Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

i have tried everything computer is extremely slow

Started by Lexyluv , Oct 04 2006 02:43 AM

  • Please log in to reply

#1
Lexyluv
Posted 04 October 2006 - 02:43 AM

Lexyluv

    Member

  • Member
  • PipPip
  • 62 posts
So i am running windows xp sp2 with 160 gig HD and 512MB ram if that helps i just built this thing last year and havnt had to do a reformat ever. So i dont know what i have done but my computer is extremely slow i have gone from opening programs in like 5 seconds to 5 minutes and im not kidding. I have done ever scan possible also done msconfig stuff, stuff in dos, you name it i have used it to scan. I have also removed several viruses manually so i dont know what it would be that is doing this. I do not want to reformat but everyone seems to be stumped i even tried a restore in windows and that wont even work. Everything starts up fine but new programs that werent in startup take forever to open. It seems that once i have them open they run fine but opening them is the problem its so slow. :whistling: I am on my last hope with this forum so i am posting my hijack this list and hopefully someone will see something i dont that will fix this. As well i am having issues with SCVHOST.EXE missing well i have been told and looked up that this is the virus. I have removed it a few times from hijack this but it keeps coming back as you will see below.


Logfile of HijackThis v1.99.1
Scan saved at 1:40:35 AM, on 10/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
D:\Program Files\Logitech\iTouch\iTouch.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\dvd43\dvd43_tray.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
D:\Program Files\Logitech\MouseWare\system\em_exec.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\WINDOWS\system32\svchost.exe
d:\program files\internet explorer\iexplore.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\Documents and Settings\Lexy\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=D:\WINDOWS\system32\scvhost.exe
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - D:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] D:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dvd43] D:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] D:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://officeint.mic...tes/ieawsdc.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtec...ntrol_en_US.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://officeint.mic...ntent/opuc2.cab
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifes...ll/pinstall.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1159504167203
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  • 0

Advertisements

#2
Wizard
Posted 04 October 2006 - 03:53 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Hi Lexyluv and Welcome!


Please download the Killbox by Option^Explicit.

Note: In the event you already have Killbox, this is a new version that I need you to download.
  • Save it to your desktop.
  • Please double-click Killbox.exe to run it.
  • Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

    D:\WINDOWS\system32\scvhost.exe

  • Return to Killbox, go to the File menu, and choose Paste from Clipboard.
  • Select Delete on Reboot and Unregister .dll before Deleting
  • then Click on the All Files button.
  • Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).
If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.



Restart in Safe Mode and Open Killbox again.

Copy&Paste--> D:\WINDOWS\system32\scvhost.exe into Killbox again and ensure that Killbox does not display the filename in blue text.

If it does,use the delete on reboot option again when you get ready to return to Normal Mode.


Still in Killbox--> Click Tools--> Click Delete Temp Files.

From within the Killbox window,click the drop down menu in the middle and delete all temp files for every user account Killbox list.


Still in Safe Mode,Open HijackThis-> Click "Do a System Scan Only" and put a check by these but DO NOT hit the Fix Checked button yet

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F3 - REG:win.ini: load=D:\WINDOWS\system32\scvhost.exe

O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifes...ll/pinstall.cab

Now Make sure ALL WINDOWS and BROWSERS are CLOSED and hit the Fix Checked Button


Restart Normal and Please run the F-Secure Online Scanner

Note: This Scanner is for Internet Explorer Only!
  • Follow the Instruction on the F-Secure page for proper installation.
  • Accept the License Agreement.
  • Once the ActiveX installs,Click Full System Scan
  • Once the download completes,the scan will begin automatically.
  • The scan will take some time to finish,so please be patient.
  • When the scan completes, click the Automatic cleaning (recommended) button.
  • Click the Show Report button and Copy&Paste the entire report in your next reply along with a fresh HijackThis log.

Edited by Cretemonster, 04 October 2006 - 03:54 AM.

  • 0

#3
Lexyluv
Posted 04 October 2006 - 06:34 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
how long should this secure scan take cause its still going and its been almost 3 hours now. I will post my new log when it is done it seems to be still scanning but i dont think it should be this long.
  • 0

#4
Wizard
Posted 04 October 2006 - 06:57 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Close it all out and Reboot the Machine.

Try it once more,if it goes for more than 1 hour,let me know.
  • 0

#5
Lexyluv
Posted 04 October 2006 - 09:08 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Its still going and its been over an hour :whistling: its still scanning files but its still going
  • 0

#6
Lexyluv
Posted 04 October 2006 - 11:48 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Ok now the scan wont work it keeps saying error :whistling:

here is my new log

Logfile of HijackThis v1.99.1
Scan saved at 11:31:22 PM, on 10/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Logitech\iTouch\iTouch.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\dvd43\dvd43_tray.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
D:\Program Files\Logitech\MouseWare\system\em_exec.exe
D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
D:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
d:\program files\internet explorer\iexplore.exe
D:\Documents and Settings\Lexy\Desktop\HijackThis.exe
D:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - D:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [zBrowser Launcher] D:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dvd43] D:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] D:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://officeint.mic...tes/ieawsdc.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtec...ntrol_en_US.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://officeint.mic...ntent/opuc2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1159504167203
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-sec.../ols3/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Edited by Lexyluv, 05 October 2006 - 01:18 AM.

  • 0

#7
Wizard
Posted 05 October 2006 - 02:29 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Please download Combofix to your desktop.
http://download.blee...Bs/combofix.exe

Doubleclick combo.exe to launch the application.

Follow the prompts that will be displayed on the screen.

Don't click on the window while the fix is running, because that will cause your system to hang.

When finished, it should produce a log, combofix.txt

Please post that log in the next reply.
  • 0

#8
Lexyluv
Posted 05 October 2006 - 03:13 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Hey there well i did the scn here is the log as you can see the scv keeps hanging on lol

Lexy - 06-10-05 1:52:01.46 Service Pack 2
ComboFix 06.09.28 - Running from: "D:\Documents and Settings\Lexy\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


D:\WINDOWS\system32\wintsu.exe
D:\WINDOWS\system32\components

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

D:\QooBox\Purity\Documents and Settings\Lexy\Application Data\PPATCH~1


((((((((((((((((((((((((((((((( Files Created from 2006-09-05 to 2006-10-05 ))))))))))))))))))))))))))))))))))


2006-10-04 02:11 45,525 --a------ D:\WINDOWS\system32\wjagoxps.dll
2006-10-03 20:38 86,036 --a------ D:\WINDOWS\system32\hapyowoi.dll
2006-09-28 23:47 127,208 --a------ D:\WINDOWS\system32\mucltui.dll
2006-09-28 23:29 845,310 ---hs---- D:\WINDOWS\system32\lnnmp.bak2
2006-09-28 23:28 747,886 ---hs---- D:\WINDOWS\system32\lnnmp.ini2
2006-09-28 23:07 86,016 --a------ D:\WINDOWS\OPDIRDEL.exe
2006-09-28 01:57 10,344 --a------ D:\WINDOWS\system32\drivers\symlcbrd.sys
2006-09-28 01:55 48,816 --a------ D:\WINDOWS\system32\S32EVNT1.DLL
2006-09-28 01:55 109,744 --a------ D:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-09-27 22:45 737,280 --a------ D:\WINDOWS\iun6002.exe
2006-09-22 15:51 845,514 ---hs---- D:\WINDOWS\system32\lnnmp.bak1
2006-09-19 16:11 53,248 --a------ D:\WINDOWS\system32\Process.exe
2006-09-19 16:11 40,960 --a------ D:\WINDOWS\system32\swsc.exe
2006-09-19 16:11 288,417 --a------ D:\WINDOWS\system32\SrchSTS.exe
2006-09-19 16:11 135,168 --a------ D:\WINDOWS\system32\swreg.exe
2006-09-19 14:45 76,560 --a------ D:\WINDOWS\system32\drivers\tmcomm.sys
2006-09-19 12:22 577,588 ---hs---- D:\WINDOWS\system32\pmnnl.dll
2006-09-19 12:18 589,876 ---hs---- D:\WINDOWS\system32\vturp.dll
2006-09-19 12:17 589,876 ---hs---- D:\WINDOWS\system32\pmkhf.dll
2006-09-19 12:13 589,876 ---hs---- D:\WINDOWS\system32\vtstq.dll
2006-09-19 12:12 589,876 ---hs---- D:\WINDOWS\system32\ddccy.dll
2006-09-19 12:11 589,876 ---hs---- D:\WINDOWS\system32\geeby.dll
2006-09-19 12:01 589,876 ---hs---- D:\WINDOWS\system32\mllmj.dll
2006-09-19 12:01 589,876 ---hs---- D:\WINDOWS\system32\awvvt.dll
2006-09-19 11:59 589,876 ---hs---- D:\WINDOWS\system32\awvvs.dll
2006-09-19 11:52 589,876 ---hs---- D:\WINDOWS\system32\jkhhf.dll
2006-09-19 11:49 589,876 ---hs---- D:\WINDOWS\system32\gebcy.dll
2006-09-19 11:46 589,876 ---hs---- D:\WINDOWS\system32\ssttt.dll
2006-09-19 11:46 589,876 ---hs---- D:\WINDOWS\system32\jkkll.dll
2006-09-19 11:42 589,876 ---hs---- D:\WINDOWS\system32\jkkjg.dll
2006-09-19 11:39 589,876 ---hs---- D:\WINDOWS\system32\gebyv.dll
2006-09-19 11:35 589,876 ---hs---- D:\WINDOWS\system32\ssqpo.dll
2006-09-19 11:32 589,876 ---hs---- D:\WINDOWS\system32\gebcd.dll
2006-09-19 11:30 589,876 ---hs---- D:\WINDOWS\system32\awvvv.dll
2006-09-19 11:29 589,876 ---hs---- D:\WINDOWS\system32\vtsqn.dll
2006-09-19 11:25 589,876 ---hs---- D:\WINDOWS\system32\geede.dll
2006-09-19 11:22 589,876 ---hs---- D:\WINDOWS\system32\jkkli.dll
2006-09-19 11:19 589,876 ---hs---- D:\WINDOWS\system32\geedb.dll
2006-09-19 11:19 589,876 ---hs---- D:\WINDOWS\system32\ddcyw.dll
2006-09-19 11:16 589,876 ---hs---- D:\WINDOWS\system32\gebyx.dll
2006-09-19 11:12 589,876 ---hs---- D:\WINDOWS\system32\mljjh.dll
2006-09-19 11:09 589,876 ---hs---- D:\WINDOWS\system32\mljjj.dll
2006-09-19 11:08 589,876 ---hs---- D:\WINDOWS\system32\ssttr.dll
2006-09-19 11:05 589,876 ---hs---- D:\WINDOWS\system32\awtqr.dll
2006-09-19 11:03 589,876 ---hs---- D:\WINDOWS\system32\jkkjk.dll
2006-09-19 10:59 589,876 ---hs---- D:\WINDOWS\system32\jkhhe.dll
2006-09-19 10:52 589,876 ---hs---- D:\WINDOWS\system32\awtss.dll
2006-09-19 10:49 589,876 ---hs---- D:\WINDOWS\system32\ssttu.dll
2006-09-19 10:45 589,876 ---hs---- D:\WINDOWS\system32\sstqn.dll
2006-09-19 10:38 589,876 ---hs---- D:\WINDOWS\system32\ssttq.dll
2006-09-19 10:35 589,876 ---hs---- D:\WINDOWS\system32\awvtr.dll
2006-09-19 10:31 589,876 ---hs---- D:\WINDOWS\system32\ssqro.dll
2006-09-19 10:30 589,876 ---hs---- D:\WINDOWS\system32\ddayy.dll
2006-09-19 10:25 589,876 ---hs---- D:\WINDOWS\system32\ssqrs.dll
2006-09-19 10:22 589,876 ---hs---- D:\WINDOWS\system32\ddabc.dll
2006-09-19 10:19 589,876 ---hs---- D:\WINDOWS\system32\ddcyv.dll
2006-09-19 10:18 589,876 ---hs---- D:\WINDOWS\system32\geedc.dll
2006-09-19 10:15 589,876 ---hs---- D:\WINDOWS\system32\pmnlk.dll
2006-09-19 10:08 589,876 ---hs---- D:\WINDOWS\system32\ddcya.dll
2006-09-19 10:08 589,876 ---hs---- D:\WINDOWS\system32\awvvw.dll
2006-09-19 10:04 589,876 ---hs---- D:\WINDOWS\system32\mllmn.dll
2006-09-19 10:03 589,876 ---hs---- D:\WINDOWS\system32\vtsqr.dll
2006-09-19 10:01 589,876 ---hs---- D:\WINDOWS\system32\ssqrq.dll
2006-09-19 09:50 589,876 ---hs---- D:\WINDOWS\system32\mlljj.dll
2006-09-19 09:48 589,876 ---hs---- D:\WINDOWS\system32\mljgg.dll
2006-09-19 09:47 589,876 ---hs---- D:\WINDOWS\system32\awvts.dll
2006-09-19 09:43 589,876 ---hs---- D:\WINDOWS\system32\vtstt.dll
2006-09-19 09:41 589,876 ---hs---- D:\WINDOWS\system32\pmkjk.dll
2006-09-19 09:34 589,876 ---hs---- D:\WINDOWS\system32\jkhhi.dll
2006-09-19 09:25 589,876 ---hs---- D:\WINDOWS\system32\geeba.dll
2006-09-19 09:20 589,876 ---hs---- D:\WINDOWS\system32\sstqo.dll
2006-09-19 09:19 589,876 ---hs---- D:\WINDOWS\system32\mllml.dll
2006-09-19 09:03 589,876 ---hs---- D:\WINDOWS\system32\jkkji.dll
2006-09-19 08:56 589,876 ---hs---- D:\WINDOWS\system32\vtuts.dll
2006-09-19 08:54 589,876 ---hs---- D:\WINDOWS\system32\pmkhh.dll
2006-09-19 08:53 589,876 ---hs---- D:\WINDOWS\system32\gebyy.dll
2006-09-19 08:48 589,876 ---hs---- D:\WINDOWS\system32\awvtu.dll
2006-09-19 08:43 589,876 ---hs---- D:\WINDOWS\system32\ddaya.dll
2006-09-19 08:40 589,876 ---hs---- D:\WINDOWS\system32\ddaba.dll
2006-09-19 08:32 589,876 ---hs---- D:\WINDOWS\system32\gebca.dll
2006-09-19 08:22 589,876 ---hs---- D:\WINDOWS\system32\awtqo.dll
2006-09-19 08:21 589,876 ---hs---- D:\WINDOWS\system32\pmkjh.dll
2006-09-19 08:13 589,876 ---hs---- D:\WINDOWS\system32\mljgh.dll
2006-09-19 08:10 589,876 ---hs---- D:\WINDOWS\system32\awvvu.dll
2006-09-19 08:08 589,876 ---hs---- D:\WINDOWS\system32\jkhfe.dll
2006-09-19 08:05 589,876 ---hs---- D:\WINDOWS\system32\mljgd.dll
2006-09-19 08:01 589,876 ---hs---- D:\WINDOWS\system32\geebx.dll
2006-09-19 07:54 589,876 ---hs---- D:\WINDOWS\system32\vturs.dll
2006-09-19 07:48 589,876 ---hs---- D:\WINDOWS\system32\ddccc.dll
2006-09-19 07:41 589,876 ---hs---- D:\WINDOWS\system32\pmkjj.dll
2006-09-19 07:39 589,876 ---hs---- D:\WINDOWS\system32\vturo.dll
2006-09-19 07:34 589,876 ---hs---- D:\WINDOWS\system32\pmkji.dll
2006-09-19 07:32 589,876 ---hs---- D:\WINDOWS\system32\geedd.dll
2006-09-19 07:28 589,876 ---hs---- D:\WINDOWS\system32\vtsts.dll
2006-09-19 07:27 589,876 ---hs---- D:\WINDOWS\system32\pmnll.dll
2006-09-19 07:21 589,876 ---hs---- D:\WINDOWS\system32\mllmm.dll
2006-09-19 07:07 589,876 ---hs---- D:\WINDOWS\system32\sstqp.dll
2006-09-19 07:05 589,876 ---hs---- D:\WINDOWS\system32\jkkjh.dll
2006-09-19 06:59 589,876 ---hs---- D:\WINDOWS\system32\pmnno.dll
2006-09-19 06:58 589,876 ---hs---- D:\WINDOWS\system32\ssqrr.dll
2006-09-19 06:37 589,876 ---hs---- D:\WINDOWS\system32\vtsqo.dll
2006-09-19 06:30 589,876 ---hs---- D:\WINDOWS\system32\mljjk.dll
2006-09-19 06:21 589,876 ---hs---- D:\WINDOWS\system32\jkhfg.dll
2006-09-19 06:16 589,876 ---hs---- D:\WINDOWS\system32\vtutu.dll
2006-09-19 06:16 589,876 ---hs---- D:\WINDOWS\system32\ddabb.dll
2006-09-19 06:12 589,876 ---hs---- D:\WINDOWS\system32\geeda.dll
2006-09-19 06:04 589,876 ---hs---- D:\WINDOWS\system32\awvtt.dll
2006-09-19 06:00 589,876 ---hs---- D:\WINDOWS\system32\jkhhg.dll
2006-09-19 05:57 589,876 ---hs---- D:\WINDOWS\system32\ddayw.dll
2006-09-19 05:51 589,876 ---hs---- D:\WINDOWS\system32\ddccd.dll
2006-09-19 05:50 589,876 ---hs---- D:\WINDOWS\system32\pmkjg.dll
2006-09-19 05:44 589,876 ---hs---- D:\WINDOWS\system32\ddccb.dll
2006-09-19 05:39 589,876 ---hs---- D:\WINDOWS\system32\geebc.dll
2006-09-19 05:38 589,876 ---hs---- D:\WINDOWS\system32\mlljh.dll
2006-09-19 05:24 589,876 ---hs---- D:\WINDOWS\system32\vtutt.dll
2006-09-19 05:23 589,876 ---hs---- D:\WINDOWS\system32\mljge.dll
2006-09-19 05:19 589,876 ---hs---- D:\WINDOWS\system32\ssqpq.dll
2006-09-19 05:03 589,876 ---hs---- D:\WINDOWS\system32\awtst.dll
2006-09-19 04:59 589,876 ---hs---- D:\WINDOWS\system32\vtutr.dll
2006-09-19 04:50 589,876 ---hs---- D:\WINDOWS\system32\vtstu.dll
2006-09-19 04:39 589,876 ---hs---- D:\WINDOWS\system32\vturq.dll
2006-09-19 04:36 589,876 ---hs---- D:\WINDOWS\system32\awtqn.dll
2006-09-19 04:33 589,876 ---hs---- D:\WINDOWS\system32\vtsqp.dll
2006-09-19 04:28 589,876 ---hs---- D:\WINDOWS\system32\pmnlm.dll
2006-09-19 04:25 589,876 ---hs---- D:\WINDOWS\system32\awtsr.dll
2006-09-19 04:16 589,876 ---hs---- D:\WINDOWS\system32\pmkhe.dll
2006-09-19 04:00 589,876 ---hs---- D:\WINDOWS\system32\ddcyy.dll
2006-09-19 03:51 589,876 ---hs---- D:\WINDOWS\system32\sstqq.dll
2006-09-19 03:50 589,876 ---hs---- D:\WINDOWS\system32\pmkhg.dll
2006-09-19 03:49 589,876 ---hs---- D:\WINDOWS\system32\gebcc.dll
2006-09-19 03:44 589,876 ---hs---- D:\WINDOWS\system32\ssqpn.dll
2006-09-19 03:39 589,876 ---hs---- D:\WINDOWS\system32\pmkhi.dll
2006-09-19 03:37 589,876 ---hs---- D:\WINDOWS\system32\vtsqq.dll
2006-09-19 03:33 589,876 ---hs---- D:\WINDOWS\system32\pmnli.dll
2006-09-19 03:31 589,876 ---hs---- D:\WINDOWS\system32\awtqq.dll
2006-09-19 03:29 589,876 ---hs---- D:\WINDOWS\system32\vtutq.dll
2006-09-19 03:28 589,876 ---hs---- D:\WINDOWS\system32\jkkjj.dll
2006-09-19 03:24 589,876 ---hs---- D:\WINDOWS\system32\awvtq.dll
2006-09-19 03:23 589,876 ---hs---- D:\WINDOWS\system32\ssqpp.dll
2006-09-19 03:22 589,876 ---hs---- D:\WINDOWS\system32\ddaby.dll
2006-09-19 03:06 589,876 ---hs---- D:\WINDOWS\system32\sstts.dll
2006-09-19 03:04 589,876 ---hs---- D:\WINDOWS\system32\ddcyx.dll
2006-09-19 03:02 589,876 ---hs---- D:\WINDOWS\system32\awtsq.dll
2006-09-19 02:56 589,876 ---hs---- D:\WINDOWS\system32\ssqpm.dll
2006-09-19 02:55 589,876 ---hs---- D:\WINDOWS\system32\jkklk.dll
2006-09-19 02:49 589,876 ---hs---- D:\WINDOWS\system32\awtqp.dll
2006-09-19 02:47 589,876 ---hs---- D:\WINDOWS\system32\mllmk.dll
2006-09-19 02:39 589,876 ---hs---- D:\WINDOWS\system32\gebcb.dll
2006-09-19 02:22 589,876 ---hs---- D:\WINDOWS\system32\sstqr.dll
2006-09-19 02:20 589,876 ---hs---- D:\WINDOWS\system32\ddabx.dll
2006-09-19 02:12 589,876 ---hs---- D:\WINDOWS\system32\mljji.dll
2006-09-19 02:07 589,876 ---hs---- D:\WINDOWS\system32\ddayx.dll
2006-09-19 02:05 589,876 ---hs---- D:\WINDOWS\system32\vtstr.dll
2006-09-19 02:00 589,876 ---hs---- D:\WINDOWS\system32\vturr.dll
2006-09-19 02:00 589,876 ---hs---- D:\WINDOWS\system32\jkhff.dll
2006-09-19 01:57 589,876 ---hs---- D:\WINDOWS\system32\jkhfc.dll
2006-09-19 01:55 589,876 ---hs---- D:\WINDOWS\system32\pmnnn.dll
2006-09-19 01:53 589,876 ---hs---- D:\WINDOWS\system32\mljjg.dll
2006-09-19 01:44 589,876 ---hs---- D:\WINDOWS\system32\pmnnm.dll
2006-09-19 01:38 589,876 ---hs---- D:\WINDOWS\system32\gebyw.dll
2006-09-19 01:24 589,876 ---hs---- D:\WINDOWS\system32\awtsp.dll
2006-09-19 01:17 589,876 ---hs---- D:\WINDOWS\system32\mlljk.dll
2006-09-19 01:11 589,876 ---hs---- D:\WINDOWS\system32\gebya.dll
2006-09-19 01:04 589,876 ---hs---- D:\WINDOWS\system32\jkklm.dll
2006-09-19 01:03 589,876 ---hs---- D:\WINDOWS\system32\geebb.dll
2006-09-19 00:56 589,876 ---hs---- D:\WINDOWS\system32\ddayv.dll
2006-09-19 00:49 589,876 ---hs---- D:\WINDOWS\system32\jkhhh.dll
2006-09-19 00:43 589,876 ---hs---- D:\WINDOWS\system32\pmnnk.dll
2006-09-19 00:42 589,876 ---hs---- D:\WINDOWS\system32\mljgf.dll
2006-09-19 00:39 589,876 ---hs---- D:\WINDOWS\system32\mlljg.dll
2006-09-19 00:36 589,876 ---hs---- D:\WINDOWS\system32\mllji.dll
2006-09-19 00:27 94,208 --a------ D:\WINDOWS\system32\uhvjsul.dll
2006-09-16 13:31 20,640 --------- D:\WINDOWS\system32\drivers\PxHelp20.sys
2006-09-16 13:31 109,568 --------- D:\WINDOWS\system32\pxinsi64.exe
2006-09-16 13:31 108,544 --------- D:\WINDOWS\system32\pxcpyi64.exe
2006-09-13 14:25 8,704 --a------ D:\WINDOWS\system32\kbdjpn.dll
2006-09-13 14:25 8,192 --a------ D:\WINDOWS\system32\kbdkor.dll
2006-09-13 14:25 6,144 --a------ D:\WINDOWS\system32\kbd106.dll
2006-09-13 14:25 6,144 --a------ D:\WINDOWS\system32\kbd101c.dll
2006-09-13 14:25 6,144 --a------ D:\WINDOWS\system32\kbd101b.dll
2006-09-13 14:25 5,632 --a------ D:\WINDOWS\system32\kbd103.dll
2006-09-12 23:32 128,896 --a------ D:\WINDOWS\system32\drivers\fltmgr.sys
2006-09-07 15:57 90,112 --a------ D:\WINDOWS\system32\WinTab32.dll
2006-09-07 15:57 45,056 --a------ D:\WINDOWS\system32\ucinst32.dll
2006-09-07 15:57 45,056 --a------ D:\WINDOWS\system32\drivers\ucinst32.dll
2006-09-07 15:57 36,864 --a------ D:\WINDOWS\system32\drivers\WTSrv.exe
2006-09-07 15:57 28,672 --a------ D:\WINDOWS\system32\WService.exe
2006-09-07 15:56 245,760 --a------ D:\WINDOWS\SETUPX32.EXE


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-04 15:46 -------- d-------- D:\Program Files\Common Files\Symantec Shared
2006-10-04 15:13 -------- d-------- D:\Program Files\Norton Internet Security
2006-10-04 02:40 -------- d-------- D:\Program Files\Java
2006-10-03 17:54 -------- d-------- D:\Program Files\ConquerCam
2006-10-02 02:34 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Registry Booster
2006-09-28 23:07 -------- d-------- D:\Program Files\Common Files\Caere
2006-09-28 22:32 -------- d-------- D:\Program Files\Windows Defender
2006-09-28 20:29 -------- d-------- D:\Program Files\Internet Explorer
2006-09-28 13:18 -------- d-------- D:\Program Files\Symantec
2006-09-28 13:18 -------- d-------- D:\Program Files\Common Files
2006-09-28 02:02 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Symantec
2006-09-27 23:00 -------- d-------- D:\Program Files\Tweak-XP Pro 4
2006-09-27 21:57 -------- d-------- D:\Program Files\Common Files\Microsoft Shared
2006-09-27 21:56 -------- d-------- D:\Program Files\MSN Messenger
2006-09-27 17:05 -------- d-------- D:\Program Files\BitTorrent
2006-09-25 22:31 -------- d-------- D:\Documents and Settings\Lexy\Application Data\SearchToolbarCorp
2006-09-25 22:21 -------- d-------- D:\Program Files\QuickTime
2006-09-19 16:59 -------- d-------- D:\Program Files\Ultimate Cleaner
2006-09-19 16:58 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Ultimate Cleaner
2006-09-19 01:35 -------- d-------- D:\Program Files\mIRC
2006-09-18 23:38 -------- d-------- D:\Program Files\Uniblue
2006-09-16 13:39 -------- d-------- D:\Program Files\Xilisoft
2006-09-16 13:32 -------- d-------- D:\Program Files\AC3Filter
2006-09-16 13:31 -------- d-------- D:\Program Files\DivX
2006-09-16 08:59 -------- d-------- D:\Documents and Settings\Lexy\Application Data\BitTorrent
2006-09-13 14:36 -------- d-------- D:\Program Files\AIM
2006-09-13 14:35 -------- d-------- D:\Program Files\AOD
2006-09-08 14:11 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Adobe
2006-09-06 22:47 -------- d--h----- D:\Program Files\InstallShield Installation Information
2006-09-06 22:30 -------- d-------- D:\Program Files\Common Files\Adobe
2006-09-06 22:30 -------- d-------- D:\Program Files\Adobe
2006-09-03 15:17 -------- d-------- D:\Program Files\Mozilla Firefox
2006-09-03 15:11 -------- d-------- D:\Program Files\iTunes
2006-09-03 14:57 -------- d-------- D:\Program Files\Common Files\Motive
2006-09-03 14:51 -------- d-------- D:\Documents and Settings\Lexy\Application Data\ICQLite
2006-08-24 23:41 -------- d-------- D:\Program Files\LimeWire
2006-08-21 05:21 16896 --a------ D:\WINDOWS\system32\fltlib.dll
2006-08-21 02:14 23040 --a------ D:\WINDOWS\system32\fltmc.exe
2006-08-20 02:26 -------- d-------- D:\Program Files\AngelPotion Video Codec V1
2006-08-20 02:26 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Apple Computer
2006-08-12 16:46 -------- d-------- D:\Program Files\WebVideo
2006-08-11 10:35 520192 --a------ D:\WINDOWS\system32\DivXsm.exe
2006-08-11 10:35 3596288 --a------ D:\WINDOWS\system32\qt-dx331.dll
2006-08-11 10:35 200704 --a------ D:\WINDOWS\system32\ssldivx.dll
2006-08-11 10:35 1044480 --a------ D:\WINDOWS\system32\libdivx.dll
2006-08-11 10:31 778240 --a------ D:\WINDOWS\system32\divx_xx0c.dll
2006-08-11 10:31 778240 --a------ D:\WINDOWS\system32\divx_xx07.dll
2006-08-11 10:31 761856 --a------ D:\WINDOWS\system32\divx_xx11.dll
2006-08-11 10:31 73728 --a------ D:\WINDOWS\system32\dpl100.dll
2006-08-11 10:31 620180 --a------ D:\WINDOWS\system32\DivX.dll
2006-08-11 10:31 593920 --a------ D:\WINDOWS\system32\dpuGUI11.dll
2006-08-11 10:31 57344 --a------ D:\WINDOWS\system32\dpv11.dll
2006-08-11 10:31 53248 --a------ D:\WINDOWS\system32\dpuGUI10.dll
2006-08-11 10:31 344064 --a------ D:\WINDOWS\system32\dpus11.dll
2006-08-11 10:31 294912 --a------ D:\WINDOWS\system32\dpu11.dll
2006-08-11 10:31 294912 --a------ D:\WINDOWS\system32\dpu10.dll
2006-08-11 10:31 196608 --a------ D:\WINDOWS\system32\dtu100.dll
2006-08-11 10:31 12288 --a------ D:\WINDOWS\system32\DivXWMPExtType.dll
2006-08-11 10:31 118784 --a------ D:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2006-08-10 17:48 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Canon
2006-08-07 16:02 534208 --a------ D:\WINDOWS\system32\SymNeti.dll
2006-08-07 16:02 31936 --a------ D:\WINDOWS\system32\drivers\symids.sys
2006-08-07 16:02 28352 --a------ D:\WINDOWS\system32\drivers\symndis.sys
2006-08-07 16:02 24768 --a------ D:\WINDOWS\system32\drivers\symredrv.sys
2006-08-07 16:02 195776 --a------ D:\WINDOWS\system32\drivers\symtdi.sys
2006-08-07 16:02 161472 --a------ D:\WINDOWS\system32\SymRedir.dll
2006-08-07 16:02 110784 --a------ D:\WINDOWS\system32\drivers\symfw.sys
2006-08-07 16:01 12992 --a------ D:\WINDOWS\system32\drivers\symdns.sys
2006-07-29 19:32 48936 --a------ D:\WINDOWS\system32\sirenacm.dll
2006-07-27 06:24 679424 --a------ D:\WINDOWS\system32\inetcomm.dll
2006-07-21 01:24 72704 --a------ D:\WINDOWS\system32\hlink.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"="sstray.exe /r"
"zBrowser Launcher"="D:\\Program Files\\Logitech\\iTouch\\iTouch.exe"
"Logitech Utility"="Logi_MwX.Exe"
"TkBellExe"="\"D:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"dvd43"="D:\\Program Files\\dvd43\\dvd43_tray.exe"
"EPSON Stylus Photo R200 Series"="D:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I2H1.EXE /P30 \"EPSON Stylus Photo R200 Series\" /O6 \"USB002\" /M \"Stylus Photo R200\""
"D-Link AirPlus Xtreme G"="D:\\Program Files\\D-Link\\AirPlus Xtreme G\\AirPlusCFG.exe"
"ANIWZCSService"="D:\\Program Files\\Alpha Networks\\ANIWZCS Service\\WZCSLDR.exe"
"ClientGW"=""
"iTunesHelper"="\"D:\\Program Files\\iTunes\\iTunesHelper.exe\""
"ccApp"="\"D:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Windows Defender"="\"D:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"QuickTime Task"="\"D:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="D:\\Program Files\\Java\\jre1.5.0_08\\bin\\jusched.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="ewido shell guard"
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]
"Generic Host Process"="D:\\WINDOWS\\system32\\scvhost.exe"

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnnl
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Contents of the 'Scheduled Tasks' folder
D:\WINDOWS\tasks\MP Scheduled Scan.job
D:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Lexy.job

Completion time: Thu 10/05/2006 2:48:11.26
ComboFix.txt
  • 0

#9
Wizard
Posted 05 October 2006 - 03:39 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Please download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.
  • 0

#10
Lexyluv
Posted 05 October 2006 - 04:50 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
how long should this scan run for and does it change anything if i do it in safe mode cause doing it regularly is sooo slow i cant handle it
  • 0

Advertisements

#11
Wizard
Posted 05 October 2006 - 06:54 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Try Safe Mode,if it takes more than 10 or 20 minutes,stop the scan and restart back in normal mode.

Post back letting me know.
  • 0

#12
Lexyluv
Posted 05 October 2006 - 07:56 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
ok so i did the scan in safemode that worked this is the log i got

Oh and things are actually running good now but i want this scvhost gone


VundoFix V6.2.0

Checking Java version...

Java version is 1.5.0.4

Java version is 1.5.0.6

Java version is 1.5.0.8

Scan started at 2:52:13 PM 10/5/2006

Listing files found while scanning....


VundoFix V6.2.0

Checking Java version...

Java version is 1.5.0.4

Java version is 1.5.0.6

Java version is 1.5.0.8

Scan started at 6:48:24 PM 10/5/2006

Listing files found while scanning....

D:\WINDOWS\system32\awtqn.dll
D:\WINDOWS\system32\awtqo.dll
D:\WINDOWS\system32\awtqp.dll
D:\WINDOWS\system32\awtqq.dll
D:\WINDOWS\system32\awtqr.dll
D:\WINDOWS\system32\awtsp.dll
D:\WINDOWS\system32\awtsq.dll
D:\WINDOWS\system32\awtsr.dll
D:\WINDOWS\system32\awtss.dll
D:\WINDOWS\system32\awtst.dll
D:\WINDOWS\system32\awvtq.dll
D:\WINDOWS\system32\awvtr.dll
D:\WINDOWS\system32\awvts.dll
D:\WINDOWS\system32\awvtt.dll
D:\WINDOWS\system32\awvtu.dll
D:\WINDOWS\system32\awvvs.dll
D:\WINDOWS\system32\awvvt.dll
D:\WINDOWS\system32\awvvu.dll
D:\WINDOWS\system32\awvvv.dll
D:\WINDOWS\system32\awvvw.dll
D:\WINDOWS\system32\ddaba.dll
D:\WINDOWS\system32\ddabb.dll
D:\WINDOWS\system32\ddabc.dll
D:\WINDOWS\system32\ddabx.dll
D:\WINDOWS\system32\ddaby.dll
D:\WINDOWS\system32\ddaya.dll
D:\WINDOWS\system32\ddayv.dll
D:\WINDOWS\system32\ddayw.dll
D:\WINDOWS\system32\ddayx.dll
D:\WINDOWS\system32\ddayy.dll
D:\WINDOWS\system32\ddccb.dll
D:\WINDOWS\system32\ddccc.dll
D:\WINDOWS\system32\ddccd.dll
D:\WINDOWS\system32\ddccy.dll
D:\WINDOWS\system32\ddcya.dll
D:\WINDOWS\system32\ddcyv.dll
D:\WINDOWS\system32\ddcyw.dll
D:\WINDOWS\system32\ddcyx.dll
D:\WINDOWS\system32\ddcyy.dll
D:\WINDOWS\system32\gebca.dll
D:\WINDOWS\system32\gebcb.dll
D:\WINDOWS\system32\gebcc.dll
D:\WINDOWS\system32\gebcd.dll
D:\WINDOWS\system32\gebcy.dll
D:\WINDOWS\system32\gebya.dll
D:\WINDOWS\system32\gebyv.dll
D:\WINDOWS\system32\gebyw.dll
D:\WINDOWS\system32\gebyx.dll
D:\WINDOWS\system32\gebyy.dll
D:\WINDOWS\system32\geeba.dll
D:\WINDOWS\system32\geebb.dll
D:\WINDOWS\system32\geebc.dll
D:\WINDOWS\system32\geebx.dll
D:\WINDOWS\system32\geeby.dll
D:\WINDOWS\system32\geeda.dll
D:\WINDOWS\system32\geedb.dll
D:\WINDOWS\system32\geedc.dll
D:\WINDOWS\system32\geedd.dll
D:\WINDOWS\system32\geede.dll
D:\WINDOWS\system32\jkhfc.dll
D:\WINDOWS\system32\jkhfe.dll
D:\WINDOWS\system32\jkhff.dll
D:\WINDOWS\system32\jkhfg.dll
D:\WINDOWS\system32\jkhhe.dll
D:\WINDOWS\system32\jkhhf.dll
D:\WINDOWS\system32\jkhhg.dll
D:\WINDOWS\system32\jkhhh.dll
D:\WINDOWS\system32\jkhhi.dll
D:\WINDOWS\system32\jkkjg.dll
D:\WINDOWS\system32\jkkjh.dll
D:\WINDOWS\system32\jkkji.dll
D:\WINDOWS\system32\jkkjj.dll
D:\WINDOWS\system32\jkkjk.dll
D:\WINDOWS\system32\jkkli.dll
D:\WINDOWS\system32\jkklk.dll
D:\WINDOWS\system32\jkkll.dll
D:\WINDOWS\system32\jkklm.dll
D:\WINDOWS\system32\mljgd.dll
D:\WINDOWS\system32\mljge.dll
D:\WINDOWS\system32\mljgf.dll
D:\WINDOWS\system32\mljgg.dll
D:\WINDOWS\system32\mljgh.dll
D:\WINDOWS\system32\mljjg.dll
D:\WINDOWS\system32\mljjh.dll
D:\WINDOWS\system32\mljji.dll
D:\WINDOWS\system32\mljjj.dll
D:\WINDOWS\system32\mljjk.dll
D:\WINDOWS\system32\mlljg.dll
D:\WINDOWS\system32\mlljh.dll
D:\WINDOWS\system32\mllji.dll
D:\WINDOWS\system32\mlljj.dll
D:\WINDOWS\system32\mlljk.dll
D:\WINDOWS\system32\mllmj.dll
D:\WINDOWS\system32\mllmk.dll
D:\WINDOWS\system32\mllml.dll
D:\WINDOWS\system32\mllmm.dll
D:\WINDOWS\system32\mllmn.dll
D:\WINDOWS\system32\pmkhe.dll
D:\WINDOWS\system32\pmkhf.dll
D:\WINDOWS\system32\pmkhg.dll
D:\WINDOWS\system32\pmkhh.dll
D:\WINDOWS\system32\pmkhi.dll
D:\WINDOWS\system32\pmkjg.dll
D:\WINDOWS\system32\pmkjh.dll
D:\WINDOWS\system32\pmkji.dll
D:\WINDOWS\system32\pmkjj.dll
D:\WINDOWS\system32\pmkjk.dll
D:\WINDOWS\system32\pmnli.dll
D:\WINDOWS\system32\pmnlk.dll
D:\WINDOWS\system32\pmnll.dll
D:\WINDOWS\system32\pmnlm.dll
D:\WINDOWS\system32\pmnnk.dll
D:\WINDOWS\system32\pmnnl.dll
D:\WINDOWS\system32\lnnmp.ini
D:\WINDOWS\system32\lnnmp.bak1
D:\WINDOWS\system32\lnnmp.bak2
D:\WINDOWS\system32\lnnmp.ini2
D:\WINDOWS\system32\lnnmp.tmp
D:\WINDOWS\system32\pmnnm.dll
D:\WINDOWS\system32\pmnnn.dll
D:\WINDOWS\system32\pmnno.dll
D:\WINDOWS\system32\ssqpm.dll
D:\WINDOWS\system32\ssqpn.dll
D:\WINDOWS\system32\ssqpo.dll
D:\WINDOWS\system32\ssqpp.dll
D:\WINDOWS\system32\ssqpq.dll
D:\WINDOWS\system32\ssqro.dll
D:\WINDOWS\system32\ssqrq.dll
D:\WINDOWS\system32\ssqrr.dll
D:\WINDOWS\system32\ssqrs.dll
D:\WINDOWS\system32\sstqn.dll
D:\WINDOWS\system32\sstqo.dll
D:\WINDOWS\system32\sstqp.dll
D:\WINDOWS\system32\sstqq.dll
D:\WINDOWS\system32\sstqr.dll
D:\WINDOWS\system32\ssttq.dll
D:\WINDOWS\system32\ssttr.dll
D:\WINDOWS\system32\sstts.dll
D:\WINDOWS\system32\ssttt.dll
D:\WINDOWS\system32\ssttu.dll
D:\WINDOWS\system32\vtsqn.dll
D:\WINDOWS\system32\vtsqo.dll
D:\WINDOWS\system32\vtsqp.dll
D:\WINDOWS\system32\vtsqq.dll
D:\WINDOWS\system32\vtsqr.dll
D:\WINDOWS\system32\vtstq.dll
D:\WINDOWS\system32\vtstr.dll
D:\WINDOWS\system32\vtsts.dll
D:\WINDOWS\system32\vtstt.dll
D:\WINDOWS\system32\vtstu.dll
D:\WINDOWS\system32\vturo.dll
D:\WINDOWS\system32\vturp.dll
D:\WINDOWS\system32\vturq.dll
D:\WINDOWS\system32\vturr.dll
D:\WINDOWS\system32\vturs.dll
D:\WINDOWS\system32\vtutq.dll
D:\WINDOWS\system32\vtutr.dll
D:\WINDOWS\system32\vtuts.dll
D:\WINDOWS\system32\vtutt.dll
D:\WINDOWS\system32\vtutu.dll
D:\WINDOWS\system32\wjagoxps.dll
D:\WINDOWS\system32\pmnnl.dll
D:\WINDOWS\system32\lnnmp.ini
D:\WINDOWS\system32\lnnmp.bak1
D:\WINDOWS\system32\lnnmp.bak2
D:\WINDOWS\system32\lnnmp.ini2
D:\WINDOWS\system32\lnnmp.tmp
D:\WINDOWS\system32\lnnmp.ini
D:\WINDOWS\system32\lnnmp.bak1
D:\WINDOWS\system32\lnnmp.bak2
D:\WINDOWS\system32\lnnmp.ini2
D:\WINDOWS\system32\lnnmp.tmp

Beginning removal...

Attempting to delete D:\WINDOWS\system32\awtqn.dll
D:\WINDOWS\system32\awtqn.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awtqo.dll
D:\WINDOWS\system32\awtqo.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awtqp.dll
D:\WINDOWS\system32\awtqp.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awtqq.dll
D:\WINDOWS\system32\awtqq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awtqr.dll
D:\WINDOWS\system32\awtqr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awtsp.dll
D:\WINDOWS\system32\awtsp.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awtsq.dll
D:\WINDOWS\system32\awtsq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awtsr.dll
D:\WINDOWS\system32\awtsr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awtss.dll
D:\WINDOWS\system32\awtss.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awtst.dll
D:\WINDOWS\system32\awtst.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvtq.dll
D:\WINDOWS\system32\awvtq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvtr.dll
D:\WINDOWS\system32\awvtr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvts.dll
D:\WINDOWS\system32\awvts.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvtt.dll
D:\WINDOWS\system32\awvtt.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvtu.dll
D:\WINDOWS\system32\awvtu.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvvs.dll
D:\WINDOWS\system32\awvvs.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvvt.dll
D:\WINDOWS\system32\awvvt.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvvu.dll
D:\WINDOWS\system32\awvvu.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvvv.dll
D:\WINDOWS\system32\awvvv.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\awvvw.dll
D:\WINDOWS\system32\awvvw.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddaba.dll
D:\WINDOWS\system32\ddaba.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddabb.dll
D:\WINDOWS\system32\ddabb.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddabc.dll
D:\WINDOWS\system32\ddabc.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddabx.dll
D:\WINDOWS\system32\ddabx.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddaby.dll
D:\WINDOWS\system32\ddaby.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddaya.dll
D:\WINDOWS\system32\ddaya.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddayv.dll
D:\WINDOWS\system32\ddayv.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddayw.dll
D:\WINDOWS\system32\ddayw.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddayx.dll
D:\WINDOWS\system32\ddayx.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddayy.dll
D:\WINDOWS\system32\ddayy.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddccb.dll
D:\WINDOWS\system32\ddccb.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddccc.dll
D:\WINDOWS\system32\ddccc.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddccd.dll
D:\WINDOWS\system32\ddccd.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddccy.dll
D:\WINDOWS\system32\ddccy.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddcya.dll
D:\WINDOWS\system32\ddcya.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddcyv.dll
D:\WINDOWS\system32\ddcyv.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddcyw.dll
D:\WINDOWS\system32\ddcyw.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddcyx.dll
D:\WINDOWS\system32\ddcyx.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ddcyy.dll
D:\WINDOWS\system32\ddcyy.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebca.dll
D:\WINDOWS\system32\gebca.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebcb.dll
D:\WINDOWS\system32\gebcb.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebcc.dll
D:\WINDOWS\system32\gebcc.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebcd.dll
D:\WINDOWS\system32\gebcd.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebcy.dll
D:\WINDOWS\system32\gebcy.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebya.dll
D:\WINDOWS\system32\gebya.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebyv.dll
D:\WINDOWS\system32\gebyv.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebyw.dll
D:\WINDOWS\system32\gebyw.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebyx.dll
D:\WINDOWS\system32\gebyx.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\gebyy.dll
D:\WINDOWS\system32\gebyy.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geeba.dll
D:\WINDOWS\system32\geeba.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geebb.dll
D:\WINDOWS\system32\geebb.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geebc.dll
D:\WINDOWS\system32\geebc.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geebx.dll
D:\WINDOWS\system32\geebx.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geeby.dll
D:\WINDOWS\system32\geeby.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geeda.dll
D:\WINDOWS\system32\geeda.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geedb.dll
D:\WINDOWS\system32\geedb.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geedc.dll
D:\WINDOWS\system32\geedc.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geedd.dll
D:\WINDOWS\system32\geedd.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\geede.dll
D:\WINDOWS\system32\geede.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkhfc.dll
D:\WINDOWS\system32\jkhfc.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkhfe.dll
D:\WINDOWS\system32\jkhfe.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkhff.dll
D:\WINDOWS\system32\jkhff.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkhfg.dll
D:\WINDOWS\system32\jkhfg.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkhhe.dll
D:\WINDOWS\system32\jkhhe.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkhhf.dll
D:\WINDOWS\system32\jkhhf.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkhhg.dll
D:\WINDOWS\system32\jkhhg.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkhhh.dll
D:\WINDOWS\system32\jkhhh.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkhhi.dll
D:\WINDOWS\system32\jkhhi.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkkjg.dll
D:\WINDOWS\system32\jkkjg.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkkjh.dll
D:\WINDOWS\system32\jkkjh.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkkji.dll
D:\WINDOWS\system32\jkkji.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkkjj.dll
D:\WINDOWS\system32\jkkjj.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkkjk.dll
D:\WINDOWS\system32\jkkjk.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkkli.dll
D:\WINDOWS\system32\jkkli.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkklk.dll
D:\WINDOWS\system32\jkklk.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkkll.dll
D:\WINDOWS\system32\jkkll.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\jkklm.dll
D:\WINDOWS\system32\jkklm.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljgd.dll
D:\WINDOWS\system32\mljgd.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljge.dll
D:\WINDOWS\system32\mljge.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljgf.dll
D:\WINDOWS\system32\mljgf.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljgg.dll
D:\WINDOWS\system32\mljgg.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljgh.dll
D:\WINDOWS\system32\mljgh.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljjg.dll
D:\WINDOWS\system32\mljjg.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljjh.dll
D:\WINDOWS\system32\mljjh.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljji.dll
D:\WINDOWS\system32\mljji.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljjj.dll
D:\WINDOWS\system32\mljjj.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mljjk.dll
D:\WINDOWS\system32\mljjk.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mlljg.dll
D:\WINDOWS\system32\mlljg.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mlljh.dll
D:\WINDOWS\system32\mlljh.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mllji.dll
D:\WINDOWS\system32\mllji.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mlljj.dll
D:\WINDOWS\system32\mlljj.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mlljk.dll
D:\WINDOWS\system32\mlljk.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mllmj.dll
D:\WINDOWS\system32\mllmj.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mllmk.dll
D:\WINDOWS\system32\mllmk.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mllml.dll
D:\WINDOWS\system32\mllml.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mllmm.dll
D:\WINDOWS\system32\mllmm.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\mllmn.dll
D:\WINDOWS\system32\mllmn.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkhe.dll
D:\WINDOWS\system32\pmkhe.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkhf.dll
D:\WINDOWS\system32\pmkhf.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkhg.dll
D:\WINDOWS\system32\pmkhg.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkhh.dll
D:\WINDOWS\system32\pmkhh.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkhi.dll
D:\WINDOWS\system32\pmkhi.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkjg.dll
D:\WINDOWS\system32\pmkjg.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkjh.dll
D:\WINDOWS\system32\pmkjh.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkji.dll
D:\WINDOWS\system32\pmkji.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkjj.dll
D:\WINDOWS\system32\pmkjj.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmkjk.dll
D:\WINDOWS\system32\pmkjk.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnli.dll
D:\WINDOWS\system32\pmnli.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnlk.dll
D:\WINDOWS\system32\pmnlk.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnll.dll
D:\WINDOWS\system32\pmnll.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnlm.dll
D:\WINDOWS\system32\pmnlm.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnnk.dll
D:\WINDOWS\system32\pmnnk.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnnl.dll
D:\WINDOWS\system32\pmnnl.dll Could not be deleted.

Attempting to delete D:\WINDOWS\system32\lnnmp.ini
D:\WINDOWS\system32\lnnmp.ini Has been deleted!

Attempting to delete D:\WINDOWS\system32\lnnmp.bak1
D:\WINDOWS\system32\lnnmp.bak1 Has been deleted!

Attempting to delete D:\WINDOWS\system32\lnnmp.bak2
D:\WINDOWS\system32\lnnmp.bak2 Has been deleted!

Attempting to delete D:\WINDOWS\system32\lnnmp.ini2
D:\WINDOWS\system32\lnnmp.ini2 Has been deleted!

Attempting to delete D:\WINDOWS\system32\lnnmp.tmp
D:\WINDOWS\system32\lnnmp.tmp Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnnm.dll
D:\WINDOWS\system32\pmnnm.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnnn.dll
D:\WINDOWS\system32\pmnnn.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnno.dll
D:\WINDOWS\system32\pmnno.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssqpm.dll
D:\WINDOWS\system32\ssqpm.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssqpn.dll
D:\WINDOWS\system32\ssqpn.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssqpo.dll
D:\WINDOWS\system32\ssqpo.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssqpp.dll
D:\WINDOWS\system32\ssqpp.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssqpq.dll
D:\WINDOWS\system32\ssqpq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssqro.dll
D:\WINDOWS\system32\ssqro.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssqrq.dll
D:\WINDOWS\system32\ssqrq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssqrr.dll
D:\WINDOWS\system32\ssqrr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssqrs.dll
D:\WINDOWS\system32\ssqrs.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\sstqn.dll
D:\WINDOWS\system32\sstqn.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\sstqo.dll
D:\WINDOWS\system32\sstqo.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\sstqp.dll
D:\WINDOWS\system32\sstqp.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\sstqq.dll
D:\WINDOWS\system32\sstqq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\sstqr.dll
D:\WINDOWS\system32\sstqr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssttq.dll
D:\WINDOWS\system32\ssttq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssttr.dll
D:\WINDOWS\system32\ssttr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\sstts.dll
D:\WINDOWS\system32\sstts.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssttt.dll
D:\WINDOWS\system32\ssttt.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\ssttu.dll
D:\WINDOWS\system32\ssttu.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtsqn.dll
D:\WINDOWS\system32\vtsqn.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtsqo.dll
D:\WINDOWS\system32\vtsqo.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtsqp.dll
D:\WINDOWS\system32\vtsqp.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtsqq.dll
D:\WINDOWS\system32\vtsqq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtsqr.dll
D:\WINDOWS\system32\vtsqr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtstq.dll
D:\WINDOWS\system32\vtstq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtstr.dll
D:\WINDOWS\system32\vtstr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtsts.dll
D:\WINDOWS\system32\vtsts.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtstt.dll
D:\WINDOWS\system32\vtstt.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtstu.dll
D:\WINDOWS\system32\vtstu.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vturo.dll
D:\WINDOWS\system32\vturo.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vturp.dll
D:\WINDOWS\system32\vturp.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vturq.dll
D:\WINDOWS\system32\vturq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vturr.dll
D:\WINDOWS\system32\vturr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vturs.dll
D:\WINDOWS\system32\vturs.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtutq.dll
D:\WINDOWS\system32\vtutq.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtutr.dll
D:\WINDOWS\system32\vtutr.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtuts.dll
D:\WINDOWS\system32\vtuts.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtutt.dll
D:\WINDOWS\system32\vtutt.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\vtutu.dll
D:\WINDOWS\system32\vtutu.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\wjagoxps.dll
D:\WINDOWS\system32\wjagoxps.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\pmnnl.dll
D:\WINDOWS\system32\pmnnl.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete D:\WINDOWS\system32\pmnnl.dll
D:\WINDOWS\system32\pmnnl.dll Has been deleted!

Attempting to delete D:\WINDOWS\system32\lnnmp.ini
D:\WINDOWS\system32\lnnmp.ini Has been deleted!

Performing Repairs to the registry.
Done!



heres my hijack log

Logfile of HijackThis v1.99.1
Scan saved at 6:56:51 PM, on 10/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Logitech\iTouch\iTouch.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\dvd43\dvd43_tray.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
D:\Program Files\Logitech\MouseWare\system\em_exec.exe
D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
D:\WINDOWS\System32\svchost.exe
d:\program files\internet explorer\iexplore.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Documents and Settings\Lexy\Desktop\HijackThis.exe
D:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {278B661A-14A8-D8B0-6AF4-03088B866149} - D:\WINDOWS\system32\unaoakg.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {62F97C8C-2DE5-4DCB-885C-E79D7CE70508} - D:\WINDOWS\system32\pmnnl.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - D:\WINDOWS\system32\hapyowoi.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - D:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - D:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [zBrowser Launcher] D:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dvd43] D:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] D:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://officeint.mic...tes/ieawsdc.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtec...ntrol_en_US.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://officeint.mic...ntent/opuc2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1159504167203
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-sec.../ols3/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winubg32 - winubg32.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Edited by Lexyluv, 05 October 2006 - 10:16 PM.

  • 0

#13
Wizard
Posted 06 October 2006 - 03:02 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Can you find that Vundo Log first and see if you can attach it to this post?

After that,go to safe mode and run Combo Fix again,save the log.

Restart Normal and post the ComboFix log and see if you can attach the Vundo Fix log to the post.
  • 0

#14
Lexyluv
Posted 06 October 2006 - 04:36 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
The vundo log is in my last post above the hijack log and here is the new combofix log everything is running back to normal but as you can see the scvhost is still in my reg files should idelete it.

Lexy - 06-10-06 15:31:25.21 Service Pack 2
ComboFix 06.09.28 - Running from: "D:\Documents and Settings\Lexy\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))



~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

D:\QooBox\Purity\Documents and Settings\Lexy\Application Data\PPATCH~1


((((((((((((((((((((((((((((((( Files Created from 2006-09-06 to 2006-10-06 ))))))))))))))))))))))))))))))))))


2006-10-06 01:17 3,082 --a------ D:\WINDOWS\system32\affv208325p1now.sys
2006-10-06 01:14 745,472 --a------ D:\WINDOWS\system32\xvidcore.dll
2006-10-06 01:14 180,224 --a------ D:\WINDOWS\system32\xvidvfw.dll
2006-10-03 20:38 86,036 --a------ D:\WINDOWS\system32\hapyowoi.dll
2006-10-02 12:04 806,912 --a------ D:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 12:04 806,912 --a------ D:\WINDOWS\system32\divx_xx07.dll
2006-10-02 12:04 790,528 --a------ D:\WINDOWS\system32\divx_xx11.dll
2006-10-02 12:04 635,486 --a------ D:\WINDOWS\system32\DivX.dll
2006-09-28 23:47 127,208 --a------ D:\WINDOWS\system32\mucltui.dll
2006-09-28 23:07 86,016 --a------ D:\WINDOWS\OPDIRDEL.exe
2006-09-28 01:57 10,344 --a------ D:\WINDOWS\system32\drivers\symlcbrd.sys
2006-09-28 01:55 48,816 --a------ D:\WINDOWS\system32\S32EVNT1.DLL
2006-09-28 01:55 109,744 --a------ D:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-09-27 22:45 737,280 --a------ D:\WINDOWS\iun6002.exe
2006-09-19 16:11 53,248 --a------ D:\WINDOWS\system32\Process.exe
2006-09-19 16:11 40,960 --a------ D:\WINDOWS\system32\swsc.exe
2006-09-19 16:11 288,417 --a------ D:\WINDOWS\system32\SrchSTS.exe
2006-09-19 16:11 135,168 --a------ D:\WINDOWS\system32\swreg.exe
2006-09-19 14:45 76,560 --a------ D:\WINDOWS\system32\drivers\tmcomm.sys
2006-09-19 00:27 94,208 --a------ D:\WINDOWS\system32\uhvjsul.dll
2006-09-16 13:31 20,640 --------- D:\WINDOWS\system32\drivers\PxHelp20.sys
2006-09-16 13:31 109,568 --------- D:\WINDOWS\system32\pxinsi64.exe
2006-09-16 13:31 108,544 --------- D:\WINDOWS\system32\pxcpyi64.exe
2006-09-13 14:25 8,704 --a------ D:\WINDOWS\system32\kbdjpn.dll
2006-09-13 14:25 8,192 --a------ D:\WINDOWS\system32\kbdkor.dll
2006-09-13 14:25 6,144 --a------ D:\WINDOWS\system32\kbd106.dll
2006-09-13 14:25 6,144 --a------ D:\WINDOWS\system32\kbd101c.dll
2006-09-13 14:25 6,144 --a------ D:\WINDOWS\system32\kbd101b.dll
2006-09-13 14:25 5,632 --a------ D:\WINDOWS\system32\kbd103.dll
2006-09-12 23:32 128,896 --a------ D:\WINDOWS\system32\drivers\fltmgr.sys
2006-09-07 15:57 90,112 --a------ D:\WINDOWS\system32\WinTab32.dll
2006-09-07 15:57 45,056 --a------ D:\WINDOWS\system32\ucinst32.dll
2006-09-07 15:57 45,056 --a------ D:\WINDOWS\system32\drivers\ucinst32.dll
2006-09-07 15:57 36,864 --a------ D:\WINDOWS\system32\drivers\WTSrv.exe
2006-09-07 15:57 28,672 --a------ D:\WINDOWS\system32\WService.exe
2006-09-07 15:56 245,760 --a------ D:\WINDOWS\SETUPX32.EXE


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-06 01:17 -------- d-------- D:\Program Files\WinAVIVideoConverter
2006-10-06 01:16 -------- d-------- D:\Program Files\WinMPG VideoConvert
2006-10-06 01:04 -------- d-------- D:\Program Files\DivX
2006-10-06 01:04 -------- d-------- D:\Program Files\Common Files\Symantec Shared
2006-10-04 15:13 -------- d-------- D:\Program Files\Norton Internet Security
2006-10-04 02:40 -------- d-------- D:\Program Files\Java
2006-10-03 17:54 -------- d-------- D:\Program Files\ConquerCam
2006-10-02 02:34 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Registry Booster
2006-09-28 23:07 -------- d-------- D:\Program Files\Common Files\Caere
2006-09-28 22:32 -------- d-------- D:\Program Files\Windows Defender
2006-09-28 20:29 -------- d-------- D:\Program Files\Internet Explorer
2006-09-28 13:18 -------- d-------- D:\Program Files\Symantec
2006-09-28 13:18 -------- d-------- D:\Program Files\Common Files
2006-09-28 02:02 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Symantec
2006-09-27 23:00 -------- d-------- D:\Program Files\Tweak-XP Pro 4
2006-09-27 21:57 -------- d-------- D:\Program Files\Common Files\Microsoft Shared
2006-09-27 21:56 -------- d-------- D:\Program Files\MSN Messenger
2006-09-27 17:05 -------- d-------- D:\Program Files\BitTorrent
2006-09-25 22:21 -------- d-------- D:\Program Files\QuickTime
2006-09-19 16:59 -------- d-------- D:\Program Files\Ultimate Cleaner
2006-09-19 01:35 -------- d-------- D:\Program Files\mIRC
2006-09-18 23:38 -------- d-------- D:\Program Files\Uniblue
2006-09-16 13:39 -------- d-------- D:\Program Files\Xilisoft
2006-09-16 13:32 -------- d-------- D:\Program Files\AC3Filter
2006-09-16 08:59 -------- d-------- D:\Documents and Settings\Lexy\Application Data\BitTorrent
2006-09-13 14:36 -------- d-------- D:\Program Files\AIM
2006-09-13 14:35 -------- d-------- D:\Program Files\AOD
2006-09-08 14:11 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Adobe
2006-09-06 22:47 -------- d--h----- D:\Program Files\InstallShield Installation Information
2006-09-06 22:30 -------- d-------- D:\Program Files\Common Files\Adobe
2006-09-06 22:30 -------- d-------- D:\Program Files\Adobe
2006-09-03 15:17 -------- d-------- D:\Program Files\Mozilla Firefox
2006-09-03 15:11 -------- d-------- D:\Program Files\iTunes
2006-09-03 14:57 -------- d-------- D:\Program Files\Common Files\Motive
2006-08-24 23:41 -------- d-------- D:\Program Files\LimeWire
2006-08-21 05:21 16896 --a------ D:\WINDOWS\system32\fltlib.dll
2006-08-21 02:14 23040 --a------ D:\WINDOWS\system32\fltmc.exe
2006-08-20 02:26 -------- d-------- D:\Program Files\AngelPotion Video Codec V1
2006-08-20 02:26 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Apple Computer
2006-08-12 16:46 -------- d-------- D:\Program Files\WebVideo
2006-08-10 17:48 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Canon
2006-08-10 16:03 73728 --a------ D:\WINDOWS\system32\dpl100.dll
2006-08-10 16:03 196608 --a------ D:\WINDOWS\system32\dtu100.dll
2006-08-07 16:02 534208 --a------ D:\WINDOWS\system32\SymNeti.dll
2006-08-07 16:02 31936 --a------ D:\WINDOWS\system32\drivers\symids.sys
2006-08-07 16:02 28352 --a------ D:\WINDOWS\system32\drivers\symndis.sys
2006-08-07 16:02 24768 --a------ D:\WINDOWS\system32\drivers\symredrv.sys
2006-08-07 16:02 195776 --a------ D:\WINDOWS\system32\drivers\symtdi.sys
2006-08-07 16:02 161472 --a------ D:\WINDOWS\system32\SymRedir.dll
2006-08-07 16:02 110784 --a------ D:\WINDOWS\system32\drivers\symfw.sys
2006-08-07 16:01 12992 --a------ D:\WINDOWS\system32\drivers\symdns.sys
2006-07-29 19:32 48936 --a------ D:\WINDOWS\system32\sirenacm.dll
2006-07-27 10:28 3596288 --a------ D:\WINDOWS\system32\qt-dx331.dll
2006-07-27 06:24 679424 --a------ D:\WINDOWS\system32\inetcomm.dll
2006-07-21 01:24 72704 --a------ D:\WINDOWS\system32\hlink.dll
2006-07-11 16:40 520192 --a------ D:\WINDOWS\system32\DivXsm.exe
2006-07-11 16:40 200704 --a------ D:\WINDOWS\system32\ssldivx.dll
2006-07-11 16:40 1044480 --a------ D:\WINDOWS\system32\libdivx.dll
2006-07-11 15:54 593920 --a------ D:\WINDOWS\system32\dpuGUI11.dll
2006-07-11 15:54 57344 --a------ D:\WINDOWS\system32\dpv11.dll
2006-07-11 15:54 53248 --a------ D:\WINDOWS\system32\dpuGUI10.dll
2006-07-11 15:54 344064 --a------ D:\WINDOWS\system32\dpus11.dll
2006-07-11 15:54 294912 --a------ D:\WINDOWS\system32\dpu11.dll
2006-07-11 15:54 294912 --a------ D:\WINDOWS\system32\dpu10.dll
2006-07-11 15:33 12288 --a------ D:\WINDOWS\system32\DivXWMPExtType.dll
2006-07-11 15:33 118784 --a------ D:\WINDOWS\system32\DivXCodecUpdateChecker.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"="sstray.exe /r"
"zBrowser Launcher"="D:\\Program Files\\Logitech\\iTouch\\iTouch.exe"
"Logitech Utility"="Logi_MwX.Exe"
"TkBellExe"="\"D:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"dvd43"="D:\\Program Files\\dvd43\\dvd43_tray.exe"
"EPSON Stylus Photo R200 Series"="D:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I2H1.EXE /P30 \"EPSON Stylus Photo R200 Series\" /O6 \"USB002\" /M \"Stylus Photo R200\""
"D-Link AirPlus Xtreme G"="D:\\Program Files\\D-Link\\AirPlus Xtreme G\\AirPlusCFG.exe"
"ANIWZCSService"="D:\\Program Files\\Alpha Networks\\ANIWZCS Service\\WZCSLDR.exe"
"ClientGW"=""
"iTunesHelper"="\"D:\\Program Files\\iTunes\\iTunesHelper.exe\""
"ccApp"="\"D:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Windows Defender"="\"D:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"QuickTime Task"="\"D:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="D:\\Program Files\\Java\\jre1.5.0_08\\bin\\jusched.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="ewido shell guard"
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]
"Generic Host Process"="D:\\WINDOWS\\system32\\scvhost.exe"

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Contents of the 'Scheduled Tasks' folder
D:\WINDOWS\tasks\MP Scheduled Scan.job
D:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Lexy.job

Completion time: Fri 10/06/2006 15:32:07.45
ComboFix.txt
ComboFix2.txt
  • 0

#15
Wizard
Posted 06 October 2006 - 06:26 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
OK,the combofix log was enough to confirm VundoFix didnt run into any files it couldnt delete. :whistling:


Copy all the text in the Code Box below to notepad and save them to the desktop with the name Clr.reg


REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]
"Generic Host Process"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32]


Double Click Clr.reg and allow it to merge into the registry.


Please run the F-Secure Online Scanner

Note: This Scanner is for Internet Explorer Only!
  • Follow the Instruction on the F-Secure page for proper installation.
  • Accept the License Agreement.
  • Once the ActiveX installs,Click Full System Scan
  • Once the download completes,the scan will begin automatically.
  • The scan will take some time to finish,so please be patient.
  • When the scan completes, click the Automatic cleaning (recommended) button.
  • Click the Show Report button and Copy&Paste the entire report in your next reply along with a fresh HijackThis log.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP