I managed to get your log opened with word, but with the red spell check it’s still difficult. This will get you started while I review the logs.
There is evidence of several autorun infections. I will need to know how many usb devices and hard drives you have and the drive letters.
Please do not plug in any usb device until you have done the tweakui portion. After you have done that part, please only plug in the devices with the drive letters F and I. I’m quessing that D is a fixed hard drive. If not, then attach it also. The OTMOVEIT2 fix will only cover drives C,D,F, and I. If there are more we will do them separatley.
Download and Install Microsoft’s TweakUI: http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx
Obtain and install TweakUI (right hand panel, 147kb in size), and then start TweakUI.
Expand the My Computer branch, then the AutoPlay branch, and then select Drives.
Turn off the checkbox next to every drive letter to disable AutoPlay – except your CD/DVD drive letters
This will prevent autoruns from running on your computer. Make sure you uncheck all drive letters in the list, except your cd/dvd.
Then
Please download
OTMoveIt2 by OldTimer.
Save it to your desktop.
Please double-click OTMoveIt2.exe to run it. Make sure the usb drives are plugged in.
Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
C:\Autorun.inf
D:\Autorun.inf
F:\Autorun.inf
I:\Autorun.inf
C:\ntdelect.com /s
D:\ntdelect.com
F:\ntdelect.com
I:\ntdelect.com
C:\kavo.* /s
C:\kavo*.* /s
D:\kavo.* /s
D:\kavo*.* /s
F:\kavo.* /s
F:\kavo*.* /s
I:\kavo.* /s
I:\kavo*.* /s
C:\tmf3w3g0.com /s
d:\tmf3w3g0.com
F:\tmf3w3g0.com
I:\tmf3w3g0.com
C:\q83iwmgf.bat /s
D:\q83iwmgf.bat
F:\q83iwmgf.bat
I:\q83iwmgf.bat
C:\um.cmd /s
D:\um.cmd
F:\um.cmd
I:\um.cmd
C:\lg.cmd /s
D:\lg.cmd
F:\lg.cmd
I:\lg.cmd
C:\8e9gmih.bat /s
D:\8e9gmih.bat
F:\8e9gmih.bat
I:\8e9gmih.bat
C:\f.cmd /s
D:\f.cmd
F:\f.cmd
I:\f.cmd
C:\copetttt.com /s
D:\copetttt.com
F:\copetttt.com
I:\copetttt.com
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{28bb8ade-bb0a-11dc-9926-000a3a6420d1}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{5cee21b8-69e3-11dc-987e-000a3a6420d1}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{e0aa4b84-74b1-11dc-989d-000a3a6420d1}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{f654baf9-36f6-11dc-97ff-806d6172696f}
Return to OTMoveIt2, right click in the “Paste List Of Files/Patterns To Search For and Move” window (under the yellow bar) and choose Paste.
Click the red Moveit! button.
Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
NOTE: If OTMOVEITE reboots, before you can get the ruslts they can be found here
C:_OTMoveIt\MovedFiles**_.log
(where “**_” is the “date_time”)
Now to protect those drives, I will need you to down load and run this program.
Download this program, Flash Drive Disinfector by sUBs from
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe
Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well. Just skip that part.
Wait until it has finished scanning and then exit the program.
Reboot your computer when done.
This utility will do a couple of things. First it will remove any autorun.inf it finds. It will create a SYSTEM protected, read-only, and perfectly harmless Autorun.inf file on any hard drive or removable storage device it finds when run. This file will not only help prevent future autorun infections, it will disable any current Autorun infection its ability to restart.
Just to OTMOVEIT2 results and the Clean autoruns logs.
Thanks