Pc Rookie Sos

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

papason

Thread Starter
Joined
Jun 5, 2007
Messages
19
I have a Dell PC running windows xp and have a virus that wont go away. I took my PC t o STAPLES STORE and they said they would remove any spyware ,adware, and the virus,but after shelling out 100 dollars I picked up my PC and they seem to not have done any thing to improve it.Now I am just ready to wipe clean my computer and start over. I am told if I format my computer it will take care of these problems and if so , how can I save some of the things I have stored on my PC before wiping it clean ? Also what is the best way or the easiest way for a PC ROOKIE to do this? Please understand that my computer is very basic that I use for the internet and saving pictures but otherwise I dont have a lot of stuff on it the I need to save. Thank You ahead of time for your help.
 
Joined
Sep 8, 2005
Messages
9,113
Why do think its still infected??? Are you still getting popups??? Please more specific on your problems with your computer. Thanks.
 

papason

Thread Starter
Joined
Jun 5, 2007
Messages
19
Now it still gets pop ups and I get a window popping up all the time that says your computer may be at risk run scan no which if I do run it . it comes back saying I have how many ever infected files to correct this problem click here for this (AV) program then if I do that it says to register it in order for it to remove viruses but they want money via a credit card.But this window comes up like non stop while Im on the PC . Also I get a lot of windows that pop up while Im on line saying windows has encountered a problem and must shut down that seems to get it froze an then it takes 15 mins. starting it back up again.
 

papason

Thread Starter
Joined
Jun 5, 2007
Messages
19
Logfile of HijackThis v1.99.1
Scan saved at 2:43:06 AM, on 7/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Documents and Settings\KRISTY\My Documents\g flicks\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: (no name) - rsion - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: Slide - {F25D0054-4CA2-49D5-A8B0-D79B7829D14E} - C:\Program Files\Slide\SlideBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\KRISTY\My Documents\g flicks\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm565MBUS
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/16.27/uploader2.cab
O16 - DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} (AxLoaderPassword Class) - http://www.blackberry.com/messenger/AxLoader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://loganson.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1175487698218
O17 - HKLM\System\CCS\Services\Tcpip\..\{46D65B9B-D95F-49E2-9584-7E471E11337F}: NameServer = 208.67.222.222,208.67.220.220
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Verizon\PC Security Checkup\rpsupdaterR.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
 
Joined
Sep 8, 2005
Messages
9,113
Okay, thanks for the decription.

Download RogueRemover from the link below.
Unzip to a convenient location such as C:\RogueRemover.
Navigate to the folder you unzipped the files to and double click on the file named RogueRemover.exe.
Finally, select Scan and the program will walk you through the remaining steps.

Compatible with Windows 2000, NT, XP

http://www.malwarebytes.org/rogueremover.php


==================================

Download Combofix and save it to your desktop.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Note: It is important that it is saved directly to your desktop

Close any open browsers.

Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you.

Post the ComboFix.txt and a fresh Hijackthis log in your next reply.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
 

papason

Thread Starter
Joined
Jun 5, 2007
Messages
19
"KRISTY" - 2007-07-14 9:01:54 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007\Data\ActivationCode
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2007\Data\ProductCode
C:\DOCUME~1\KRISTY\APPLIC~1.\DriveCleaner Free
C:\DOCUME~1\KRISTY\APPLIC~1.\DriveCleaner Free\Logs\update.log
C:\DOCUME~1\KRISTY\APPLIC~1.\macromedia\Flash Player\#SharedObjects\TSTYGU8Y\www.broadcaster.com
C:\DOCUME~1\KRISTY\APPLIC~1.\macromedia\Flash Player\#SharedObjects\TSTYGU8Y\www.broadcaster.com\played_list.sol
C:\DOCUME~1\KRISTY\APPLIC~1.\macromedia\Flash Player\#SharedObjects\TSTYGU8Y\www.broadcaster.com\video_queue.sol
C:\DOCUME~1\KRISTY\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\DOCUME~1\KRISTY\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\KRISTY.\err.log
C:\Documents and Settings\KRISTY.\ResErrors.log
C:\Program Files\Common Files\companion wizard
C:\Program Files\Common Files\companion wizard\WapCHK.dll
C:\Program Files\install provider
C:\Program Files\install provider\data.ini
C:\Program Files\install provider\InstallProvider.dlldat
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\oemcgjdtt.dat
C:\WINDOWS\system32\oemcgjdtt.exe
C:\WINDOWS\system32\oemcgjdtt_nav.dat
C:\WINDOWS\system32\oemcgjdtt_navps.dat


((((((((((((((((((((((((( Files Created from 2007-06-14 to 2007-07-14 )))))))))))))))))))))))))))))))


2007-07-14 08:57 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-14 08:49 <DIR> d-------- C:\Program Files\RogueRemover
2007-07-11 19:41 <DIR> d-------- C:\Program Files\STOPzilla!
2007-07-11 19:41 <DIR> d-------- C:\Program Files\Common Files\iS3
2007-07-11 19:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\STOPzilla!
2007-07-10 12:34 <DIR> d-------- C:\Program Files\Jump Style Each
2007-07-10 12:34 <DIR> d-------- C:\DOCUME~1\KRISTY\APPLIC~1\NetPumper
2007-07-10 12:34 <DIR> d-------- C:\DOCUME~1\KRISTY\APPLIC~1\Jump Style Each
2007-07-10 12:34 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\For love 1 bias
2007-07-10 12:33 <DIR> d-------- C:\Program Files\NetPumper
2007-07-08 21:28 <DIR> d-------- C:\Program Files\FreeGamesWay.com
2007-07-08 05:03 98,304 --a------ C:\WINDOWS\system32\msir3jp.dll
2007-07-08 05:03 838,144 --a------ C:\WINDOWS\system32\chtbrkr.dll
2007-07-08 05:03 70,656 --a------ C:\WINDOWS\system32\korwbrkr.dll
2007-07-08 05:03 6,144 --a------ C:\WINDOWS\system32\kbd101a.dll
2007-07-08 05:03 218,112 --a------ C:\WINDOWS\system32\c_g18030.dll
2007-07-08 05:03 1,677,824 --a------ C:\WINDOWS\system32\chsbrkr.dll
2007-07-08 05:02 9,216 --a------ C:\WINDOWS\system32\kbdnecAT.dll
2007-07-08 05:02 7,680 --a------ C:\WINDOWS\system32\kbdnecNT.dll
2007-07-08 05:02 7,168 --a------ C:\WINDOWS\system32\kbdnec95.dll
2007-07-08 05:02 7,168 --a------ C:\WINDOWS\system32\kbdibm02.dll
2007-07-08 05:02 7,168 --a------ C:\WINDOWS\system32\f3ahvoas.dll
2007-07-08 05:02 6,656 --a------ C:\WINDOWS\system32\kbdlk41a.dll
2007-07-08 05:02 6,656 --a------ C:\WINDOWS\system32\c_is2022.dll
2007-07-08 05:02 6,144 --a------ C:\WINDOWS\system32\kbdlk41j.dll
2007-07-08 05:02 6,144 --a------ C:\WINDOWS\system32\kbdax2.dll
2007-07-08 05:02 6,144 --a------ C:\WINDOWS\system32\kbd106n.dll
2007-07-08 05:02 6,144 --a------ C:\WINDOWS\system32\kbd101.dll
2007-07-08 04:23 <DIR> d-------- C:\DOCUME~1\KRISTY\APPLIC~1\SPAMfighter
2007-07-08 04:22 <DIR> d-------- C:\Program Files\Common Files\Ankiro
2007-07-08 04:21 <DIR> d-------- C:\Program Files\SPAMfighter
2007-07-08 04:21 <DIR> d-------- C:\Program Files\Common Files\Application
2007-07-06 19:35 8 --a------ C:\WINDOWS\system32\winsusrx.dll
2007-07-06 19:35 136 --a------ C:\WINDOWS\system32\winsusrm.dll
2007-07-06 19:35 <DIR> d-------- C:\WINDOWS\5374-8831-2029-7643-5722
2007-07-05 04:16 <DIR> d-------- C:\Program Files\DivX
2007-07-05 03:52 76,288 --a------ C:\WINDOWS\system32\uniime.dll
2007-07-05 03:51 811,064 --a------ C:\WINDOWS\system32\imjp81k.dll
2007-07-05 03:51 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-07-05 03:51 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-07-05 03:51 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-07-05 03:51 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-07-05 03:51 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-07-05 03:51 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2007-07-04 14:22 1,184,400 --a------ C:\WINDOWS\system32\FreeImage.dll
2007-07-02 12:41 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-02 12:41 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-06-28 11:53 217,088 -ra------ C:\WINDOWS\system32\SZBase5.dll
2007-06-22 14:59 294,912 -ra------ C:\WINDOWS\system32\IS3DBA5.dll
2007-06-22 14:59 126,976 -ra------ C:\WINDOWS\system32\IS3HTUI5.dll
2007-06-22 14:58 69,632 -ra------ C:\WINDOWS\system32\IS3Hks5.dll
2007-06-22 14:58 372,736 -ra------ C:\WINDOWS\system32\IS3UI5.dll
2007-06-22 14:57 94,208 -ra------ C:\WINDOWS\system32\IS3Inet5.dll
2007-06-22 14:57 23,040 -ra------ C:\WINDOWS\system32\IS3XDat5.dll
2007-06-22 14:57 184,320 -ra------ C:\WINDOWS\system32\IS3Win325.dll
2007-06-22 14:56 90,112 -ra------ C:\WINDOWS\system32\IS3Svc5.dll
2007-06-22 14:56 688,128 -ra------ C:\WINDOWS\system32\IS3Base5.dll
2007-06-16 20:34 <DIR> d-------- C:\Program Files\Kaboose Games


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-14 13:20:26 7,520 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-07-13 17:18:04 -------- d-----w C:\DOCUME~1\KRISTY\APPLIC~1\Motive
2007-07-13 17:14:30 -------- d-----w C:\Program Files\Verizon
2007-07-13 17:05:22 -------- d-----w C:\Program Files\Common Files\Motive
2007-07-12 02:16:21 -------- d-----w C:\Program Files\MSN Messenger
2007-07-10 02:56:38 -------- d-----w C:\Program Files\Yahoo!
2007-07-05 10:24:41 630,200 ----a-w C:\WINDOWS\system32\drivers\VetEFile.sys
2007-07-05 10:24:40 108,392 ----a-w C:\WINDOWS\system32\drivers\VetEBoot.sys
2007-07-03 09:28:24 -------- d-----w C:\Program Files\ClickArt 400,000
2007-07-02 19:08:34 -------- d-----w C:\Program Files\Personal Resume Workshop
2007-06-19 10:31:56 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-13 17:53:35 -------- d-----w C:\Program Files\SUPERAntiSpyware
2007-06-13 17:52:32 -------- d-----w C:\Program Files\QuickTime
2007-06-13 17:13:06 -------- d-----w C:\Program Files\Phantom EFX
2007-06-12 23:21:19 -------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-06-08 11:09:21 -------- d-----w C:\Program Files\Zylom Games
2007-06-08 11:08:47 -------- d-----w C:\Program Files\Gunner2_at
2007-06-08 11:07:35 -------- d-----w C:\Program Files\Feelers_at
2007-06-08 01:19:07 -------- d-----w C:\DOCUME~1\KRISTY\APPLIC~1\SUPERAntiSpyware.com
2007-06-04 21:39:14 -------- d-----w C:\DOCUME~1\KRISTY\APPLIC~1\SpywareBot
2007-06-03 12:12:21 158,952 ------w C:\DOCUME~1\KRISTY\APPLIC~1\install_en[1].exe
2007-06-03 11:27:27 -------- d-----w C:\Program Files\Common Files\Scanner
2007-06-03 11:21:31 -------- d-----w C:\Program Files\Common Files\Authentium
2007-06-01 03:47:43 -------- d-----w C:\Program Files\ReflexiveArcade
2007-05-31 10:52:09 -------- d-----w C:\Program Files\Common Files\DirectX
2007-05-29 00:57:38 -------- d-----w C:\DOCUME~1\KRISTY\APPLIC~1\Help
2007-05-28 23:23:01 -------- d-----w C:\Program Files\Oberon Media
2007-05-24 00:55:18 -------- d--h--w C:\DOCUME~1\KRISTY\APPLIC~1\Move Networks
2007-05-20 23:43:17 -------- d-----w C:\Program Files\bfgclient
2007-05-19 21:57:25 -------- d-----w C:\DOCUME~1\KRISTY\APPLIC~1\Zylom
2007-05-18 23:54:15 -------- d-----w C:\Program Files\BearShare Applications
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-30 10:46:41 1,121 ----a-w C:\WINDOWS\unins000.dat
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-20 23:37:50 119,296 ----a-w C:\WINDOWS\system32\zlibwapi.dll
2007-04-20 23:37:50 119,296 ----a-w C:\WINDOWS\system32\zlib.dll
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-17 05:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-17 05:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 05:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-17 05:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-17 05:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 05:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 05:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-17 05:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-17 05:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-17 05:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
2007-01-06 16:10:13 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
2006-12-14 15:31:26 56 --sh--r C:\WINDOWS\system32\015A5C3B2D.sys
2007-02-17 13:23:10 88 --sh--r C:\WINDOWS\system32\0D416F04DE.sys
2007-01-14 16:35:18 56 -csh--r C:\WINDOWS\system32\DE046F410D.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
2007-05-30 14:18 808472 --a------ C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1827766B-9F49-4854-8034-F6EE26FCB1EC}]
2007-06-28 12:01 275640 -ra------ C:\Program Files\STOPzilla!\SZSG.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-05-02 18:56 2403392 -ra------ c:\program files\google\googletoolbar2.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E3215F20-3212-11D6-9F8B-00D0B743919D}]
2007-06-28 12:01 177336 -ra------ C:\Program Files\STOPzilla!\SZIEBHO.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [2005-06-17 00:30]
"VerizonServicepoint.exe"="C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe" [2006-02-01 19:33]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-06-11 02:33]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 17:42]
"Picasa Media Detector"="C:\Documents and Settings\KRISTY\My Documents\g flicks\Picasa2\PicasaMediaDetector.exe" [2007-05-01 23:08]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 16:16]
"Motive SmartBridge"="C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe" [2006-06-23 12:33]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 08:44]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 08:44]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 01:12]
"CAVRID"="C:\Program Files\Yahoo!\Antivirus\CAVRID.exe" [2006-12-14 05:22]
"CaAvTray"="C:\Program Files\Yahoo!\Antivirus\CAVTray.exe" [2006-12-14 05:22]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2007-07-04 14:22]
"Verizon_McciTrayApp"="C:\Program Files\Verizon\McciTrayApp.exe" [2007-03-11 14:37]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" []
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-02-03 06:24]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-03-28 15:10]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f2ab6a4-dc80-11da-8b7a-806d6172696f}]
AutoRun\command- E:\ReelDealSlots4Launcher.exe


Contents of the 'Scheduled Tasks' folder
2007-07-14 16:00:00 C:\WINDOWS\tasks\A89251DD9059D0F1.job
2007-07-14 14:38:03 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-07-14 01:30:00 C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (SPUNKYS-POPPY).job
2007-07-14 10:00:01 C:\WINDOWS\tasks\SpywareBot Scheduled Scan.job
2007-07-14 10:23:12 C:\WINDOWS\tasks\User_Feed_Synchronization-{8B2D93F7-6A72-4C4C-8028-09174E3E8989}.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-14 09:14:14
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-14 9:17:34
C:\ComboFix-quarantined-files.txt ... 2007-07-14 09:17

--- E O F ---
 

papason

Thread Starter
Joined
Jun 5, 2007
Messages
19
The first log report was from the Rougeremover, this one is from Hijack this. Once my problems are solved can I delete programs like Stopzilla? And will the promp from AV stop popping up? Logfile of HijackThis v1.99.1
Scan saved at 9:27:29 AM, on 7/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Documents and Settings\KRISTY\My Documents\g flicks\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: (no name) - rsion - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: Slide - {F25D0054-4CA2-49D5-A8B0-D79B7829D14E} - C:\Program Files\Slide\SlideBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\KRISTY\My Documents\g flicks\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm565MBUS
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/16.27/uploader2.cab
O16 - DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} (AxLoaderPassword Class) - http://www.blackberry.com/messenger/AxLoader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://loganson.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1175487698218
O17 - HKLM\System\CCS\Services\Tcpip\..\{46D65B9B-D95F-49E2-9584-7E471E11337F}: NameServer = 208.67.222.222,208.67.220.220
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Verizon\PC Security Checkup\rpsupdaterR.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
 
Joined
Sep 8, 2005
Messages
9,113
Panda Activescan
http://www.pandasoftware.com/products/activescan.htm
  1. Once you are on the Panda site click the Scan your PC button
  2. A new window will open...click the Check Now button
  3. Enter your Country
  4. Enter your State/Province
  5. Enter your e-mail address and click send
  6. Select either Home User or Company
  7. Click the big Scan Now button
  8. If it wants to install an ActiveX component allow it
  9. It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  10. When download is complete, click on Local Disks to start the scan
  11. When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.


In your next reply, please include the log from panda activescan. Thanks
 

papason

Thread Starter
Joined
Jun 5, 2007
Messages
19
I clicked on the Pandasoftware link , it ran the scan but the window I could not get to Maximize I tried everything I could think of but nothing seemed to work, so when the scan was finished I could not see in the window a spot to check for a log file of what was found. Now I go to the link again and it wont start at all? Dont know what Im doing wrong?
 
Joined
Sep 8, 2005
Messages
9,113
Okay, try this one

Please perform a scan with Kaspersky Webscan Online Virus Scanner
1. Click the "Kaspersky Online Scanner" button (NOT "Kaspersky File Scanner").
2. Read the Requirements and Privacy statement, then select "Accept".
3. A new window will appear promting you to install an ActiveX component from Kaspersky - "Do you want to install this software?".
4. Click "Yes or select "Install" to download the ActiveX controls that allows ActiveScan to run.
5. When the download is complete it will say ready, click "Next".
6. Click "Scan Settings" and check the option to use the Extended Database if available otherwise Standard).
7. Click "Scan Options" and select both "Scan Archives" and "Scan Mail Bases".
8. Click "OK".
9. Under "Select a target to scan", click on "My Computer".
10. When the scan is complete choose to save the results as "Save as Text" named kaspersky.txt to your desktop and post them in your next reply.

Kaspersky does not remove anything but will provide a log of anything it finds. On August 8th, 2006 Kaspersky updated the software used for Free Online Virus Scanner. In order to continue using the online scanner you will need to uninstall the old version (if previously used) from your Add/Remove Programs list and then install the latest version. To do this, follow the steps here and reboot afterwards if your system does not reboot automatically or it will show 'Kaspersky Online Scanner license key was not found!
 

papason

Thread Starter
Joined
Jun 5, 2007
Messages
19
When I try to post the KASPERSKY report it tells me it is to long 41273 characters and to shorten it to 30000. How do I do this ?
 

papason

Thread Starter
Joined
Jun 5, 2007
Messages
19
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, July 16, 2007 4:03:39 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 16/07/2007
Kaspersky Anti-Virus database records: 363085
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 81630
Number of viruses found: 18
Number of infected objects: 64
Number of suspicious objects: 0
Duration of the scan process: 01:05:07

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Documents\cleaners_setup.exe/file03/MeMediaSetup.exe Infected: not-a-virus:AdTool.Win32.WhenU.k skipped
C:\Documents and Settings\All Users\Documents\cleaners_setup.exe/file03 Infected: not-a-virus:AdTool.Win32.WhenU.k skipped
C:\Documents and Settings\All Users\Documents\cleaners_setup.exe Inno: infected - 2 skipped
C:\Documents and Settings\All Users\Documents\galaxygsetup.exe/file03/MeMediaSetup.exe Infected: not-a-virus:AdTool.Win32.WhenU.k skipped
C:\Documents and Settings\All Users\Documents\galaxygsetup.exe/file03 Infected: not-a-virus:AdTool.Win32.WhenU.k skipped
C:\Documents and Settings\All Users\Documents\galaxygsetup.exe Inno: infected - 2 skipped
C:\Documents and Settings\All Users\Documents\luckyfishsetup.exe/file03/MeMediaSetup.exe Infected: not-a-virus:AdTool.Win32.WhenU.k skipped
C:\Documents and Settings\All Users\Documents\luckyfishsetup.exe/file03 Infected: not-a-virus:AdTool.Win32.WhenU.k skipped
C:\Documents and Settings\All Users\Documents\luckyfishsetup.exe Inno: infected - 2 skipped
C:\Documents and Settings\All Users\Documents\NetPumper-1.50-setup-0180.exe/data0079 Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\All Users\Documents\NetPumper-1.50-setup-0180.exe Inno: infected - 1 skipped
C:\Documents and Settings\KRISTY\Application Data\Earthlink\6.0\[email protected]\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\KRISTY\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped
C:\Documents and Settings\KRISTY\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log Object is locked skipped
C:\Documents and Settings\KRISTY\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAgnt.log Object is locked skipped
C:\Documents and Settings\KRISTY\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\glog.log Object is locked skipped
C:\Documents and Settings\KRISTY\Application Data\install_en[1].exe Infected: not-a-virus:Downloader.Win32.WinFixer.z skipped
C:\Documents and Settings\KRISTY\Application Data\SPAMfighter\Logs\Agent.log.txt Object is locked skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{08080D51-75DE-4967-AC88-2CBDACC52BEC}/data0012 Infected: not-a-virus:AdWare.Win32.180Solutions.ba skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{08080D51-75DE-4967-AC88-2CBDACC52BEC} NSIS: infected - 1 skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{5D3ADAF1-76D3-4699-893B-F7E1DD993328}/file01 Infected: Trojan-Downloader.Win32.Agent.alr skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{5D3ADAF1-76D3-4699-893B-F7E1DD993328} Inno: infected - 1 skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{6F33574B-A69F-4D58-89B4-0E190F80D5D6}/file01 Infected: Trojan-Downloader.Win32.Agent.alr skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{6F33574B-A69F-4D58-89B4-0E190F80D5D6} Inno: infected - 1 skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{B7DF15EC-1E93-4C19-ACD5-40DFF79DCF14}/data0012 Infected: not-a-virus:AdWare.Win32.180Solutions.ba skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{B7DF15EC-1E93-4C19-ACD5-40DFF79DCF14} NSIS: infected - 1 skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{F751FCBC-F210-4BCD-BD91-8BB34295647D} Infected: not-a-virus:Downloader.Win32.WinFixer.m skipped
C:\Documents and Settings\KRISTY\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 06-08-2007 - 03-06-08\{F7B9F140-0373-47C9-BF70-7E52826D5C2F} Infected: not-a-virus:Downloader.Win32.WinFixer.m skipped
C:\Documents and Settings\KRISTY\Application Data\Verizon\VSP\client_gateway.log Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\dbc2e.ht1 Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\dbdam Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\dbdao Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\dbeam Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\dbeao Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\dbm Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\dbu2d.ht1 Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\dbvm.cf1 Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\dbvmh.ht1 Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\fii.cf1 Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\fiih.ht1 Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\rpm.cf1 Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Google\Google Desktop Search\rpmh.ht1 Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\History\History.IE5\MSHist012007071620070717\index.dat Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Temp\~DFBFD2.tmp Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\KRISTY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\KRISTY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\KRISTY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Downloads\HeavyweightThunderSetup-dm[1].exe Infected: not-a-virus:AdWare.Win32.Trymedia.b skipped
C:\Program Files\FreeGamesWay.com\Lucky Fisherman\MeMediaSetupInst.exe/MeMediaSetup.exe Infected: not-a-virus:AdTool.Win32.WhenU.k skipped
C:\Program Files\FreeGamesWay.com\Lucky Fisherman\MeMediaSetupInst.exe CAB: infected - 1 skipped
C:\Program Files\MSN Messenger\msimg32.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Program Files\MSN Messenger\riched20.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\NetPumper\ZM\minime.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Program Files\Verizon\SmartBridge\AlertFilter.log Object is locked skipped
C:\Program Files\Verizon\SmartBridge\log\httpclient.log Object is locked skipped
C:\Program Files\Verizon\SmartBridge\SmartBridge.log Object is locked skipped
C:\QooBox\Quarantine\C\Program Files\Common Files\Companion Wizard\WapCHK.dll.vir Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP244\A0059620.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP245\A0060732.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0061811.exe Object is locked skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0061813.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0061817.exe Infected: not-a-virus:Downloader.Win32.WinFixer.o skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0061819.dll Infected: not-a-virus:AdTool.Win32.WhenU.i skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0061820.exe Infected: not-a-virus:AdTool.Win32.WhenU.i skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0061823.exe/data0012 Infected: not-a-virus:AdWare.Win32.180Solutions.ba skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0061823.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0061825.dll Infected: not-a-virus:AdWare.Win32.HotBar.bz skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0061826.dll Infected: not-a-virus:AdWare.Win32.HotBar.ca skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP249\A0062963.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP250\A0064859.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.NaviPromo.ao skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP250\A0064859.exe/stream Infected: not-a-virus:AdWare.Win32.NaviPromo.ao skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP250\A0064859.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP250\A0065863.exe Infected: not-a-virus:Downloader.Win32.WinFixer.t skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP251\A0065864.dll Infected: not-a-virus:AdWare.Win32.HotBar.ca skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP252\A0067591.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP268\A0069905.exe Infected: not-a-virus:Downloader.Win32.WinFixer.z skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP268\A0069906.exe Infected: not-a-virus:Downloader.Win32.WinFixer.z skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP268\A0070941.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP268\A0070971.exe Infected: not-a-virus:Downloader.Win32.WinFixer.z skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP270\A0072003.exe Infected: not-a-virus:Downloader.Win32.WinFixer.z skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP277\A0074034.exe Infected: not-a-virus:Downloader.Win32.WinFixer.m skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP278\A0076229.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP282\A0080673.exe/MeMediaSetup.exe Infected: not-a-virus:AdTool.Win32.WhenU.k skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP282\A0080673.exe CAB: infected - 1 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP284\A0081848.exe Infected: not-a-virus:AdWare.Win32.NaviPromo.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP284\A0081877.exe/MeMediaSetup.exe Infected: not-a-virus:AdTool.Win32.WhenU.k skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP284\A0081877.exe CAB: infected - 1 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP288\A0082078.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP288\A0082079.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP288\A0082080.exe Infected: Trojan.Win32.Inject.au skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP288\A0082081.exe Infected: Trojan.Win32.Inject.au skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP289\A0083205.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP289\A0083212.exe Infected: not-a-virus:Downloader.Win32.WinFixer.z skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP292\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.
 
Joined
Sep 8, 2005
Messages
9,113
Please DELETE the following file(s) IF STILL PRESENT. You can use Windows Explorer to navigate or use Windows Search feature to locate them.

Files:

C:\Documents and Settings\All Users\Documents\cleaners_setup.exe <-- this file
C:\Documents and Settings\All Users\Documents\galaxygsetup.exe <-- this file
C:\Documents and Settings\All Users\Documents\luckyfishsetup.exe <-- this file
C:\Documents and Settings\All Users\Documents\NetPumper-1.50-setup-0180.exe <-- this file
C:\Documents and Settings\KRISTY\Application Data\install_en[1].exe <-- this file
C:\Program Files\FreeGamesWay.com\Lucky Fisherman\MeMediaSetupInst.exe <-- this file


How is everything running???
 

papason

Thread Starter
Joined
Jun 5, 2007
Messages
19
Everything seems to be running fine again. Thank you so much for your expert help and time. I have one last question for you befor I go and that is, do you think I need to keep any other spyware program on my computer other than the Yahoo online protection program thats on there now?
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top