Hi - as is now becoming the norm I will be zipping the bad boys for Avast. Once this run is complete could you locate the zip folder in C:_OTS\moved files and upload to Mediafire and post the sharing link. Once I have snaffled it you can then delete the file
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.
[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-682209711-3592480626-2574577658-1009\] > -> HKEY_USERS\S-1-5-21-682209711-3592480626-2574577658-1009\Software\Microsoft\Internet Explorer\Toolbar\
YN -> ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "cfgxmldebug.exe" -> ["C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\cfgxmldebug.exe"]
YN -> "KB43737125.exe" -> ["C:\Documents and Settings\Compaq_Owner\Application Data\Adobe\plugs\KB43737125.exe"]
YN -> "queuedbgparse.exe" -> ["C:\Documents and Settings\NetworkService\Local Settings\Application Data\queuedbgparse.exe"]
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "cfgxmldebug.exe" -> ["C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\cfgxmldebug.exe"]
YN -> "KB43737125.exe" -> ["C:\Documents and Settings\Compaq_Owner\Application Data\Adobe\plugs\KB43737125.exe"]
YN -> "queuedbgparse.exe" -> ["C:\Documents and Settings\NetworkService\Local Settings\Application Data\queuedbgparse.exe"]
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-682209711-3592480626-2574577658-1009\] > -> HKEY_USERS\S-1-5-21-682209711-3592480626-2574577658-1009\Software\Microsoft\Internet Explorer\Extensions\
YN -> {E2D4D26B-0180-43a4-B05F-462D6D54C789}\\"ButtonText" [HKLM] -> [Reg Error: Key error.]
YN -> {E2D4D26B-0180-43a4-B05F-462D6D54C789}\\"CLSID" [HKLM] -> [{0000031A-0000-0000-C000-000000000046}]
YN -> {E2D4D26B-0180-43a4-B05F-462D6D54C789}\\"Default Visible" [HKLM] -> [Reg Error: Key error.]
YN -> {E2D4D26B-0180-43a4-B05F-462D6D54C789}\\"HotIcon" [HKLM] -> [Reg Error: Key error.]
YN -> {E2D4D26B-0180-43a4-B05F-462D6D54C789}\\"Icon" [HKLM] -> [Reg Error: Key error.]
YN -> {E2D4D26B-0180-43a4-B05F-462D6D54C789}\\"MenuText" [HKLM] -> [Reg Error: Key error.]
YN -> {E2D4D26B-0180-43a4-B05F-462D6D54C789}\\"Script" [HKLM] -> [Reg Error: Key error.]
YN -> {E2D4D26B-0180-43a4-B05F-462D6D54C789}\\"ToolTip" [HKLM] -> [Reg Error: Key error.]
YN -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.]
[Files/Folders - Modified Within 30 Days]
NY -> BFSLLCH.job -> C:\WINDOWS\tasks\BFSLLCH.job
NY -> lztdhdv.job -> C:\WINDOWS\tasks\lztdhdv.job
NY -> Tgfp.job -> C:\WINDOWS\tasks\Tgfp.job
NY -> Pnogivuxerux.dat -> C:\WINDOWS\Pnogivuxerux.dat
NY -> Emexuwulecugofud.bin -> C:\WINDOWS\Emexuwulecugofud.bin
NY -> Lgipab.exe -> C:\WINDOWS\Lgipab.exe
NY -> Lgipaa.exe -> C:\WINDOWS\Lgipaa.exe
NY -> winscardq.dll -> C:\WINDOWS\System32\winscardq.dll
NY -> c_863P.dll -> C:\WINDOWS\System32\c_863P.dll
[Files - No Company Name]
NY -> 2lg2tqq4.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\2lg2tqq4.exe
NY -> iExplore.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\iExplore.exe
NY -> Lgipab.exe -> C:\WINDOWS\Lgipab.exe
NY -> Emexuwulecugofud.bin -> C:\WINDOWS\Emexuwulecugofud.bin
NY -> Pnogivuxerux.dat -> C:\WINDOWS\Pnogivuxerux.dat
NY -> Lgipaa.exe -> C:\WINDOWS\Lgipaa.exe
NY -> BFSLLCH.job -> C:\WINDOWS\tasks\BFSLLCH.job
NY -> lztdhdv.job -> C:\WINDOWS\tasks\lztdhdv.job
NY -> Tgfp.job -> C:\WINDOWS\tasks\Tgfp.job
NY -> winscardq.dll -> C:\WINDOWS\System32\winscardq.dll
NY -> c_863P.dll -> C:\WINDOWS\System32\c_863P.dll
NY -> 3wk75c5r058vk4bg4355t33lj8563 -> C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\3wk75c5r058vk4bg4355t33lj8563
NY -> 3wk75c5r058vk4bg4355t33lj8563 -> C:\Documents and Settings\All Users\Application Data\3wk75c5r058vk4bg4355t33lj8563
NY -> mssfsi1vlq8g1bx8lmkcbl8 -> C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\mssfsi1vlq8g1bx8lmkcbl8
NY -> mssfsi1vlq8g1bx8lmkcbl8 -> C:\Documents and Settings\All Users\Application Data\mssfsi1vlq8g1bx8lmkcbl8
[File - Lop Check]
NY -> Tarma Installer -> C:\Documents and Settings\All Users\Application Data\Tarma Installer
NY -> BFSLLCH.job -> C:\WINDOWS\Tasks\BFSLLCH.job
NY -> lztdhdv.job -> C:\WINDOWS\Tasks\lztdhdv.job
NY -> Tgfp.job -> C:\WINDOWS\Tasks\Tgfp.job
[Custom Items]
:Files
ipconfig /flushdns /c
C:\WINDOWS\Lgipaa.exe
C:\WINDOWS\Lgipab.exe
C:\WINDOWS\mcod32.dll
:end
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
[ZipFiles]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
Depending on what the fix contains, this process may take some time and your desktop icons might disappear or other uncommon behavior may occur.
This is no sign of malfunction, do not panic!