about the generated key:
when searching for solutions to the 'can't use anything , because .exe files redirect to malware', i came across the 3 or 4 codes that tell the malware that "I've filled in the personal info". They're posted in some other forum I came across first.
it made my de .exe files usable again.
attach
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 21/09/2011 21:22:07
System Uptime: 16/01/2012 9:31:44 (5 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz | N/A | 2301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 583 GiB total, 438,643 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Atheros AR3011 Bluetooth(R) Adapter
Device ID: USB\VID_0489&PID_E027\6&25E2E6F&0&5
Manufacturer: Atheros Communications
Name: Atheros AR3011 Bluetooth(R) Adapter
PNP Device ID: USB\VID_0489&PID_E027\6&25E2E6F&0&5
Service: BTHUSB
.
==== System Restore Points ===================
.
RP56: 23/12/2011 16:36:31 - Windows Update
RP57: 26/12/2011 23:17:06 - Windows Update
RP58: 30/12/2011 17:25:22 - Windows Update
RP59: 3/01/2012 20:54:30 - Windows Update
RP60: 7/01/2012 13:02:08 - Windows Update
RP61: 10/01/2012 23:14:47 - Windows Update
RP62: 12/01/2012 1:31:23 - Windows Update
RP63: 15/01/2012 14:24:45 - Windows Update
RP64: 15/01/2012 16:01:26 - Installed Fighters.
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
????? Windows Live
?????? Windows Live
??????? ????????? Windows Live Mesh ActiveX ??? ?????????? ??????????
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
???????????? Windows Live
7-Zip 9.20
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Creative Suite 5.5 Design Premium
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X MUI
Adobe Widget Browser
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 4
Bing Bar
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
D3DX10
DeepBurner v1.9.0.228
DivX Setup
Dropbox
eMindMaps
EPSON Scan
Facebook Video Calling 1.0.0.8953
Facemoods Toolbar
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
Foxit Reader 5.1
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Google Chrome
High-Definition Video Playback
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 22
JDownloader 0.9
Junk Mail filter update
Malwarebytes Anti-Malware version 1.60.0.1800
Mesh Runtime
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2010
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Word MUI (Dutch) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 7.0.1 (x86 nl)
Mozilla Thunderbird (7.0.1)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Nero 11 Kwik Themes Basic
Nero Audio Pack 1
Nero Core Components 11
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Update
nero.prerequisites.msi
Notepad++
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
PDF Settings CS5
PMB
PMB VAIO Edition Guide
PMB VAIO Edition Plug-in
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Raccolta foto di Windows Live
Realtek PCIE Card Reader
Remote Keyboard
Remote Play with PlayStation 3
S?????? f?t???af??? t?? Windows Live
SecondLifeViewer (remove only)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SimCity™ Societies
Skype™ 5.1
SoulSeek 157 NS 13e
SSLx86
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
TmNationsForever
TrueCrypt
Unity Web Player
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office OneNote 2007 (KB980729)
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
VAIO - Media Gallery
VAIO - PMB VAIO Edition Guide
VAIO - PMB VAIO Edition Plug-in
VAIO - Remote Keyboard
VAIO - Remote Play with PlayStation®3
VAIO Care
VAIO Control Center
VAIO Data Restore Tool
VAIO Easy Connect
VAIO Event Service
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Hero Screensaver - Summer 2011 Screensaver
VAIO Improvement
VAIO Manual
VAIO Quick Web Access
VAIO Sample Contents
VAIO Smart Network
VAIO Transfer Support
VAIO Update
VC80CRTRedist - 8.0.50727.6195
VCCx86
VESx86
VIx86
VLC media player 1.1.11
VWSTx86
Warsow 0.61
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz
Windows Live Mesh ActiveX control for remote connections
Windows Live Meshin etäyhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
9/01/2012 22:19:02, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
9/01/2012 11:01:27, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
16/01/2012 12:43:19, Error: Service Control Manager [7034] - The AV Engine Scanning Service service terminated unexpectedly. It has done this 1 time(s).
16/01/2012 0:40:07, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
16/01/2012 0:38:14, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
16/01/2012 0:36:37, Error: Service Control Manager [7034] - The Cron Service for Prey service terminated unexpectedly. It has done this 1 time(s).
15/01/2012 20:26:33, Error: srv [2017] - The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.
15/01/2012 16:57:06, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
15/01/2012 15:49:08, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
15/01/2012 12:56:35, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
14/01/2012 13:17:36, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
13/01/2012 20:15:21, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
13/01/2012 18:27:17, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
13/01/2012 12:23:12, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
12/01/2012 10:57:43, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
11/01/2012 13:15:07, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
10/01/2012 23:03:58, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
10/01/2012 16:11:30, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
10/01/2012 11:23:31, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
.
==== End Of File ===========================
GMR
Edit: No GMER log included here.
Edit: Duplicate Attach.txt log deleted by Bobbye
Malwarebytes
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.15.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Larz :: DOC [administrator]
Protection: Enabled
15/01/2012 22:18:58
mbam-log-2012-01-15 (22-18-58).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 418455
Time elapsed: 1 hour(s), 56 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|f37bab79 (Trojan.ExeShell.Gen) -> Data: C:\Users\Larz\AppData\Local\nxm.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 4
C:\Users\Larz\AppData\Local\nxm.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.
C:\Users\Larz\AppData\Local\Temp\crsxanwoem.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Users\Larz\AppData\Local\Temp\msimg32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Larz\AppData\Local\Temp\mxwcrosena.exe (Trojan.Agent) -> Quarantined and deleted successfully.
(end)
Edit: Extra Malwarebyte logs deleted by Bobbye
Malwarebytes Anti-Malware (Trial) 1.60.0.1800