\system32\qks.txt
c:\windows\system32\xef.txt
c:\windows\Temp\3588820572.dll.dll

Infected copy of c:\windows\system32\DRIVERS\atapi.sys was found and disinfected
Restored copy from - Kitty ate it :p
.
((((((((((((((((((((((((( Files Created from 2010-02-15 to 2010-03-15 )))))))))))))))))))))))))))))))
.

2010-03-14 17:15 . 2010-03-14 17:15 3748 ----a-w- c:\windows\system32\apiorapiapi.dat
2010-03-14 02:32 . 2010-03-14 02:33 1244648 ----a-w- c:\documents and settings\me\Application Data\MSNInstaller\msnauins.exe
2010-03-14 02:32 . 2010-03-14 02:32 -------- d-----w- c:\documents and settings\me\Application Data\MSNInstaller
2010-03-13 16:37 . 2010-03-13 16:37 -------- d-----w- c:\program files\Common Files\BitDefender
2010-03-12 18:37 . 2010-03-13 18:00 -------- d-----w- c:\program files\Norton Internet Security
2010-03-12 18:35 . 2010-03-12 18:42 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-03-12 18:35 . 2010-03-12 18:42 123952 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-03-12 18:35 . 2010-03-12 18:42 -------- d-----w- c:\program files\Symantec
2010-03-12 16:06 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-03-12 05:26 . 2010-03-12 05:26 -------- d-----w- c:\documents and settings\me\Application Data\Malwarebytes
2010-03-12 05:26 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-12 05:26 . 2010-03-13 01:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-12 05:26 . 2010-03-12 05:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-03-12 05:26 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-12 05:01 . 2010-03-12 05:01 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-12 05:01 . 2010-03-12 05:01 -------- d-----w- c:\documents and settings\me\Application Data\AVG8
2010-03-12 05:01 . 2010-03-12 05:01 -------- d-----w- c:\program files\Paltalk Messenger
2010-03-12 05:01 . 2010-03-12 05:01 -------- d-----w- c:\windows\PaltalkScene
2010-03-12 04:54 . 2010-03-15 03:42 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-03-12 04:13 . 2010-03-12 04:13 -------- d-----w- c:\documents and settings\me\Local Settings\Application Data\PCHealth
2010-03-12 03:21 . 2010-03-12 03:21 4 ----a-w- c:\windows\system32\aspdict-en.dat
2010-03-12 03:21 . 2010-03-12 03:21 16 ----a-w- c:\windows\system32\asdict.dat
2010-03-12 03:21 . 2010-03-12 03:21 0 ----a-w- C:\pcwords2.dat
2010-03-12 03:21 . 2010-03-12 03:21 0 ----a-w- C:\pcwords.dat
2010-03-12 01:53 . 2010-03-13 21:15 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2010-03-12 01:50 . 2010-03-12 01:50 -------- d-----w- c:\documents and settings\me\Application Data\Defender Pro
2010-03-12 01:49 . 2010-03-13 16:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Defender Pro
2010-03-12 01:49 . 2010-03-12 01:49 -------- d-----w- c:\program files\Common Files\Defender Pro
2010-03-12 01:49 . 2010-03-12 01:49 -------- d-----w- c:\program files\Defender Pro
2010-03-12 01:02 . 2010-03-12 01:14 -------- d-----w- c:\program files\Nero
2010-03-12 01:02 . 2010-03-12 05:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-03-12 01:02 . 2010-03-12 05:00 -------- d-----w- c:\program files\Common Files\Nero
2010-03-12 01:00 . 2010-03-12 05:00 -------- d-----w- c:\program files\Common Files\LightScribe
2010-03-11 04:04 . 2010-03-11 04:04 -------- d-----w- c:\documents and settings\All Users\Application Data\SITEguard
2010-03-11 04:03 . 2010-03-11 04:03 -------- d-----w- c:\program files\Common Files\iS3
2010-03-11 04:03 . 2010-03-12 02:47 -------- d-----w- c:\documents and settings\All Users\Application Data\STOPzilla!
2010-03-11 02:46 . 2010-03-12 05:01 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-03-11 02:24 . 2010-03-12 05:01 -------- d-----w- c:\documents and settings\me\Application Data\Skype(2)
2010-03-11 02:18 . 2010-03-12 05:26 -------- d-s---w- c:\documents and settings\NetworkService\UserData
2010-03-10 19:59 . 2008-04-14 12:00 185344 ----a-w- c:\windows\system32\Thawbrkr.dll
2010-03-10 19:59 . 2008-04-14 12:00 10752 ----a-w- c:\windows\system32\c_iscii.dll
2010-03-10 19:59 . 2008-04-14 12:00 5632 ----a-w- c:\windows\system32\kbdusa.dll
2010-03-10 19:58 . 2008-04-14 12:00 6144 ----a-w- c:\windows\system32\ftlx041e.dll
2010-02-27 16:03 . 2010-02-27 16:03 -------- d-----w- c:\windows\system32\LogFiles
2010-02-26 21:51 . 2010-02-26 21:52 -------- d-----w- c:\documents and settings\All Users\Lx_cats
2010-02-24 16:17 . 2001-08-18 04:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-24 16:17 . 2008-04-14 11:42 159232 ----a-w- c:\windows\system32\ptpusd.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-14 17:11 . 2008-12-08 21:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-03-13 20:27 . 2009-06-29 20:12 105736 ----a-w- c:\windows\system32\drivers\bdhv.sys
2010-03-13 20:27 . 2009-06-29 20:12 152328 ----a-w- c:\windows\system32\drivers\bdfm.sys
2010-03-13 19:53 . 2009-07-09 15:49 110728 ----a-w- c:\windows\system32\drivers\bdfndisf.sys
2010-03-13 18:56 . 2009-11-30 00:14 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-03-13 17:59 . 2009-11-30 00:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-03-13 00:01 . 2009-11-30 00:04 68456 ----a-w- c:\documents and settings\me\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-12 18:42 . 2010-03-12 18:35 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-03-12 18:42 . 2010-03-12 18:35 10652 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-03-12 15:14 . 2008-04-14 00:10 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-03-12 05:01 . 2009-11-29 23:47 -------- d-----w- c:\program files\Google
2010-03-12 05:01 . 2009-11-30 00:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-03-12 05:01 . 2009-12-19 19:46 -------- d-----w- c:\documents and settings\me\Application Data\Paltalk
2010-03-12 05:00 . 2008-12-08 20:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-03 02:09 . 2009-12-02 18:33 -------- d-----w- c:\program files\Lx_cats
2010-02-26 21:50 . 2010-02-26 21:49 -------- d-----w- c:\program files\Lexmark Pro200-S500 Series
2010-02-26 21:49 . 2010-02-26 21:49 -------- d-----w- c:\program files\Lexmark
2010-02-26 21:49 . 2010-02-26 21:49 -------- d-----w- c:\program files\Lexmark Toolbar
2010-01-22 09:40 . 2009-11-30 00:03 -------- d-----w- c:\documents and settings\me\Application Data\skypePM
2010-01-22 09:13 . 2008-12-08 22:02 -------- d-----w- c:\program files\Microsoft Works
2010-01-18 03:49 . 2010-01-18 03:49 -------- d-----w- c:\program files\Microsoft
2010-01-18 03:49 . 2010-01-18 03:49 -------- d-----w- c:\program files\Windows Live
2010-01-18 03:49 . 2010-01-18 03:49 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-18 03:44 . 2010-01-18 03:44 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-07 22:01 . 2010-02-26 21:49 324264 ----a-w- c:\windows\system32\lxebih.exe
2010-01-07 22:01 . 2010-02-26 21:49 598696 ----a-w- c:\windows\system32\lxebcoms.exe
2010-01-07 22:01 . 2010-02-26 21:49 373416 ----a-w- c:\windows\system32\lxebcfg.exe
2010-01-07 22:01 . 2010-02-26 21:49 213672 ----a-w- c:\windows\system32\LXEBwupd.exe
2009-12-31 16:50 . 2008-12-08 19:05 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 06:31 . 2009-12-30 06:31 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-30 06:30 . 2009-12-30 06:30 152576 ----a-w- c:\documents and settings\me\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-30 06:29 . 2009-12-30 06:29 79488 ----a-w- c:\documents and settings\me\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-22 05:21 . 2009-12-22 05:21 3817644 ----a-w- c:\windows\system32\witoupex.dll
2009-12-22 05:21 . 2009-12-22 05:21 1689204 ----a-w- c:\windows\system32\exfoloh.dll
2009-12-22 05:21 . 2009-12-22 05:21 1178978 ----a-w- c:\windows\system32\wincoexni.dll
2009-12-22 05:20 . 2008-12-08 19:05 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-16 18:43 . 2008-12-08 20:17 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-16 17:12 . 2010-02-26 21:49 438272 ----a-w- c:\windows\system32\lxebcoin.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-02-17 5244216]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-08 16862208]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-29 75136]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-10-09 688128]
"Q-Face agent"="c:\program files\MSI\MSI Q-Face\webtest.exe" [2008-11-25 12288]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"LXCICATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCItime.dll" [2005-09-08 73728]
"lxcimon.exe"="c:\program files\Lexmark 7300 Series\lxcimon.exe" [2005-09-30 200704]
"EzPrint"="c:\program files\Lexmark Pro200-S500 Series\ezprint.exe" [2010-01-18 139944]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-30 149280]
"lxebmon.exe"="c:\program files\Lexmark Pro200-S500 Series\lxebmon.exe" [2010-01-18 770728]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-08-24 51048]
"isCfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe" [2007-08-24 607624]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2007-08-24 714608]
"Defender Pro Antiphishing Helper"="c:\program files\Defender Pro\Defender Pro\IEShow.exe" [2010-03-13 71152]
"DPAgent"="c:\program files\Defender Pro\Defender Pro\bdagent.exe" [2010-03-13 1114536]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-2-22 2938184]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\lxebcoms.exe"=
"c:\\Program Files\\Defender Pro\\Defender Pro\\DpReg.exe"=

R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [8/24/2007 6:07 PM 149864]
R2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe -service --> c:\windows\system32\lxebcoms.exe -service [?]
R2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxebserv.exe [2/26/2010 4:49 PM 98984]
R2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [12/8/2008 5:53 PM 159744]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [6/29/2009 3:12 PM 152328]
R3 bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [7/9/2009 10:49 AM 110728]
R3 lxci_device;lxci_device;c:\windows\system32\lxcicoms.exe -service --> c:\windows\system32\lxcicoms.exe -service [?]
R3 MSILiveVirtualCamera;MSI Live Virtual Camera;c:\windows\system32\drivers\MSILiveVirtualCamera.sys [1/29/2007 10:40 AM 449408]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [12/8/2008 4:01 PM 156160]
S2 gupdate1ca715047a88cd2;Google Update Service (gupdate1ca715047a88cd2);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 Arrakis3;Defender Pro Arrakis Server;c:\program files\Common Files\Defender Pro\Defender Pro Arrakis Server\bin\arrakis3.exe [6/25/2009 5:04 PM 183880]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [11/30/2009 10:30 AM 100992]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [12/8/2008 5:46 PM 704384]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: download.com
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Skype - c:\program files\Skype\Phone\Skype.exe
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-Google Chrome - c:\program files\Google\Chrome\Application\4.0.249.89\Installer\setup.exe
AddRemove-HijackThis - c:\documents and settings\me\Local Settings\Temporary Internet Files\Content.IE5\1IMAPX4E\HijackThis.exe
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-03-14 22:56
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCICATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCItime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2508)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxebcoms.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\windows\system32\lxcicoms.exe
c:\windows\system32\dwwin.exe
.
**************************************************************************
.
Completion time: 2010-03-14 23:00:23 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-15 04:00

Pre-Run: 22,925,631,488 bytes free
Post-Run: 22,911,291,392 bytes free

- - End Of File - - 64FD0825B1C5BBE85641837A741E36EE

mylizard_14
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-03-12
OS OS : Windows XP
Points Points : 24813
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32.exe Corruption will not let me install Antivirus disc.

Post by Belahzur on 15th March 2010, 9:39 pm

Hello.

Delete this file in bold:
c:\windows\system32\apiorapiapi.dat

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum