Page 5 of 5 FirstFirst ... 345
Results 41 to 45 of 45

Thread: HijackThis Log- Need Help

  1. 04-23-2007, 03:14 PM #41
    songbird122403's Avatar
    songbird122403
    songbird122403 is offline Junior Member
    Join Date
    Mar 2007
    Location
    Newark, NY
    Age
    41
    Posts
    21
    Here are my newests Logs:
    HJT:
    Logfile of HijackThis v1.99.1
    Scan saved at 1:43:02 PM, on 4/23/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.5\QOELoader.exe
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\HiJackThis\hjtscan.exe.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {380492cc-ad6a-4156-a4dd-8970d8208991} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {96148623-2122-C110-8213-26D4D698D8B3} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtim e.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.5\QOELoader.exe"
    O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe"
    O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\cbywuu.dll",setvm
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [IESet] IExplorer.dll .dbt
    O4 - HKLM\..\RunServices: [IESet] IExplorer.dll .dbt
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [IESet] IExplorer.dll .dbt
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O15 - Trusted Zone: www.myspace.com
    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/pote_x.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://activation.rr.com/install/download/tgctlcm.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-36.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1127823793934
    O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/v...fo/webscan.cab
    O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: cnvabl - cnvabl.dll (file missing)
    O20 - Winlogon Notify: instcat - instcat.dll (file missing)
    O20 - Winlogon Notify: rpcc - C:\WINDOWS\System32\rpcc.dll
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: lxcg_device - - C:\WINDOWS\System32\lxcgcoms.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    Kaspersky:
    KASPERSKY ONLINE SCANNER REPORT
    Monday, April 23, 2007 2:39:05 PM
    Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
    Kaspersky Online Scanner version: 5.0.83.0
    Kaspersky Anti-Virus database last update: 23/04/2007
    Kaspersky Anti-Virus database records: 283637


    Scan Settings
    Scan using the following antivirus database standard
    Scan Archives true
    Scan Mail Bases true

    Scan Target My Computer
    A:\
    C:\
    D:\
    E:\
    F:\

    Scan Statistics
    Total number of scanned objects 39720
    Number of viruses found 1
    Number of infected objects 5 / 0
    Number of suspicious objects 0
    Duration of the scan process 00:41:16

    Infected Object Name Virus Name Last Action
    C:\Documents and Settings\Administrator\Application Data\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped

    C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped

    C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped

    C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\History\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\676D8TUX\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\676D8TUX\popup[1].js Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\676D8TUX\ua[1].gif Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\85YVKDSR\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\85YVKDSR\UAHelp_Classic[1].css Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8L0V8BG3\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8L0V8BG3\HelpLA_lib[1].js Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\KN2POX85\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\KN2POX85\UAHelp_Metrics[1].css Object is locked skipped

    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\Administrator\NtUser.dat.LOG Object is locked skipped

    C:\Documents and Settings\Administrator\ntuser.ini Object is locked skipped

    C:\Documents and Settings\Administrator\SendTo\Compressed (zipped) Folder.ZFSendToTarget Object is locked skipped

    C:\Documents and Settings\Administrator\SendTo\Desktop (create shortcut).DeskLink Object is locked skipped

    C:\Documents and Settings\Administrator\SendTo\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\SendTo\Mail Recipient.MAPIMail Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\desktop.in i Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Magnifier. lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Narrator.l nk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Command Prompt.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Entertainment\desktop.in i Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Notepad.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Synchronize.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Tour Windows XP.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Windows Explorer.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini Object is locked skipped

    C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\amipro.sam Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\excel.xls Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\excel4.xls Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\lotus.wk4 Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\powerpnt.ppt Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\presenta.shw Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\quattro.wb2 Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\sndrec.wav Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\winword.doc Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\winword2.doc Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\wordpfct.wpd Object is locked skipped

    C:\Documents and Settings\Administrator\Templates\wordpfct.wpg Object is locked skipped

    C:\Documents and Settings\Home User\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\Home User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\Home User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\Home User\Local Settings\History\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\Home User\Local Settings\History\History.IE5\MSHist012007042320070 424\index.dat Object is locked skipped

    C:\Documents and Settings\Home User\Local Settings\Temporary Internet Files\Content.IE5\GAESLD1T\virusscanner[1] Object is locked skipped

    C:\Documents and Settings\Home User\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\Home User\Local Settings\Temporary Internet Files\Content.IE5\ZTYZJC77\MyInstaller[1].exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.bse skipped

    C:\Documents and Settings\Home User\Local Settings\Temporary Internet Files\Content.IE5\ZTYZJC77\MyInstaller[1].exe/stream Infected: Trojan-Downloader.Win32.Zlob.bse skipped

    C:\Documents and Settings\Home User\Local Settings\Temporary Internet Files\Content.IE5\ZTYZJC77\MyInstaller[1].exe NSIS: infected - 2 skipped

    C:\Documents and Settings\Home User\Local Settings\Temporary Internet Files\Content.IE5\ZTYZJC77\MyInstaller[1].exe UPX: infected - 2 skipped

    C:\Documents and Settings\Home User\Local Settings\Temporary Internet Files\Content.IE5\ZTYZJC77\MyInstaller[1].exe PE_Patch.UPX: infected - 2 skipped

    C:\Documents and Settings\Home User\Local Settings\Temporary Internet Files\Content.IE5\ZTYZJC77\virusscanner[1] Object is locked skipped

    C:\Documents and Settings\Home User\Local Settings\Temporary Internet Files\Content.IE5\ZTYZJC77\virusscanner[2] Object is locked skipped

    C:\Documents and Settings\Home User\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\Home User\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\BWKDLogs\BWTargetInf.log Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.dat Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.idx Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.dat Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.idx Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\D0000000.FCS Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\inuse.txt Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\L0000003.FCS Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\main.log Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.dat Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.idx Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.dat Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.idx Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.dat Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.idx Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.dat Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.idx Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.dat Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.idx Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.dat Object is locked skipped

    C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.idx Object is locked skipped

    C:\WINDOWS\Debug\oakley.log Object is locked skipped

    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

    C:\WINDOWS\SchedLgU.Txt Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\EventCache\{EC81CC 47-6ABB-4002-A19B-66428EF3D273}.bin Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped

    C:\WINDOWS\Sti_Trace.log Object is locked skipped

    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\default Object is locked skipped

    C:\WINDOWS\system32\config\default.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SAM Object is locked skipped

    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

    C:\WINDOWS\system32\config\software Object is locked skipped

    C:\WINDOWS\system32\config\software.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\system Object is locked skipped

    C:\WINDOWS\system32\config\system.LOG Object is locked skipped

    C:\WINDOWS\system32\config\systemprofile\Cookies\i ndex.dat Object is locked skipped

    C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped

    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\WINDOWS\system32\h323log.txt Object is locked skipped

    C:\WINDOWS\system32\rpcc.dll Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped

    C:\WINDOWS\wiadebug.log Object is locked skipped

    C:\WINDOWS\wiaservc.log Object is locked skipped

    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.
    AVG:
    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 1:41:28 PM 4/23/2007

    + Scan result:



    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Win Opts -> Proxy.Small : Cleaned with backup (quarantined).
    C:\Documents and Settings\Home User\Cookies\home user@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
    C:\Documents and Settings\Home User\Cookies\home user@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.


    ::Report end
    Thank you for your help
    Reply With Quote Reply With Quote
  2. 04-23-2007, 04:05 PM #42
    jholland1964's Avatar
    jholland1964
    jholland1964 is offline Administrator
    Join Date
    Aug 2006
    Location
    The Middle
    Age
    80
    Posts
    4,079
    You know songbird, I think I have done my last here...way, way, WAY back at the beginning of this thread I told you only one Anti-virus program and had you uninstall Avast.
    Now All these trojans etc., have been found by Kaspersky in NORTON Quarantine!
    This means, which I must confess I didn't see because these logs are so huge and so filled with malware. But what it really means is that you have been running THREE anti-virus programs or at least portions of each.
    This is now in the 5th page of steps and we are no farther than we were on the first. Many of the very same nasty items are showing in this log that were showing in the original.
    The AVG should be run in safe mode and certainly would have found more than it has been.
    I have no more answers. I am sorry.
    Reply With Quote Reply With Quote
  3. 04-23-2007, 05:38 PM #43
    songbird122403's Avatar
    songbird122403
    songbird122403 is offline Junior Member
    Join Date
    Mar 2007
    Location
    Newark, NY
    Age
    41
    Posts
    21
    I'm sorry but the last norton I had was norton 2005, and I've not had it for almost 1 year. I really appreciate your help and thanks. songbird
    Reply With Quote Reply With Quote
  4. 04-25-2007, 10:45 AM #44
    shahzadmasih
    shahzadmasih is offline Junior Member
    Join Date
    Apr 2007
    Posts
    1
    Hi, this post is very informative; however I would like some specific information. If someone can help me then please send me a private message. Best Regards,
    Reply With Quote Reply With Quote
  5. 04-25-2007, 11:04 AM #45
    jholland1964's Avatar
    jholland1964
    jholland1964 is offline Administrator
    Join Date
    Aug 2006
    Location
    The Middle
    Age
    80
    Posts
    4,079
    Post your question in a new thread that you begin.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules