Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Applicaton Error on Explorer.exe 0xc0000022


  • Please log in to reply

#1
jAj

jAj

    New Member

  • Member
  • Pip
  • 1 posts
I have searched the pages and tried to run the HJT and Spy Sweeper but am still having trouble. When starting and logging in I receive the error: The application failed to initialize properly (0xc0000022) Click ok to terminate aplpication. I get a desktop screen with no icons and ctrl-alt-del gives me an error: The administrator has disabled task manager. I received the spyware desktop and AVG was popping virus detections constantly, when asked to remove or quarantine I had to remove some and quarantine others. After I did a full scan through AVG I quarantined what was left and now get the current state. Below are the HJT and Spy Sweeper logs. I found out that a trusted site has been propogating a trojan horse virus to its web users. Any help would be greatly appreciated.
Thanks in advance jAj

HJT Log***
Logfile of HijackThis v1.99.1
Scan saved at 9:48:04 PM, on 1/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Documents and Settings\Administrator.JOBST-MAIN\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [YPC] C:\PROGRA~1\Yahoo!\PARENT~1\ypc.exe
O4 - HKLM\..\Run: [SystemLoader] C:\WINDOWS\sysldr32.exe
O4 - HKLM\..\Run: [WinHound] C:\Program Files\WinHound\WinHound.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.s...og/y/fs10_x.cab
O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.s...og/y/ks12_x.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...s/yinst0401.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {9D5B6642-8C3F-4504-B2FC-42779ABAE4B9} (Snapfish File Upload ActiveX Control) - http://www.snapfish....pfishUpload.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.game...r/goldfever.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.game...aploader_v5.cab
O16 - DPF: {E6EB803E-DD89-11D3-80C4-0050DA2E09D0} (LightSurfUploadCtl Class) - http://prints.pictur...loadControl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: msupdate - C:\WINDOWS\SYSTEM32\msupdate32.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: yyFLKyCB - {24BA00FC-8E10-AA56-043E-C6B85BF30350} - C:\WINDOWS\system32\pgjfg.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

Spy Sweeper Log***

To ensure proper removal of spyware, adware and other unwanted items, be sure to close any programs that are open.
Your Sweep Options indicate the following will be swept:
Drives: C: F:
Also sweeping: Memory, Cookies, Registry, All Folders
Trojan Horse found: downloader-buffy
Adware found: coolwebsearch (cws)
Adware found: psguard desktop hijacker
Trojan Horse found: vesbiz downloader
Adware found: virtualbouncer
Adware found: psguard
Trojan Horse found: letsroll911.org hijacker
Trojan Horse found: trojan-backdoor-us15info
Adware found: bullguard popup ad
Adware found: ezsearchbar
Trojan Horse found: trojan-downloader-asdbiz.biz
Trojan Horse found: rsysinit
Adware found: members area dialer
Full Sweep has completed. Elapsed time 00:18:45
Traces Found: 601

********
8:50 PM: | Start of Session, Tuesday, January 03, 2006 |
8:50 PM: Spy Sweeper started
8:50 PM: Sweep initiated using definitions version 556
8:50 PM: Starting Memory Sweep
8:51 PM: Memory Sweep Complete, Elapsed Time: 00:01:10
8:51 PM: Starting Registry Sweep
8:51 PM: Found Trojan Horse: downloader-buffy
8:51 PM: HKCR\clsid\{5321e378-ffad-4999-8c62-03ca8155f0b3}\ (12 subtraces) (ID = 107732)
8:51 PM: Found Adware: coolwebsearch (cws)
8:51 PM: HKCR\replace.hbo.1\ (3 subtraces) (ID = 108410)
8:51 PM: HKCR\replace.hbo\ (5 subtraces) (ID = 108411)
8:51 PM: HKLM\software\classes\clsid\{5321e378-ffad-4999-8c62-03ca8155f0b3}\ (12 subtraces) (ID = 109116)
8:51 PM: HKLM\software\classes\replace.hbo\ (5 subtraces) (ID = 109788)
8:51 PM: HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{5321e378-ffad-4999-8c62-03ca8155f0b3}\ (1 subtraces) (ID = 111753)
8:51 PM: HKLM\software\microsoft\windows\currentversion\run\ || xp_system (ID = 112471)
8:51 PM: Found Adware: psguard desktop hijacker
8:51 PM: HKLM\software\microsoft\windows\currentversion\uninstall\internet update\ (3 subtraces) (ID = 136964)
8:51 PM: Found Trojan Horse: vesbiz downloader
8:51 PM: HKLM\software\microsoft\windows\currentversion\run\ || system (ID = 145542)
8:51 PM: Found Adware: virtualbouncer
8:51 PM: HKCR\clsid\{8551311d-f3bf-4718-ad66-96e302500735}\ (11 subtraces) (ID = 392235)
8:51 PM: HKLM\software\classes\clsid\{8551311d-f3bf-4718-ad66-96e302500735}\ (11 subtraces) (ID = 476604)
8:51 PM: Found Adware: psguard
8:51 PM: HKCR\clsid\{357a87ed-3e5d-437d-b334-deb7eb4982a3}\ (3 subtraces) (ID = 487755)
8:51 PM: HKLM\software\classes\clsid\{357a87ed-3e5d-437d-b334-deb7eb4982a3}\ (3 subtraces) (ID = 488280)
8:51 PM: Found Trojan Horse: letsroll911.org hijacker
8:51 PM: HKLM\software\microsoft\windows\currentversion\run\ || system (ID = 594251)
8:51 PM: HKLM\software\microsoft\windows\currentversion\run\ || intell32.exe (ID = 683186)
8:51 PM: Found Trojan Horse: trojan-backdoor-us15info
8:51 PM: HKLM\software\microsoft\windows nt\currentversion\winlogon\ || shell (ID = 762897)
8:51 PM: HKCR\clsid\{0878f045-b52e-46b3-9724-d3ae69d50067}\ (5 subtraces) (ID = 849500)
8:51 PM: HKCR\clsid\{0ea04667-e53b-4e81-8e7c-de2ca114cbd6}\ (15 subtraces) (ID = 849506)
8:51 PM: HKCR\clsid\{265c2af8-c94c-4aff-b2b6-340d3982562c}\ (15 subtraces) (ID = 849522)
8:51 PM: HKCR\clsid\{3946a33d-bbc6-4792-a383-d855e0f76d91}\ (15 subtraces) (ID = 849538)
8:51 PM: HKCR\clsid\{41d7bb0a-64e0-4ab2-bd0b-69ea78e462e8}\ (5 subtraces) (ID = 849559)
8:51 PM: HKCR\clsid\{4aa55e8c-2c19-4f3a-91ec-43b6df937c4f}\ (5 subtraces) (ID = 849565)
8:51 PM: HKCR\clsid\{4f93062d-7bda-48be-aeb6-88af2b1fe2d4}\ (15 subtraces) (ID = 849571)
8:51 PM: HKCR\clsid\{5206df89-97fc-41ad-bae3-993e87053a99}\ (15 subtraces) (ID = 849587)
8:51 PM: HKCR\clsid\{58e68548-42e2-479d-a9e0-86d9f2eaf02e}\ (5 subtraces) (ID = 849603)
8:51 PM: HKCR\clsid\{5e5a79a6-c67b-444e-be58-bd0acefcda07}\ (5 subtraces) (ID = 849609)
8:51 PM: HKCR\clsid\{67196b3e-55a0-49de-ba11-66f07df804db}\ (5 subtraces) (ID = 849615)
8:51 PM: HKCR\clsid\{7198f8da-012c-4db4-abd8-923a54c87900}\ (5 subtraces) (ID = 849621)
8:51 PM: HKCR\clsid\{82847700-fe61-46a3-b3ee-761a1e312aca}\ (5 subtraces) (ID = 849627)
8:51 PM: HKCR\clsid\{8c2a05c5-780f-4a2e-ae1c-fb8181f860e4}\ (5 subtraces) (ID = 849633)
8:51 PM: HKCR\clsid\{8dca6b3d-1fca-4500-b210-76119bb5c69e}\ (15 subtraces) (ID = 849639)
8:51 PM: HKCR\clsid\{acc647ee-991a-4811-b420-f063f50cddc1}\ (5 subtraces) (ID = 849655)
8:51 PM: HKCR\clsid\{c5b70256-5b08-4056-b84e-c6ce084967f5}\ (5 subtraces) (ID = 849661)
8:51 PM: HKCR\clsid\{cbe4b748-08f9-44db-8fb1-9ad25979da35}\ (15 subtraces) (ID = 849667)
8:51 PM: HKCR\clsid\{cdd964c2-fb78-4a74-bb1e-1cb1fcb72018}\ (6 subtraces) (ID = 849683)
8:51 PM: HKCR\clsid\{d25f7446-4d36-4203-9ea5-5422b26fa9d0}\ (5 subtraces) (ID = 849690)
8:51 PM: HKCR\clsid\{e12aaacf-8af2-4c31-ba94-e3787b44f90e}\ (15 subtraces) (ID = 849696)
8:51 PM: HKCR\clsid\{e479197f-49e5-4e60-9fa2-a71d4c7c2bbc}\ (5 subtraces) (ID = 849712)
8:51 PM: HKCR\clsid\{f880b4f2-75bf-44ec-b7aa-45ec37448027}\ (5 subtraces) (ID = 849718)
8:51 PM: HKCR\typelib\{31e956bf-8ca9-4d75-b534-7ebc79770002}\ (9 subtraces) (ID = 849724)
8:51 PM: HKCR\typelib\{6e9e448e-b195-4627-953c-5377fa9bba36}\ (9 subtraces) (ID = 849734)
8:51 PM: HKLM\software\classes\clsid\{0878f045-b52e-46b3-9724-d3ae69d50067}\ (5 subtraces) (ID = 849774)
8:51 PM: HKLM\software\classes\clsid\{0ea04667-e53b-4e81-8e7c-de2ca114cbd6}\ (15 subtraces) (ID = 849780)
8:51 PM: HKLM\software\classes\clsid\{265c2af8-c94c-4aff-b2b6-340d3982562c}\ (15 subtraces) (ID = 849796)
8:51 PM: HKLM\software\classes\clsid\{3946a33d-bbc6-4792-a383-d855e0f76d91}\ (15 subtraces) (ID = 849812)
8:51 PM: HKLM\software\classes\clsid\{41d7bb0a-64e0-4ab2-bd0b-69ea78e462e8}\ (5 subtraces) (ID = 849833)
8:51 PM: HKLM\software\classes\clsid\{4aa55e8c-2c19-4f3a-91ec-43b6df937c4f}\ (5 subtraces) (ID = 849839)
8:51 PM: HKLM\software\classes\clsid\{4f93062d-7bda-48be-aeb6-88af2b1fe2d4}\ (15 subtraces) (ID = 849845)
8:51 PM: HKLM\software\classes\clsid\{5206df89-97fc-41ad-bae3-993e87053a99}\ (15 subtraces) (ID = 849861)
8:51 PM: HKLM\software\classes\clsid\{58e68548-42e2-479d-a9e0-86d9f2eaf02e}\ (5 subtraces) (ID = 849877)
8:51 PM: HKLM\software\classes\clsid\{5e5a79a6-c67b-444e-be58-bd0acefcda07}\ (5 subtraces) (ID = 849883)
8:51 PM: HKLM\software\classes\clsid\{67196b3e-55a0-49de-ba11-66f07df804db}\ (5 subtraces) (ID = 849889)
8:51 PM: HKLM\software\classes\clsid\{7198f8da-012c-4db4-abd8-923a54c87900}\ (5 subtraces) (ID = 849895)
8:51 PM: HKLM\software\classes\clsid\{82847700-fe61-46a3-b3ee-761a1e312aca}\ (5 subtraces) (ID = 849901)
8:51 PM: HKLM\software\classes\clsid\{8c2a05c5-780f-4a2e-ae1c-fb8181f860e4}\ (5 subtraces) (ID = 849907)
8:51 PM: HKLM\software\classes\clsid\{8dca6b3d-1fca-4500-b210-76119bb5c69e}\ (15 subtraces) (ID = 849913)
8:51 PM: HKLM\software\classes\clsid\{acc647ee-991a-4811-b420-f063f50cddc1}\ (5 subtraces) (ID = 849929)
8:51 PM: HKLM\software\classes\clsid\{c5b70256-5b08-4056-b84e-c6ce084967f5}\ (5 subtraces) (ID = 849935)
8:51 PM: HKLM\software\classes\clsid\{cbe4b748-08f9-44db-8fb1-9ad25979da35}\ (15 subtraces) (ID = 849941)
8:51 PM: HKLM\software\classes\clsid\{cdd964c2-fb78-4a74-bb1e-1cb1fcb72018}\ (6 subtraces) (ID = 849957)
8:51 PM: HKLM\software\classes\clsid\{d25f7446-4d36-4203-9ea5-5422b26fa9d0}\ (5 subtraces) (ID = 849964)
8:51 PM: HKLM\software\classes\clsid\{e12aaacf-8af2-4c31-ba94-e3787b44f90e}\ (15 subtraces) (ID = 849970)
8:51 PM: HKLM\software\classes\clsid\{e479197f-49e5-4e60-9fa2-a71d4c7c2bbc}\ (5 subtraces) (ID = 849986)
8:51 PM: HKLM\software\classes\clsid\{f880b4f2-75bf-44ec-b7aa-45ec37448027}\ (5 subtraces) (ID = 849992)
8:51 PM: HKLM\software\classes\typelib\{31e956bf-8ca9-4d75-b534-7ebc79770002}\ (9 subtraces) (ID = 849998)
8:51 PM: HKLM\software\classes\typelib\{6e9e448e-b195-4627-953c-5377fa9bba36}\ (9 subtraces) (ID = 850008)
8:51 PM: HKU\WRSS_Profile_S-1-5-21-613216961-3325241471-879253861-1005\software\microsoft\internet explorer\keywords\ (16 subtraces) (ID = 109820)
8:51 PM: HKU\WRSS_Profile_S-1-5-21-613216961-3325241471-879253861-1005\software\microsoft\internet explorer\sites\ (1 subtraces) (ID = 109822)
8:51 PM: HKU\WRSS_Profile_S-1-5-21-613216961-3325241471-879253861-1005\software\microsoft\windows\currentversion\run\ || xp_system (ID = 112421)
8:51 PM: HKU\WRSS_Profile_S-1-5-21-613216961-3325241471-879253861-1005\software\microsoft\windows\currentversion\run\ || shell (ID = 650813)
8:51 PM: Registry Sweep Complete, Elapsed Time:00:00:33
8:51 PM: Starting Cookie Sweep
8:51 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
8:51 PM: Starting File Sweep
8:52 PM: Found Adware: bullguard popup ad
8:52 PM: c:\windows\temp\bullguard (1 subtraces) (ID = -2147476409)
8:53 PM: intell32.exe (ID = 133867)
8:53 PM: HKLM\Software\Microsoft\Windows\CurrentVersion\Run || intell32.exe (ID = 0)
8:55 PM: Found Adware: ezsearchbar
8:55 PM: name_gender.ini (ID = 60351)
9:01 PM: bulldownload.exe (ID = 52017)
9:04 PM: Found Trojan Horse: trojan-downloader-asdbiz.biz
9:04 PM: a0066018.exe (ID = 80237)
9:04 PM: a0066019.exe (ID = 80237)
9:04 PM: Found Trojan Horse: rsysinit
9:04 PM: rsysinit.exe (ID = 119324)
9:06 PM: Found Adware: members area dialer
9:06 PM: maxdd.game (ID = 160354)
9:08 PM: addr_var.ini (ID = 60329)
9:08 PM: birth_var.ini (ID = 60332)
9:08 PM: city_var.ini (ID = 60333)
9:08 PM: name_var.ini (ID = 60352)
9:08 PM: states.ini (ID = 60360)
9:08 PM: zip_var.ini (ID = 60362)
9:08 PM: phone_var.ini (ID = 60353)
9:08 PM: File Sweep Complete, Elapsed Time: 00:16:56
9:08 PM: Full Sweep has completed. Elapsed time 00:18:45
9:08 PM: Traces Found: 601
9:14 PM: Removal process initiated
9:14 PM: Quarantining All Traces: downloader-buffy
9:14 PM: Quarantining All Traces: coolwebsearch (cws)
9:14 PM: Quarantining All Traces: psguard desktop hijacker
9:14 PM: Quarantining All Traces: vesbiz downloader
9:14 PM: Quarantining All Traces: virtualbouncer
9:14 PM: Quarantining All Traces: psguard
9:15 PM: Quarantining All Traces: letsroll911.org hijacker
9:15 PM: Quarantining All Traces: trojan-backdoor-us15info
9:15 PM: Quarantining All Traces: bullguard popup ad
9:15 PM: Quarantining All Traces: ezsearchbar
9:15 PM: Quarantining All Traces: trojan-downloader-asdbiz.biz
9:15 PM: Quarantining All Traces: rsysinit
9:15 PM: Quarantining All Traces: members area dialer
9:16 PM: Removal process completed. Elapsed time 00:01:56
********
8:47 PM: | Start of Session, Tuesday, January 03, 2006 |
8:47 PM: Spy Sweeper started
8:47 PM: Sweep initiated using definitions version 556
8:47 PM: Starting Memory Sweep
8:48 PM: Sweep Canceled
8:48 PM: Memory Sweep Complete, Elapsed Time: 00:00:08
8:48 PM: Traces Found: 0
8:50 PM: | End of Session, Tuesday, January 03, 2006 |
********
8:47 PM: | Start of Session, Tuesday, January 03, 2006 |
8:47 PM: Spy Sweeper started
8:47 PM: Program Version 4.5.5 (Build 607) Using Spyware Definitions 556
8:47 PM: | End of Session, Tuesday, January 03, 2006 |
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP