Hallo

I am hoping someone can please help me. My laptop is running Vista, when I start it I get my webcam icon showing in the task bar and a message on screen saying the server is busy. I try ctrl-alt-delete and instead of giving me the programs running, by name, I get the processes that are running. Avg 8 free is constantly closing various tracking cookies. My computer is slow and when I tried reinstalling microsoft office, I was getting messages that access to the registry was restricted, and some files could not be written. I started doing the preparation as requested. Each time I tried to download the Adaware and Avira, half way through my screen went all fuzzy, with much of it vanishing and the system crashed and then started again. I decided to after 3 tries, to skip that step. When I tried to run OTL log I got the message
OTL.exe is not a valid win32 application.

I have been having various problems, but the above are what comes to mind.

Here is the mbam and rooter log. I would be very grateful for any help, as I work online and have not been able to do much through out June.

Malwarebytes' Anti-Malware 1.38
Database version: 2333
Windows 6.0.6001 Service Pack 1

25/06/2009 4:18:29 PM
mbam-log-2009-06-25 (16-18-29).txt

Scan type: Quick Scan
Objects scanned: 85924
Time elapsed: 10 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Windows\System32\LocalService32 (Worm.Archive) -> Quarantined and deleted successfully.

Files Infected:
c:\Windows\System32\localservice32\16D0.tmp (Worm.Archive) -> Quarantined and deleted successfully.
c:\Windows\System32\localservice32\46D6.tmp (Worm.Archive) -> Quarantined and deleted successfully.
c:\Windows\System32\localservice32\8E72.tmp (Worm.Archive) -> Quarantined and deleted successfully.
c:\Windows\System32\localservice32\A5D2.tmp (Worm.Archive) -> Quarantined and deleted successfully.
c:\Windows\System32\localservice32\D56A.tmp (Worm.Archive) -> Quarantined and deleted successfully.
c:\Windows\System32\localservice32\E15F.tmp (Worm.Archive) -> Quarantined and deleted successfully.
c:\Windows\System32\localservice32\EB6F.tmp (Worm.Archive) -> Quarantined and deleted successfully.
C:\Program Files\Setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Windows\Tasks\ErrorFix Scan.job (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows Vista Home Edition (6.0.6001) Service Pack 1
[32_bits] - x86 Family 6 Model 15 Stepping 10, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
User Account Control (UAC) -> Disabled !
.
Internet Explorer 7.0.6001.18000
.
C:\ [Fixed-NTFS] .. ( Total:102 Go - Free:48 Go )
D:\ [Fixed-NTFS] .. ( Total:7 Go - Free:1 Go )
E:\ [CD_Rom]
.
Scan : 18:19.14
Path : C:\Users\tadpole\Desktop\Rooter.exe
User : tadpole ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ \SystemRoot\System32\smss.exe (508)
______ C:\Windows\system32\csrss.exe (576)
______ C:\Windows\system32\wininit.exe (628)
______ C:\Windows\system32\csrss.exe (640)
______ C:\Windows\system32\services.exe (680)
______ C:\Windows\system32\lsass.exe (692)
______ C:\Windows\system32\lsm.exe (700)
______ C:\Windows\system32\winlogon.exe (872)
______ C:\Windows\system32\svchost.exe (964)
______ C:\Windows\System32\svchost.exe (1012)
______ C:\Windows\system32\nvvsvc.exe (1040)
______ C:\Windows\system32\svchost.exe (1068)
______ C:\Windows\System32\svchost.exe (1116)
______ C:\Windows\System32\svchost.exe (1212)
______ C:\Windows\System32\svchost.exe (1252)
______ c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe (1304)
______ C:\Windows\system32\svchost.exe (1324)
Locked audiodg.exe (1408)
______ C:\Windows\system32\svchost.exe (1432)
______ C:\Windows\system32\SLsvc.exe (1448)
______ C:\Windows\system32\svchost.exe (1492)
______ C:\Windows\system32\nvvsvc.exe (1616)
______ C:\Windows\system32\svchost.exe (1652)
______ C:\Windows\System32\spoolsv.exe (436)
______ C:\Windows\system32\svchost.exe (540)
______ C:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe (1556)
______ C:\Windows\system32\Dwm.exe (1668)
______ C:\Windows\Explorer.EXE (1660)
______ C:\Windows\system32\taskeng.exe (1648)
______ C:\Windows\system32\taskeng.exe (1060)
______ C:\Windows\system32\svchost.exe (2144)
______ C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (2192)
______ C:\Program Files\Bonjour\mDNSResponder.exe (2252)
______ C:\Program Files\Apoint2K\Apoint.exe (2304)
______ C:\Windows\system32\svchost.exe (2316)
______ C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (2324)
______ C:\Windows\system32\CISVC.EXE (2340)
______ C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe (2364)
______ C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (2424)
______ C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2484)
______ C:\PROGRA~1\AVG\AVG8\avgrsx.exe (2600)
______ C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (2672)
______ C:\Program Files\AVG\AVG8\avgtray.exe (2688)
______ C:\PROGRA~1\AVG\AVG8\avgnsx.exe (2696)
______ C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2736)
______ C:\Program Files\Java\jre6\bin\jusched.exe (2852)
______ C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (2940)
______ C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (2996)
______ C:\Windows\system32\svchost.exe (3120)
______ C:\Program Files\Apoint2K\ApMsgFwd.exe (3128)
______ C:\Program Files\Common Files\Real\Update_OB\realsched.exe (3188)
______ C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (3272)
______ C:\Program Files\Logitech\QuickCam10\QuickCam10.exe (3284)
______ C:\Windows\system32\locator.exe (3320)
______ C:\Program Files\Spyware Doctor\pctsAuxs.exe (3380)
______ C:\Windows\ehome\ehtray.exe (3456)
______ C:\Windows\System32\tcpsvcs.exe (3464)
______ C:\Windows\System32\snmp.exe (3560)
______ C:\Windows\system32\svchost.exe (3584)
______ C:\Windows\system32\svchost.exe (3664)
______ C:\Windows\System32\svchost.exe (3708)
______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3772)
______ C:\Program Files\ManyCam 2.4\ManyCam.exe (3780)
______ C:\Windows\ehome\ehmsas.exe (3792)
______ C:\Windows\system32\SearchIndexer.exe (3800)
______ C:\Windows\system32\DRIVERS\xaudio.exe (3936)
______ C:\Program Files\Platinum\PlatinumConsole\PlatinumConsole.exe (3960)
______ C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (4044)
______ C:\Program Files\Apoint2K\Apntex.exe (1280)
______ C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe (3340)
______ C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (4516)
______ C:\Windows\System32\mobsync.exe (4576)
______ C:\Program Files\Internet Explorer\IEXPLORE.EXE (4808)
______ C:\Windows\System32\svchost.exe (4024)
______ C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (3752)
______ C:\Windows\system32\SearchProtocolHost.exe (4788)
______ C:\Windows\system32\wuauclt.exe (744)
______ C:\Windows\system32\svchost.exe (4896)
______ C:\Windows\system32\SearchFilterHost.exe (1416)
______ C:\Windows\system32\taskeng.exe (1912)
______ C:\Users\tadpole\Desktop\Rooter.exe (5692)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:110060089344)
\Device\Harddisk0\Partition2 (Start_Offset:152373312000 | Length:7665960960)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\EasyShare Registration Task.job
C:\Windows\Tasks\ErrorFix Startup.job
C:\Windows\Tasks\Google Software Updater.job
C:\Windows\Tasks\Norton Security Scan for tadpole.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\User_Feed_Synchronization-{A2FC23FE-C65F-4E8F-BCDE-2143EAA39240}.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 18:19.30
.
C:\Rooter$\Rooter_1.txt - (25/06/2009 | 18:19.30)

Hallo

Please would you mark this post as closed. I did send an e mail a number of days ago requesting closure.

Thankyou

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.