Yep you heard it right my other computer with windows xp is sort of infected… It crashed avast 3 times and i found it with process explorer and killed it but avast is still detecting stuff! i am doing a full scan with malware bytes. Please Tell Me other programs i can run on it to scan for registry entrys or files on the pc.
what is the link to OTL? also how long does the scan take?
what is the link to OTL? also how long does the scan take?hmmm...600 post and you have still not seen the sticky here ;D
Something made MBAM abort the scan… I let it remove the 2 worms it found. but i start another full scan.
Edit: I wonder if Avast! got all the viruses…
I ran the OTL scan and aswMBR scan. I attached the OTL.txt and Extras.txt and the aswMBR log.
As for MBAM it is still scanning.
Edit: The computer isn’t mine its my dads.
Avast just poped again moving a infected file to the virus chest from mbam process… How bad is a worm virus?
How bad is a worm virus?what is the worm name ?
it is fine with just a MBAM quick scan
MBAM is doing a full scan I hope it will be done before 8:30.
here is a screenshot of what avast put in the virus chest
i see the file name but not the malware name given by avast and/or MBAM
Here is the virus type name avast gave the viruses in the chest
quote securelist
Programs classified as Trojan-Downloader download and install new versions of malicious programs, including Trojans and AdWare, on victim computers. Once downloaded from the Internet, the programs are launched or included on a list of programs which will run automatically when the operating system boots up.
well Essexboy will fix it tomorrow 
So when I shutdown the computer later on tonight do you think it will boot up tomorrow? or is it best to put the pc in stand by mode?
have no idea…but most malware want computers to work so it can do it`s malware work
Finally here is the Mbam full scan log
My dad went to try to check his e-mail and it showed somebody else was logged in and it said verify your password… is it the trojan downloaders?
Edit: I started the trail in mbam on that pc.
I have been worried all night… I hope you guys can help remove all the viruses from the computer. it is possible to remove them isn’t it? I’m worried… 
I hate viruses!
Ensure your online passwords are changed to a more secure length please
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] O2 - BHO: (no name) - Disabled:{02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (no name) - Disabled:{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found. O2 - BHO: (no name) - Disabled:{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freerealms.com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab?v=1038 (Reg Error: Value error.) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found [2011/09/17 17:49:22 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\xtilvinl.sys [2011/09/17 17:28:59 | 000,000,046 | ---- | M] () -- C:\WINDOWS\twps:Files
ipconfig /flushdns /c:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
[Reboot]
THEN
Download and Install Combofix
Download ComboFix from one of the following locations:
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks
http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png
http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png
[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.
Notes:
Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
The computer is running a little faster than it was yesterday.
Thanks essexboy 
Edit: Internet Explorer’s Level was put at a stronger level… we changed it back to the default level on all zones… is that ok?
Edit: My dad logged into his e-mail about 9:00 pm last night. after avast and malwarebytes’ stopped detecting stuff. (He check it after I activated the trail in mbam. is his password safe? I should change my password on the forum.
Yes the IE settings should suffice
Again prudence would suggest changing passwords to be on the safe side
What other problems are you experiencing ?
None as of right now its working like it did about 3 days ago.
Pop back tomorrow and if all is OK I will remove my tools and tidy you up ;D