Have Sober Worm Need Help [RESOLVED]
Started by
WilliamA
, May 24 2005 06:35 PM
-
This topic is locked
#1
Posted 24 May 2005 - 06:35 PM
WilliamA
-
- Member
-
- 9 posts
New Member
#2
Posted 24 May 2005 - 06:38 PM
WilliamA
- Topic Starter
-
- Member
-
- 9 posts
New Member
Thanks for your help! I really appreciate you people who come home from work and help random people in your sparetime. It really means a lot to me.
Logfile of HijackThis v1.99.1
Scan saved at 8:29:03 PM, on 5/24/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINNT\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PCCMAIN.EXE
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\YHWNQT25\HijackThis[1].exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccLog.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: PTP Manager.lnk = C:\Program Files\PIXELA\PTP Manager\PixePtpManager.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O20 - Winlogon Notify: NavLogon - C:\WINNT\system32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
Logfile of HijackThis v1.99.1
Scan saved at 8:29:03 PM, on 5/24/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINNT\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PCCMAIN.EXE
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\YHWNQT25\HijackThis[1].exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccLog.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: PTP Manager.lnk = C:\Program Files\PIXELA\PTP Manager\PixePtpManager.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O20 - Winlogon Notify: NavLogon - C:\WINNT\system32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
Edited by WilliamA, 28 May 2005 - 01:50 PM.
#3
Posted 02 June 2005 - 01:28 AM
alsocom
-
- Member
-
- 80 posts
Visiting Staff
Hello WilliamA and welcome to G2G. 
Move HijackThis to Permanent Folder:
You are running HijackThis from a Temp directory. These are cleaned up on a regular basis thus the program will be removed.
Bitdefender
Pandasoftware
Trend Micro << Click Auto Clean
Symantec Security Check << click scan for viruses
RAV Online Virus Scanner << Enter your e-mail address and click on To continue without subscribing
McAfee
Write down anything that can not be fixed. Include the file name and the path to the file.
Scan with HijackThis and post the new log as a reply to this thread. Include anything that can not be fixed by the online scans.
Move HijackThis to Permanent Folder:
You are running HijackThis from a Temp directory. These are cleaned up on a regular basis thus the program will be removed.
- Go to Start > My Computer > and double click on C:.
- Now right click an open area and click New > folder and change the folder name to HJT.
- Move HijackThis from the Temp folder into this new folder.
- Download Stinger and save it to your desktop.
- Reboot into safe mode (tap F8 during bootup, use arrow keys to select Safe Mode, then hit 'enter').
- Double-click on s-t-i-n-g-e-r.exe to open the tool.
- Choose your entire hard drive to scan.
- Choose Scan Now.
- Stinger will fix anything that it finds.
Bitdefender
Pandasoftware
Trend Micro << Click Auto Clean
Symantec Security Check << click scan for viruses
RAV Online Virus Scanner << Enter your e-mail address and click on To continue without subscribing
McAfee
Write down anything that can not be fixed. Include the file name and the path to the file.
Scan with HijackThis and post the new log as a reply to this thread. Include anything that can not be fixed by the online scans.
#4
Posted 02 June 2005 - 12:11 PM
WilliamA
- Topic Starter
-
- Member
-
- 9 posts
New Member
Thank you very much I can't express how much relief I'm feeling just from starting the scan, because this worm has seriously interfered with my online gaming so thank you very much!!!!!!!!!
#5
Posted 02 June 2005 - 07:55 PM
WilliamA
- Topic Starter
-
- Member
-
- 9 posts
New Member
I let stinger scan and when it was finished it didn't say anything about infected files being fixed. Does that mean that it couldn't find any infected files?
#6
Posted 02 June 2005 - 11:25 PM
alsocom
-
- Member
-
- 80 posts
Visiting Staff
Did the online scans turn up anything or is Trend Micro still finding it?
#7
Posted 03 June 2005 - 02:53 PM
WilliamA
- Topic Starter
-
- Member
-
- 9 posts
New Member
I ran Trend house call and it didn't find anything. I also have symantec and when it updates its virus codes or whatever it does after it tells me that the quarentined files cannot be fixed with the update Trend Micro necer fails to pop up saying its found a Trojan.akf or smallakf in the Temp folder.
#8
Posted 04 June 2005 - 12:54 PM
alsocom
-
- Member
-
- 80 posts
Visiting Staff
You stated that you are using more than one antivirus program. This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you do one of the following :
(1) configure only one antivirus program to enable automatic realtime scanning, and leave the rest disabled most of the time
(2) go to Start -> Control Panel -> Add/Remove Programs and uninstall all but one antivirus program.
Download CCleaner from here to clean temp files from your computer.
Click here to download mwavscan.
(1) configure only one antivirus program to enable automatic realtime scanning, and leave the rest disabled most of the time
(2) go to Start -> Control Panel -> Add/Remove Programs and uninstall all but one antivirus program.
Download CCleaner from here to clean temp files from your computer.
- Double click on the file to start the installation of the program.
- Select your language and click OK, then next.
- Read the license agreement and click I Agree.
- Click next to use the default install location. Click Install then finish to complete installation.
- Double click the CCleaner shortcut on the desktop to start the program.
- Click Options < Advanced and uncheck "Only delete files in Windows Temp folders older than 48 hours".
- Click Run Cleaner to run the program.
- After it has completed it's process, click Exit.
Click here to download mwavscan.
- Double-click it to run it.
- Read then accept the agreement.
- Check Drive, and select all local drives, scan all files, then press 'scan'. (This may take a while and will not fix anything)
- Once it finds something, it will prompt you so click OK.
- When it is completed, anything found will be displayed in the lower pane.
- Highlight it, copy it (CTRL+C), and paste (CTRL+V) it in your next reply.
#9
Posted 06 June 2005 - 10:05 PM
WilliamA
- Topic Starter
-
- Member
-
- 9 posts
New Member
Object "ameopt Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINNT\Downloaded Program Files\AdManCtlX.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\REGOBJ.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFDR5C.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUN5C.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUNRS.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFFC5C.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFICUR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLR1.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLR2.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLR3.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLR4.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUI5C.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFSTRN.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFDRV.HLP". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLPA.HLP". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFDRV.CNT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLPA.CNT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFMA.CNT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\CONTACT.HTM". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFJSWX.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPSWX.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFJSW.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFJSWR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLPA.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLPAR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPRP.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPRPR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPSW.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPSWR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUTIL.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUPD.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUPDR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPP5C.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXEDF.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lexgo.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFAUAL.OUT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLN.OUT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFALGN.OUT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfmcal.out". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfsply.htm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbflegl.htm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfsk0.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfsk1.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfsk2.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\license.txt". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lexwww.htm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\ptzipw32.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\WAVS.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFGF.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfrme.doc". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfweb.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\HLP256.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXBCE.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXBCES.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lexlmpm.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXPPS.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXP2P32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEX2KUSB.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfcomm.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfw2k.ini". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lexdrvin.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfver.web". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfpwr.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPMNT.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLCNT.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLCNP.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLSNT.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFIH.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBF.LOC". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCFG.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCU.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCUR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXPING.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\INSTMON.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfcoin.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfcoin.ini". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfcinf.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfvs.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\Downloaded Program Files\AdManCtlX.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\drivers\UdfReadr.sys". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOCUME~1\Guest\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\Msvcrt10.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOCUME~1\Guest\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\MSVCP60.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Adobe\TypeSpt\MojiKumi\Photoshop6MojiKumi". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020D05-0000-0000-C000-000000000046}" refers to invalid object "outex.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00021120-0000-0000-C000-000000000046}" refers to invalid object "C:\Program Files\Microsoft Office\Office\1033\fvfxs.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00FAE562-DACA-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00FAE568-DACA-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{08CE60DE-D425-11D3-891E-00104B9876B8}" refers to invalid object "C:\WINNT\system32\KODAKO~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{09101CAF-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{09101CB7-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{09101CBA-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{09101CBE-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0B6DC6EE-C4FD-11d1-819A-00C04FB69B4D}" refers to invalid object "C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0C5B0CED-206B-4c39-B615-0EB23C824612}" refers to invalid object "C:\Program Files\Common Files\Adobe\Shell\AIIcon.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1EFD6A40-3999-11CF-9150-00AA0059F70D}" refers to invalid object "E:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1FD8D838-74A9-4DF8-936F-0D87ED49AD3C}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frcom-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2A426D47-51C3-4A79-B064-95FD87DAB5D1}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frcom-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{341EE246-3B05-4C23-B21A-17F2D4831FC0}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frext-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3775D2E0-7C5D-11CF-899E-00AA00688B10}" refers to invalid object "E:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3A091B81-8FAF-4B7D-85C7-7CB5D3FDD479}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{45137563-F598-4574-A987-A25867AB7068}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\bwclext.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5F3E04C3-4612-11D0-A113-00A024B50363}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAREG.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5F3E04C4-4612-11D0-A113-00A024B50363}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAMDMTR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5F3E04C6-4612-11D0-A113-00A024B50363}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAREG.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6100E360-BB4A-4025-95FB-69CA629E4180}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\vbfrext-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{649D583D-3401-11D1-8C47-0080C7C43E7F}" refers to invalid object "C:\Program Files\Microsoft Office\Office\1033\wfxrstrz.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{83730EE4-6C46-11CF-A524-0080C77A7786}" refers to invalid object "C:\WINNT\system32\MSMask32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8DBFE843-D7DF-4cfc-B62C-05A6899139E2}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWTargetInf.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{99180163-DA16-101A-935C-444553540000}" refers to invalid object "recncl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A4845882-333F-11D0-B724-00AA0062CBB7}" refers to invalid object "C:\WINNT\system32\WBEM\WBEMSTUB.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AB481080-796C-11D0-A113-00A024B50363}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAABOUT.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}" refers to invalid object "C:\Program Files\WinRAR\rarext.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B6722BAB-2AD2-11D2-9D63-0040D000BD9D}" refers to invalid object "C:\PROGRA~1\Adaptec\Shared\CDGuide\CDGuide.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B6722BAC-2AD2-11D2-9D63-0040D000BD9D}" refers to invalid object "C:\PROGRA~1\Adaptec\Shared\CDGuide\CDGuide.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BB7CDE7C-5FB0-46E5-A3F4-EF118FACE08B}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWfiles-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C1172D01-751C-11D0-B6CF-00A024BF23EF}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRASRIAL.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}" refers to invalid object "E:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C932BA85-4374-101B-A56C-00AA003668DC}" refers to invalid object "C:\WINNT\system32\MSMask32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CAEF9D56-0816-4984-BE91-B1B2ED801BE5}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWCHelpr-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CCDD9080-8100-11D0-B6CF-00A024BF23EF}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRALPTTR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CF6067D7-D10C-4767-B04C-148E6EBB1574}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWfiles-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DA6A85E0-05C7-11D1-B243-006097CAD7E2}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAABOUT.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E07D3492-32B5-11D0-B724-00AA0062CBB7}" refers to invalid object "C:\WINNT\system32\WBEM\WBEMSTUB.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E5B42981-67DC-11D0-8547-00A0240B50F0}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAWEBTR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E8D83F00-CD78-11D0-B4D3-00A024BF23EF}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAABOUT.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FB99C991-C5B4-11D1-AFFA-00A024E9CDB2}" refers to invalid object "C:\Program Files\Adaptec\Shared\ECDC Engine\acmwrapperserver.dll". Action Taken: No Action Taken.
Entry "HKCR\ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.
Entry "HKCR\ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.
Entry "HKCR\DAIE.DownloadAcceleratorIE" refers to invalid object "{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}". Action Taken: No Action Taken.
Entry "HKCR\DAIE.DownloadAcceleratorIE.1" refers to invalid object "{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}". Action Taken: No Action Taken.
Entry "HKCR\ImageReady.Application.1" refers to invalid object "{52F2F130-2BC5-11D2-8FB7-000000000000}". Action Taken: No Action Taken.
Entry "HKCR\ITIR.ThumbnailDiskCache" refers to invalid object "{FFC72616-8CB9-45B0-24DB-42F34AC30957}". Action Taken: No Action Taken.
Entry "HKCR\RegObj.Registry" refers to invalid object "{C55A1680-CD5A-11CF-8D29-444553540000}". Action Taken: No Action Taken.
Entry "HKCR\RegObj.Registry.1" refers to invalid object "{C55A1680-CD5A-11CF-8D29-444553540000}". Action Taken: No Action Taken.
Entry "HKCR\SearchRelevant" refers to invalid object "{1D7E3B41-23CE-469B-BE1B-A64B877923E1}". Action Taken: No Action Taken.
Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken.
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\temp.frE70F\actalert.exe infected by "Trojan-Downloader.Win32.Dyfuca.dp" Virus! Action Taken: No Action Taken.
Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINNT\Downloaded Program Files\AdManCtlX.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\REGOBJ.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFDR5C.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUN5C.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUNRS.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFFC5C.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFICUR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLR1.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLR2.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLR3.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLR4.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUI5C.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFSTRN.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFDRV.HLP". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLPA.HLP". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFDRV.CNT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLPA.CNT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFMA.CNT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\CONTACT.HTM". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFJSWX.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPSWX.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFJSW.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFJSWR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLPA.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLPAR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPRP.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPRPR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPSW.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPSWR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUTIL.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUPD.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFUPDR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPP5C.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXEDF.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lexgo.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFAUAL.OUT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCLN.OUT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFALGN.OUT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfmcal.out". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfsply.htm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbflegl.htm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfsk0.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfsk1.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfsk2.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\license.txt". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lexwww.htm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\ptzipw32.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\WAVS.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFGF.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfrme.doc". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfweb.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\HLP256.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXBCE.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXBCES.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lexlmpm.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXPPS.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXP2P32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEX2KUSB.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfcomm.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfw2k.ini". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lexdrvin.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfver.web". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfpwr.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFPMNT.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLCNT.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLCNP.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFLSNT.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFIH.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBF.LOC". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCFG.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCU.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LXBFCUR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\LEXPING.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\INSTMON.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfcoin.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfcoin.ini". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfcinf.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\system32\spool\DRIVERS\W32X86\lxbfvs.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINNT\Downloaded Program Files\AdManCtlX.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\drivers\UdfReadr.sys". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOCUME~1\Guest\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\Msvcrt10.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOCUME~1\Guest\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\MSVCP60.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Adobe\TypeSpt\MojiKumi\Photoshop6MojiKumi". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020D05-0000-0000-C000-000000000046}" refers to invalid object "outex.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00021120-0000-0000-C000-000000000046}" refers to invalid object "C:\Program Files\Microsoft Office\Office\1033\fvfxs.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00FAE562-DACA-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00FAE568-DACA-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{08CE60DE-D425-11D3-891E-00104B9876B8}" refers to invalid object "C:\WINNT\system32\KODAKO~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{09101CAF-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{09101CB7-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{09101CBA-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{09101CBE-D527-11D6-AD30-0050DAD88A02}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0B6DC6EE-C4FD-11d1-819A-00C04FB69B4D}" refers to invalid object "C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0C5B0CED-206B-4c39-B615-0EB23C824612}" refers to invalid object "C:\Program Files\Common Files\Adobe\Shell\AIIcon.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1EFD6A40-3999-11CF-9150-00AA0059F70D}" refers to invalid object "E:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1FD8D838-74A9-4DF8-936F-0D87ED49AD3C}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frcom-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2A426D47-51C3-4A79-B064-95FD87DAB5D1}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frcom-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{341EE246-3B05-4C23-B21A-17F2D4831FC0}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frext-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3775D2E0-7C5D-11CF-899E-00AA00688B10}" refers to invalid object "E:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3A091B81-8FAF-4B7D-85C7-7CB5D3FDD479}" refers to invalid object "C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{45137563-F598-4574-A987-A25867AB7068}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\bwclext.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5F3E04C3-4612-11D0-A113-00A024B50363}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAREG.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5F3E04C4-4612-11D0-A113-00A024B50363}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAMDMTR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5F3E04C6-4612-11D0-A113-00A024B50363}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAREG.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6100E360-BB4A-4025-95FB-69CA629E4180}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\vbfrext-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{649D583D-3401-11D1-8C47-0080C7C43E7F}" refers to invalid object "C:\Program Files\Microsoft Office\Office\1033\wfxrstrz.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{83730EE4-6C46-11CF-A524-0080C77A7786}" refers to invalid object "C:\WINNT\system32\MSMask32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8DBFE843-D7DF-4cfc-B62C-05A6899139E2}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWTargetInf.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{99180163-DA16-101A-935C-444553540000}" refers to invalid object "recncl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A4845882-333F-11D0-B724-00AA0062CBB7}" refers to invalid object "C:\WINNT\system32\WBEM\WBEMSTUB.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AB481080-796C-11D0-A113-00A024B50363}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAABOUT.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}" refers to invalid object "C:\Program Files\WinRAR\rarext.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B6722BAB-2AD2-11D2-9D63-0040D000BD9D}" refers to invalid object "C:\PROGRA~1\Adaptec\Shared\CDGuide\CDGuide.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B6722BAC-2AD2-11D2-9D63-0040D000BD9D}" refers to invalid object "C:\PROGRA~1\Adaptec\Shared\CDGuide\CDGuide.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BB7CDE7C-5FB0-46E5-A3F4-EF118FACE08B}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWfiles-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C1172D01-751C-11D0-B6CF-00A024BF23EF}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRASRIAL.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}" refers to invalid object "E:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C932BA85-4374-101B-A56C-00AA003668DC}" refers to invalid object "C:\WINNT\system32\MSMask32.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CAEF9D56-0816-4984-BE91-B1B2ED801BE5}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWCHelpr-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CCDD9080-8100-11D0-B6CF-00A024BF23EF}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRALPTTR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CF6067D7-D10C-4767-B04C-148E6EBB1574}" refers to invalid object "C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWfiles-7288971.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DA6A85E0-05C7-11D1-B243-006097CAD7E2}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAABOUT.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E07D3492-32B5-11D0-B724-00AA0062CBB7}" refers to invalid object "C:\WINNT\system32\WBEM\WBEMSTUB.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E5B42981-67DC-11D0-8547-00A0240B50F0}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAWEBTR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E8D83F00-CD78-11D0-B4D3-00A024BF23EF}" refers to invalid object "C:\PROGRA~1\COMMON~1\IRAABOUT.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FB99C991-C5B4-11D1-AFFA-00A024E9CDB2}" refers to invalid object "C:\Program Files\Adaptec\Shared\ECDC Engine\acmwrapperserver.dll". Action Taken: No Action Taken.
Entry "HKCR\ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.
Entry "HKCR\ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.
Entry "HKCR\DAIE.DownloadAcceleratorIE" refers to invalid object "{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}". Action Taken: No Action Taken.
Entry "HKCR\DAIE.DownloadAcceleratorIE.1" refers to invalid object "{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}". Action Taken: No Action Taken.
Entry "HKCR\ImageReady.Application.1" refers to invalid object "{52F2F130-2BC5-11D2-8FB7-000000000000}". Action Taken: No Action Taken.
Entry "HKCR\ITIR.ThumbnailDiskCache" refers to invalid object "{FFC72616-8CB9-45B0-24DB-42F34AC30957}". Action Taken: No Action Taken.
Entry "HKCR\RegObj.Registry" refers to invalid object "{C55A1680-CD5A-11CF-8D29-444553540000}". Action Taken: No Action Taken.
Entry "HKCR\RegObj.Registry.1" refers to invalid object "{C55A1680-CD5A-11CF-8D29-444553540000}". Action Taken: No Action Taken.
Entry "HKCR\SearchRelevant" refers to invalid object "{1D7E3B41-23CE-469B-BE1B-A64B877923E1}". Action Taken: No Action Taken.
Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken.
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\temp.frE70F\actalert.exe infected by "Trojan-Downloader.Win32.Dyfuca.dp" Virus! Action Taken: No Action Taken.
#10
Posted 06 June 2005 - 10:22 PM
alsocom
-
- Member
-
- 80 posts
Visiting Staff
I only see one bad file to fix from that scan. The rest of the items are orphaned registry entries.
Click on this link http://www.downloads...org/KillBox.zip to download Pocket Killbox by Option^Explicit. Extract it from the zip file then double-click on Killbox.exe to run it.
In the 'Paste Full Path of File to Delete' box, copy and paste this entry:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\temp.frE70F\actalert.exe
Check the option for "Delete on Reboot". Click the button with the red circle with a white X in it. Click 'yes'. When asked to reboot choose 'yes'.
If you get a "PendingFileRenameOperations Registry Data has been Removed by External Process!" message then just restart manually.
After the computer reboots, delete the following folder:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\Temp\temp.frE70F
Scan with HijackThis and post a new log as a reply to this thread.
Click on this link http://www.downloads...org/KillBox.zip to download Pocket Killbox by Option^Explicit. Extract it from the zip file then double-click on Killbox.exe to run it.
In the 'Paste Full Path of File to Delete' box, copy and paste this entry:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\temp.frE70F\actalert.exe
Check the option for "Delete on Reboot". Click the button with the red circle with a white X in it. Click 'yes'. When asked to reboot choose 'yes'.
If you get a "PendingFileRenameOperations Registry Data has been Removed by External Process!" message then just restart manually.
After the computer reboots, delete the following folder:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\Temp\temp.frE70F
Scan with HijackThis and post a new log as a reply to this thread.
#11
Posted 09 June 2005 - 07:05 PM
WilliamA
- Topic Starter
-
- Member
-
- 9 posts
New Member
Logfile of HijackThis v1.99.1
Scan saved at 9:05:51 PM, on 6/9/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
C:\Program Files\TDS3\TDS-3.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\msagent\AgentSvr.exe
C:\Documents and Settings\Administrator\Desktop\HJT\HijackThis.exe
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TDS3] C:\Program Files\TDS3\TDS-3.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: PTP Manager.lnk = C:\Program Files\PIXELA\PTP Manager\PixePtpManager.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O20 - Winlogon Notify: NavLogon - C:\WINNT\system32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
Scan saved at 9:05:51 PM, on 6/9/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
C:\Program Files\TDS3\TDS-3.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\msagent\AgentSvr.exe
C:\Documents and Settings\Administrator\Desktop\HJT\HijackThis.exe
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TDS3] C:\Program Files\TDS3\TDS-3.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: PTP Manager.lnk = C:\Program Files\PIXELA\PTP Manager\PixePtpManager.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O20 - Winlogon Notify: NavLogon - C:\WINNT\system32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
#12
Posted 12 June 2005 - 10:05 PM
alsocom
-
- Member
-
- 80 posts
Visiting Staff
Log looks good.
How is the computer behaving now?
How is the computer behaving now?
#13
Posted 16 June 2005 - 04:24 PM
WilliamA
- Topic Starter
-
- Member
-
- 9 posts
New Member
It's performing pretty well the only thing still bothering me is my online game play is still getting tied up and disrupted which should not be happening since I have DSL. Thanks a lot for your excellent help!!!
#14
Posted 17 June 2005 - 10:40 AM
alsocom
-
- Member
-
- 80 posts
Visiting Staff
For your gaming issue, I suggest posting about the problem in the gaming forum as they would be better suited to help there.
Reset and Re-enable your System Restore to remove bad files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected.)
1. Right-click My Computer, and then click Properties.
2. On the System Restore tab, put a check mark in the 'Turn Off System Restore' check box.
3. Click OK, and then click Yes.
4. Restart the computer.
5. Repeat steps 1 - 2, this time clearing the box beside 'Turn Off System Restore', click 'OK'.
I suggest that you get these programs to help keep the computer clean:
Spyware Blaster - Blocks bad ActiveX items from installing on your computer. Spyware Blaster runs silently in the background.
SpywareGuard - Real-time protection from spyware installation attempts
ie-spyad - Puts over 8,000 bad URLs into your restricted sites for Internet Explorer.
Google Toolbar - Blocks many unwanted pop-ups in Internet Explorer.
Here are three very good and free malware scanners:
Spybot Search and Destroy 1.4
AdAware SE v1.06
Set-up Instructions for Spybot S&D and Adaware SE
a² Free Trojan Remover
If you have them already, check to make sure that they are the newest version.
Update these regularly.
You may also want to read "How did I get infected in the first place" to learn how to better secure your computer.
Be sure to keep Windows and your Anti-virus updated.
Reset and Re-enable your System Restore to remove bad files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected.)
1. Right-click My Computer, and then click Properties.
2. On the System Restore tab, put a check mark in the 'Turn Off System Restore' check box.
3. Click OK, and then click Yes.
4. Restart the computer.
5. Repeat steps 1 - 2, this time clearing the box beside 'Turn Off System Restore', click 'OK'.
I suggest that you get these programs to help keep the computer clean:
Spyware Blaster - Blocks bad ActiveX items from installing on your computer. Spyware Blaster runs silently in the background.
SpywareGuard - Real-time protection from spyware installation attempts
ie-spyad - Puts over 8,000 bad URLs into your restricted sites for Internet Explorer.
Google Toolbar - Blocks many unwanted pop-ups in Internet Explorer.
Here are three very good and free malware scanners:
Spybot Search and Destroy 1.4
AdAware SE v1.06
Set-up Instructions for Spybot S&D and Adaware SE
a² Free Trojan Remover
If you have them already, check to make sure that they are the newest version.
Update these regularly.
You may also want to read "How did I get infected in the first place" to learn how to better secure your computer.
Be sure to keep Windows and your Anti-virus updated.
#15
Posted 01 July 2005 - 03:00 AM
alsocom
-
- Member
-
- 80 posts
Visiting Staff
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. 
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
