Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Winantivirus popup

Started by Peachcoral , Sep 23 2006 08:32 AM

  • Please log in to reply

#1
Peachcoral
Posted 23 September 2006 - 08:32 AM

Peachcoral

    Member

  • Member
  • PipPip
  • 21 posts
Hello,

I cannot stop the winantivirus popup. I have run MS Defender and Spybot which could not detect it.

Do I have to delete these? Or is the AppInit OK?


O20 - AppInit_DLLs: c:\windows\system32\mllmjjh.dll
O20 - Winlogon Notify: expddv - C:\WINDOWS\SYSTEM32\expddv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll


HIJACK THIS LOGFILE


O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.v...quish_load.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1146502813162
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1146988226890
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/...nagerPlugin.CAB
O20 - AppInit_DLLs: c:\windows\system32\mllmjjh.dll
O20 - Winlogon Notify: expddv - C:\WINDOWS\SYSTEM32\expddv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe



Thank you for your help.

PeachCoral
  • 0

Advertisements

#2
Wizard
Posted 23 September 2006 - 08:39 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Hi Peachcoral and Welcome to GeekstoGo!

Download combofix.exe
http://download.blee...Bs/combofix.exe

Double click combofix.exe & follow the prompts.

When finished, it shall produce a log for you. Post that log in your next reply along with a fresh HijackThis log.

Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Edited by Cretemonster, 23 September 2006 - 08:39 AM.

  • 0

#3
Peachcoral
Posted 23 September 2006 - 09:27 AM

Peachcoral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Cretemonster,

Thank you for your very quick reply and the combofix download which ran very smoothly. I always dread the bluescreen death.

Here is the combofix log:

User - 06-09-23 16:13:55.92 Service Pack 2
ComboFix 06.09.23.2 - Running from: "C:\Documents and Settings\User\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-08-23 to 2006-09-23 ))))))))))))))))))))))))))))))))))


2006-09-23 12:45 307,200 --a-s---- C:\WINDOWS\system32\InterceptHelper.dll
2006-09-23 12:45 180,224 --a-s---- C:\WINDOWS\system32\archlib.dll
2006-09-23 12:45 176,128 --a-s---- C:\WINDOWS\system32\Interceptor.dll
2006-09-22 21:59 7,913 --a------ C:\WINDOWS\system32\mllmjjh.dll
2006-09-22 15:52 23,470 --a------ C:\WINDOWS\system32\awtsr.exe
2006-09-22 15:52 16,934 --a------ C:\WINDOWS\system32\expddv.dll
2006-09-22 15:36 7,913 --a------ C:\WINDOWS\system32\awvvssq.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-09-23 14:44 -------- d-------- C:\Program Files\Hijackthis
2006-09-23 13:35 -------- d-------- C:\Documents and Settings\User\Application Data\Tenebril
2006-09-23 12:45 -------- d-------- C:\Program Files\SpyCatcher 2006
2006-09-19 00:18 848 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2006-09-18 22:10 -------- d-------- C:\Program Files\MusicMasterWorks
2006-08-21 13:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-21 10:14 128896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-19 20:00 -------- d-------- C:\Program Files\Battlezone II
2006-08-19 18:35 26 --a------ C:\WINDOWS\winstart.bat
2006-08-19 18:35 135 --a------ C:\WINDOWS\tmpcpyis.bat
2006-08-19 18:35 122 --a------ C:\WINDOWS\tmpdelis.bat
2006-08-19 09:29 -------- d-------- C:\Program Files\iTunes
2006-08-13 09:59 -------- d-------- C:\Program Files\Internet Explorer
2006-08-10 06:08 1480 --a------ C:\WINDOWS\AUTOLNCH.REG
2006-08-06 17:59 -------- d-------- C:\Program Files\TextBridge Pro 9.0
2006-07-27 14:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-21 19:23 1557 --a------ C:\Documents and Settings\User\Application Data\AdobeDLM.log
2006-07-21 19:23 0 --a------ C:\Documents and Settings\User\Application Data\dm.ini
2006-07-21 09:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
2006-06-23 11:31 606848 --a------ C:\WINDOWS\flashax.exe
2006-06-23 11:31 194560 --a------ C:\WINDOWS\Porsche 911 Cabriolet.scr
2006-06-23 11:31 12288 --a------ C:\WINDOWS\impborl.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe"
"H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
"MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MSKAgent.exe"
"MSKDetectorExe"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MSKDetct.exe /startup"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"InstantAccess"="C:\\PROGRA~1\\TEXTBR~1.0\\Bin\\INSTAN~1.EXE /h"
"RegisterDropHandler"="C:\\PROGRA~1\\TEXTBR~1.0\\Bin\\REGIST~1.EXE"
"WorksFUD"="C:\\Program Files\\Microsoft Works\\wkfud.exe"
"Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
"Microsoft Works Update Detection"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"Corel Photo Downloader"="C:\\Program Files\\Corel\\Corel Photo Album 6\\MediaDetect.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
@=""
"Disc Detector"="C:\\Program Files\\Creative\\ShareDLL\\CtNotify.exe"
"UpdReg"="C:\\WINDOWS\\Updreg.exe"
"AHQInit"="C:\\Program Files\\Creative\\SBLive\\Program\\AHQInit.exe"
"AudioHQ"="C:\\Program Files\\Creative\\SBLive\\AudioHQ\\AHQTB.EXE"
"CTAvTray"="C:\\Program Files\\Creative\\SBLive\\Program\\CTAvTray.EXE"
"BJCFD"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe"
"OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe"
"hpppta"="C:\\Program Files\\Hewlett-Packard\\HP PrecisionScan\\PrecisionScan\\hpppta.exe /ICON"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SpyCatcher Reminder"="\"C:\\Program Files\\SpyCatcher 2006\\SpyCatcher.exe\" reminder"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]
"CTAVTray"="C:\\Program Files\\Creative\\SBLive\\Program\\CTAvStub.EXE EAX.AVI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runservices]
"RegisterDropHandler"="C:\\PROGRA~1\\TEXTBR~1.0\\Bin\\REGIST~1.EXE"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://www.ntlworld..../search_22.gif"
"SubscribedURL"="http://www.ntlworld..../search_22.gif"
"FriendlyName"=""
"Flags"=dword:00001001
"Position"=hex:2c,00,00,00,12,03,00,00,19,01,00,00,b2,01,00,00,16,00,00,00,e7,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:01,00,00,00
"OriginalStateInfo"=hex:18,00,00,00,12,03,00,00,19,01,00,00,b2,01,00,00,16,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:14,6d,24,04,41,c0,b4,74,f8,96,1d,00,68,de,24,04,20,6d,\
24,04,e6,c2,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=hex:5f,00,00,00
@=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\expddv

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\MP Scheduled Scan.job

Completion time: 23/09/2006 16:17:21.82
ComboFix.txt


Thank you for your help with this one.


I have NOT removed anything because I don't know which ones are useful for other applications and which ones are rogues

Regards
Peachcoral
  • 0

#4
Peachcoral
Posted 23 September 2006 - 09:45 AM

Peachcoral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Cretemonster,

I downloaded Spycatcher Express from Tenebril.com.

http://download.tene...her-express.exe

This program is supposed to eradicate the winvirus. It quarantined and blocked a few files and put many others onto ASK(for permission to go ahead) Mode, but the winvirus ad still persists.

Regards,
Peachcoral
  • 0

#5
Wizard
Posted 23 September 2006 - 10:18 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Download this program:

Submit Files Packer
http://www.safer-net...g/files/sfp.zip

Highlight the entries listed below in bold and right-click,then select Copy.


C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\awtsr.exe
C:\WINDOWS\system32\expddv.dll
C:\WINDOWS\system32\awvvssq.dll


Then start the file packer program and right click in the white box and select paste to paste the copied file names in the field.

Then press the Continue button.

It will create an archive with these files and a small log on your Desktop that starts with a name like requested-file[date].cab.

Rename this file to yourmembername.cab (for example Monster.cab).

Then go to:
http://www.uploadmalware.com/
and fill in the required fields and browse to this file on your desktop. Finally click on the Send File button.
  • 0

#6
Peachcoral
Posted 23 September 2006 - 11:08 AM

Peachcoral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Cretemonster,

Thank you for the above instructions, which were very easy to follow. (Thank goodness)

Done: Uploadmalware.com said:

“Your file (Peachcoral.cab) was successfully submitted. If someone requested you submit this file please let them know that you have submitted the file.”

Regards,
Peachcoral
  • 0

#7
Wizard
Posted 23 September 2006 - 11:20 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Got it,now I gotta go test it.

Check your private messages here at the forum.
  • 0

#8
Wizard
Posted 23 September 2006 - 12:13 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Please download VundoFix.exe to your desktop
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log in a reply to this thread.
Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.
  • 0

#9
Peachcoral
Posted 23 September 2006 - 12:37 PM

Peachcoral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Cretemonster,

Thank you for the VundoFix. Here are the results:

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:21:02 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...


_________________________


Looks like there was no Vundovirus

Regards,
Coral
  • 0

#10
Wizard
Posted 23 September 2006 - 12:50 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Allright,we try another way!

Run VundoFix again,this time Right Click inside the White window and Select Add Files

Add the filepaths below using Copy&Paste or by typing them in manually.

C:\WINDOWS\system32\mllmjjh.dll

C:\WINDOWS\system32\awtsr.exe

C:\WINDOWS\system32\expddv.dll

C:\WINDOWS\system32\awvvssq.dll

Click Scan for Vundo and follow the prompts

Post back with the log generated.
  • 0

Advertisements

#11
Peachcoral
Posted 23 September 2006 - 01:26 PM

Peachcoral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Cretemonster,

Help!!! I pressed the remove Vundo key by mistake the comp blue screened and re-started. Does this mean that C:\WINDOWS\system32\mllmjjh.dll – and -

C:\WINDOWS\system32\awtsr.exe

C:\WINDOWS\system32\expddv.dll

C:\WINDOWS\system32\awvvssq.dll

Have been deleted? IS IT POSSIBLE TO RESTORE THESE FILES??? I AM SO SORRY. It may be cause I’m getting a bit tired cause I am ill today.


Original V Scan txt

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:21:02 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:41:13 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:48:30 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...










C:\WINDOWS\system32\mllmjjh.dll

C:\WINDOWS\system32\awtsr.exe

C:\WINDOWS\system32\expddv.dll


undoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:21:02 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:41:13 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:48:30 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 20:02:58 23/09/2006

Listing files found while scanning....

No infected files were found.


C:\WINDOWS\system32\awvvssq.dll



Peachcoral
  • 0

#12
Wizard
Posted 23 September 2006 - 01:59 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Did the PC restart OK?

Scan fresh with HijackThis and post that log please.

Lets have a look and go from there.
  • 0

#13
Peachcoral
Posted 23 September 2006 - 02:19 PM

Peachcoral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Logfile of HijackThis v1.99.1
Scan saved at 21:17:37, on 23/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\Program Files\Creative\SBLive\Program\CTAvTray.EXE
C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppta.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ntlworld.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\SpyCatcher 2006\SCActiveBlock.dll
O2 - BHO: (no name) - {68E08AD1-E732-4D40-B0CD-67B927DCEA3A} - C:\WINDOWS\system32\expddv.dll
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [CTAvTray] C:\Program Files\Creative\SBLive\Program\CTAvTray.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppta.exe /ICON
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpyCatcher Reminder] "C:\Program Files\SpyCatcher 2006\SpyCatcher.exe" reminder
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\RunOnce: [CTAVTray] C:\Program Files\Creative\SBLive\Program\CTAvStub.EXE EAX.AVI
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher 2006\Scheduler daemon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: SpyCatcher Protector.lnk = C:\Program Files\SpyCatcher 2006\Protector.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.v...quish_load.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1146502813162
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1146988226890
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/...nagerPlugin.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: c:\windows\system32\mllmjjh.dll
O20 - Winlogon Notify: expddv - C:\WINDOWS\SYSTEM32\expddv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe


Peachcoral
  • 0

#14
Wizard
Posted 23 September 2006 - 02:38 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
That mistake was mine,those were some really crappy instructions I gave you.

Lets try this once more,the right way! :whistling:


Run VundoFix again,Click Scan for Vundo.

Let it scan,once complete, right click inside the white window and select Add Files

Copy&Paste each entry below into the white window

C:\WINDOWS\system32\mllmjjh.dll

C:\WINDOWS\system32\awtsr.exe

C:\WINDOWS\system32\awvvssq.dll

C:\WINDOWS\system32\expddv.dll

Once all entries are pasted in,Click Remove Vundo and follow the prompts

You will receive a prompt asking if you want to remove the files, click YES

Once you click yes, your desktop will go blank as it starts removing Vundo.

When completed, it will prompt that it will reboot your computer, click OK.

Please post the contents of C:\vundofix.txt

Edited by Cretemonster, 23 September 2006 - 02:40 PM.

  • 0

#15
Peachcoral
Posted 24 September 2006 - 06:24 AM

Peachcoral

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Cretemonster,

Herewith the contents of C:\vundofix.txt relating to the first three files. The fourth would not load into the box. Should I run the vundo again and add the last file (expddv.dll)? I think mllmjjh.dll could be related to my Spycatcher software because on reboot, Spycatcher said something was trying to use one of the files but it had corrected this.
Shall I delete Spycatcher and run the vundo again?

I was reluctant to uninstall Spycatcher because it seems to be blocking a heck of a lot of the ads that are trying to get in the door.


VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:21:02 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:41:13 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 19:48:30 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 20:02:58 23/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

Attempting to delete C:\WINDOWS\system32\awvvssq.dll
C:\WINDOWS\system32\awvvssq.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 12:30:27 24/09/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\awtsr.exe
C:\WINDOWS\system32\awtsr.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attem
Beginning removal...

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WINDOWS\system32\mllmjjh.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mllmjjh.dll
C:\WIND
VundoFix V6.1.6

Checking Java version...

Sun Java not detected
Scan started at 12:48:14 24/09/2006

Listing files found while scanning....

No infected files were found.


--------------------------------

Regards,
Peachcoral
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP