Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

i have tried everything computer is extremely slow

Started by Lexyluv , Oct 04 2006 02:43 AM

  • Please log in to reply

#16
Lexyluv
Posted 06 October 2006 - 07:10 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
ok but what about the scvhost reg file?
  • 0

Advertisements

#17
Lexyluv
Posted 06 October 2006 - 11:23 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
here is the scan log

Scanning Report
Friday, October 06, 2006 21:19:36 - 22:16:56
Computer name: LEXY-3C294297E6
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\ D:\


--------------------------------------------------------------------------------

Result: 6 malware found
Tracking Cookie (spyware)
System (Disinfected)
System
Trojan.Win32.BHO.g (virus)
D:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\NORTON ANTIVIRUS\QUARANTINE\1CA31A6C.DLL (Submitted)
D:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\NORTON ANTIVIRUS\QUARANTINE\1CF20A16.DLL (Submitted)
D:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\NORTON ANTIVIRUS\QUARANTINE\1D5375AA.DLL (Submitted)
D:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\NORTON ANTIVIRUS\QUARANTINE\2B2372BF.DLL (Submitted)

--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 37222
System: 4732
Not scanned: 5
Actions:
Disinfected: 1
Renamed: 0
Deleted: 0
None: 5
Submitted: 4
Files not scanned:
D:\HIBERFIL.SYS
D:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
D:\WINDOWS\SOFTWAREDISTRIBUTION\EVENTCACHE\{8530964F-4663-402C-8199-91CF69B567F4}.BIN
D:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCRST.DLL
D:\DOCUMENTS AND SETTINGS\LEXY\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS DEFENDER\FILETRACKER\{0DAA0AA9-6763-43BD-B4CA-FEBD8540FD28}


------------------------------------------------------------

and my hijack log

Logfile of HijackThis v1.99.1
Scan saved at 10:23:36 PM, on 10/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Logitech\iTouch\iTouch.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\dvd43\dvd43_tray.exe
D:\Program Files\Logitech\MouseWare\system\em_exec.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
D:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
D:\Program Files\AIM\aim.exe
D:\Program Files\BitTorrent\bittorrent.exe
d:\program files\internet explorer\iexplore.exe
D:\Documents and Settings\Lexy\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {278B661A-14A8-D8B0-6AF4-03088B866149} - D:\WINDOWS\system32\unaoakg.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {62F97C8C-2DE5-4DCB-885C-E79D7CE70508} - D:\WINDOWS\system32\pmnnl.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - D:\WINDOWS\system32\hapyowoi.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - D:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - D:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [zBrowser Launcher] D:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dvd43] D:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] D:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://officeint.mic...tes/ieawsdc.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtec...ntrol_en_US.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://officeint.mic...ntent/opuc2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1159504167203
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-sec.../ols3/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  • 0

#18
Wizard
Posted 07 October 2006 - 02:21 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Did you double clicked Clr.reg and allowed it to merge into the registry?

If so,you can delete Clr.reg

Also,delete the old D:\vundofix.txt so I can see the new one that will be created.
  • Double-click VundoFix.exe to run it again.
  • Right Click inside the listbox (white box) and click add more files
  • Copy&Paste the entries below into the open boxes
    • D:\WINDOWS\system32\hapyowoi.dll
  • Click Add Files and Click Close Window
  • Click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of D:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.

In this case, VundoFix will run on reboot,allow the computer to reboot and VundoFix to load.

Just add the very same files as before and Click Remove Vundo.



Open HijackThis-> Click "Do a System Scan Only" and put a check by these but DO NOT hit the Fix Checked button yet

O2 - BHO: (no name) - {278B661A-14A8-D8B0-6AF4-03088B866149} - D:\WINDOWS\system32\unaoakg.dll (file missing)

O2 - BHO: (no name) - {62F97C8C-2DE5-4DCB-885C-E79D7CE70508} - D:\WINDOWS\system32\pmnnl.dll (file missing)

O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - D:\WINDOWS\system32\hapyowoi.dll

O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - D:\WINDOWS\system32\ixt0.dll (file missing)

Now Make sure ALL WINDOWS and BROWSERS are CLOSED and hit the Fix Checked Button


Post back with D:\vundofix.txt and a fresh HijackThis log,please.



After posting those 2 logs,Please run the Bit Defender Online Scan
http://www.bitdefend...m/scan8/ie.html

You must use Internet Explorer for this scanner.

Install the ActiveX and Click on "Click here to Scan"

Allow it to update and Scan the Machine.

It should disinfect or delete whatever it finds that is infected.

Save the report in generates in a text format please and post it back here.

Edited by Cretemonster, 07 October 2006 - 02:22 AM.

  • 0

#19
Lexyluv
Posted 07 October 2006 - 01:40 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
here is my hijack log and my vundo log.

Logfile of HijackThis v1.99.1
Scan saved at 12:39:02 PM, on 10/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\Explorer.EXE
D:\Program Files\Logitech\iTouch\iTouch.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
D:\Program Files\Logitech\MouseWare\system\em_exec.exe
D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
d:\program files\internet explorer\iexplore.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Documents and Settings\Lexy\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - D:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [zBrowser Launcher] D:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dvd43] D:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] D:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] D:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://officeint.mic...tes/ieawsdc.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtec...ntrol_en_US.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://officeint.mic...ntent/opuc2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1159504167203
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-sec.../ols3/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe



-----------------------------------------------------------------------
vundo


Beginning removal...

Attempting to delete D:\WINDOWS\system32\hapyowoi.dll
D:\WINDOWS\system32\hapyowoi.dll Has been deleted!

Performing Repairs to the registry.
Done!







also the link you posted doesnt work but i will try again

Edited by Lexyluv, 07 October 2006 - 01:47 PM.

  • 0

#20
Wizard
Posted 07 October 2006 - 01:51 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Nice results and looking good so far,lets see what Bit Defender has to say.
  • 0

#21
Lexyluv
Posted 07 October 2006 - 03:09 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
I cannot open the american site i tried the uk one but it says i have service pack 2 and i need to install active x but no ifo bar comes up to do so.

Edited by Lexyluv, 07 October 2006 - 04:41 PM.

  • 0

#22
Wizard
Posted 07 October 2006 - 05:26 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Lets try a different scan and see what happens.


Please go HERE to run Panda's ActiveScan
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report

  • 0

#23
Lexyluv
Posted 07 October 2006 - 05:49 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
I did get it to run but it says 5 hours wasnt havin that i will try this one

Edited by Lexyluv, 07 October 2006 - 06:24 PM.

  • 0

#24
Lexyluv
Posted 07 October 2006 - 07:20 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Ok here is the log from panda


Incident Status Location

Spyware:spyware/media-motor Not disinfected d:\windows\ubber60.ini
Adware:adware/block-checker Not disinfected Windows Registry
Dialer:dialer.asl Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1426AC5-8CE5-4A00-B71E-011D35709AC6}
Potentially unwanted tool:application/zango Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}
Hacktool:exploit/mhtredir.gen Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{527196A4-B1A3-4647-931D-37BA5AF23037}
Adware:adware/ist.istbar Not disinfected Windows Registry
Spyware:Cookie/YieldManager Not disinfected D:\Documents and Settings\Lexy\Cookies\[email protected][2].txt
Spyware:Cookie/Advertising Not disinfected D:\Documents and Settings\Lexy\Cookies\lexy@advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected D:\Documents and Settings\Lexy\Cookies\lexy@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected D:\Documents and Settings\Lexy\Cookies\lexy@atwola[1].txt
Spyware:Cookie/Doubleclick Not disinfected D:\Documents and Settings\Lexy\Cookies\lexy@doubleclick[1].txt
Spyware:Cookie/Findwhat Not disinfected D:\Documents and Settings\Lexy\Cookies\lexy@findwhat[1].txt
Adware:Adware/UltimateCleaner Not disinfected D:\Program Files\Ultimate Cleaner\IeSafe.exe
Potentially unwanted tool:Application/Processor Not disinfected D:\WINDOWS\system32\Process.exe
Virus:Trj/DisableKey.A Disinfected D:\WINDOWS\system32\uhvjsul.dll
Virus:W32/Bagle.pwdzip Disinfected Local Folders\Deleted Items\Avice\Wynefrede.zip
Virus:W32/Bagle.pwdzip Disinfected Local Folders\Deleted Items\Leonard\Daniel.zip
Virus:W32/Bagle.pwdzip Disinfected Local Folders\Deleted Items\Roger\Jeffrey.zip
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\*TELUS Detected Spam* Teensbymail - Exclusive
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\*TELUS Detected Spam* TBM Pics for February 18, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\*TELUS Detected Spam* Teensbymail - Special Offer
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* Chat with them Live!
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for February 13, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for February 10, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for February 9, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for February 8, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for December 15, 2005
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for December 16, 2005
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for December 14, 2005
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for December 13, 2005
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for December 12, 2005
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\*TELUS Detected Spam* TBM Pics for February 19, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\*TELUS Detected Spam* TBM Pics for February 20, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\*TELUS Detected Spam* TBM Pics for February 21, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\*TELUS Detected Spam* TBM Pics for February 22, 2006
Virus:W32/Bagle.pwdzip Disinfected Local Folders\Deleted Items\Valentyne\Michael.zip
Adware:Adware/Tracking Not disinfected Local Folders\Deleted Items\*TELUS Detected Spam* Teensbymail - Exclusive
Virus:W32/Bagle.pwdzip Disinfected Local Folders\Deleted Items\Roger\Thomas.zip
Virus:W32/Bagle.pwdzip Disinfected Local Folders\Deleted Items\Ester\Gabriell.zip
Adware:Adware/Tracking Not disinfected Local Folders\Norton AntiSpam Folder\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for February 26, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Norton AntiSpam Folder\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for February 27, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Norton AntiSpam Folder\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for March 3, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Norton AntiSpam Folder\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for March 4, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Norton AntiSpam Folder\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for February 16, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Norton AntiSpam Folder\[Norton AntiSpam] *TELUS Detected Spam* TBM Pics for February 25, 2006
Adware:Adware/Tracking Not disinfected Local Folders\Norton AntiSpam Folder\[Norton AntiSpam] *TELUS Detected Spam* Hot Action In High Definition!
  • 0

#25
Wizard
Posted 08 October 2006 - 02:57 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
The log appears to have gotten cut off,can you try reposting it?
  • 0

Advertisements

#26
Lexyluv
Posted 08 October 2006 - 03:02 AM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
thats the only log i have it ends there for me
  • 0

#27
Wizard
Posted 08 October 2006 - 03:46 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
You need to go to your Mail Client and clear out all the emails you dont need,as you can see from the Panda Scan,theres alot of unwanted and infected emails in there.


Copy all the text in the Code Box below to Notepad and save it to the Desktop with the name Rem.reg


REGEDIT4

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1426AC5-8CE5-4A00-B71E-011D35709AC6}]

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}]

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{527196A4-B1A3-4647-931D-37BA5AF23037}]


Double Click Rem.reg and allow it to merge into the registry.


Go to Add\Remove Programs and Remove Ultimate Cleaner if found.


Locate and Delete this folder

D:\Program Files\Ultimate Cleaner


Scan fresh with ComboFix and post those results.
  • 0

#28
Lexyluv
Posted 08 October 2006 - 01:49 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
done and heres the log

----------------------

Lexy - 06-10-08 12:48:37.15 Service Pack 2
ComboFix 06.09.28 - Running from: "D:\Documents and Settings\Lexy\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))



~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

D:\QooBox\Purity\Documents and Settings\Lexy\Application Data\PPATCH~1


((((((((((((((((((((((((((((((( Files Created from 2006-09-08 to 2006-10-08 ))))))))))))))))))))))))))))))))))


2006-10-07 18:34 611,064 --a------ D:\WINDOWS\system32\drivers\sptd.sys
2006-10-06 01:17 3,082 --a------ D:\WINDOWS\system32\affv208325p1now.sys
2006-10-06 01:14 745,472 --a------ D:\WINDOWS\system32\xvidcore.dll
2006-10-06 01:14 180,224 --a------ D:\WINDOWS\system32\xvidvfw.dll
2006-10-02 12:04 806,912 --a------ D:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 12:04 806,912 --a------ D:\WINDOWS\system32\divx_xx07.dll
2006-10-02 12:04 790,528 --a------ D:\WINDOWS\system32\divx_xx11.dll
2006-10-02 12:04 635,486 --a------ D:\WINDOWS\system32\DivX.dll
2006-09-28 23:47 127,208 --a------ D:\WINDOWS\system32\mucltui.dll
2006-09-28 23:07 86,016 --a------ D:\WINDOWS\OPDIRDEL.exe
2006-09-28 01:57 10,344 --a------ D:\WINDOWS\system32\drivers\symlcbrd.sys
2006-09-28 01:55 48,816 --a------ D:\WINDOWS\system32\S32EVNT1.DLL
2006-09-28 01:55 109,744 --a------ D:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-09-27 22:45 737,280 --a------ D:\WINDOWS\iun6002.exe
2006-09-19 16:11 53,248 --a------ D:\WINDOWS\system32\Process.exe
2006-09-19 16:11 40,960 --a------ D:\WINDOWS\system32\swsc.exe
2006-09-19 16:11 288,417 --a------ D:\WINDOWS\system32\SrchSTS.exe
2006-09-19 16:11 135,168 --a------ D:\WINDOWS\system32\swreg.exe
2006-09-19 14:45 76,560 --a------ D:\WINDOWS\system32\drivers\tmcomm.sys
2006-09-16 13:31 20,640 --------- D:\WINDOWS\system32\drivers\PxHelp20.sys
2006-09-16 13:31 109,568 --------- D:\WINDOWS\system32\pxinsi64.exe
2006-09-16 13:31 108,544 --------- D:\WINDOWS\system32\pxcpyi64.exe
2006-09-13 14:25 8,704 --a------ D:\WINDOWS\system32\kbdjpn.dll
2006-09-13 14:25 8,192 --a------ D:\WINDOWS\system32\kbdkor.dll
2006-09-13 14:25 6,144 --a------ D:\WINDOWS\system32\kbd106.dll
2006-09-13 14:25 6,144 --a------ D:\WINDOWS\system32\kbd101c.dll
2006-09-13 14:25 6,144 --a------ D:\WINDOWS\system32\kbd101b.dll
2006-09-13 14:25 5,632 --a------ D:\WINDOWS\system32\kbd103.dll
2006-09-12 23:32 128,896 --a------ D:\WINDOWS\system32\drivers\fltmgr.sys


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-07 23:06 -------- d-------- D:\Program Files\Common Files\Symantec Shared
2006-10-07 18:36 -------- d-------- D:\Program Files\DAEMON Tools
2006-10-07 17:46 -------- d-------- D:\Program Files\WinRAR
2006-10-07 17:46 -------- d-------- D:\Program Files\Windows Defender
2006-10-07 17:45 -------- d-------- D:\Program Files\Symantec
2006-10-07 17:41 -------- d-------- D:\Program Files\MSN Messenger
2006-10-07 17:34 -------- d-------- D:\Program Files\iTunes
2006-10-07 17:32 -------- d-------- D:\Program Files\Internet Explorer
2006-10-07 17:28 -------- d-------- D:\Program Files\BitTorrent
2006-10-07 16:59 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Symantec
2006-10-06 01:17 -------- d-------- D:\Program Files\WinAVIVideoConverter
2006-10-06 01:16 -------- d-------- D:\Program Files\WinMPG VideoConvert
2006-10-06 01:04 -------- d-------- D:\Program Files\DivX
2006-10-04 15:13 -------- d-------- D:\Program Files\Norton Internet Security
2006-10-04 02:40 -------- d-------- D:\Program Files\Java
2006-10-03 17:54 -------- d-------- D:\Program Files\ConquerCam
2006-10-02 02:34 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Registry Booster
2006-09-28 23:07 -------- d-------- D:\Program Files\Common Files\Caere
2006-09-28 13:18 -------- d-------- D:\Program Files\Common Files
2006-09-27 23:00 -------- d-------- D:\Program Files\Tweak-XP Pro 4
2006-09-27 21:57 -------- d-------- D:\Program Files\Common Files\Microsoft Shared
2006-09-25 22:21 -------- d-------- D:\Program Files\QuickTime
2006-09-19 01:35 -------- d-------- D:\Program Files\mIRC
2006-09-18 23:38 -------- d-------- D:\Program Files\Uniblue
2006-09-16 13:39 -------- d-------- D:\Program Files\Xilisoft
2006-09-16 13:32 -------- d-------- D:\Program Files\AC3Filter
2006-09-16 08:59 -------- d-------- D:\Documents and Settings\Lexy\Application Data\BitTorrent
2006-09-13 14:36 -------- d-------- D:\Program Files\AIM
2006-09-13 14:35 -------- d-------- D:\Program Files\AOD
2006-09-08 14:11 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Adobe
2006-09-06 22:47 -------- d--h----- D:\Program Files\InstallShield Installation Information
2006-09-06 22:30 -------- d-------- D:\Program Files\Common Files\Adobe
2006-09-06 22:30 -------- d-------- D:\Program Files\Adobe
2006-09-03 15:17 -------- d-------- D:\Program Files\Mozilla Firefox
2006-09-03 14:57 -------- d-------- D:\Program Files\Common Files\Motive
2006-08-24 23:41 -------- d-------- D:\Program Files\LimeWire
2006-08-21 05:21 16896 --a------ D:\WINDOWS\system32\fltlib.dll
2006-08-21 02:14 23040 --a------ D:\WINDOWS\system32\fltmc.exe
2006-08-20 02:26 -------- d-------- D:\Program Files\AngelPotion Video Codec V1
2006-08-20 02:26 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Apple Computer
2006-08-12 16:46 -------- d-------- D:\Program Files\WebVideo
2006-08-10 17:48 -------- d-------- D:\Documents and Settings\Lexy\Application Data\Canon
2006-08-10 16:03 73728 --a------ D:\WINDOWS\system32\dpl100.dll
2006-08-10 16:03 196608 --a------ D:\WINDOWS\system32\dtu100.dll
2006-08-07 16:02 534208 --a------ D:\WINDOWS\system32\SymNeti.dll
2006-08-07 16:02 161472 --a------ D:\WINDOWS\system32\SymRedir.dll
2006-07-29 19:32 48936 --a------ D:\WINDOWS\system32\sirenacm.dll
2006-07-27 10:28 3596288 --a------ D:\WINDOWS\system32\qt-dx331.dll
2006-07-27 06:24 679424 --a------ D:\WINDOWS\system32\inetcomm.dll
2006-07-21 01:24 72704 --a------ D:\WINDOWS\system32\hlink.dll
2006-07-11 16:40 520192 --a------ D:\WINDOWS\system32\DivXsm.exe
2006-07-11 16:40 200704 --a------ D:\WINDOWS\system32\ssldivx.dll
2006-07-11 16:40 1044480 --a------ D:\WINDOWS\system32\libdivx.dll
2006-07-11 15:54 593920 --a------ D:\WINDOWS\system32\dpuGUI11.dll
2006-07-11 15:54 57344 --a------ D:\WINDOWS\system32\dpv11.dll
2006-07-11 15:54 53248 --a------ D:\WINDOWS\system32\dpuGUI10.dll
2006-07-11 15:54 344064 --a------ D:\WINDOWS\system32\dpus11.dll
2006-07-11 15:54 294912 --a------ D:\WINDOWS\system32\dpu11.dll
2006-07-11 15:54 294912 --a------ D:\WINDOWS\system32\dpu10.dll
2006-07-11 15:33 12288 --a------ D:\WINDOWS\system32\DivXWMPExtType.dll
2006-07-11 15:33 118784 --a------ D:\WINDOWS\system32\DivXCodecUpdateChecker.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"="sstray.exe /r"
"zBrowser Launcher"="D:\\Program Files\\Logitech\\iTouch\\iTouch.exe"
"Logitech Utility"="Logi_MwX.Exe"
"TkBellExe"="\"D:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"dvd43"="D:\\Program Files\\dvd43\\dvd43_tray.exe"
"EPSON Stylus Photo R200 Series"="D:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I2H1.EXE /P30 \"EPSON Stylus Photo R200 Series\" /O6 \"USB002\" /M \"Stylus Photo R200\""
"D-Link AirPlus Xtreme G"="D:\\Program Files\\D-Link\\AirPlus Xtreme G\\AirPlusCFG.exe"
"ANIWZCSService"="D:\\Program Files\\Alpha Networks\\ANIWZCS Service\\WZCSLDR.exe"
"ClientGW"=""
"iTunesHelper"="\"D:\\Program Files\\iTunes\\iTunesHelper.exe\""
"ccApp"="\"D:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Windows Defender"="\"D:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"QuickTime Task"="\"D:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="D:\\Program Files\\Java\\jre1.5.0_08\\bin\\jusched.exe"
"DAEMON Tools"="\"D:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="ewido shell guard"
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Contents of the 'Scheduled Tasks' folder
D:\WINDOWS\tasks\MP Scheduled Scan.job
D:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Lexy.job

Completion time: Sun 10/08/2006 12:49:15.84
ComboFix.txt
  • 0

#29
Wizard
Posted 08 October 2006 - 02:10 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Looks alot better,how is the machine running today?


Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

  • 0

#30
Lexyluv
Posted 08 October 2006 - 07:22 PM

Lexyluv

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
My computer is running really well actually but i wanna make sure everything is gone.


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, October 08, 2006 6:22:08 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 9/10/2006
Kaspersky Anti-Virus database records: 216749
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 73331
Number of viruses found: 2
Number of infected objects: 5 / 0
Number of suspicious objects: 0
Duration of the scan process: 01:10:16

Infected Object Name / Virus Name / Last Action
C:\itouch_crash_info.txt Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\WDLog-09282006-223226.log Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-10-08_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1CA31A6C.dll Infected: Trojan.Win32.BHO.g skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1CF20A16.dll Infected: Trojan.Win32.BHO.g skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1D5375AA.dll Infected: Trojan.Win32.BHO.g skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2B2372BF.dll Infected: Trojan.Win32.BHO.g skipped
D:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45F800A1.bad Infected: Packed.Win32.Klone.k skipped
D:\Documents and Settings\Lexy\Application Data\Aim\tangkifg\babydoll4evr604\cert8.db Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\Aim\tangkifg\babydoll4evr604\key3.db Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\bittorrent.log Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r02 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r03 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r04 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r08 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r14 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r16 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r20 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r23 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r24 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r45 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r64 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r77 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r80 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r87 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\rep-tbreakup.r89 Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\BitTorrent\incomplete\9ad5458f-0e8d\Sample\rep-tbreakup-sample.vob Object is locked skipped
D:\Documents and Settings\Lexy\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
D:\Documents and Settings\Lexy\Cookies\index.dat Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Logs\Dfsr.log Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\pending.dat Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_46C_3E0F_6C3D_FBCC\dfsr.db Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_46C_3E0F_6C3D_FBCC\fsr.log Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_46C_3E0F_6C3D_FBCC\fsrtmp.log Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_46C_3E0F_6C3D_FBCC\tmp.edb Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{786BE11F-1194-4D9E-8D2C-DC03114FFB01} Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Windows Live Contacts\[email protected]\real\members.stg Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Application Data\Microsoft\Windows Live Contacts\[email protected]\shadow\members.stg Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\History\History.IE5\index.dat Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\History\History.IE5\MSHist012006100820061009\index.dat Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Temp\~DF38A.tmp Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Temp\~DF562A.tmp Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Temp\~DF5841.tmp Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Temp\~DF6A8.tmp Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Temporary Internet Files\Content.IE5\GQFV26MZ\ADSAdClient31[1].htm Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Temporary Internet Files\Content.IE5\GQFV26MZ\ADSAdClient31[2].htm Object is locked skipped
D:\Documents and Settings\Lexy\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
D:\Documents and Settings\Lexy\NTUSER.DAT Object is locked skipped
D:\Documents and Settings\Lexy\ntuser.dat.LOG Object is locked skipped
D:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
D:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
D:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
D:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
D:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
D:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
D:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
D:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
D:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
D:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
D:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
D:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
D:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
D:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0529NAV~.TMP Object is locked skipped
D:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0845NAV~.TMP Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
D:\WINDOWS\SchedLgU.Txt Object is locked skipped
D:\WINDOWS\SoftwareDistribution\EventCache\{9D5272E4-0163-473E-8D58-45A462044CDA}.bin Object is locked skipped
D:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
D:\WINDOWS\Sti_Trace.log Object is locked skipped
D:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
D:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
D:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
D:\WINDOWS\system32\config\default Object is locked skipped
D:\WINDOWS\system32\config\default.LOG Object is locked skipped
D:\WINDOWS\system32\config\SAM Object is locked skipped
D:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
D:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
D:\WINDOWS\system32\config\SECURITY Object is locked skipped
D:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
D:\WINDOWS\system32\config\software Object is locked skipped
D:\WINDOWS\system32\config\software.LOG Object is locked skipped
D:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
D:\WINDOWS\system32\config\system Object is locked skipped
D:\WINDOWS\system32\config\system.LOG Object is locked skipped
D:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
D:\WINDOWS\system32\h323log.txt Object is locked skipped
D:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
D:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
D:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
D:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
D:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
D:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
D:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
D:\WINDOWS\wiadebug.log Object is locked skipped
D:\WINDOWS\wiaservc.log Object is locked skipped
D:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP