cant download antivirusSolved/Closed

Question

Hello, 

i cant download install or update any antivirus how to remove the virus plz help

Configuration: Windows XP / Safari 534.30

Ambucias · Answer

To help you and precribe a remedy, I must make a diagnostic and to do so, I require a system log. 

1. Boot in safemode with networking.

2. Open this link and download ZHPDiag2 : 

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html 

(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message. Also clicking on the "hardhat" icon allows to change the language.)

3. Save the file on your Desktop. 

4. Double click on ZHPDiag.exe and follow the installation instructions. 

the tool creates three icons ZHPDiag, MRB, and ZHPFix (If necessary,we will use ZHPFix at the next step). 

5. Double click on the short cut ZHPDiag on your Destktop. 

6. Click on the Magnifying glass and run the analysys. 

Wait for the tool to finished (maybe a long time) 

7. Close ZHPDiag. 


6. To transmit the report, click on this link : 

https://authentification.site 

7. Click on Parcourir and search the directory where you installed ZHPDiag (usually C:\Program Files\ZHPDiag). 

8. Select the file ZHPDiag.txt. 

9. Click on "upload » 

10. Copy the url and post it here

Best regards

bayking · Answer

i will do this but u have to wait until monday/tomarrow

Ambucias · Answer

Fine!  Catch you later.

bayking · Answer

http://speedy.sh/wmu37/ZHPDiag.txt here u go

Ambucias · Answer

Hi

Your system is infected by adware, toolbar infections and a Trojan Horse USB infection.  The infection source are Bittorrent and emule downloads.  Your Windows install shield also seems to be infected.

Here are the steps I would like you to follow to clean the infections:

1. ZHP Diag created a shortcut on your desktop called ZHP Fix, open the application.

2. Click on the large "H" in the top toolbar.

3. Copy the following lines and paste them in the main window.  Once pasted, click on go and close ZHP fix.

M3 - MFPP: Plugins - [Administrator] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml  
[HKCU\Software\PriceGong]   
[HKLM\Software\Minibar]  
O43 - CFD: 17/06/2011 - 7:26:26 AM - [13.360] ----D- C:\Program Files\System    
O43 - CFD: 25/09/2011 - 12:09:58 PM - [0] ----D- C:\Program Files\Common Files\Spigot   
O43 - CFD: 27/11/2011 - 2:36:08 AM - [0.002] ----D- C:\Users\Administrator\Application Data\PriceGong   
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} 
 http://search.babylon.com  
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {1B302FEF-4F0F-4AC1-8C23-8A96D79F4A53} - (QueryScan) - http://www.queryscan.com 
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {1B302FEF-4F0F-4AC1-8C23-8A96D79F4A53} - (QueryScan) - http://www.queryscan.com   
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]    
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]  [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]   
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}  
C:\Program Files\Common Files\Spigot    
C:\Users\Administrator\Application Data\PriceGong   

4.Download, install and run Malwarebyte which you can find on this site: 

https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware 

On your desktop, rename MBAM to Kioskea.exe (this is to outwit any malware)

Ensure you make an update.

Boot your computer in safemode

Please request a FULL system scan, which may take from 20 minutes to hours.  Do not interfere no matter how long in takes.  The creators of Malwarebyte recommend that while the tool is running that you go do something else, such as watching a rerun of Gone with the Wind or read Tolstoy's War and Peace.

If Malwarebyte restarts your system, launch it again to finish the Full scan. 

When the scan is completed, delete all items found.

5. Click on start and on run type cmd, click ok  You will get a black window. Type sfc/scannow press enter. Let it run. Close the window

6. For the USB infection...

USB Fix will delete infections on all removable devices, repair damaged security functions, such as registry access, task manager, hidden files and vaccinate your device against future infections.

A. Download 

http://www.teamxscript.org/usbfixTelechargement.html 

Once on your desktop, double click the installation icon, a window will appear, uncheck all items that are checked because they are not necessary.

B. Plug in your pen and all other removal devices susceptible of infection. 

C. Double click on the USB Fix icon  (Looks like a seringe.)

D. Click on the deletion button and leave the tool work. The start menu and desktop icons will dissapear, don't be alarmed, it's perfectly normal 

If a message asks you to reboot, please proceed. Upon rebooting the tool will continue to work. 

When finished a log will open with a report on the work done. 

7. Once you have done all of the above.  Delete the ZHP Diag log.  Produce a fresh one and send it to me on Speedyshare.

Good luck

bayking · Answer

C:\Users\Administrator>sfc/scannow
Windows File Protection could not initiate a scan of protected system files.

The specific error code is 0x000006ba [The RPC server is unavailable.
].
whats wrong

Ambucias · Answer

The RPC mean remote procedure call.

An RPC server is a communications interface provided by an application or service that allows remote clients to connect, pass commands, and transfer data using the RPC protocol.

I have two solutions to the problem but I must first have answers.

Is you Windows XP genuine?  I mean did you purchase and registered a licence for it?

Sorry about the USB Fix link, it has been changed to:

http://www.commentcamarche.net/download/done/telecharger-34079838-usbfix

The page will be in French but the fix works in all languages.

Waiting for your answer

bayking · Answer

no i downlaod it

Ambucias · Answer

Hi Bayking, 

I have just taken another look at your system log. 

The reason why sfc/scannow will not work as well as other solutions which I provided or would provide is that your Windows Genuine Advantage has been disabled.  No virus in this world can disable WGA, it has to be done by the system administrator. 

In order to apply all the necessary steps to clean your badly infected computer, your Windows must be updated which is impossible unless Windows Genuine Advantage is activated.  Nobody on this forum can help desinfect your machine unless WGA is activated.

To reinable WGA go through the following steps:   

*Buy the license first.  

*Download Key Update Tool, a utility provided by Microsoft to change the key of the Windows version installed.  

*The download address is http://download.microsoft.com/download/8/3/7/83712767-395c-4327-8e87-38be7b0cf75f/KeyUpdateTool_enu.exe  

*Double-click the utility will then check the system files.  

*Enter the official key and click Next.  

*Accept the license agreement and click Next.  

*The key is legalized.  

*Click Finish.  

*Windows restarts. 

See also: 

https://ccm.net/computing/windows/3991-genuine-windows-validation/ 

http://ccm.net/faq/1633-wga-windows-genuine-advantage 

Good luck 

P.S.  Microsoft will cease to support Windows XP in two years, so you might as well purchase a Windows 7 licence.

bayking · Answer

well now it valid its Genuine and i got the Microsoft thing

Ambucias · Answer

Bayking,

I was not refering to Microsoft Security Essentials but a valid and genuine Microsoft XP license for which you should have paid.

Of course you are getting the same error as your Windows Genuine Advantage is disabled, hence SFC/Scannow can not get to the RPC server.

Now, have you purchased the license after you download Windows XP to your computer ?  Was that Windows XP ever used on another computer.

As soon as you answer me, the issue will be solved very quickly.

Regards

bayking · Answer

yes it was and i just add that i have Microsoft Security Essentials to show i have genuine windows

Ambucias · Answer

Okay Bayking...here we go...

I shall prescribe to you a very powerfull antidote that is able to kill and send any virus to the glue factory. It is of very last resort and should not be abused of, as matter of a fact, once you have used it, I suggest you delete it from your system. 

To keep your system safe, you must follow the instructions hereunder to the letter: 

First step, boot your system in safe mode with networking

1. Download Combofix to your desktop. 

http://www.combofix.org/download.php 

2.Close all open Windows including this one. 

Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. 

3. Double click on the ComboFix icon. 

Windows will issue a prompt because ComboFix does not have a digital signature. This is perfectly normal and safe and you can click on the Run button to continue. 

4. Accept the disclaimer and the recovery 

5.You should now press the Yes button to continue. If at any time during the Recovery Console installation you receive a message stating that it failed to install, please allow ComboFix to continue with the scan of your computer. 

ComboFix will disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection. 

While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings. 

If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt. 

During the process, please do not mouse click nor must you tap on the keyboard.  Let the tool run.

Once you are done, report to me on how your system is behaving. 

Good luck 

Ambucias

bayking · Answer

ok i did not do the Combofix  but the usb one and it looks like its working but i dont know how to make sure......................and should i do the Combofix  just in case or leave it alone

Ambucias · Answer

1. When you get a blue screen, normally there is an error message with 10 caracter codes beginning with 0x, what are they ?

I must follow my instructions to the letter or we may lose the war.  Let's fight one battle at a time.  You should not have jumped to the USB Fix.

2. Do me a favor, go to your internet connection and insure that "Use a proxy for this connection" is checked off.  Please confirm!

3.Because of the damage that may have accured, please garbage the previous ZHP Diag log and send me a new one on speedyshare.

4. Confirm that you followed my instructions regarding ZHP Fix.

In the case we are trying to solve, communications are extremely important!  You are my eyes and I can't read your mind.

Remember:

"Out of Many, One People"

bayking · Answer

i have lost computer would not turn on had to reformat :'( everything gone and the worst part i think its still on it because i cant access dell . Any other instructions :'(

Ambucias · Answer

Dear Bayking

You say that you had to reformat but it's still on it.  What is still on it?  What do you mean by you can't access Dell.  How did you perform the reformating?

Answer the above questions and in the meantime I will seek the opinion of a very good friend and colleague Jack4rall.  He may intervene directly with you on this thread.

bayking · Answer

1. i cant go on most of the dell website
2. i use a vista cd to delete everything from the hard drive and then install the vista
3 just in case im going to test if i can download an antivirus in the mean while

bayking · Answer

http://speedy.sh/TS4MC/ZHPDiag.txt but i think its fix still but i have to try like 3-4 time to go on website that gives me error


no i remove xp and reformat the hard drive then install vista

Ambucias · Answer

@jack4rall

For your guidance:

From the ZHP Diag log I have found the following suspicious items:

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified    (disabled security center)

Hidden files state (Hidden/Total)
My Pictures) : 1/2      
My Musics) : 1/2      
My Videos) : 1/2      
My Favorites) : 2/20      
My Documents) : 1/5      
My Desktop) : 1/24      
Programs) : 6/26      

The AV is AVG

Both IE and Firefox can be used.

Java must be optimized

 O9 - Extra button: AVG Do-Not-Track - {DA58ACA7-18A6-403A-93DA-6E4172D43709} . (.AVG Technologies CZ, s.r.o. - TODO: <File description>.) -- C:\Program Files\AVG\AVG2012\avgdtiex.dll      
~ Scan IE Extra Buttons in 00mn AMs      


Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4EFB1DA4-3AEB-4CB8-8451-6EEDEFDF93FA}: DhcpNameServer = 173.225.240.50 173.225.240.51      
O17 - HKLM\System\CS1\Services\Tcpip\..\{4EFB1DA4-3AEB-4CB8-8451-6EEDEFDF93FA}: DhcpNameServer = 173.225.240.50 173.225.240.51      
O17 - HKLM\System\CS3\Services\Tcpip\..\{4EFB1DA4-3AEB-4CB8-8451-6EEDEFDF93FA}: DhcpNameServer = 173.225.240.50 173.225.240.5

non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service:  (ACPI) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (adp94xx) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (adpahci) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (adpu160m) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (adpu320) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AeLookupSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AFD) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (agp440) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (aic78xx) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ALG) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (aliide) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (amdagp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (amdide) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AmdK7) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AmdK8) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Appinfo) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (arc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (arcsas) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AsyncMac) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (atapi) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AudioEndpointBuilder) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Audiosrv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Avgfwfd) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (avgfws) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AVGIDSAgent) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AVGIDSDriver) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AVGIDSEH) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AVGIDSFilter) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (AVGIDSShim) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Avgldx86) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Avgmfx86) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Avgrkx86) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Avgtdix) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (avgwd) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (BFE) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (BITS) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (blbdrive) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (bowser) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (BrFiltLo) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (BrFiltUp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Browser) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Brserid) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (BrSerWdm) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (BrUsbMdm) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (BrUsbSer) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (BTHMODEM) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (cdfs) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (cdrom) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (CertPropSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (circlass) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (CLFS) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (clr_optimization_v2.0.50727_32) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (clr_optimization_v4.0.30319_32) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (cmdide) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Compbatt) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (COMSysApp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (crcdisk) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Crusoe) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (CryptSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (DfsC) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (DFSR) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Dhcp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (disk) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Dnscache) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (dot3svc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (drmkaud) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (DXGKrnl) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (E100B) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (E1G60) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (EapHost) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Ecache) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ehRecvr) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ehSched) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ehstart) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (elxstor) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (EMDMgmt) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ErrDev) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Eventlog) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (EventSystem) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (fdc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (fdPHost) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (FDResPub) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (FileInfo) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Filetrace) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (flpydisk) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (FltMgr) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (FontCache) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (FontCache3.0.0.0) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (gagp30kx) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (gpsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (HdAudAddService) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (HDAudBus) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (HidBth) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (HidIr) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (hidserv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (HidUsb) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (hkmsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (HpCISSs) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (HTTP) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (HWiNFO32) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (i2omp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (i8042prt) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ialm) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (iaStorV) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (idsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (iirsp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (IKEEXT) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (intelide) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (intelppm) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (IPBusEnum) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (IpFilterDriver) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (iphlpsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (IpInIp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (IPMIDRV) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (IPNAT) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (IRENUM) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (isapnp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (iScsiPrt) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (iteatapi) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (iteraid) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (kbdclass) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (kbdhid) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (KeyIso) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (KSecDD) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (KtmRm) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (LanmanServer) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (LanmanWorkstation) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (lltdio) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (lltdsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (lmhosts) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (LSI_FC) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (LSI_SAS) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (LSI_SCSI) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (luafv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Mcx2Svc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (megasas) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MegaSR) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MMCSS) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Modem) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (monitor) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (mouclass) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (mouhid) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MountMgr) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (mpio) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (mpsdrv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MpsSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Mraid35x) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MRxDAV) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (mrxsmb) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (mrxsmb10) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (mrxsmb20) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (msahci) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (msdsm) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MSDTC) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (msisadrv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MSiSCSI) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (msiserver) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MSKSSRV) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MSPCLOCK) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MSPQM) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (mssmbios) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (MSTEE) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Mup) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (napagent) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (NativeWifiP) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (NDIS) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (NdisTapi) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Ndisuio) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (NdisWan) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (NetBIOS) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (netbt) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Netlogon) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Netman) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (netprofm) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (NetTcpPortSharing) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (nfrd960) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (NlaSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (nsi) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (nsiproxy) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ntrigdigi) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (nvraid) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (nvstor) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (nv_agp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (NwlnkFlt) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (NwlnkFwd) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ohci1394) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (p2pimsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (p2psvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Parport) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (partmgr) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Parvdm) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (PcaSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (pci) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (pciide) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (pcmcia) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (PEAUTH) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (pla) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (PlugPlay) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (PNRPAutoReg) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (PNRPsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (PolicyAgent) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (PptpMiniport) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Processor) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ProfSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ProtectedStorage) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (PSched) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ql2300) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ql40xx) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (QWAVE) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (QWAVEdrv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RasAcd) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RasAuto) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Rasl2tp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RasMan) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RasPppoe) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RasSstp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (rdbss) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RDPCDD) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (rdpdr) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RDPENCDD) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RemoteAccess) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RemoteRegistry) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RpcLocator) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (RpcSs) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (rspndr) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (sbp2port) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SCardSvr) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Schedule) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SCPolicySvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SDRSVC) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (seclogon) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SENS) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Serenum) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Serial) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (sermouse) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SessionEnv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (sffdisk) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (sffp_mmc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (sffp_sd) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (sfloppy) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SGCameraUVC) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SharedAccess) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ShellHWDetection) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (sisagp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SiSRaid2) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SiSRaid4) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (slsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SLUINotify) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Smb) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SNMPTRAP) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Spooler) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (sprtsvc_DellSupportCenter) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (srv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (srv2) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (srvnet) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SstpSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (STHDA) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (stisvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (swenum) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (swprv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Symc8xx) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Sym_hi) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Sym_u3) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (SysMain) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (TabletInputService) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (TapiSrv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (TBS) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Tcpip) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Tcpip6) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (tcpipreg) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (TDPIPE) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (TDTCP) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (tdx) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (TermDD) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (TermService) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Themes) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (THREADORDER) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (tssecsrv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (tunmp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (tunnel) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (uagp35) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (udfs) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (UI0Detect) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (uliagpkx) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (uliahci) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (UlSata) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ulsata2) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (umbus) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (upnphost) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (usbccgp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (usbcir) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (usbehci) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (usbhub) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (usbohci) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (usbprint) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (USBSTOR) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (usbuhci) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (usbvideo) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (UxSms) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (vds) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (vga) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (VgaSave) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (viaagp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ViaC7) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (viaide) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (volmgr) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (volmgrx) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (volsnap) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (vsmraid) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (VSS) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (W32Time) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WacomPen) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Wanarp) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Wanarpv6) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (wcncsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WcsPlugInService) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Wd) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Wdf01000) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WebClient) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Wecsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (wercplsupport) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WerSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WinDefend) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WinHttpAutoProxySvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Winmgmt) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WinRM) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (Wlansvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WmiAcpi) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (wmiApSrv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WMPNetworkSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WPCSvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WPDBusEnum) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WPFFontCache_v0400) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (ws2ifsl) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (wscsvc) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (WSearch) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (wuauserv) - Orphean Key    => Orphean Key not necessary  
O23 - Service:  (wudfsvc) - Orphean Key    => Orphean Key not necessary  

HKLM BootExecute: () (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

Possible sources of infections

O42 - Logiciel: Ares 2.1.8 - (.Ares Development Group.) [HKLM] -- Ares    => Ares Galaxy PeerToPeer  
O42 - Logiciel: BitTorrent - (.BitTorrent Inc..) [HKLM] -- BitTorrent    => Bittorent PeerToPeer

Cant download antivirus

22 responses

Subscribe To Our Newsletter!