Norton is giving me a virus message that identifies winid.dll in the system 32 folder as a virus, but it can't delete, or quarentine it, saying access denied. Going into the system 32 folder, I tried deleting it myself, and got an error message saying "Can not delete- access denied."
Hijack this, also identifies this file, but again it can't remove it.
By the way, here is my Hijack This log. Is there anything else bad in there?
Thanks!!
Logfile of HijackThis v1.98.0
Scan saved at 9:12:32 PM, on 7/20/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\STOPzilla!\szntsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Belkin Bulldog Plus\upsd.exe
C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\LTSMMSG.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
C:\Program Files\QUICKENW\QAGENT.EXE
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\Program Files\Picasa\PicasaMediaDetector.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\STOPzilla!\Stopzilla.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\ESPMAIN.EXE
C:\Program Files\Belkin Bulldog Plus\MUPS.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\WINDOWS\System32\mrtMngr.EXE
c:\progra~1\Support.com\client\bin\tgcmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
D:\Hijack this\HijackThis.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [LifeScape Media Detector] C:\Program Files\Picasa\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Tweak Manager] C:\PROGRAM FILES\TWEAK MANAGER\WinManager.Exe /Startup
O4 - Startup: Event Reminder.lnk = C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MUPS.lnk = C:\Program Files\Belkin Bulldog Plus\MUPS.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O20 - AppInit_DLLs: C:\WINDOWS\System32\winid.dll