Hi another Antivirus Pro.

View previous topic View next topic Go down

Hi another Antivirus Pro.

Post by Sca7ca7 on Sun 15 May 2011, 4:09 am

I've been trying to fix the laptop all day. I looked and could not find anything that work.
So i got the OTL program and here's what it said:

OTL:
OTL logfile created on: 14-05-2011 18:13:12 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nutella\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

894,00 Mb Total Physical Memory | 300,00 Mb Available Physical Memory | 34,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 73,35 Gb Total Space | 52,77 Gb Free Space | 71,94% Space Free | Partition Type: NTFS
Drive D: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 67,69 Gb Total Space | 62,98 Gb Free Space | 93,04% Space Free | Partition Type: NTFS
Drive F: | 963,70 Mb Total Space | 963,14 Mb Free Space | 99,94% Space Free | Partition Type: FAT

Computer Name: NUTELLA-PC | User Name: Nutella | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-05-14 18:11:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nutella\Desktop\OTL.exe
PRC - [2011-02-26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-12-09 12:45:58 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010-11-30 14:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010-11-24 04:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.0.0.125\ccSvcHst.exe
PRC - [2010-11-11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010-11-11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2007-05-31 17:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe


========== Modules (SafeList) ==========

MOD - [2011-05-14 18:11:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nutella\Desktop\OTL.exe
MOD - [2010-08-21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-11-24 04:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\5.0.0.125\ccSvcHst.exe -- (N360)
SRV - [2010-11-11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010-11-11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010-09-20 15:11:20 | 001,343,400 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007-05-31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - [2011-05-14 11:08:39 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{56C22B83-0385-4FCC-9F95-26EC307D4249}\MpKsled693135.sys -- (MpKsled693135)
DRV - [2011-05-14 10:55:13 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010-12-01 11:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20101201.025\NAVEX15.SYS -- (NAVEX15)
DRV - [2010-12-01 11:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010-12-01 11:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-12-01 11:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20101201.025\NAVENG.SYS -- (NAVENG)
DRV - [2010-12-01 07:24:00 | 000,295,032 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\SYMNETS.SYS -- (SymNetS)
DRV - [2010-11-23 06:21:16 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20101123.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010-11-23 06:08:31 | 000,509,560 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\SRTSP.SYS -- (SRTSP)
DRV - [2010-11-23 06:08:31 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010-11-18 04:59:55 | 000,652,336 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\SYMEFA.SYS -- (SymEFA)
DRV - [2010-11-16 03:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\Ironx86.SYS -- (SymIRON)
DRV - [2010-11-11 03:46:29 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20101201.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010-10-24 22:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010-10-24 22:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010-10-21 04:28:36 | 000,340,016 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\SYMDS.SYS -- (SymDS)
DRV - [2010-04-07 12:16:16 | 000,376,160 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr61.sys -- (rt61x86)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2008-12-01 22:14:34 | 004,179,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008-07-22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B1 A6 75 89 48 C5 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011-05-14 10:56:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\ [2011-05-14 10:53:31 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.0.0.125\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.0.0.125\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.0.0.125\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.0.0.125\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKCU..\Run: [88a671d2-36e5-4f5a-851e-1abcb77a1159] C:\ProgramData\88a671d2-36e5-4f5a-851e-1abcb77a1159.dat ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nutella\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: nordea.dk ([[You must be registered and logged in to see this link.] https in Websteder, du har tillid til)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6f0ac753-3b5a-11e0-8ee8-001b241910a4}\Shell - "" = AutoRun
O33 - MountPoints2\{6f0ac753-3b5a-11e0-8ee8-001b241910a4}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-05-14 18:12:40 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Nutella\Desktop\OTL.exe
[2011-05-14 10:55:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011-05-14 10:55:14 | 000,126,512 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011-05-14 10:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011-05-14 10:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011-05-14 10:54:48 | 000,652,336 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0500000.07D\SymEFA.sys
[2011-05-14 10:54:48 | 000,509,560 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0500000.07D\srtsp.sys
[2011-05-14 10:54:48 | 000,340,016 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0500000.07D\SymDS.sys
[2011-05-14 10:54:48 | 000,295,032 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0500000.07D\symnets.sys
[2011-05-14 10:54:48 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0500000.07D\srtspx.sys
[2011-05-14 10:54:47 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0500000.07D\Ironx86.sys
[2011-05-14 10:54:31 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2011-05-14 10:53:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2011-05-14 10:53:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0500000.07D
[2011-05-14 10:53:31 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2011-05-14 10:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2011-05-14 10:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011-05-14 10:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011-05-14 10:53:12 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011-05-11 21:05:03 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011-05-11 21:05:02 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011-04-26 22:19:22 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011-04-26 22:19:14 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011-04-26 22:19:13 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2011-04-26 22:19:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2011-04-26 22:18:29 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011-04-26 22:18:25 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011-04-14 18:21:02 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011-04-14 18:21:02 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011-04-14 18:20:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011-04-14 18:20:58 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011-04-14 18:20:56 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011-04-14 18:20:41 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011-04-14 18:20:41 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011-04-14 18:20:41 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011-04-14 18:20:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011-04-14 18:20:39 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011-04-14 18:20:38 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011-04-14 18:20:38 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011-04-14 18:20:37 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-04-14 18:20:37 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011-04-14 18:20:37 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011-04-14 18:20:37 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011-04-14 18:20:06 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011-04-14 18:20:04 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011-04-14 18:20:02 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011-04-14 18:19:57 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011-04-14 18:19:56 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[1 C:\Users\Nutella\Desktop\*.tmp files -> C:\Users\Nutella\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-05-14 18:16:17 | 000,618,108 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-05-14 18:16:17 | 000,472,442 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2011-05-14 18:16:17 | 000,107,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-05-14 18:16:17 | 000,080,938 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2011-05-14 18:11:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nutella\Desktop\OTL.exe
[2011-05-14 18:01:25 | 001,755,540 | -H-- | M] () -- C:\ProgramData\88a671d2-36e5-4f5a-851e-1abcb77a1159.dat
[2011-05-14 17:51:18 | 001,274,150 | ---- | M] () -- C:\Windows\System32\drivers\N360\0500000.07D\Cat.DB
[2011-05-14 17:50:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-05-14 11:07:33 | 703,205,376 | -HS- | M] () -- C:\hiberfil.sys
[2011-05-14 10:55:13 | 000,126,512 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011-05-14 10:55:13 | 000,007,456 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011-05-14 10:55:13 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011-05-14 10:54:58 | 000,002,407 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011-05-14 10:32:13 | 000,001,742 | ---- | M] () -- C:\Users\Nutella\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus Pro.lnk
[2011-05-14 10:32:13 | 000,001,718 | ---- | M] () -- C:\Users\Nutella\Desktop\Antivirus Pro.lnk
[2011-05-09 15:46:59 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-05-09 15:46:59 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-04-15 06:50:00 | 000,406,960 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Users\Nutella\Desktop\*.tmp files -> C:\Users\Nutella\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-05-14 10:55:58 | 001,274,150 | ---- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\Cat.DB
[2011-05-14 10:55:14 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011-05-14 10:55:14 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011-05-14 10:54:58 | 000,002,407 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011-05-14 10:54:00 | 000,003,374 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\SymEFA.inf
[2011-05-14 10:54:00 | 000,002,792 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\SymDS.inf
[2011-05-14 10:54:00 | 000,001,446 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\SymNet.inf
[2011-05-14 10:54:00 | 000,001,389 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\srtspx.inf
[2011-05-14 10:54:00 | 000,001,383 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\srtsp.inf
[2011-05-14 10:54:00 | 000,000,742 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\Iron.inf
[2011-05-14 10:53:36 | 000,007,528 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\iron.cat
[2011-05-14 10:53:36 | 000,007,458 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\SymNet.cat
[2011-05-14 10:53:36 | 000,007,456 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\SymEFA.cat
[2011-05-14 10:53:36 | 000,007,454 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\srtspx.cat
[2011-05-14 10:53:36 | 000,007,450 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\SymDS.cat
[2011-05-14 10:53:36 | 000,007,450 | R--- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\srtsp.cat
[2011-05-14 10:53:35 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0500000.07D\isolate.ini
[2011-05-14 10:32:13 | 001,755,540 | -H-- | C] () -- C:\ProgramData\88a671d2-36e5-4f5a-851e-1abcb77a1159.dat
[2011-05-14 10:32:13 | 000,001,742 | ---- | C] () -- C:\Users\Nutella\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus Pro.lnk
[2011-05-14 10:32:13 | 000,001,718 | ---- | C] () -- C:\Users\Nutella\Desktop\Antivirus Pro.lnk
[2010-09-23 21:16:37 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-09-20 16:21:39 | 000,472,442 | ---- | C] () -- C:\Windows\System32\perfh006.dat
[2010-09-20 16:21:39 | 000,306,636 | ---- | C] () -- C:\Windows\System32\perfi006.dat
[2010-09-20 16:21:39 | 000,080,938 | ---- | C] () -- C:\Windows\System32\perfc006.dat
[2010-09-20 16:21:39 | 000,039,236 | ---- | C] () -- C:\Windows\System32\perfd006.dat
[2010-09-20 16:20:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 06:33:53 | 000,406,960 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-07-14 04:05:48 | 000,618,108 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009-07-14 04:05:48 | 000,107,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009-07-14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008-12-01 20:46:12 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008-12-01 20:08:40 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008-10-30 14:45:42 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2003-04-07 12:18:40 | 000,005,464 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

< End of report >

Extras:
OTL Extras logfile created on: 14-05-2011 18:13:12 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nutella\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

894,00 Mb Total Physical Memory | 300,00 Mb Available Physical Memory | 34,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 73,35 Gb Total Space | 52,77 Gb Free Space | 71,94% Space Free | Partition Type: NTFS
Drive D: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 67,69 Gb Total Space | 62,98 Gb Free Space | 93,04% Space Free | Partition Type: NTFS
Drive F: | 963,70 Mb Total Space | 963,14 Mb Free Space | 99,94% Space Free | Partition Type: FAT

Computer Name: NUTELLA-PC | User Name: Nutella | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90110406-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0406-0000-0000000FF1CE}" = Kompatibilitetspakke til Office 2007-systemet
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"N360" = Norton 360
"SopCast" = SopCast 3.3.2
"Uninstall_is1" = Uninstall 1.0.0.1
"Winamp" = Winamp

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13-04-2011 17:14:24 | Computer Name = Nutella-PC | Source = EventSystem | ID = 4621
Description =

Error - 18-04-2011 07:25:00 | Computer Name = Nutella-PC | Source = EventSystem | ID = 4621
Description =

Error - 27-04-2011 16:00:39 | Computer Name = Nutella-PC | Source = EventSystem | ID = 4621
Description =

Error - 27-04-2011 16:39:35 | Computer Name = Nutella-PC | Source = EventSystem | ID = 4621
Description =

Error - 30-04-2011 21:28:13 | Computer Name = Nutella-PC | Source = EventSystem | ID = 4621
Description =

Error - 04-05-2011 15:26:34 | Computer Name = Nutella-PC | Source = EventSystem | ID = 4621
Description =

Error - 05-05-2011 16:33:49 | Computer Name = Nutella-PC | Source = EventSystem | ID = 4621
Description =

Error - 09-05-2011 17:27:31 | Computer Name = Nutella-PC | Source = EventSystem | ID = 4621
Description =

Error - 13-05-2011 19:54:32 | Computer Name = Nutella-PC | Source = EventSystem | ID = 4621
Description =

Error - 14-05-2011 12:05:15 | Computer Name = Nutella-PC | Source = Application Hang | ID = 1002
Description = Programmet rundll32.exe version 6.1.7600.16385 afbrød kommunikationen
med Windows og blev afsluttet. Hvis du vil se, om der findes flere oplysninger
om problemet, kan du læse om problemets historik via Løsningscenter. Proces-id: a8c

Starttidspunkt:
01cc1216a02d67d4 Afslutningstidspunkt: 109 Programsti: C:\Windows\System32\rundll32.exe

Rapport-id:


[ System Events ]
Error - 18-04-2011 07:22:12 | Computer Name = Nutella-PC | Source = Service Control Manager | ID = 7011
Description = Der opstod en timeout (30000 millisekunder), mens der ventedes på
et transaktionssvar fra tjenesten Wlansvc.

Error - 18-04-2011 14:41:45 | Computer Name = Nutella-PC | Source = DCOM | ID = 10010
Description =

Error - 19-04-2011 11:54:36 | Computer Name = Nutella-PC | Source = DCOM | ID = 10010
Description =

Error - 21-04-2011 15:27:17 | Computer Name = Nutella-PC | Source = DCOM | ID = 10001
Description =

Error - 24-04-2011 09:02:16 | Computer Name = Nutella-PC | Source = DCOM | ID = 10010
Description =

Error - 27-04-2011 11:12:45 | Computer Name = Nutella-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = CBS-klienten blev ikke installeret. Seneste fejl: 0x8007045b

Error - 02-05-2011 09:19:52 | Computer Name = Nutella-PC | Source = DCOM | ID = 10010
Description =

Error - 04-05-2011 11:32:58 | Computer Name = Nutella-PC | Source = DCOM | ID = 10010
Description =

Error - 06-05-2011 16:38:02 | Computer Name = Nutella-PC | Source = DCOM | ID = 10010
Description =

Error - 06-05-2011 16:38:01 | Computer Name = Nutella-PC | Source = Service Control Manager | ID = 7011
Description = Der opstod en timeout (30000 millisekunder), mens der ventedes på
et transaktionssvar fra tjenesten Netman.


< End of report >


Thanks in advance, i really do appreciate it!

Sca7ca7

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-05-15
Operating System : Win 7 SP1

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Belahzur on Sun 15 May 2011, 4:28 am

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O4 - HKCU..\Run: [88a671d2-36e5-4f5a-851e-1abcb77a1159] C:\ProgramData\88a671d2-36e5-4f5a-851e-1abcb77a1159.dat ()
    [2011-05-14 18:01:25 | 001,755,540 | -H-- | M] () -- C:\ProgramData\88a671d2-36e5-4f5a-851e-1abcb77a1159.dat
    [2011-05-14 10:32:13 | 000,001,742 | ---- | M] () -- C:\Users\Nutella\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus Pro.lnk
    [2011-05-14 10:32:13 | 000,001,718 | ---- | M] () -- C:\Users\Nutella\Desktop\Antivirus Pro.lnk


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Sca7ca7 on Sun 15 May 2011, 7:03 am

Hi Belahzur.
Wow, i did not expect so fast an answer, thank you very much.
I ran the fix as instructed and this is the outcome.


Error: Unable to interpret in the current context!
Error: Unable to interpret <[2011-05-14 18:01:25 | 001,755,540 | -H-- | M] () -- C:\ProgramData\88a671d2-36e5-4f5a-851e-1abcb77a1159.dat> in the current context!
Error: Unable to interpret <[2011-05-14 10:32:13 | 000,001,742 | ---- | M] () -- C:\Users\Nutella\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus Pro.lnk> in the current context!
Error: Unable to interpret <[2011-05-14 10:32:13 | 000,001,718 | ---- | M] () -- C:\Users\Nutella\Desktop\Antivirus Pro.lnk> in the current context!

OTL by OldTimer - Version 3.2.22.3 log created on 05142011_215919

Sca7ca7

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-05-15
Operating System : Win 7 SP1

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Belahzur on Mon 16 May 2011, 2:16 am

Hello.
I think you may have missed :OTL as the top line as the script failed, so please try it again.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Sca7ca7 on Mon 16 May 2011, 5:47 am

Spot on hehe, here's the correct Fix result

========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\88a671d2-36e5-4f5a-851e-1abcb77a1159 deleted successfully.
C:\ProgramData\88a671d2-36e5-4f5a-851e-1abcb77a1159.dat moved successfully.
File C:\ProgramData\88a671d2-36e5-4f5a-851e-1abcb77a1159.dat not found.
C:\Users\Nutella\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus Pro.lnk moved successfully.
File C:\Users\Nutella\Desktop\Antivirus Pro.lnk not found.

OTL by OldTimer - Version 3.2.22.3 log created on 05152011_204258

Sca7ca7

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-05-15
Operating System : Win 7 SP1

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Belahzur on Mon 16 May 2011, 8:03 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Sca7ca7 on Mon 16 May 2011, 8:44 am

It's funny, i tried that earlier and it didn't work :/

But it's been clean, and working perfect again.

Thank you very much for the help.

Sca7ca7

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-05-15
Operating System : Win 7 SP1

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Belahzur on Mon 16 May 2011, 9:11 am

Don't disappear just yet, please run MBAM and post the log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Sca7ca7 on Fri 20 May 2011, 10:23 pm

Hi, just had to get the laptop back again hehe.
Here's the log:
It's in danish .

Malwarebytes' Anti-Malware 1.50.1.1100
[You must be registered and logged in to see this link.]

Database version: 6586

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

15-05-2011 23:37:59
mbam-log-2011-05-15 (23-37-59).txt

Skanningstype: Hurtig skanning
Objekter skannet: 136800
Tid gået: 6 minut(ter), 42 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 0
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 0
Inficerede Filer: 2

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
c:\Users\Nutella\AppData\Local\Temp\wrkFC7B.tmp (Rogue.AntivirusCenter.Gen) -> Quarantined and deleted successfully.
c:\Users\Nutella\AppData\Local\Temp\wrk5DDA.tmp (Rogue.AntivirusCenter.Gen) -> Quarantined and deleted successfully.

Sca7ca7

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-05-15
Operating System : Win 7 SP1

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Belahzur on Tue 31 May 2011, 7:15 am

Hello.

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Hi another Antivirus Pro.

Post by Sponsored content Today at 8:01 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum