[hardvinyljunkie]

Hi Folks, I have just finished another thread to remove malware from my desktop pc which was a total success thanks to you guys.

New Problem with my Laptop:
I have allready left a thread regarding connection problems which were resolved, again thanks to you guys!
See original thread: http://www.geekstogo...T&f=12&t=105511
Sorry the problems I am having wont allow me to use the link option.

A few problems I am having:
I still get the Error message upon log in that I mentioned in the above mentioned thread link.

While trying all your recommendations in the CLICK HERE, I cannot use any of the online virus scans as the scan now buttons dont work, this is the same for windows updates, I just get a white screen, and for most other updates like MSN Msg.

I have run AVG anti virus which didnt find anything.

All help will be greatly appreciated.

Here is my hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 6:15:59 PM, on 4/3/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
C:\Documents and Settings\)1G1T4L\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NAV CfgWiz] C:\WINDOWS\SYSTEM32\dllcache\cfgwiz.exe /R
O4 - HKLM\..\Run: [workflow] D:\installs\workflow.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)

Thanks
hardvinyljunkie

[Advertisements]

not much to say about this log, a few cleanup items for fixing but thats the most of it.

Start HijackThis Fix
Open Hijack This and click on Scan. Check the following entries (make sure you do not miss any)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)

Please remember to close all other windows, including browsers then click Fix checked.

it is not recommended to have more than one antivirus program running on your computer. Not only does it tax your computer's resources & cause a general slowdown, these antivirus programs may conflict with each other & result in poorer protection for you. Please decide upon the antivirus program which you'll like to retain & uninstall the rest.


If you are able, Perform an online scan with Internet Explorer with Kaspersky.
When you arrive at the page, click on Kaspersky Online Scanner and accept the TOS, and Privacy Statement that follow.

You will be prompted to install an ActiveX component from Kaspersky, Click Yes or right click the message at the top of your browser and select Install ActiveX.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  Standard
  
  • Scan Options:
  Scan Archives
  Scan Mail Bases
• Click OK
• Now under select a target to scan:Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button:
• Save the file to your desktop.
• Copy and paste that information in your next post.

Take note the names and locations of any file it detects but fails to clean.

* Turn off the real time scanner of any existing antivirus program while performing the online scan

[skate_punk_21]

not much to say about this log, a few cleanup items for fixing but thats the most of it.

Start HijackThis Fix
Open Hijack This and click on Scan. Check the following entries (make sure you do not miss any)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)

Please remember to close all other windows, including browsers then click Fix checked.

it is not recommended to have more than one antivirus program running on your computer. Not only does it tax your computer's resources & cause a general slowdown, these antivirus programs may conflict with each other & result in poorer protection for you. Please decide upon the antivirus program which you'll like to retain & uninstall the rest.


If you are able, Perform an online scan with Internet Explorer with Kaspersky.
When you arrive at the page, click on Kaspersky Online Scanner and accept the TOS, and Privacy Statement that follow.

You will be prompted to install an ActiveX component from Kaspersky, Click Yes or right click the message at the top of your browser and select Install ActiveX.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  Standard
  
  • Scan Options:
  Scan Archives
  Scan Mail Bases
• Click OK
• Now under select a target to scan:Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button:
• Save the file to your desktop.
• Copy and paste that information in your next post.

Take note the names and locations of any file it detects but fails to clean.

* Turn off the real time scanner of any existing antivirus program while performing the online scan

[hardvinyljunkie]

Hi Skate Punk 21
Thank you for your reply.
I have removed the 3 errors with the hijack this fix.
Now is where my problems start, IE wont work Kaspersky? I get to the 1st page try to click scan now and nothing happens? this is the same for all links in pretty much all sites that use whatever my IE is missing.
I have since posting this thread downloaded Firefox on my other PC and put it on disc, installed it on here and I can now press anything I could'nt in IE however this dont help me as Kaspersky and Pandascan only work with IE, same goes for any Windows updates?

I have reinstalled IE 6.0 sp1 twice and I get same results(using firefox to download).
Any ideas?

You mention I have more than one AV running, could you please tell me what else there is as I thought I was only running AVG.


Thanks
hardvinyljunkie

[skate_punk_21]

Oh spose you are correct there
*skate_punk_21 kicks norton
You have many dormant registry entries from your prior norton installation - we can try to clean that up later. Are you still using norton/symantec software?

secondly, can you tell me what you have removed from your hijackthis log please? this may be indicative of prior infections.

anyways, lets see what we can do,

Please download ewido security suite it is a free version of the program.

• Install ewido security suite
• When installing, under "Additional Options" uncheck..
  • Install background guard
  • Install scan via context menu
• Launch ewido, there should be an icon on your desktop, double-click it.
• The program will now open to the main screen.
• When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  
• You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update.
  • Then click on Start Update.
• The update will start and a progress bar will show the updates being installed.
  (the status bar at the bottom will display ("Update successful")

If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates


Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.


Once in safe mode Open Ewido Security Suite and do the following:

• Click on scanner
• Click on Complete System Scan and the scan will begin.
• You will be prompted to clean the first infection.
• Select "Perform action on all infections", then proceed.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop or a location where you can find it easily.

Close ewido security suite.

Reboot back to normal mode and post that log

[hardvinyljunkie]

Hi skate_punk_21

[bleep] this pc is giving major lag.
Answer to your first question is yes I am still using Norton Sysem Works 2003, without the AV as far as I am aware.

I have downloaded ewido security suite and ran it twice however both times it has crashed at 80% on both occasions.
First time I wasnt watching it.
Second run I watched it best I could.
On both occations first thing it found was adware in: C:\windows\system32\advert.dll
Then somewhere in documents and settings it found another 40 items, then within another 10 seconds it crashed again, Grrrrr, it did however continue to run as I had not clicked on the Send dont /send program needs to close screen, it found a total of 1010 items, however I could not save report.

I have also managed to run trend micro online scan however this also ends in a not responding crash when doing a fix on 2 occasions, thats 7 hours trying to run AV, Grrrr.

Items removed with hijack this:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)

thanks
hardvinyljunkie

[skate_punk_21]

DO you have a high speed connection?

For the time being if you can, i would disable systemworks as its probably chewing up alot of resources.

Lets see what else i've got in my toolbox to help clear you up...
1:

Please download Trend Micro™ Anti-Spyware for the Web Utility (by clicking the "Scan and Clean your PC" button).

• Save it to your desktop.
• Double-click the new icon on your desktop (tmas-web-scan.exe)
• It will say "Loading TrendMicro definitions".
• Once the definitions are loaded, the program will appear to close then re-open.
• Click Start Scan
• After it's done scanning, click Scan Results
• Make sure all items found have a check next to them, then click Clean Threats Now.
• Click Exit.

Reboot your computer. In place of the TrendMicro icon will be a text file called Antispyware.log, please double-click that log and copy the entire contents and paste them here.


2:

Download MWaveScan

• Double-click mwav.exe and unzip it to its default Directory @ C:\Kaspersky
• Locate "kavupd.exe" in the New Folder and Double Click to Update.
• If it says the signatures are more than 30 days old, keep trying!
• Keep trying until you get the actual signatures! (it will say "downloading yadda yadda yadda")
• When you see "Updates downloaded Successfully, please press any key to continue" go ahead, but do not run anything else in this folder...

Boot Into Safe Mode
Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.


Now go to the Kaspersky folder-> Locate and Double Click "mwavscan.com" to launch the MWAV Scanner!

Once opened-> Leave the Default Settings "ticked" and add a "tick" to"Drives"-> this will light up "All Drives"-> Add a "tick" to "Scan all Files"-> Click "Scan Clean" to begin!
This Scan may take Several Hours or more to Complete,Depending on the Hard Drive Size!

Please be sure it is Completed before proceeding!

1. Once the Scan has finished, All entries Identified as Infected will displayed in the lower pane! - Highlight everything that is inside the lower pane and press Ctrl+C at the same time to Copy!
2. Open a Blank Notepad Page and Paste the results (Ctrl+V) to it and Save it to your Desktop!

Reboot back to normal mode and post that log here

Edited by skate_punk_21, 07 April 2006 - 05:07 PM.

[hardvinyljunkie]

Hi skate_punk_21

Thank you for your assistance so far, here is the latest:

Yes I do have a high speed connection, 1mb cable.

Could'nt Download Trend Micro anti spyware for the web utility, this is only supported with IE and not Firefox and I still cant click on items in IE web pages.
So, I have gone to your second instruction, installed and updated and then ran in safe mode MWaveScan.

Here are the results, only 2 items:

File C:\WINDOWS\System32\advert.dll tagged as not-a-virus:AdWare.Win32.Aureate.a. No Action Taken.
File C:\WINDOWS\SYSTEM32\advert.dll tagged as not-a-virus:AdWare.Win32.Aureate.a. No Action Taken.

I am guessing most of my problems are corrupt windows files, but hey, like I said, I am only guessing.

I have uninstalled Norton System Works for time being, it aint helped me any with its one button checkup.

Whats next boss?


Thanks
hardvinyljunkie

[skate_punk_21]

Download Killbox
Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. Select each of the following files below with your mouse, then right click and select copy, check the box that says 'Unregister .dll Before Deleting' if it's not grayed out. Now in Killbox go to, File then select, Paste from clipboard! Now hit the X button - choose YES when it asks if you want to reboot) Click Yes at the 'Pending Operations prompt'. if you see it:

C:\WINDOWS\System32\advert.dll

reboot when prompted.

Before i continue, do you have ANY norton symantec products STILL installed on that machine? - i ask becuz i've seen many cases where it was norton causing the trouble (it tends to leave alot of remnants when it uninstalls). As such i am suggesting a Full symantec removal TOOL but it will take out anything you have have.

Post back with that info please

[hardvinyljunkie]

Hi skate_punk_21

I have run killbox as instructed.

I dont think i have any other symantec products installed as i cant see any in add/remove programs.
Hewever i do have symantec live reg and live update still installed and i get messages when i go to remove, see pics below:

[hardvinyljunkie]

Hi skate_punk_21

I have run killbox as instructed.

I dont think i have any other symantec products installed as i cant see any in add/remove programs.
Hewever i do have symantec live reg and live update still installed and i get messages when i go to remove these. first one says cannot remove Norton anti virus required and the other says it detects norton products still running on this system and advises to remove these first.

I was trying to copy screen shots of these to this page but i dont know how to?

As far as i am aware i dont need any symantec products on this machine.


Thanks
hardvinyljunkie

[skate_punk_21]

Download the attachment at the bottom of this post and extract it to your C:\ drive.

Once extracted please double click msifix.bat a DOS window will open and close, and then a different window will open. Follow the instructions on screen for complete symantec removal.

Let me know how it goes.

[hardvinyljunkie]

Hi skate _punk_21

Right i have run that and its cool, it has removed all symantec programs and it has also fixed the grey pop up box i was getting on log in with the error message "missing or incorrect command line parameters".

I still have 2 problems that i am aware of, first is my IE is still not allowing me to click on things within IE pages, and 2 is if i goto run>search it does not give me any options in the left grey panel? only the dog at the bottom and in the main page it says ; to start your seach follow instructions in the left pane.

Here is a new hijack log:

Logfile of HijackThis v1.99.1
Scan saved at 12:50:01 AM, on 4/9/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\)1G1T4L\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe


Thanks
hardvinyljunkie

[skate_punk_21]

ok try this online scan (should work from Firefox)

TrendMicro™ HouseCall Java Scan

• Please go HERE to run the Trend Micro™ HouseCall Scan.
• Click Scan now. It's free!
• Read and put a Check next to Yes I accept the terms of use.
• Click the Launching HouseCall>> button.
• Under Using Java-based HouseCall kernel click the Starting HouseCall>> button.
• You may receive a Security Warning about the TrendMicro Java applet, click YES.
• Under Scan complete computer for malware, grayware, and vulnerabilities click the Next>> button.
• Please be patient while it installs, updates, and scans your system.
• Once the scan is complete, it will take you to the summary page.
• Under Cleanup options, choose clean all detected infections automatically.
• Click the Clean now>> button.
• If anything was found you may be prompted to run the scan again, you can just close the browser window.

Please take note of, and list here any Infections that were uncleanable.

Skate

[hardvinyljunkie]

I was running this that while waiting funny enough.

I ran the clean now however it said it could not repair the 1 infection and i have copied and pasted all the vulnerabilities.
I copied the entire log to notepad however it is very long as what i list below has a [bleep] of a lot information inbetween each log, if you want the full log pasting then tell me, here i list the one infection it found and the following vulnerabilities:

Detected grayware/spyware

Note: Complete removal of the grayware listed below failed! If you require general hints and tips to solve the problem, please click here. Grayware specific information is available from the relevant grayware section.

PAR_SE.121251
1 Infections






Unchecked Buffer in Universal Plug and Play can Lead to System Compromise

Unchecked Buffer in Network Share Provider Can Lead to Denial of Service

Unchecked Buffer In Windows Component Could Cause Server Compromise

Cumulative Patch for Outlook Express (330994)

Buffer Overrun In HTML Converter Could Allow Code Execution

Unchecked Buffer in DirectX Could Enable System Compromise

Cumulative Patch for Internet Explorer (828750)

Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)

Buffer Overrun in Messenger Service Could Allow Code Execution (828035)

Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)

Cumulative Security Update for Internet Explorer (832894)

MS04-013

Vulnerability in Help and Support Center Could Allow Remote Code Execution

Vulnerability in DirectPlay Could Allow Denial of Service (839643)

Cumulative Security Update for Outlook Express (823353)

Vulnerability in Task Scheduler Could Allow Code Execution

Vulnerability in HTML Help Could Allow Code Execution

Cumulative Security Update for Internet Explorer (867801)

Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)

Vulnerability in NetDDE Could Allow Remote Code Execution (841533)

Security Update for Microsoft Windows (840987)

Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)

Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)

MS04-038

Cumulative Security Update for Internet Explorer (889293)

[skate_punk_21]

well that was thoroughly UN -helpful though hopefully it cleaned somethings out, are all your problems still around? or have some subsided?