some1 says i am infected

OK i posts this in the microsoft section. i get a pop up on the bottom right corner windows is not genuine and i cant upgrade my virus protection. and when i go to control panel, add remove program. all my program's are not the same all code looking style. here is an example: CardRd81, CCScore, CR2, ESSBrwr. are on top 4 of my list have no clue what it is and there is a long list all coded like that. and i am unable to delete them. can someone help me please.

[Global Moderator]

Quick question: Is this a genuine version of Windows?

Start here:
http://www.computerhope.com/forum/index.php/topic,46313.0.html

well i dont know if i have it so i clicked and tried to download and said i have invalid key number. but what i have is microsoft xp professional with publisher version 2002.

[Global Moderator]

Come here and validate windows:
http://www.microsoft.com/genuine/validate/ValidateNow.aspx?displaylang=en

Post back with results.

ok this is what it said.
This copy of Windows did not pass genuine validation.
The product key found on this computer is a Volume License Key (VLK) that has been blocked.

OK i read what that means. we got this computer from the office that my wife worked at. now its been a few years since i have used this computer, last time i used it, it was working good but now it has this pop up problem saying it is not genuine. and it is not stolen or should not be reported lost. we have the windows CD but i cant remove this windows xp. to reinstall

so what do i do know. i have the cd to reinstall is that possible?i know it was from a corperate windows version do i get a hold of them and ask what to do or what. they gave me the disk with the computer i am stuck here.

ok did you leave me helper?

ok this is what it said.
This copy of Windows did not pass genuine validation.
The product key found on this computer is a Volume License Key (VLK) that has been blocked.

as far as Microsoft is concerned, the version of XP you have is pirated.

Until you can get a known Genuine key/CD, you're going to have to live with the pop-ups; however the add/remove programs problem I don't think is related.



basically, what happened is the company bought the Volume License Key. Somebody else at the company took that key and posted it on the net. Microsoft discovered the posted key and blacklisted the key in it's next update.

It sucks, since you haven't actually done anything wrong; but Microsoft considers your copy pirated.


In any case- what Anti-virus program are you using that won't update?

avg was on here the old version and i cant upgrade to the 8.0 what i done so far was down loaded firefox from there i downloaded antivir personal. and ran scan 62 detections scanned. i know 58 were TD/Dropper.GEN, 2  TR/Crypt.xpack.GEN,(i have no idea what this one is called) 
 Begin scan in 'C:\'
C:\pagefile.sys
    [WARNING]   The file could not be opened!
C:\$VAULT$.AVG\00000001.FIL
   

• Archive type: HIDDEN

    --> FIL\\\?\C:\$VAULT$.AVG\00000001.FIL
      [DETECTION] Contains recognition pattern of the WORM/Lovsan.F.1 worm
    [NOTE]      The file was moved to '49a46878.qua'!
TR/Dagonit.INF    was the last one.

HERE IS ANOTHER QUESTION ABOUT MY NOT GENUINE PROBLEM. SO I HAVE ANOTHER COMPUTER LENOVO I GOT FROM TELUS WHICH WAS A BIG MISTAKE. NOW THAT COMPUTER CAME WITH VISTA. CAN I TAKE THAT AND LOAD IT TO THIS COMPUTER? INSTEAD OF GOING OUT TO BUYING ANOTHER WINDOWS CD? AND HOW DO I GET IT DONE.?

HERE IS ANOTHER QUESTION ABOUT MY NOT GENUINE PROBLEM. SO I HAVE ANOTHER COMPUTER LENOVO I GOT FROM TELUS WHICH WAS A BIG MISTAKE. NOW THAT COMPUTER CAME WITH VISTA. CAN I TAKE THAT AND LOAD IT TO THIS COMPUTER? INSTEAD OF GOING OUT TO BUYING ANOTHER WINDOWS CD? AND HOW DO I GET IT DONE.?

you would have to remove the operating system from the other computer. I believe the license terms state you cannot have the same copy of windows loaded on more then one machine.

Start here:
http://www.computerhope.com/forum/index.php/topic,46313.0.html

You haven't done that yet... 

its out of order, it is messed up. wont start at all. does that count or maybe i can get in contact with microsoft and ask them to cancel it on that pc?

You can still use windows even if it isn't 'genuine' you just won't be able to get windows updates. If you have an infection issue follow the steps in that link.
However if you are going to carry on using your OS without updates then their will be a few security issues not much you can do about that and I doubt it's anything major (not sure).
I would use a different web browser other than an out of date Internet Explorer though if you aren't already. how about Firefox? http://www.firefox.com

yes im on firefox now thx. ok now i just got a bubble that said taking out memory and i tried to download ad-ware ae and said i dont have enough memory. i used defragmenter and said i have 63% storage not used my firewall has been deleted im messed right up.

my log files for antivir personal.
Avira AntiVir Personal
Report file date: Monday, January 19, 2009  03:46

Scanning for 1038808 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows XP
Windows version:  (plain)  [5.1.2600]
Boot mode:        Normally booted
Username:         SYSTEM
Computer name:    SERVER

Version information:
BUILD.DAT     : 8.2.0.337      16934 Bytes  11/18/2008 13:05:00
AVSCAN.EXE    : 8.1.4.10      315649 Bytes  11/18/2008 17:21:26
AVSCAN.DLL    : 8.1.4.0        40705 Bytes   5/26/2008 16:56:40
LUKE.DLL      : 8.1.4.5       164097 Bytes   6/12/2008 21:44:19
LUKERES.DLL   : 8.1.4.0        12033 Bytes   5/26/2008 16:58:52
ANTIVIR0.VDF  : 7.1.0.0     15603712 Bytes  10/27/2008 20:30:36
ANTIVIR1.VDF  : 7.1.0.56      411136 Bytes   11/9/2008 01:57:13
ANTIVIR2.VDF  : 7.1.0.89      221184 Bytes  11/16/2008 01:16:47
ANTIVIR3.VDF  : 7.1.0.97       45056 Bytes  11/17/2008 01:38:59
Engineversion : 8.2.0.31 
AEVDF.DLL     : 8.1.0.6       102772 Bytes  10/14/2008 19:05:56
AESCRIPT.DLL  : 8.1.1.15      332156 Bytes  11/11/2008 23:00:07
AESCN.DLL     : 8.1.1.5       123251 Bytes   11/8/2008 00:06:41
AERDL.DLL     : 8.1.1.3       438645 Bytes   11/4/2008 22:58:38
AEPACK.DLL    : 8.1.3.4       393591 Bytes  11/11/2008 18:41:39
AEOFFICE.DLL  : 8.1.0.30      196986 Bytes   11/8/2008 00:06:41
AEHEUR.DLL    : 8.1.0.71     1487222 Bytes   11/8/2008 00:06:41
AEHELP.DLL    : 8.1.1.3       119157 Bytes   11/8/2008 00:06:41
AEGEN.DLL     : 8.1.1.0       319859 Bytes   11/8/2008 00:06:41
AEEMU.DLL     : 8.1.0.9       393588 Bytes  10/14/2008 19:05:56
AECORE.DLL    : 8.1.4.1       172405 Bytes   11/8/2008 00:06:41
AEBB.DLL      : 8.1.0.3        53618 Bytes  10/14/2008 19:05:56
AVWINLL.DLL   : 1.0.0.12       15105 Bytes    7/9/2008 17:40:05
AVPREF.DLL    : 8.0.2.0        38657 Bytes   5/16/2008 18:28:01
AVREP.DLL     : 8.0.0.2        98344 Bytes   7/31/2008 21:02:15
AVREG.DLL     : 8.0.0.1        33537 Bytes    5/9/2008 20:26:40
AVARKT.DLL    : 1.0.0.23      307457 Bytes   2/12/2008 17:29:23
AVEVTLOG.DLL  : 8.0.0.16      119041 Bytes   6/12/2008 21:27:49
SQLITE3.DLL   : 3.3.17.1      339968 Bytes   1/23/2008 02:28:02
SMTPLIB.DLL   : 1.2.0.23       28929 Bytes   6/12/2008 21:49:40
NETNT.DLL     : 8.0.0.1         7937 Bytes   1/25/2008 21:05:10
RCIMAGE.DLL   : 8.0.0.51     2371841 Bytes   6/12/2008 22:48:07
RCTEXT.DLL    : 8.0.52.0       86273 Bytes   6/27/2008 22:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: Monday, January 19, 2009  03:46

The scan of running processes will be started
Scan process 'PokerStarsUpdate.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WgaTray.exe' - '1' Module(s) have been scanned
Scan process 'Kodak Software Updater.exe' - '1' Module(s) have been scanned
Scan process 'EasyShare.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'lxdnmsdmon.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'lxdnmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgcc.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'tcpsvcs.exe' - '1' Module(s) have been scanned
Scan process 'lxdncoms.exe' - '1' Module(s) have been scanned
Scan process 'lxdnserv.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'avgemc.exe' - '1' Module(s) have been scanned
Scan process 'avgupsvc.exe' - '1' Module(s) have been scanned
Scan process 'avgamsvr.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned

cont...
Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '60' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
    [WARNING]   The file could not be opened!
C:\$VAULT$.AVG\00000001.FIL
   

• Archive type: HIDDEN

    --> FIL\\\?\C:\$VAULT$.AVG\00000001.FIL
      [DETECTION] Contains recognition pattern of the WORM/Lovsan.F.1 worm
    [NOTE]      The file was moved to '49a46878.qua'!
C:\Documents and Settings\server\Local Settings\Temp\62888679.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was moved to '49ac6a72.qua'!
C:\Documents and Settings\server\Local Settings\Temp\63252812.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was moved to '49a66a7b.qua'!
C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\colbact.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comuid.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\es.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\ole32.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\txflog.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB833987$\sxs.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\browser.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\callcont.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\msgina.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\mst120.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\schannel.dll
    [WARNING]   The file could not be opened!
C:\WINDOWS\Downloaded Program Files\start.INF
    [DETECTION] Is the TR/Dagonit.INF Trojan
    [NOTE]      The file was moved to '49d57627.qua'!
C:\WINDOWS\system32\components\flx1.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b4a.qua'!
C:\WINDOWS\system32\components\flx10.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b51.qua'!
C:\WINDOWS\system32\components\flx11.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b55.qua'!
C:\WINDOWS\system32\components\flx12.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b58.qua'!
C:\WINDOWS\system32\components\flx13.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b5b.qua'!
C:\WINDOWS\system32\components\flx14.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b5e.qua'!
C:\WINDOWS\system32\components\flx15.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b61.qua'!
C:\WINDOWS\system32\components\flx16.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b63.qua'!
C:\WINDOWS\system32\components\flx17.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b65.qua'!
C:\WINDOWS\system32\components\flx18.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b67.qua'!
C:\WINDOWS\system32\components\flx19.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b69.qua'!
C:\WINDOWS\system32\components\flx2.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b6b.qua'!
C:\WINDOWS\system32\components\flx20.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b6e.qua'!
C:\WINDOWS\system32\components\flx21.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b6f.qua'!
C:\WINDOWS\system32\components\flx22.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b72.qua'!
C:\WINDOWS\system32\components\flx23.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b74.qua'!
C:\WINDOWS\system32\components\flx24.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b76.qua'!
C:\WINDOWS\system32\components\flx25.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b78.qua'!
C:\WINDOWS\system32\components\flx26.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b7a.qua'!
C:\WINDOWS\system32\components\flx27.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b7c.qua'!
C:\WINDOWS\system32\components\flx28.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b7e.qua'!
C:\WINDOWS\system32\components\flx29.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b80.qua'!
C:\WINDOWS\system32\components\flx3.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b83.qua'!
C:\WINDOWS\system32\components\flx30.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b85.qua'!
C:\WINDOWS\system32\components\flx32.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b8b.qua'!
C:\WINDOWS\system32\components\flx33.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b8c.qua'!
C:\WINDOWS\system32\components\flx34.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '48864ecd.qua'!
C:\WINDOWS\system32\components\flx35.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b8d.qua'!
C:\WINDOWS\system32\components\flx36.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b8e.qua'!
C:\WINDOWS\system32\components\flx37.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b8f.qua'!
C:\WINDOWS\system32\components\flx38.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b90.qua'!
C:\WINDOWS\system32\components\flx39.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '48864ed1.qua'!
C:\WINDOWS\system32\components\flx4.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b92.qua'!
C:\WINDOWS\system32\components\flx40.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '48864ed3.qua'!
C:\WINDOWS\system32\components\flx41.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b93.qua'!
C:\WINDOWS\system32\components\flx42.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b94.qua'!
C:\WINDOWS\system32\components\flx43.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b95.qua'!
C:\WINDOWS\system32\components\flx44.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b96.qua'!
C:\WINDOWS\system32\components\flx45.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '48864ed7.qua'!
C:\WINDOWS\system32\components\flx46.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b97.qua'!
C:\WINDOWS\system32\components\flx47.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b98.qua'!
C:\WINDOWS\system32\components\flx48.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b99.qua'!
C:\WINDOWS\system32\components\flx49.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b9a.qua'!
C:\WINDOWS\system32\components\flx5.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b9b.qua'!
C:\WINDOWS\system32\components\flx57.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b9c.qua'!
C:\WINDOWS\system32\components\flx59.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b9d.qua'!
C:\WINDOWS\system32\components\flx61.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b9e.qua'!
C:\WINDOWS\system32\components\flx63.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7b9f.qua'!
C:\WINDOWS\system32\components\flx65.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7ba0.qua'!
C:\WINDOWS\system32\components\flx67.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7ba1.qua'!
C:\WINDOWS\system32\components\flx69.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7ba2.qua'!
C:\WINDOWS\system32\components\flx7.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7ba3.qua'!
C:\WINDOWS\system32\components\flx70.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '48864ee4.qua'!
C:\WINDOWS\system32\components\flx72.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7ba4.qua'!
C:\WINDOWS\system32\components\flx73.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7ba5.qua'!
C:\WINDOWS\system32\components\flx74.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7ba6.qua'!
C:\WINDOWS\system32\components\flx8.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7ba8.qua'!
C:\WINDOWS\system32\components\flx9.dll
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49ec7ba9.qua'!


End of the scan: Monday, January 19, 2009  05:14
Used time:  1:27:53 Hour(s)

The scan has been done completely.

   4121 Scanning directories
 199174 Files were scanned
     62 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
     62 files were moved to quarantine
      0 files were renamed
     39 Files cannot be scanned
 199073 Files not concerned
   2170 Archives were scanned
     39 Warnings
     62 Notes

my log for super anti spy...
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/20/2009 at 04:08 PM

Application Version : 4.25.1012

Core Rules Database Version : 3718
Trace Rules Database Version: 1692

Scan type       : Quick Scan
Total Scan Time : 00:22:31

Memory items scanned      : 603
Memory threats detected   : 0
Registry items scanned    : 400
Registry threats detected : 16
File items scanned        : 4509
File threats detected     : 39

Browser Hijacker.BestSafetyGuide
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{873eb32d-ae1a-4183-89bd-45a77f761be4}
   HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}
   HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}
   HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}\InprocServer32
   HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}\InprocServer32#ThreadingModel
   C:\WINDOWS\SYSTEM32\IXT0.DLL

Unclassified.Unknown Origin
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#SystemCheck2
   HKCR\CLSID\{54645654-2225-4455-44A1-9F4543D34546}
   HKCR\CLSID\{54645654-2225-4455-44A1-9F4543D34546}
   HKCR\CLSID\{54645654-2225-4455-44A1-9F4543D34546}\InProcServer32
   C:\WINDOWS\SYSTEM32\VBSYS2.DLL

Trojan.Homepage
   HKCR\CLSID\{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B}
   HKCR\CLSID\{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B}\InprocServer32
   HKCR\CLSID\{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B}\InprocServer32#ThreadingModel
   HKCR\CLSID\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E}
   HKCR\CLSID\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E}\InprocServer32
   HKCR\CLSID\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E}\InprocServer32#ThreadingModel

Unclassified.PC MightyMax
   HKU\S-1-5-21-1060284298-1078145449-854245398-1003\Software\PC MightyMax
   C:\Program Files\PC MightyMax\lic.conf
   C:\Program Files\PC MightyMax\lic.dat
   C:\Program Files\PC MightyMax\pcdocrx.conf
   C:\Program Files\PC MightyMax\tmp_res_x_101.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_102.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_103.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_104.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_105.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_106.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_107.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_108.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_109.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_110.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_111.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_112.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_113.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_114.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_115.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_116.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_117.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_118.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_119.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_120.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_121.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_122.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_123.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_124.tmp
   C:\Program Files\PC MightyMax\tmp_res_x_125.tmp
   C:\Program Files\PC MightyMax\undo
   C:\Program Files\PC MightyMax

Adware.Tracking Cookie
   C:\Documents and Settings\server\Local Settings\Temp\Cookies\server@www.burstnet[1].txt
   C:\Documents and Settings\server\Local Settings\Temp\Cookies\server@ads.hi5[2].txt
   C:\Documents and Settings\server\Local Settings\Temp\Cookies\server@cs.sexcounter[2].txt
   C:\Documents and Settings\server\Local Settings\Temp\Cookies\server@burstnet[2].txt
   C:\Documents and Settings\server\Local Settings\Temp\Cookies\server@ad.yieldmanager[2].txt
   C:\Documents and Settings\server\Local Settings\Temp\Cookies\server@adserving.cpxinteractive[2].txt

Malware.SpywareQuake
   C:\WINDOWS\TEMP\SABD.EXE

my log for malwarebytes...
Malwarebytes' Anti-Malware 1.33
Database version: 1673
Windows 5.1.2600

1/20/2009 5:09:22 PM
mbam-log-2009-01-20 (17-09-22).txt

Scan type: Quick Scan
Objects scanned: 53871
Time elapsed: 13 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2bf41072-b2b1-21c1-b5c1-0305f4155515} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1111-1111-1111-611111193423} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1111-1111-1111-611111193429} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1111-1111-1111-615111193427} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1131-1111-1111-611111193428} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{64311111-1111-1121-1111-111191113457} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AntispywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AntiSpywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\server\Application Data\AntispywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Settings (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\server\Application Data\AntispywareBot\rs.dat (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Log\2009 Jan 19 - 09_21_42 PM_733.log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Log\2009 Jan 19 - 09_58_08 PM_436.log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Settings\ScanResults.pie (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\AntispywareBot Scheduled Scan.job (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\7_exception.nls (Trojan.Tibs) -> Quarantined and deleted successfully.

i am now stuck on the hijack this wont let me copy past

hi

any1 can look at files

any1 help me

[Global Moderator]

Apologies for this long wait.

We are currently a bit short on Malware Specialists.
Because of this, they are mainly only looking at topics in the Computer Virus and Spyware Section with 0 replied.
I suggest re-posting your problem, along with the logs. (attach them as text files).