Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

XP internet security virus, unable to open any .exe files

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

XP internet security virus, unable to open any .exe files

Unread postby Haede » June 1st, 2011, 8:18 am

Hi!

Pardon my incompetance, here we go again:
My problem is regarding the xp internet security 2011 virus. I think I have managed to delete it, but in doing so, I have become unable to open any .exe files. I did achieve to open one file by right clicking it and then run as, then as administrator. I am also unable to open properties on my computer. I always get the same error message: windows cannot access the specified device path or file. you may not have appropriate permissions.

I am happy to give any more infomation you might need, but I think this will cover it?

DDS (Ver_11-05-19.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Run by Administrator at 14:05:51 on 2011-06-01
Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.2047.1776 [GMT 2:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Skrivebord\dds.scr
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programfiler\fellesfiler\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\programfiler\avg\avg10\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\programfiler\microsoft office\office12\GrooveShellExtensions.dll
BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programfiler\fellesfiler\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programfiler\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programfiler\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\programfiler\superantispyware\SUPERAntiSpyware.exe
uRunOnce: [AVG search provider] "c:\programfiler\avg\avg10\SearchProvider.exe" /AFTERINST
mRun: [NWEReboot]
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [DelReg] c:\programfiler\msi\overclockingcenter\DelReg.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [GrooveMonitor] "c:\programfiler\microsoft office\office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "c:\programfiler\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\programfiler\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\programfiler\fellesfiler\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\programfiler\malwarebytes' anti-malware\Myscan.exe" /runcleanupscript
mRun: [AVG_TRAY] c:\programfiler\avg\avg10\avgtray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programfiler\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/Shar ... vSniff.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInCon ... ontrol.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/Messenger ... E_UNO1.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/Shar ... /cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/Me ... b56907.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/sh ... wflash.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crl ... crlocx.ocx
TCP: {E8D77B98-F623-42DA-B22D-D2C1BF8043A4} = 192.168.10.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\programfiler\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\programfiler\avg\avg10\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\felles~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\programfiler\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\programfiler\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\programfiler\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\programdata\mozilla\firefox\profiles\kma3qi9v.default\
FF - plugin: c:\programfiler\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\programfiler\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programfiler\pando networks\media booster\npPandoWebPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
S1 SASDIFSV;SASDIFSV;c:\programfiler\superantispyware\sasdifsv.sys [2010-2-17 12872]
S1 SASKUTIL;SASKUTIL;c:\programfiler\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
S2 AVGIDSAgent;AVGIDSAgent;c:\programfiler\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]
S2 avgwd;AVG WatchDog;c:\programfiler\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-5-28 1684736]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 27216]
S3 DualCoreCenter;DualCoreCenter;c:\programfiler\msi\overclockingcenter\NTGLM7X.sys [2010-6-20 28672]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [2006-8-28 10664]
S3 RushTopDevice_J;RushTopDevice_J;c:\programfiler\msi\overclockingcenter\RushJ.sys [2010-6-20 18944]
S3 RushTopDevice2;RushTopDevice2;c:\programfiler\msi\overclockingcenter\RushTop.sys [2010-6-20 54272]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [2007-12-9 61536]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2008-12-22 41984]
.
=============== Created Last 30 ================
.
2011-05-31 19:11:45 -------- d-sh--w- c:\documents and settings\administrator\PrivacIE
2011-05-31 11:48:01 -------- d--h--w- c:\documents and settings\all users\programdata\Common Files
2011-05-31 11:47:35 -------- d-----w- c:\documents and settings\administrator\programdata\AVG10
2011-05-31 11:28:55 -------- d-----w- c:\windows\system32\drivers\AVG
2011-05-31 11:28:55 -------- d-----w- c:\documents and settings\all users\programdata\AVG10
2011-05-31 11:28:01 -------- d-----w- c:\programfiler\AVG
2011-05-31 11:23:23 -------- d-----w- c:\documents and settings\all users\programdata\MFAData
2011-05-31 00:26:22 -------- d-----w- c:\documents and settings\administrator\programdata\SUPERAntiSpyware.com
2011-05-31 00:26:09 -------- d-----w- c:\programfiler\SUPERAntiSpyware
2011-05-31 00:23:33 -------- d-----w- c:\documents and settings\administrator\programdata\Malwarebytes
2011-05-31 00:23:28 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-31 00:23:28 -------- d-----w- c:\documents and settings\all users\programdata\Malwarebytes
2011-05-31 00:23:25 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-31 00:23:25 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware
2011-05-31 00:21:27 -------- d-----w- c:\documents and settings\administrator\lokale innstillinger\programdata\Mozilla
2011-05-15 18:19:34 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-11 12:04:13 -------- d-----w- c:\documents and settings\all users\programdata\PMB Files
2011-05-11 12:04:04 -------- d-----w- c:\programfiler\Pando Networks
2011-05-09 13:27:12 89048 ----a-w- c:\programfiler\mozilla firefox\libEGL.dll
2011-05-09 13:27:12 781272 ----a-w- c:\programfiler\mozilla firefox\mozsqlite3.dll
2011-05-09 13:27:12 465880 ----a-w- c:\programfiler\mozilla firefox\libGLESv2.dll
2011-05-09 13:27:12 1874904 ----a-w- c:\programfiler\mozilla firefox\mozjs.dll
2011-05-09 13:27:12 15832 ----a-w- c:\programfiler\mozilla firefox\mozalloc.dll
2011-05-09 13:27:11 1974616 ----a-w- c:\programfiler\mozilla firefox\D3DCompiler_42.dll
2011-05-09 13:27:11 1892184 ----a-w- c:\programfiler\mozilla firefox\d3dx9_42.dll
2011-05-09 13:27:11 142296 ----a-w- c:\programfiler\mozilla firefox\components\browsercomps.dll
.
==================== Find3M ====================
.
2011-04-14 19:28:42 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-04-06 14:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 14:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-04 22:59:56 297168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-03-16 14:03:20 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-03-07 05:33:44 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36:58 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53:37 1857920 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 14:06:58,17 ===============




DDS (Ver_11-05-19.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 28.02.2007 22:12:27
System Uptime: 01.06.2011 14:04:40 (0 hours ago)
.
Motherboard: MSI | | G41TM-E43 (MS-7592)
Processor: Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz | CPU 1 | 2133/267mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 86 GiB total, 33,96 GiB free.
D: is FIXED (NTFS) - 147 GiB total, 26,137 GiB free.
E: is CDROM (UDF)
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Ralink Turbo Wireless LAN Card
Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&CF81C54&0&08F0
Manufacturer: Ralink Technology, Inc.
Name: Ralink Turbo Wireless LAN Card #2
PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&CF81C54&0&08F0
Service: RT61
.
==== System Restore Points ===================
.
RP1: 31.05.2011 13:06:01 - Kontrollpunkt for system
RP2: 01.06.2011 13:39:12 - Kontrollpunkt for system
.
==== Installed Programs ======================
.
1400
1400_Help
1400Trb
3DMark06
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS
Adobe Reader 8.2.6
Adobe Shockwave Player
AiO_Scan
AiOSoftware
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATITool Overclocking Utility
AutoUpdate
AVG 2011
Azureus
Bonjour
BufferChm
CCleaner
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Crysis® 2
CueTour
CustomerResearchQFolder
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
Diablo II
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocumentViewer
DocumentViewerQFolder
eSupportQFolder
Fax
Football Manager 2011
Fraps (remove only)
FullDPAppQFolder
GameSpy Arcade
HD Tune Pro 3.00
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Imaging Device Functions 5.3
HP Photosmart Essential
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3
HP Update
HPProductAssistant
Hurtigreparasjon for Windows Internet Explorer 7 (KB947864)
Hurtigreparasjon for Windows Media Player 11 (KB939683)
Hurtigreparasjon for Windows XP (KB2158563)
Hurtigreparasjon for Windows XP (KB2443685)
Hurtigreparasjon for Windows XP (KB952287)
Hurtigreparasjon for Windows XP (KB961118)
Hurtigreparasjon for Windows XP (KB970653-v3)
Hurtigreparasjon for Windows XP (KB976098-v2)
Hurtigreparasjon for Windows XP (KB979306)
Hurtigreparasjon for Windows XP (KB981793)
ImgBurn
InstantShareDevices
iTunes
J2SE Runtime Environment 5.0 Update 11
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
JRAID
Junk Mail filter update
K-Lite Codec Pack 5.4.4 (Basic)
Kritisk oppdatering for Windows Media Player 11 (KB959772)
LightScribe 1.4.124.1
Malwarebytes' Anti-Malware
MarketResearch
Media Player Classic
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Norwegian Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NOR
Microsoft .NET Framework 3.5 Language Pack SP1 - nor
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider-pakke
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (Norwegian (Bokmål)) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (Norwegian (Bokmål)) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove MUI (Norwegian (Bokmål)) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office InfoPath MUI (Norwegian (Bokmål)) 2007
Microsoft Office Language Pack 2007 - Norwegian/norsk
Microsoft Office O MUI (Norwegian (Bokmål)) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (Norwegian (Bokmål)) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Norwegian (Bokmål)) 2007
Microsoft Office Proof (Norwegian (Nynorsk)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (Norwegian (Bokmål)) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (Norwegian (Bokmål)) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (Norwegian (Bokmål)) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office SharePoint Designer MUI (Norwegian (Bokmål)) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (Norwegian (Bokmål)) 2007
Microsoft Office X MUI (Norwegian (Bokmål)) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Software Update for Web Folders (Norwegian (Bokmål)) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Microsoft XML Parser
Mozilla Firefox 4.0.1 (x86 nb-NO)
MSI Afterburner 2.0.0
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB925673)
Nero 7 Essentials
NewCopy
NVIDIA Drivers
NVIDIA PhysX
OGA Notifier 1.7.0105.35.0
Oppdatering for Windows Internet Explorer 8 (KB971180)
Oppdatering for Windows Internet Explorer 8 (KB976662)
Oppdatering for Windows Internet Explorer 8 (KB976749)
Oppdatering for Windows Internet Explorer 8 (KB980182)
Oppdatering for Windows XP (KB2141007)
Oppdatering for Windows XP (KB2345886)
Oppdatering for Windows XP (KB2467659)
Oppdatering for Windows XP (KB951072-v2)
Oppdatering for Windows XP (KB951978)
Oppdatering for Windows XP (KB955759)
Oppdatering for Windows XP (KB955839)
Oppdatering for Windows XP (KB961503)
Oppdatering for Windows XP (KB967715)
Oppdatering for Windows XP (KB968389)
Oppdatering for Windows XP (KB971029)
Oppdatering for Windows XP (KB971737)
Oppdatering for Windows XP (KB973687)
Oppdatering for Windows XP (KB973815)
Opplastingsverktøy for Windows Live
OverclockingCenter
Pando Media Booster
PanoStandAlone
PhotoGallery
Påloggingsassistent for Windows Live
Prince of Persia T2T
ProductContext
PunkBuster Services
QuickTime
Ralink Wireless LAN Card
RandMap
Readme
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Scan
ScannerCopy
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Segoe UI
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB928090)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB929969)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB931768)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB933566)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB937143)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB938127)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB939653)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB942615)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB944533)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB950759)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB953838)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB956390)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB958215)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB960714)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB961260)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB963027)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB969897)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB2183461)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB2360131)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB2416400)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB2482017)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB2497640)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB2510531)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB969897)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB971961)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB972260)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB974455)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB976325)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB978207)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB981332)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB982381)
Sikkerhetsoppdatering for Windows Media Player (KB2378111)
Sikkerhetsoppdatering for Windows Media Player (KB911564)
Sikkerhetsoppdatering for Windows Media Player (KB952069)
Sikkerhetsoppdatering for Windows Media Player (KB954155)
Sikkerhetsoppdatering for Windows Media Player (KB968816)
Sikkerhetsoppdatering for Windows Media Player (KB973540)
Sikkerhetsoppdatering for Windows Media Player (KB975558)
Sikkerhetsoppdatering for Windows Media Player (KB978695)
Sikkerhetsoppdatering for Windows Media Player 11 (KB936782)
Sikkerhetsoppdatering for Windows Media Player 11 (KB954154)
Sikkerhetsoppdatering for Windows Media Player 6.4 (KB925398)
Sikkerhetsoppdatering for Windows Media Player 9 (KB917734)
Sikkerhetsoppdatering for Windows XP (KB2079403)
Sikkerhetsoppdatering for Windows XP (KB2115168)
Sikkerhetsoppdatering for Windows XP (KB2121546)
Sikkerhetsoppdatering for Windows XP (KB2229593)
Sikkerhetsoppdatering for Windows XP (KB2259922)
Sikkerhetsoppdatering for Windows XP (KB2279986)
Sikkerhetsoppdatering for Windows XP (KB2286198)
Sikkerhetsoppdatering for Windows XP (KB2296011)
Sikkerhetsoppdatering for Windows XP (KB2296199)
Sikkerhetsoppdatering for Windows XP (KB2347290)
Sikkerhetsoppdatering for Windows XP (KB2360937)
Sikkerhetsoppdatering for Windows XP (KB2387149)
Sikkerhetsoppdatering for Windows XP (KB2393802)
Sikkerhetsoppdatering for Windows XP (KB2412687)
Sikkerhetsoppdatering for Windows XP (KB2419632)
Sikkerhetsoppdatering for Windows XP (KB2423089)
Sikkerhetsoppdatering for Windows XP (KB2436673)
Sikkerhetsoppdatering for Windows XP (KB2440591)
Sikkerhetsoppdatering for Windows XP (KB2443105)
Sikkerhetsoppdatering for Windows XP (KB2476687)
Sikkerhetsoppdatering for Windows XP (KB2478960)
Sikkerhetsoppdatering for Windows XP (KB2478971)
Sikkerhetsoppdatering for Windows XP (KB2479628)
Sikkerhetsoppdatering for Windows XP (KB2479943)
Sikkerhetsoppdatering for Windows XP (KB2481109)
Sikkerhetsoppdatering for Windows XP (KB2483185)
Sikkerhetsoppdatering for Windows XP (KB2485376)
Sikkerhetsoppdatering for Windows XP (KB2485663)
Sikkerhetsoppdatering for Windows XP (KB2503658)
Sikkerhetsoppdatering for Windows XP (KB2506212)
Sikkerhetsoppdatering for Windows XP (KB2506223)
Sikkerhetsoppdatering for Windows XP (KB2507618)
Sikkerhetsoppdatering for Windows XP (KB2508272)
Sikkerhetsoppdatering for Windows XP (KB2508429)
Sikkerhetsoppdatering for Windows XP (KB2509553)
Sikkerhetsoppdatering for Windows XP (KB2511455)
Sikkerhetsoppdatering for Windows XP (KB2524375)
Sikkerhetsoppdatering for Windows XP (KB923561)
Sikkerhetsoppdatering for Windows XP (KB923689)
Sikkerhetsoppdatering for Windows XP (KB923789)
Sikkerhetsoppdatering for Windows XP (KB938464)
Sikkerhetsoppdatering for Windows XP (KB941569)
Sikkerhetsoppdatering for Windows XP (KB946648)
Sikkerhetsoppdatering for Windows XP (KB950760)
Sikkerhetsoppdatering for Windows XP (KB950762)
Sikkerhetsoppdatering for Windows XP (KB950974)
Sikkerhetsoppdatering for Windows XP (KB951066)
Sikkerhetsoppdatering for Windows XP (KB951376-v2)
Sikkerhetsoppdatering for Windows XP (KB951376)
Sikkerhetsoppdatering for Windows XP (KB951698)
Sikkerhetsoppdatering for Windows XP (KB951748)
Sikkerhetsoppdatering for Windows XP (KB952004)
Sikkerhetsoppdatering for Windows XP (KB952954)
Sikkerhetsoppdatering for Windows XP (KB953839)
Sikkerhetsoppdatering for Windows XP (KB954211)
Sikkerhetsoppdatering for Windows XP (KB954459)
Sikkerhetsoppdatering for Windows XP (KB954600)
Sikkerhetsoppdatering for Windows XP (KB955069)
Sikkerhetsoppdatering for Windows XP (KB956391)
Sikkerhetsoppdatering for Windows XP (KB956572)
Sikkerhetsoppdatering for Windows XP (KB956744)
Sikkerhetsoppdatering for Windows XP (KB956802)
Sikkerhetsoppdatering for Windows XP (KB956803)
Sikkerhetsoppdatering for Windows XP (KB956841)
Sikkerhetsoppdatering for Windows XP (KB956844)
Sikkerhetsoppdatering for Windows XP (KB957095)
Sikkerhetsoppdatering for Windows XP (KB957097)
Sikkerhetsoppdatering for Windows XP (KB958644)
Sikkerhetsoppdatering for Windows XP (KB958687)
Sikkerhetsoppdatering for Windows XP (KB958690)
Sikkerhetsoppdatering for Windows XP (KB958869)
Sikkerhetsoppdatering for Windows XP (KB959426)
Sikkerhetsoppdatering for Windows XP (KB960225)
Sikkerhetsoppdatering for Windows XP (KB960715)
Sikkerhetsoppdatering for Windows XP (KB960803)
Sikkerhetsoppdatering for Windows XP (KB960859)
Sikkerhetsoppdatering for Windows XP (KB961371)
Sikkerhetsoppdatering for Windows XP (KB961373)
Sikkerhetsoppdatering for Windows XP (KB961501)
Sikkerhetsoppdatering for Windows XP (KB968537)
Sikkerhetsoppdatering for Windows XP (KB969059)
Sikkerhetsoppdatering for Windows XP (KB969898)
Sikkerhetsoppdatering for Windows XP (KB969947)
Sikkerhetsoppdatering for Windows XP (KB970238)
Sikkerhetsoppdatering for Windows XP (KB970430)
Sikkerhetsoppdatering for Windows XP (KB971468)
Sikkerhetsoppdatering for Windows XP (KB971486)
Sikkerhetsoppdatering for Windows XP (KB971557)
Sikkerhetsoppdatering for Windows XP (KB971633)
Sikkerhetsoppdatering for Windows XP (KB971657)
Sikkerhetsoppdatering for Windows XP (KB972270)
Sikkerhetsoppdatering for Windows XP (KB973346)
Sikkerhetsoppdatering for Windows XP (KB973354)
Sikkerhetsoppdatering for Windows XP (KB973507)
Sikkerhetsoppdatering for Windows XP (KB973525)
Sikkerhetsoppdatering for Windows XP (KB973869)
Sikkerhetsoppdatering for Windows XP (KB973904)
Sikkerhetsoppdatering for Windows XP (KB974112)
Sikkerhetsoppdatering for Windows XP (KB974318)
Sikkerhetsoppdatering for Windows XP (KB974392)
Sikkerhetsoppdatering for Windows XP (KB974571)
Sikkerhetsoppdatering for Windows XP (KB975025)
Sikkerhetsoppdatering for Windows XP (KB975467)
Sikkerhetsoppdatering for Windows XP (KB975560)
Sikkerhetsoppdatering for Windows XP (KB975561)
Sikkerhetsoppdatering for Windows XP (KB975562)
Sikkerhetsoppdatering for Windows XP (KB975713)
Sikkerhetsoppdatering for Windows XP (KB977165)
Sikkerhetsoppdatering for Windows XP (KB977816)
Sikkerhetsoppdatering for Windows XP (KB977914)
Sikkerhetsoppdatering for Windows XP (KB978037)
Sikkerhetsoppdatering for Windows XP (KB978251)
Sikkerhetsoppdatering for Windows XP (KB978262)
Sikkerhetsoppdatering for Windows XP (KB978338)
Sikkerhetsoppdatering for Windows XP (KB978542)
Sikkerhetsoppdatering for Windows XP (KB978601)
Sikkerhetsoppdatering for Windows XP (KB978706)
Sikkerhetsoppdatering for Windows XP (KB979309)
Sikkerhetsoppdatering for Windows XP (KB979482)
Sikkerhetsoppdatering for Windows XP (KB979559)
Sikkerhetsoppdatering for Windows XP (KB979683)
Sikkerhetsoppdatering for Windows XP (KB979687)
Sikkerhetsoppdatering for Windows XP (KB980195)
Sikkerhetsoppdatering for Windows XP (KB980218)
Sikkerhetsoppdatering for Windows XP (KB980232)
Sikkerhetsoppdatering for Windows XP (KB981322)
Sikkerhetsoppdatering for Windows XP (KB981852)
Sikkerhetsoppdatering for Windows XP (KB981957)
Sikkerhetsoppdatering for Windows XP (KB981997)
Sikkerhetsoppdatering for Windows XP (KB982132)
Sikkerhetsoppdatering for Windows XP (KB982214)
Sikkerhetsoppdatering for Windows XP (KB982665)
Sikkerhetsoppdatering for Windows XP (KB982802)
SkinsHP1
Skype™ 4.2
SolutionCenter
Sonic_PrimoSDK
Spotify
Språkpakke for Microsoft .NET Framework 3.5 SP1 - NOR
Status
SUPERAntiSpyware
The Witcher 2 - Assassins of Kings
TrayApp
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Outlook 2007 Junk Email Filter (KB2536413)
VC80CRTRedist - 8.0.50727.762
Ventrilo Client
VentriloMIX
VLC media player 1.1.4
Vuze
WebFldrs XP
WebReg
Winamp (remove only)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows XP Service Pack 3
WinRAR archiver
World of Warcraft
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
.
==== End Of File ===========================

Help is much appriciated!
Haede
Active Member
 
Posts: 5
Joined: May 31st, 2011, 4:52 pm
Advertisement
Register to Remove

Re: XP internet security virus, unable to open any .exe file

Unread postby Scolabar » June 3rd, 2011, 7:09 am

Hi Haede,

Firstly, welcome to the Malware Removal Forum. :)
My name is Scolabar, and I'll be helping you with your malware problems.
Logs can take a while to research, so please be patient.

I am currently working under the guidance of the MRU teachers, everything I post to you, will need to be reviewed by them.
This additional review process can add some extra time to my responses, but hopefully not too much.
;)

Please note the following important guidelines before proceeding:
  1. The instructions that will be provided are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable
    !
  2. If you have any questions or do not understand something, please do not hesitate to ask, don't guess or assume.
  3. Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  4. Only reply to this thread, do not start another. Please, continue responding, until I give you the All Clean.
    Absence of symptoms does not necessarily mean that everything is clear.
  5. DO NOT run any other fix or removal tools unless instructed to do so!
  6. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  7. Print each set of instructions, if possible. Your Internet connection will not be available during some fix processes.
  8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  9. Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Please Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

In light of this, it would be advisable for you to back up any important files and folders that you don't want to lose before we start.


If you follow these guidelines, things should proceed smoothly. :)
I am currently reviewing your log and will return, as soon as possible, with additional instructions.

Thank you for your patience.

Scolabar
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: XP internet security virus, unable to open any .exe file

Unread postby Haede » June 3rd, 2011, 9:06 am

Sounds good! :) Awaiting your instructions.
Haede
Active Member
 
Posts: 5
Joined: May 31st, 2011, 4:52 pm

Re: XP internet security virus, unable to open any .exe file

Unread postby Scolabar » June 5th, 2011, 4:10 pm

Hi Haede,

Please bear with us. I am waiting for a Teacher to check over my next set of instructions.
Thank you for your patience. :)
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: XP internet security virus, unable to open any .exe file

Unread postby Haede » June 6th, 2011, 8:28 am

No problem! :)
Haede
Active Member
 
Posts: 5
Joined: May 31st, 2011, 4:52 pm

Re: XP internet security virus, unable to open any .exe file

Unread postby Scolabar » June 8th, 2011, 8:16 am

Hi Haede,

Apologies for the delay in coming back to you on this and thank you again for your patience. :)

Please read these instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions about or problems with, executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before we proceed please make sure any open programs are closed.

Step 1:
Company Owned Computer?

There are indications of software installed on this computer that would only be expected to be seen on a business use computer.
Please could you confirm whether or not the computer is used for business purposes?

Step 2:
MGA Diagnostics

  1. Please download this tool from Microsoft and Save it to your Desktop.
  2. Double-click on the MGADiag.exe icon to launch the program.
    If you receive an Open File Security Warning click on the Run button.
  3. Click on the Continue button to proceed.
  4. The program will now run. It will take a short while to complete its diagnosis, please be patient.
  5. When it has finished click on the Copy button.
  6. Open Notepad by clicking Start > Run, type in Notepad then click OK.
  7. Paste the copied contents into the new Notepad window and Save the file as mgadiag.txt to your Desktop.
  8. Click on the OK button to exit the MGA Diagnostics program.
  9. Then Copy and Paste the entire contents of mgadiag.txt into your next reply.

Step 3:
CKScanner

  1. Please download CKScanner and Save it to your Desktop.
    Make sure that CKScanner.exe is on your Desktop before running the application!
  2. Double-click on the CKScanner.exe icon to launch the program and then click on the Search For Files button.
  3. When the scan has finished (- the hourglass cursor will disappear when the scan has completed) click on the Save List To File button.
    A text file will be created on your desktop named ckfiles.txt.
  4. Click on the Exit button to close the program.
  5. Double-click on the ckfiles.txt file to open it.
  6. Then Copy and Paste the entire contents of the file into your next reply.

Step 4:
WVCheck

  1. Please download WVCheck and Save it to your Desktop.
  2. Double click WVCheck.exe, to run the process.
  3. Read the comments on the screen and then press Enter.
    The scan can take a while depending on the size of your hard drive.
  4. Once the program is finished, a scan report named WVCheck_hhmm_dd-mm-yyyy.txt will automatically saved to your Desktop and opened in Notepad.
  5. Please Copy and Paste the entire contents of WVCheck_hhmm_dd-mm-yyyy.txt into your next reply.

Step 5:
GMER

The downloaded file will have a random filename. This prevents malware from detecting and blocking it.

Please download GMER ... random named.exe by GMER. An alternative (zip file) download is available here.
IMPORTANT: Do not run any programs while GMER is running.
CAUTION: Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries.

  1. Double click on the random named.exe to execute. If asked, allow the gmer.sys driver load.
  2. If it gives you a warning about rootkit activity and asks if you want to run a scan click on NO. <--- Important!
  3. On the right side panel, several boxes have been checked. Please UNCHECK the following: (See image below.)
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All <-- don't miss this one

    Image
    Click on image to enlarge

  4. If you don't get a warning, then click on the Rootkit/Malware tab at the top of the GMER window.
  5. Click on the Scan button.
  6. Once the scan has finished, click on Save. The Save window will open.
  7. Save the scan results as gmerroot.log to your Desktop.
  8. Double-click on the gmerroot.log file on the Desktop to open it in Notepad.
  9. Copy and Paste the entire contents of gmerroot.log into your next reply.

Step 6:
Include in Next Post

  1. Did you have any problems carrying out the instructions?
  2. Please confirm whether or not the computer is used for business purposes.
  3. mgadiag.txt.
  4. ckfiles.txt.
  5. WVCheck_hhmm_dd-mm-yyyy.txt.
  6. gmerroot.log.
  7. Do you have the original Windows installation media for your PC?

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: XP internet security virus, unable to open any .exe file

Unread postby Haede » June 8th, 2011, 9:58 am

1. I did not have any problems following your instructions.
2. The computer is not a business computer, though it has been used occasionally for business purposes. It is a home computer.

3. Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-YJFPG-8QY6T-KTR6M
Windows Product Key Hash: VKywO4vRoPidqgwJsF5Yu6grw7Y=
Windows Product ID: 76438-OEM-2175204-93524
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 5.1.2600.2.00010300.3.0.hom
ID: {15DDA3B3-B621-40C3-8B2D-E57554C16846}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.7.69.2
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.7.105.35
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: 100
Version: 1.7.105.35
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: Registered, 1.7.105.35
Signed By: Microsoft
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Default Browser: C:\Programfiler\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{15DDA3B3-B621-40C3-8B2D-E57554C16846}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.3.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-KTR6M</PKey><PID>76438-OEM-2175204-93524</PID><PIDType>3</PIDType><SID>S-1-5-21-796845957-1715567821-839522115</SID><SYSTEM><Manufacturer>MSI</Manufacturer><Model>MS-7592</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V4.1</Version><SMBIOSVersion major="2" minor="5"/><Date>20090713000000.000000+000</Date></BIOS><HWID>6FA738E70184EE7A</HWID><UserLCID>0414</UserLCID><SystemLCID>0414</SystemLCID><TimeZone>Vest-Europa (normaltid)(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.105.35"/><File Name="WgaLogon.dll" Version="1.7.17.0"/><File Name="OGAAddin.dll" Version="1.7.105.35"/><File Name="OGAVerify.exe" Version="1.7.105.35"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>C0A25836FDBE5AC</Val><Hash>FmDbcrRY1pTOcrz4ZUZRHhpUuc0=</Hash><Pid>89388-726-2958074-65381</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 138BB:GENUINE C&C INC
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A


4. CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\all users\dokumenter\programmer\utility tools\hd.tune.pro.v3.00.winall.cracked-ind\hd.tune.pro.v3.00.winall.cracked-ind.rar
c:\programfiler\azureus\torrents\call.of.duty.4.modern.warfare.update.1.6.cracked-detonation.torrent
c:\programfiler\azureus\torrents\call_of_duty_4_crackfix_and_keygen-razor1911.torrent
scanner sequence 3.AB.11
----- EOF -----


5. Windows Validation Check
Version: 1.9.12.5
Log Created On: 1527_08-06-2011
-----------------------

Windows Information
-----------------------
Windows Version: Windows XP Service Pack 3
Windows Mode: Safe Mode with Networking
Systemroot Path: C:\WINDOWS

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2011-05-30 14:14:34
Last Success Time for Update Download: 2011-05-11 21:12:06
Last Success Time for Update Installation: 2011-05-12 01:03:31


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
WVCheck found no known bad files.


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.


WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - b8415b9580a5dcaa9abcc639d0a911af


-------- End of File, program close at 1527_08-06-2011 --------

6. GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-08 15:52:49
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort2 SAMSUNG_SP2504C rev.VT100-50
Running: qnrdj3l5.exe; Driver: C:\DOCUME~1\ADMINI~1\LOKALE~1\Temp\axtdypow.sys


---- System - GMER 1.0.15 ----

SSDT spyi.sys ZwCreateKey [0xF74D70E0]
SSDT spyi.sys ZwEnumerateKey [0xF74F5CA2]
SSDT spyi.sys ZwEnumerateValueKey [0xF74F6030]
SSDT spyi.sys ZwOpenKey [0xF74D70C0]
SSDT spyi.sys ZwQueryKey [0xF74F6108]
SSDT spyi.sys ZwQueryValueKey [0xF74F5F88]
SSDT spyi.sys ZwSetValueKey [0xF74F619A]

INT 0x62 ? 8A9CFBF8
INT 0x63 ? 8A855D60
INT 0x82 ? 8A9CFBF8
INT 0xA4 ? 8A855D60
INT 0xB4 ? 8A9CFBF8
INT 0xB4 ? 8A9CFBF8
INT 0xB4 ? 8A855D60
INT 0xB4 ? 8A9CFBF8

---- Kernel code sections - GMER 1.0.15 ----

? spyi.sys Systemet finner ikke angitt fil. !
.text USBPORT.SYS!DllUnload B852D8AC 5 Bytes JMP 8A855340
.text a7sy0p8x.SYS B84BC386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a7sy0p8x.SYS B84BC3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a7sy0p8x.SYS B84BC3C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text a7sy0p8x.SYS B84BC3C9 1 Byte [2E]
.text a7sy0p8x.SYS B84BC3C9 11 Bytes [2E, 00, 00, 00, 5C, 02, 00, ...] {ADD CS:[EAX], AL; ADD [EDX+EAX+0x0], BL; ADD [EAX], AL; ADD [EAX], AL}
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 414254BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 414F9B01 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 414ED125 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 414FDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 41464664 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 415F5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 415F5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 415F50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 415F4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 415F4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 415F517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 415F4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] ole32.dll!CoCreateInstance 774EF1AC 5 Bytes JMP 414FDBB8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[444] ole32.dll!OleLoadFromStream 7751981B 5 Bytes JMP 415F547F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[996] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 414254BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[996] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 414FDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[996] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 415F5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[996] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 415F5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[996] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 415F50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[996] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 415F4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[996] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 415F4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[996] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 415F517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[996] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 415F4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 414254BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 414F9B01 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 414ED125 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 414FDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 41464664 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 415F5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 415F5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 415F50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 415F4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 415F4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 415F517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 415F4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] ole32.dll!CoCreateInstance 774EF1AC 5 Bytes JMP 414FDBB8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programfiler\Internet Explorer\IEXPLORE.EXE[1516] ole32.dll!OleLoadFromStream 7751981B 5 Bytes JMP 415F547F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A95F1F8
Device \FileSystem\Udfs \UdfsCdRom 8A2A9500
Device \FileSystem\Udfs \UdfsDisk 8A2A9500

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\NetBT \Device\NetBT_Tcpip_{E8D77B98-F623-42DA-B22D-D2C1BF8043A4} 8A2FB1F8
Device \Driver\usbuhci \Device\USBPDO-0 8A853500
Device \Driver\usbuhci \Device\USBPDO-1 8A853500
Device \Driver\usbuhci \Device\USBPDO-2 8A853500
Device \Driver\PCI_PNP7868 \Device\00000053 spyi.sys
Device \Driver\PCI_PNP7868 \Device\00000053 spyi.sys
Device \Driver\usbehci \Device\USBPDO-3 8A852500
Device \Driver\usbuhci \Device\USBPDO-4 8A853500

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\Ftdisk \Device\HarddiskVolume1 8A9611F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A9611F8
Device \Driver\Cdrom \Device\CdRom0 8A8151F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7848B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F7848B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7848B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [F7848B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [F7848B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-e [F7848B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 8A8151F8
Device \Driver\USBSTOR \Device\00000080 8A2BF500
Device \Driver\USBSTOR \Device\00000081 8A2BF500
Device \Driver\USBSTOR \Device\00000082 8A2BF500
Device \Driver\USBSTOR \Device\00000083 8A2BF500
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A2FB1F8
Device \Driver\USBSTOR \Device\00000084 8A2BF500
Device \Driver\sptd \Device\818931618 spyi.sys
Device \Driver\NetBT \Device\NetbiosSmb 8A2FB1F8

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 8A853500
Device \Driver\usbuhci \Device\USBFDO-1 8A853500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A2F41F8
Device \Driver\usbuhci \Device\USBFDO-2 8A853500
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A2F41F8
Device \Driver\usbuhci \Device\USBFDO-3 8A853500
Device \Driver\usbehci \Device\USBFDO-4 8A852500
Device \Driver\Ftdisk \Device\FtControl 8A9611F8
Device \Driver\a7sy0p8x \Device\Scsi\a7sy0p8x1Port4Path0Target0Lun0 8A80E1F8
Device \Driver\a7sy0p8x \Device\Scsi\a7sy0p8x1 8A80E1F8
Device \FileSystem\Cdfs \Cdfs 8A244500
Device \FileSystem\Cdfs \Cdfs B7296BCE

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programfiler\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xCD 0xD2 0xD9 0x13 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x88 0x17 0x6F 0xCD ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD5 0x80 0x5D 0x57 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programfiler\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xCD 0xD2 0xD9 0x13 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x88 0x17 0x6F 0xCD ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD5 0x80 0x5D 0x57 ...

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 MBR read error
Disk \Device\Harddisk0\DR0 MBR BIOS signature not found 0

---- EOF - GMER 1.0.15 ----


7. I'm not quite sure. I believe so, but I will have to come back to you about that.
Haede
Active Member
 
Posts: 5
Joined: May 31st, 2011, 4:52 pm

Re: XP internet security virus, unable to open any .exe file

Unread postby Cypher » June 8th, 2011, 3:03 pm

I see you are posting for help for a "Business" computer.

May I draw your attention to THIS topic, which you should have read before posting for help.

The section Posting for help for business machines explains why we do not offer help for such computers.

Also your logs show that you have used torrents to download cracked software.
May I draw your attention to THIS topic.
If your helper detects the presence of cracked software on your computer, your topic will be closed.


This topic is now closed
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware