!!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

View previous topic View next topic Go down

!!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by dpark29 on Thu 07 Apr 2011, 6:50 am

SO I TURNED ON MY COMPUTER TODAY AND ALL OF THESE POP UPS STARTED COMING OUT SAYING "YOUR COMPUTER HAS BEEN INFECTED, BLAH BLAH BLAH ETC." IT WON'T LET ME OPEN UP ANY OF MY PROGRAMS EXCEPT FOR INTERNET EXPLORER. WHEN I TRIED DOWNLOADING SOMETHING, IT COULDN'T EXECUTE IT!

SOMEBODY PLEASE HELP!

dpark29

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2009-08-29
Operating System : XP

View user profile

Back to top Go down

Re: !!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by Belahzur on Thu 07 Apr 2011, 9:53 am

Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: !!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by dpark29 on Thu 07 Apr 2011, 10:49 am

I downloaded OTL, but it will not let me open up the program. A bubble pops up in the bottom right hand corner of my monitor stating: "Warning! Application cannot be executed. The file OTL.exe is infected. Please activate your antivirus software."

What do I do?

dpark29

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2009-08-29
Operating System : XP

View user profile

Back to top Go down

Re: !!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by Belahzur on Fri 08 Apr 2011, 12:34 pm

Hello.

We need to use the RKill Tool by Grinler

Rkill.com <--- Download site

  • Please Download Rkill.com. Save it to your Desktop.
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.

  • NOTE: If you are unable to connect to the site to download rkill, then you should download it to a clean computer and copy it to the infected one via a USB flash drive or CDROM.

  • Once it is downloaded, double-click on the rkill.com in order to automatically attempt to stop any processes associated with Rogue programs.
  • Please be patient while the program looks for various malware programs and ends them.
  • When it has finished, the black window will automatically close and you can continue with the next step.
NOTE: If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by the rogue program, when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate the rogue program. So, please try running Rkill until the malware is no longer running. You will then be able to proceed with the rest of the steps.

If you continue having problems running rkill.com, you can download:
iExplore.exe or eXplorer.exe
which are renamed copies of rkill.com, and try them instead.

Try OTL now.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: !!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by dpark29 on Sat 09 Apr 2011, 5:01 am

OTL.Txt

OTL logfile created on: 4/8/2011 10:52:08 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 205.00 Mb Available Physical Memory | 40.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.67 Gb Total Space | 22.39 Gb Free Space | 31.68% Space Free | Partition Type: NTFS
Drive G: | 608.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: GEEEUN-WK | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/06 16:44:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/01/17 23:30:46 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011/01/17 23:30:16 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/07 01:22:12 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2008/07/24 08:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2003/08/22 09:19:42 | 000,057,344 | ---- | M] () -- C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
PRC - [2002/09/04 10:36:40 | 000,053,248 | ---- | M] (Jetsoft Development Company) -- C:\Program Files\LexmarkX84-X85\AcBtnMgr_X84-X85.exe
PRC - [2002/08/23 15:50:08 | 000,040,960 | ---- | M] (Jetsoft Development Company) -- C:\Program Files\LexmarkX84-X85\ACMonitor_X84-X85.exe


========== Modules (SafeList) ==========

MOD - [2011/04/06 16:44:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/12/29 01:42:04 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/17 23:30:46 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)


========== Driver Services (SafeList) ==========

DRV - [2011/01/06 17:37:04 | 000,094,784 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011/01/06 17:37:04 | 000,027,576 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011/01/06 17:37:02 | 000,239,368 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 15:23:36 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 15:23:34 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 15:23:32 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/04/14 01:29:00 | 000,095,288 | ---- | M] (AhnLab, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmonTDNt.sys -- (AMonTDnt)
DRV - [2009/04/14 01:29:00 | 000,019,632 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CdmDrvNt.sys -- (CdmDrvNt)
DRV - [2009/03/31 12:48:57 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/02/27 11:18:00 | 000,121,464 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\AhnLab\ASP\MyFirewall 4.0\mfipsent.sys -- (MfIPSEnt)
DRV - [2009/01/11 18:34:00 | 000,101,296 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\AhnLab\ASP\MyFirewall 4.0\mffwent.sys -- (MfFWEnt)
DRV - [2008/04/13 11:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/06/15 10:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/06/02 15:41:06 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2006/03/01 21:30:54 | 000,618,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2005/05/06 15:42:26 | 001,339,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2005/05/06 15:40:50 | 000,047,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2005/05/06 15:40:20 | 000,036,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2005/01/10 18:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 18:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/04 05:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 05:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/04 05:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2001/12/19 14:31:02 | 000,003,524 | ---- | M] (SPACE INT'L, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\XSpaceWg.sys -- (XSPACEWG)
DRV - [2001/12/19 14:30:18 | 000,020,551 | ---- | M] (SPACE INT'L, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\LIKECDN2.sys -- (LIKECDN2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/04/07 00:14:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/04/07 00:16:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/07 00:41:52 | 000,000,000 | ---D | M]

[2010/08/02 22:20:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\y7wi8kft.default\extensions
[2009/10/23 21:08:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\y7wi8kft.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/03/19 01:59:51 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\y7wi8kft.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/03/21 18:04:44 | 000,000,000 | ---D | M] (United States English Dictionary) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\y7wi8kft.default\extensions\en-US@dictionaries.addons.mozilla.org
[2009/10/23 21:08:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\y7wi8kft.default\extensions\staged-xpis
[2010/08/02 22:20:44 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\y7wi8kft.default\extensions\toolbar@ask.com
[2009/08/12 23:52:53 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOVE NETWORKS

O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Lexmark X84-X85 Button Manager] C:\Program Files\LexmarkX84-X85\AcBtnMgr_X84-X85.exe (Jetsoft Development Company)
O4 - HKLM..\Run: [Lexmark X84-X85 Button Monitor] C:\Program Files\LexmarkX84-X85\ACMonitor_X84-X85.exe (Jetsoft Development Company)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PrinTray] C:\WINDOWS\system32\spool\drivers\w32x86\3\printray.exe (Lexmark)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Free Ram Optimizer] C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LCDPlayer.lnk = File not found
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\BMA Interactive Desktop Calendar.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_23.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} [You must be registered and logged in to see this link.] (Aosmgr Control)
O16 - DPF: {1F9079B1-CB38-4DC0-9DAD-080BD2255698} [You must be registered and logged in to see this link.] (kongdisk File Share Control 5)
O16 - DPF: {39461460-2552-4D51-A062-3AB6A7B902E9} [You must be registered and logged in to see this link.] (INISAFE Updater Control)
O16 - DPF: {39FC0CF9-86F3-4502-B773-D16706EDEC83} [You must be registered and logged in to see this link.] (SCSK Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [You must be registered and logged in to see this link.] (MSN Photo Upload Tool)
O16 - DPF: {55F0958B-C5EB-49E4-8567-E018D2407F55} [You must be registered and logged in to see this link.] (Kongdisk Web Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_23)
O16 - DPF: {948FC4BD-3F05-4549-81E7-2C63974F6D17} [You must be registered and logged in to see this link.] (SecureSession Class)
O16 - DPF: {95A57FEB-0909-4FEA-B819-63DA7C4D9E1E} [You must be registered and logged in to see this link.] (Printmade S 1.5.9)
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} [You must be registered and logged in to see this link.] (Kdfense8 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_23)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} [You must be registered and logged in to see this link.] (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {D912AABC-6CB0-416F-85B6-CABBB86FD558} [You must be registered and logged in to see this link.] (INIwallet60 Control)
O16 - DPF: {E0F0958B-C5EB-49E3-8567-E018D2407F35} [You must be registered and logged in to see this link.] (Kongdisk Control)
O16 - DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} [You must be registered and logged in to see this link.] (SKCommAX Control)
O16 - DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} [You must be registered and logged in to see this link.] (NaverAXGuide Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\s-http {D37E6C5F-1C0F-47C0-A3B6-403EEC555402} - C:\Program Files\INITECH\SHTTP\InitechSHTTPInterface.10111.dll ((c) INITECH)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\BMA Interactive Desktop\3101265\index.html
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/03 02:10:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [1998/12/13 07:43:32 | 000,000,040 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{92dccac1-44e0-11de-a434-001111e2d12a}\Shell\AutoRun\command - "" = q9.cmd
O33 - MountPoints2\{92dccac1-44e0-11de-a434-001111e2d12a}\Shell\open\Command - "" = q9.cmd
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (stera) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/07 08:44:20 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/04/07 00:52:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\COMODO
[2011/04/07 00:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011/04/07 00:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2011/04/07 00:22:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2011/04/07 00:18:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/04/07 00:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/04/07 00:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/04/07 00:14:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/04/07 00:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/04/07 00:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/04/06 23:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/04/06 23:13:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/06 23:13:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/06 23:13:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/04/06 23:13:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/06 23:13:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/06 23:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/04/06 22:19:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/04/06 22:19:09 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/04/06 22:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/04/06 16:44:39 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/04/06 12:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\dHj16633oCiCe16633
[2011/03/25 15:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\acccore
[2011/03/25 15:33:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AOL
[2011/03/25 15:33:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AIM
[2011/03/25 15:33:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AIM
[2011/03/25 15:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AIM
[2011/03/25 15:32:53 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2011/03/25 15:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/03/25 15:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2011/03/25 15:32:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2002/04/11 09:41:06 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[328 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/08 10:01:04 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/04/08 08:09:25 | 111,950,108 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/07 13:03:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/07 13:03:14 | 000,276,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/07 01:27:45 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/07 00:52:46 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Firewall.lnk
[2011/04/07 00:41:53 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2011/04/07 00:17:41 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/04/07 00:13:14 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/06 23:59:14 | 000,435,574 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/06 23:59:14 | 000,068,470 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/06 23:58:13 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/06 23:57:59 | 000,122,880 | RHS- | M] () -- C:\WINDOWS\System32\pgking1.dll
[2011/04/06 23:13:31 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/06 16:44:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/04/06 13:52:06 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011/04/06 13:36:06 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/04/03 00:48:58 | 000,123,904 | RHS- | M] () -- C:\WINDOWS\System32\pgking2.dll
[2011/03/28 23:18:59 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/25 15:33:40 | 000,000,467 | -H-- | M] () -- C:\IPH.PH
[2011/03/25 15:32:59 | 000,001,590 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/03/25 15:32:59 | 000,001,572 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[328 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2100/02/16 16:09:06 | 000,000,062 | ---- | C] () -- C:\WINDOWS\System32\LXBOUSCI.INI
[2011/04/08 08:09:25 | 111,950,108 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/07 00:52:46 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO Firewall.lnk
[2011/04/07 00:17:41 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/04/06 23:13:31 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/06 13:04:38 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/04/03 00:48:58 | 000,123,904 | RHS- | C] () -- C:\WINDOWS\System32\pgking2.dll
[2011/04/01 22:44:14 | 000,122,880 | RHS- | C] () -- C:\WINDOWS\System32\pgking1.dll
[2011/03/25 15:32:59 | 000,001,590 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/03/25 15:32:59 | 000,001,572 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk
[2011/03/25 15:32:37 | 000,000,467 | -H-- | C] () -- C:\IPH.PH
[2011/01/19 00:25:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/01/15 12:59:57 | 000,064,780 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/19 13:34:14 | 000,311,976 | ---- | C] () -- C:\WINDOWS\System32\kongdiskctrl_update.exe
[2010/06/19 01:30:53 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/06/19 01:30:53 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/06/19 01:30:51 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/06/19 01:30:51 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/06/19 01:30:51 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/05/22 23:41:32 | 000,247,312 | ---- | C] () -- C:\WINDOWS\System32\TrustNETTray.exe
[2009/05/19 19:33:50 | 000,067,120 | ---- | C] () -- C:\WINDOWS\System32\npnuninst.exe
[2009/05/19 19:29:56 | 000,000,027 | ---- | C] () -- C:\WINDOWS\fnProRun.ini
[2009/05/19 18:53:22 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\npdownv.exe
[2009/03/12 18:50:48 | 000,329,248 | ---- | C] () -- C:\WINDOWS\System32\wmatomp3.dll
[2007/08/17 16:48:11 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/07/29 02:07:35 | 001,066,528 | ---- | C] () -- C:\WINDOWS\System32\mfc71.dll
[2007/07/03 14:18:38 | 000,004,672 | ---- | C] () -- C:\WINDOWS\System32\LXBOUSCI.DLL
[2007/05/16 01:35:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TKW07.INI
[2007/05/08 01:06:00 | 000,001,688 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/05/08 01:04:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/12/04 17:51:43 | 000,005,663 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2006/12/04 17:51:43 | 000,000,075 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2006/11/28 18:24:52 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/11/28 18:24:43 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/22 15:01:03 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/03 02:12:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/10/03 02:07:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/10/02 18:59:22 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/10/02 18:58:09 | 000,276,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/05/03 20:38:42 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2004/08/04 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:00:00 | 000,435,574 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:00:00 | 000,119,296 | ---- | C] () -- C:\WINDOWS\System32\pgie1.dll
[2004/08/04 05:00:00 | 000,068,470 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 05:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/10/02 19:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/18 20:40:16 | 000,000,643 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2002/09/18 20:13:13 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\lxboBCE.DLL
[2002/09/18 20:13:11 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\lxboICO.DLL
[2002/06/11 08:34:09 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\lxbo2kui.dll
[2002/06/11 08:33:54 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\lxbo2kpm.dll
[2002/06/07 12:59:15 | 000,000,173 | ---- | C] () -- C:\WINDOWS\X84-X85_DS.ini
[2001/10/03 12:40:11 | 000,172,095 | ---- | C] () -- C:\WINDOWS\WaitPrintReg.exe
[2001/08/24 19:17:59 | 000,001,369 | ---- | C] () -- C:\WINDOWS\Lexmark_ICM.ini
[2001/05/28 12:26:24 | 000,131,584 | ---- | C] () -- C:\WINDOWS\Ptlic32.exe
[2000/10/24 09:08:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2000/10/24 09:08:33 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:44DAF2F1

< End of report >

dpark29

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2009-08-29
Operating System : XP

View user profile

Back to top Go down

Re: !!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by dpark29 on Sat 09 Apr 2011, 5:02 am

Extras.Txt

OTL Extras logfile created on: 4/8/2011 10:52:08 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 205.00 Mb Available Physical Memory | 40.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.67 Gb Total Space | 22.39 Gb Free Space | 31.68% Space Free | Partition Type: NTFS
Drive G: | 608.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: GEEEUN-WK | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\MapleStory\NewPatcher.exe" = C:\Nexon\MapleStory\NewPatcher.exe:*:Enabled:Patcher MFC 응용 프로그램
"C:\Nexon\MapleStory\Patcher.exe" = C:\Nexon\MapleStory\Patcher.exe:*:Enabled:Patcher MFC 응용 프로그램
"C:\Program Files\Starcraft\StarCraft.exe" = C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:μTorrent -- (BitTorrent, Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{117CD9C0-0F15-4633-93D7-F957B50535A5}" = Popup Blocker (Windows Live Toolbar)
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23E816A9-1D3F-464E-B841-4B21E3303528}" = Arcadia High School
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 23
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3727B920-F5A3-46A4-AC02-94F421A039C7}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{38024121-D084-4E7D-B1A2-1A04CB5C4CF3}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{53B2CFE9-A508-4457-B2CA-5D253536BFB7}" = OneCare Advisor (Windows Live Toolbar)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A62A068-3FD6-495A-9F66-26FE94F32EC9}" = Rhapsody Player Engine
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95FC661A-A0C5-4B18-92CE-90347DA79CC9}" = Smart Menus (Windows Live Toolbar)
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A40D6757-B145-4FE7-B694-89180A9F3F64}" = Windows Live Outlook Toolbar (Windows Live Toolbar)
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.6
"{AC76BA86-7AD7-5670-0000-800000000003}" = Korean Fonts Support For Adobe Reader 8
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B3AEF776-7FFF-4C50-A402-9119E3849EE0}" = AVG 2011
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0F32615-604C-441D-8312-AD1A6F8D3534}" = CDSpace 4.1
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B}" = Windows Live Favorites for Windows Live Toolbar
"{E2FAF859-D963-44B5-9845-307C97220075}" = Fn pro max
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{ECDA9BD9-A54E-462A-8191-A2B569D9AB34}" = Map Button (Windows Live Toolbar)
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F5AF5CDA-76FC-4794-9F28-09B6D54E7431}" = Form Fill (Windows Live Toolbar)
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F99C5427-4D78-43E2-B97E-F4C4E622D612}" = MapleStory
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"AhnLab Online Security" = AhnLab Online Security
"AIM_7" = AIM 7
"ALUpdate_is1" = 알툴즈 업데이트
"ALZip_is1" = 알집
"AVG" = AVG 2011
"Device Control" = Device Control
"DtsFilter" = DTS+AC3 Filter
"EAXSet" = Creative EAX Settings
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Free Ram Optimizer XP_is1" = Free Ram Optimizer XP 1.0
"GOM Player" = GOM Player
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"kdefense" = K-Defense8 Control - 키보드 보안
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (2.0.0.20)" = Mozilla Firefox (2.0.0.20)
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"NaverSetup" = ??? ActiveX ???
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PeerGuardian_is1" = PeerGuardian 2.0
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"SecuiSFNCOM" = TrustNET WebToolKit for SecuiSFNCOM
"SoftcampSCSK" = SoftCamp Secure KeyStroke 4.0
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SPEAKER" = Creative Speaker Settings
"UnINISafeWeb7" = INISafeWeb 7.0 (SFilter v1.0)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.2
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/6/2011 4:53:32 PM | Computer Name = GEEEUN-WK | Source = MsiInstaller | ID = 11311
Description = Product: Microsoft Office Professional Edition 2003 -- Error 1311.
Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB.
Verify that the file exists and that you can access it.

Error - 4/6/2011 4:53:32 PM | Computer Name = GEEEUN-WK | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office Professional Edition 2003 - Update 'Security
Update for Outlook 2003 (KB2293428): OLKINTL' could not be installed. Error code
1603. Windows Installer can create logs to help troubleshoot issues with installing
software packages. Use the following link for instructions on turning on logging
support: [You must be registered and logged in to see this link.]

Error - 4/7/2011 2:11:56 AM | Computer Name = GEEEUN-WK | Source = MsiInstaller | ID = 1008
Description = The installation of C:\Program Files\Common Files\Wise Installation
Wizard\WIS41EBC322660F4D16A0DF53147210CBDB_4_3_32_3239.MSI is not permitted due
to an error in software restriction policy processing. The object cannot be trusted.

Error - 4/7/2011 2:13:11 AM | Computer Name = GEEEUN-WK | Source = MsiInstaller | ID = 1008
Description = The installation of C:\Program Files\Common Files\Wise Installation
Wizard\WIS41EBC322660F4D16A0DF53147210CBDB_4_3_32_3239.MSI is not permitted due
to an error in software restriction policy processing. The object cannot be trusted.

Error - 4/7/2011 2:58:47 AM | Computer Name = GEEEUN-WK | Source = Application Error | ID = 1000
Description = Faulting application wlcomm.exe, version 14.0.8117.416, faulting module
pgking1.dll, version 0.0.0.0, fault address 0x000812d5.

Error - 4/7/2011 3:41:42 AM | Computer Name = GEEEUN-WK | Source = MsiInstaller | ID = 11500
Description = Product: COMODO Firewall -- Error 1500. Another installation is in
progress. You must complete that installation before continuing this one.

Error - 4/7/2011 3:41:47 AM | Computer Name = GEEEUN-WK | Source = MsiInstaller | ID = 11500
Description = Product: COMODO Firewall -- Error 1500. Another installation is in
progress. You must complete that installation before continuing this one.

Error - 4/7/2011 3:42:04 AM | Computer Name = GEEEUN-WK | Source = MsiInstaller | ID = 11500
Description = Product: COMODO Firewall -- Error 1500. Another installation is in
progress. You must complete that installation before continuing this one.

Error - 4/7/2011 3:43:47 AM | Computer Name = GEEEUN-WK | Source = MsiInstaller | ID = 11500
Description = Product: COMODO Firewall -- Error 1500. Another installation is in
progress. You must complete that installation before continuing this one.

Error - 4/7/2011 4:07:10 AM | Computer Name = GEEEUN-WK | Source = Application Hang | ID = 1002
Description = Hanging application aim.exe, version 7.5.8.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 4/7/2011 2:57:46 AM | Computer Name = GEEEUN-WK | Source = System Error | ID = 1003
Description = Error code 00000093, parameter1 00000018, parameter2 00000000, parameter3
00000000, parameter4 00000000.

Error - 4/7/2011 2:57:51 AM | Computer Name = GEEEUN-WK | Source = System Error | ID = 1003
Description = Error code 00000093, parameter1 00000010, parameter2 00000000, parameter3
00000000, parameter4 00000000.

Error - 4/7/2011 2:57:53 AM | Computer Name = GEEEUN-WK | Source = System Error | ID = 1003
Description = Error code 00000093, parameter1 00000018, parameter2 00000000, parameter3
00000000, parameter4 00000000.

Error - 4/7/2011 2:57:55 AM | Computer Name = GEEEUN-WK | Source = System Error | ID = 1003
Description = Error code 000000f4, parameter1 00000003, parameter2 82b46da0, parameter3
82b46f14, parameter4 805fb146.

Error - 4/7/2011 2:58:04 AM | Computer Name = GEEEUN-WK | Source = System Error | ID = 1003
Description = Error code 000000f4, parameter1 00000003, parameter2 82c664d0, parameter3
82c66644, parameter4 805fb146.

Error - 4/7/2011 4:03:05 AM | Computer Name = GEEEUN-WK | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3

Error - 4/7/2011 4:14:27 AM | Computer Name = GEEEUN-WK | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3

Error - 4/7/2011 4:15:41 AM | Computer Name = GEEEUN-WK | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.

Error - 4/7/2011 4:15:41 AM | Computer Name = GEEEUN-WK | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053

Error - 4/7/2011 4:04:47 PM | Computer Name = GEEEUN-WK | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3


< End of report >

dpark29

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2009-08-29
Operating System : XP

View user profile

Back to top Go down

Re: !!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by Belahzur on Sat 09 Apr 2011, 8:06 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: !!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by Belahzur on Sat 09 Apr 2011, 8:06 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: !!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by Belahzur on Sat 09 Apr 2011, 8:06 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: !!!!!MY COMPUTER HAS VIRUSES PLEASE HELP!!!!!

Post by Sponsored content Today at 7:53 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum