Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 37

Thread: Am i still infected?

  1. #11
    Junior Member
    Join Date
    Feb 2011
    Location
    slovakia
    Posts
    23

    Default

    hi,
    to be honest, i really know nothing about proxy and what are they for.. my internet connection was set up by my provider..

    i am using opera browser and after i was infected, and doing fixes my opera was not working..

    it gives me acces denied..

    so i used firefox to find a solution to this

    i went to the settings - preferences - adwanced tab - network - proxy servers and uncheck everything..

    after that my opera was working, i dont know if i did right, but maybe you should help me how to set it right..

    anyway i am going to run CKS scanner..

  2. #12
    Junior Member
    Join Date
    Feb 2011
    Location
    slovakia
    Posts
    23

    Default CKScanner

    CKScanner - Additional Security Risks - These are not necessarily bad
    c:\disc f\milan\software\fruity loops related software\midi\trance & dance midi for remixes\trance & dance midi for remixes\crack head n magic myron\vibes_crackheadnmagicmyron.mid
    c:\documents and settings\majka\start menu\programs\waves\documents\x-crackle help.lnk
    c:\program files\common files\native instruments\shared content\sounds\fm7\beam cracker bass.ksd
    c:\program files\common files\native instruments\shared content\sounds\fm7\cracklephone.ksd
    c:\program files\waves\plug-ins\xcrackle.dll
    c:\program files\waves\plug-ins\documents\xcrackle.pdf
    scanner sequence 3.HK.11
    ----- EOF -----

  3. #13
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Open OTL.exe
    • Copy/paste the following text written inside of the code box into the Custom

      Scans/Fixes
      box located at the bottom of OTL

      Code:
      :OTL
      PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
      
      
      
      :Services
      
      :Reg
      
      :Files
      
      
      
      :Commands
      [purity]
      [emptytemp]
      [RESETHOSTS]
      [start explorer]
      [Reboot]
    • Then click the Run Fix button at the top. <--Not run Scan
    • Let the program run unhindered, reboot when it is done
    • Then post the results of the log it produces.
    • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  4. #14
    Junior Member
    Join Date
    Feb 2011
    Location
    slovakia
    Posts
    23

    Default otl fix

    Here is the log i found after i reboot:


    All processes killed
    ========== OTL ==========
    No active process named explorer.exe was found!
    HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 1748542 bytes
    ->Flash cache emptied: 348 bytes

    User: Majka
    ->Temp folder emptied: 9698506 bytes
    ->Temporary Internet Files folder emptied: 2393903 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 16380508 bytes
    ->Google Chrome cache emptied: 34114886 bytes
    ->Opera cache emptied: 9716770 bytes
    ->Flash cache emptied: 6001 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 1567249 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 72,00 mb

    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    OTL by OldTimer - Version 3.2.20.6 log created on 02102011_232224

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...

  5. #15
    Junior Member
    Join Date
    Feb 2011
    Location
    slovakia
    Posts
    23

    Default

    OTL logfile created on: 10.2.2011 23:33:08 - Run 2
    OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Majka\Desktop
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

    2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 81,00% Memory free
    3,00 Gb Paging File | 3,00 Gb Available in Paging File | 93,00% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 52,80 Gb Total Space | 2,40 Gb Free Space | 4,55% Space Free | Partition Type: NTFS

    Computer Name: MAJKA-BEJBY | User Name: Majka | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Majka\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
    PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
    PRC - C:\Program Files\ESET\nod32kui.exe (Eset )
    PRC - C:\Program Files\ESET\nod32krn.exe (Eset )
    PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
    PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
    PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
    PRC - C:\Program Files\Apoint\hidfind.exe (Alps Electric Co., Ltd.)
    PRC - C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe (Ahead Software AG)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\Majka\Desktop\OTL.exe (OldTimer Tools)
    MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
    SRV - (NOD32krn) -- C:\Program Files\Eset\nod32krn.exe (Eset )
    SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
    SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)
    SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
    SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
    DRV - (AMON) -- C:\WINDOWS\system32\drivers\amon.sys (Eset )
    DRV - (nod32drv) -- C:\WINDOWS\system32\drivers\nod32drv.sys ()
    DRV - (ACEDRV07) -- C:\WINDOWS\system32\drivers\ACEDRV07.sys (Protect Software GmbH)
    DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
    DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
    DRV - (sfsync03) StarForce Protection Synchronization Driver (version 3.x) -- C:\WINDOWS\System32\drivers\sfsync03.sys (Protection Technology)
    DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
    DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
    DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
    DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
    DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
    DRV - (STAC97) -- C:\WINDOWS\system32\drivers\STAC97.sys (SigmaTel, Inc.)
    DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
    DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
    IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
    IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
    FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
    FF - prefs.js..browser.startup.homepage: "www.google.com"
    FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
    FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: stahuj@centrum.cz:1
    FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q="

    FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.15 22:29:40 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.15 22:29:40 | 000,000,000 | ---D | M]

    [2009.05.03 17:02:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Majka\Application Data\Mozilla\Extensions
    [2011.02.06 10:26:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\extensions
    [2010.06.21 09:52:38 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
    [2009.07.08 12:36:30 | 000,002,921 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\daemon-search.xml
    [2011.02.06 10:36:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\icqplugin-1.xml
    [2009.07.29 12:58:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\icqplugin-2.xml
    [2009.08.05 12:47:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\icqplugin-3.xml
    [2009.09.14 22:27:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\icqplugin-4.xml
    [2009.10.29 16:22:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\icqplugin-5.xml
    [2009.12.18 14:47:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\icqplugin-6.xml
    [2010.01.06 23:33:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\icqplugin-7.xml
    [2011.02.06 10:26:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\icqplugin-8.xml
    [2010.05.12 17:40:06 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\Mozilla\Firefox\Profiles\tepf0ol7.default\searchplugins\icqplugin.xml
    [2011.02.06 10:36:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2009.07.15 07:57:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
    [2010.09.02 17:37:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2009.05.21 20:34:44 | 000,000,000 | ---D | M] (Stahuj.cz) -- C:\Program Files\Mozilla Firefox\extensions\stahuj@centrum.cz
    [2009.07.08 12:36:37 | 000,000,000 | ---D | M] (DAEMON Tools Toolbar) -- C:\PROGRAM FILES\DAEMON TOOLS TOOLBAR\FIREFOXDTT
    [2010.09.02 17:37:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2010.09.02 17:36:59 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010.12.15 22:29:29 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
    [2010.12.15 22:29:29 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
    [2010.12.15 22:29:29 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
    [2010.12.15 22:29:29 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
    [2010.12.15 22:29:30 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

    O1 HOSTS File: ([2011.02.10 23:23:40 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
    O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
    O4 - HKLM..\Run: [Nero DriveSpeed] C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe (Ahead Software AG)
    O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
    O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 6BF8bAIjSv = C:\Documents and Settings\All Users\Application Data\nehmtcnc\bynuhapm.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = B1 00 00 00 [binary data]
    O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\imon.dll (Eset )
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://cid-1a282b393534027c.spaces.l...d/MsnPUpld.cab (Windows Live Photo Upload Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub...sh/swflash.cab (Shockwave Flash Object)
    O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
    O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O21 - SSODL: MntCmd - {44BF99A1-D96E-D1A8-165F-093B09B4FCA3} - CLSID or File not found.
    O24 - Desktop WallPaper: C:\WINDOWS\ACD Wallpaper.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\ACD Wallpaper.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008.10.03 20:01:10 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{8a2092e0-eec9-11dc-9a7f-8b161a0e73dc}\Shell - "" = AutoRun
    O33 - MountPoints2\{8a2092e0-eec9-11dc-9a7f-8b161a0e73dc}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{a5a07736-04d2-11de-9bd3-00123fe85991}\Shell - "" = AutoRun
    O33 - MountPoints2\{a5a07736-04d2-11de-9bd3-00123fe85991}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{ea3b9e09-8a11-11dc-992e-8a26022205dc}\Shell - "" = AutoRun
    O33 - MountPoints2\{ea3b9e09-8a11-11dc-992e-8a26022205dc}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011.02.10 23:22:24 | 000,000,000 | ---D | C] -- C:\_OTL
    [2011.02.10 14:06:35 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Majka\Desktop\OTL.exe
    [2011.02.10 13:56:06 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Majka\Desktop\ATF-Cleaner.exe
    [2011.02.09 14:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Majka\Application Data\Malwarebytes
    [2011.02.09 14:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011.02.09 14:36:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011.02.09 14:36:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011.02.09 14:36:46 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011.02.09 14:36:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011.02.06 16:01:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Majka\Recent
    [2011.02.06 01:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Trojan Remover
    [2011.02.06 01:00:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
    [2011.02.06 01:00:30 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
    [2011.02.06 01:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Majka\My Documents\Simply Super Software
    [2011.02.06 01:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Majka\Application Data\Simply Super Software
    [2011.02.06 01:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
    [2011.02.05 20:13:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
    [2011.02.05 20:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
    [2011.02.05 20:13:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [2011.02.05 11:41:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Majka\Application Data\Waldorf
    [2011.02.05 11:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Majka\Local Settings\Application Data\eLicenser
    [2011.02.05 11:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Waldorf
    [2011.02.05 11:39:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Syncrosoft
    [2011.02.05 11:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Syncrosoft
    [2011.02.05 11:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\eLicenser
    [2011.02.05 11:37:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\eLicenser
    [2011.02.05 11:37:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\eLicenser
    [2011.02.05 11:37:50 | 001,261,568 | ---- | C] (Steinberg Media Technologies GmbH) -- C:\WINDOWS\System32\SYNSOACC.dll
    [2011.02.05 11:22:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Majka\Start Menu\Programs\u-he
    [2011.02.01 13:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Majka\Application Data\Voxengo
    [2011.01.28 17:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Majka\Start Menu\Programs\Blue Cat Audio
    [2011.01.20 20:36:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\YouTube Downloader
    [2011.01.20 20:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
    [2011.01.19 21:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Majka\Application Data\PhotoScape
    [2011.01.19 21:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoScape
    [2 C:\Documents and Settings\Majka\Desktop\*.tmp files -> C:\Documents and Settings\Majka\Desktop\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011.02.10 23:32:33 | 000,004,352 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\spybot.rtf
    [2011.02.10 23:27:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011.02.10 23:26:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011.02.10 23:23:40 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
    [2011.02.10 22:42:51 | 000,005,547 | ---- | M] () -- C:\WINDOWS\wdict32.INI
    [2011.02.10 18:29:17 | 000,453,632 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\CKScanner.exe
    [2011.02.10 14:06:35 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Majka\Desktop\OTL.exe
    [2011.02.10 13:56:07 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Majka\Desktop\ATF-Cleaner.exe
    [2011.02.09 14:36:51 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011.02.09 14:27:23 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
    [2011.02.08 19:33:31 | 000,078,639 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\fl studio related stuff.doc
    [2011.02.07 13:33:35 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\dds.com
    [2011.02.06 14:39:16 | 000,012,967 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\quotes.doc
    [2011.02.06 13:01:43 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\adresy biznis.xls
    [2011.02.06 01:00:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Trojan Remover.lnk
    [2011.02.06 00:21:26 | 000,005,985 | ---- | M] () -- C:\Documents and Settings\Majka\Application Data\7EC2.94A
    [2011.02.05 23:33:36 | 000,000,245 | -HS- | M] () -- C:\boot.ini
    [2011.02.05 21:47:09 | 000,000,281 | ---- | M] () -- C:\WINDOWS\wininit.ini
    [2011.02.05 20:13:27 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\Spybot - Search & Destroy.lnk
    [2011.02.05 16:10:59 | 000,000,096 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat
    [2011.02.05 11:39:10 | 000,002,892 | ---- | M] () -- C:\WINDOWS\System32\audcon.sys
    [2011.02.05 11:38:05 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\SYNSOPOS.exe.cfg
    [2011.02.05 11:22:25 | 000,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
    [2011.02.05 11:22:25 | 000,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
    [2011.02.05 11:22:25 | 000,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
    [2011.02.05 11:22:25 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
    [2011.02.04 17:23:30 | 005,296,904 | ---- | M] () -- C:\precursions62.wav
    [2011.02.04 17:12:27 | 005,296,904 | ---- | M] () -- C:\precursions6.wav
    [2011.01.31 00:07:43 | 000,000,034 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
    [2011.01.30 10:22:28 | 000,032,953 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\biznis.doc
    [2011.01.27 23:03:19 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\ukrajina.xls
    [2011.01.27 09:45:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2011.01.24 19:56:51 | 000,189,952 | ---- | M] () -- C:\Documents and Settings\Majka\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011.01.20 20:36:34 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YouTube Downloader.lnk
    [2011.01.19 21:24:53 | 000,012,288 | -H-- | M] () -- C:\photothumb.db
    [2011.01.19 21:24:50 | 000,029,696 | -H-- | M] () -- C:\Documents and Settings\Majka\My Documents\photothumb.db
    [2011.01.19 21:22:31 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Majka\Desktop\PhotoScape.lnk
    [2011.01.18 12:16:50 | 000,219,593 | ---- | M] () -- C:\DSC07820.JPG
    [2 C:\Documents and Settings\Majka\Desktop\*.tmp files -> C:\Documents and Settings\Majka\Desktop\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011.02.10 23:31:05 | 000,004,352 | ---- | C] () -- C:\Documents and Settings\Majka\Desktop\spybot.rtf
    [2011.02.10 18:29:17 | 000,453,632 | ---- | C] () -- C:\Documents and Settings\Majka\Desktop\CKScanner.exe
    [2011.02.09 14:36:51 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011.02.07 13:33:35 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Majka\Desktop\dds.com
    [2011.02.06 01:00:44 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Trojan Remover.lnk
    [2011.02.06 01:00:43 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
    [2011.02.06 01:00:43 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
    [2011.02.06 01:00:43 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
    [2011.02.06 01:00:43 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
    [2011.02.05 20:13:27 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Majka\Desktop\Spybot - Search & Destroy.lnk
    [2011.02.05 15:12:48 | 000,005,985 | ---- | C] () -- C:\Documents and Settings\Majka\Application Data\7EC2.94A
    [2011.02.05 11:39:10 | 000,002,892 | ---- | C] () -- C:\WINDOWS\System32\audcon.sys
    [2011.02.05 11:37:59 | 000,147,425 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Aide.chm
    [2011.02.05 11:37:58 | 000,120,468 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Hilfe.chm
    [2011.02.05 11:37:58 | 000,114,279 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Help.chm
    [2011.02.05 11:37:51 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\SYNSOPOS.exe.cfg
    [2011.02.05 11:37:50 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SYNSOPOS.exe
    [2011.02.04 17:19:37 | 005,296,904 | ---- | C] () -- C:\precursions62.wav
    [2011.02.04 17:12:20 | 005,296,904 | ---- | C] () -- C:\precursions6.wav
    [2011.01.20 20:36:34 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\YouTube Downloader.lnk
    [2011.01.19 21:22:31 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Majka\Desktop\PhotoScape.lnk
    [2011.01.19 21:12:55 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\Majka\My Documents\photothumb.db
    [2011.01.18 11:10:18 | 000,219,593 | ---- | C] () -- C:\DSC07820.JPG
    [2009.09.03 10:41:59 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ArtFfct.dll
    [2009.09.03 10:41:58 | 012,550,144 | ---- | C] () -- C:\WINDOWS\CS-80V(10 voices).dll
    [2009.07.20 15:52:54 | 006,365,184 | ---- | C] () -- C:\WINDOWS\System32\PSP VintageWarmer2.dll
    [2009.07.08 12:34:05 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
    [2009.07.05 11:06:44 | 000,002,756 | ---- | C] () -- C:\WINDOWS\System32\ssolefw.dll
    [2009.07.05 11:06:44 | 000,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibram.dll
    [2009.07.05 11:06:44 | 000,002,756 | ---- | C] () -- C:\WINDOWS\System32\solekuy.dll
    [2009.07.05 11:06:44 | 000,002,756 | ---- | C] () -- C:\WINDOWS\System32\slibeh.dll
    [2009.07.05 11:06:43 | 000,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibtth.dll
    [2009.07.05 11:06:43 | 000,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibmmn.dll
    [2009.07.05 11:06:43 | 000,002,756 | ---- | C] () -- C:\WINDOWS\System32\solegeh.dll
    [2009.07.03 09:35:16 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2009.06.18 17:36:49 | 000,002,240 | ---- | C] () -- C:\WINDOWS\LENDIG.sys
    [2009.06.13 19:40:46 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
    [2009.06.13 19:40:46 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
    [2009.06.13 19:40:46 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
    [2009.06.13 19:40:46 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
    [2009.06.13 19:40:46 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
    [2009.06.13 12:17:11 | 000,000,129 | ---- | C] () -- C:\WINDOWS\BeatBurner VSTi.INI
    [2009.05.31 13:09:11 | 000,000,077 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
    [2009.04.29 20:36:04 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
    [2008.09.20 18:56:26 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
    [2008.05.10 21:38:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
    [2008.05.10 21:37:05 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
    [2008.04.28 20:15:19 | 000,000,339 | ---- | C] () -- C:\WINDOWS\goldwave.ini
    [2008.04.23 10:44:48 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2008.04.23 10:44:36 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2008.04.23 10:44:36 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2008.04.23 10:44:35 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
    [2008.04.23 10:44:27 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2008.04.21 20:50:17 | 000,000,959 | ---- | C] () -- C:\WINDOWS\level.ini
    [2008.03.27 19:45:05 | 000,000,281 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2008.03.15 12:26:40 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
    [2008.03.09 12:03:42 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
    [2008.02.23 20:02:57 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
    [2008.01.14 17:56:53 | 000,000,645 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
    [2007.11.03 01:26:36 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll
    [2007.11.03 00:32:06 | 000,005,547 | ---- | C] () -- C:\WINDOWS\wdict32.INI
    [2007.11.03 00:08:44 | 000,189,952 | ---- | C] () -- C:\Documents and Settings\Majka\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2007.11.02 22:56:23 | 000,000,271 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2007.11.02 22:56:23 | 000,000,022 | ---- | C] () -- C:\WINDOWS\exchng.ini
    [2007.11.02 22:38:12 | 000,000,024 | ---- | C] () -- C:\WINDOWS\winamp.ini
    [2007.11.02 22:20:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2007.08.07 18:22:22 | 000,141,180 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
    [2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
    [2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
    [2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
    [2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
    [2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
    [2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
    [2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
    [2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
    [2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
    [2007.06.25 21:34:26 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
    [2003.04.21 14:30:42 | 000,688,128 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
    [2002.05.17 22:18:30 | 000,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
    [2002.03.20 23:38:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\Recapr.dll
    [1997.07.14 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
    [1997.07.14 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
    [1997.07.14 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECE4A64B
    @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

    < End of report >


    i feel like my PC is runnig prety smooth now..
    what log say to you??

  6. #16
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Log looks fine

    Please download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.
    • Open JavaRa.exe again and select Search For Updates.
    • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.




    1. Click Start > Settings > Control Panel.
    2. Double-click the Java Plug-in icon in the control panel.
    3. Click the Cache tab.
    4. Click Clear A confirmation dialog box appears.
    5. Click Yes to confirm.
    6. Click Apply.





    Please run this free online virus scanner from ESET
    • Note: You will need to use Internet explorer for this scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
    • Click Scan
    • Wait for the scan to finish
    • Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
    • Copy and paste that log as a reply to this topic
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  7. #17
    Junior Member
    Join Date
    Feb 2011
    Location
    slovakia
    Posts
    23

    Default internal error 2753. regutils.dll

    hi, i was installing new java and i get this error

    internal error 2753. regutils.dll

    any idea what i should do??

    i am sorry

  8. #18
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Your new log looks fine.

    Go to your Control Panel and click on the Java Icon ( looks like a little coffee cup ) click on About and you should have Version 6 Update 23, if not proceed with the instructions.

    Download the latest version Here save it, do not install it yet.

    Java SE Runtime Environment (JRE)JRE 6 Update 23 <--The wording is confusing but this is what you need

    • Go to your Add Remove Programs in the Control Panel and uninstall any previous versions of Java
    • Reboot your computer
    • Install the latest version

    You can verify the installation Here
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  9. #19
    Junior Member
    Join Date
    Feb 2011
    Location
    slovakia
    Posts
    23

    Default

    so i go to ADD or Remov programs and i found

    java TM 6 update 21

    it has 97mb and i click remove.

    it starts removing and at the end it gave me same error as in my previous post when i was trying install new jre-6u23-windows-i586..

    the error is:

    internal error 2753. regutils.dll

  10. #20
    Junior Member
    Join Date
    Feb 2011
    Location
    slovakia
    Posts
    23

    Default

    so i have a trouble to uninstal old version, and instaling new one.

    also when i find "cup" icon in my control panel and double click on it i get this:

    The systen cannot find the registry key specified:

    HKEY_LOCAL_MACHINE/SOFTWARE/JavaSoft/Java Runtime Environment/1.6.0_21

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •