Page 1 of 3 123 LastLast
Results 1 to 10 of 30

Thread: Please help with nasty virtumonde infection

  1. #1
    Junior Member
    Join Date
    Aug 2007
    Posts
    27

    Default Please help with nasty virtumonde infection

    Recently Spybot search and destroy detected the virtumonde trojan in my computer. The "1shoppingcart" cookie was removed but the infection remained. I ran Spybot S&D in safe mode but nothing was detected. I also ran combofix and vundoremove but no luck. I read Sticky's "what to do before posting. This is my first time posting threads in a forum. I will give you the most recent HJT log. Thank you in advance.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 10:37:58 AM, on 8/25/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Intel\ASF Agent\ASFAgent.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\Dell\OpenManage\Client\Iap.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
    C:\Program Files\Microsoft Windows OneCare Live\winss.exe
    C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Print Server\PTP\PSDiagnostic.exe
    C:\Program Files\GIL Virtual HDD\VHKTRAY.exe
    C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe
    C:\Program Files\U.S. Robotics\U.S. Robotics USB Phone\U.S.RoboticsUSBPhone.exe
    C:\Documents and Settings\Bill and Shirley\Desktop\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper\CCHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: TSWLObj Class - {8A7B6C4E-282C-4000-8336-27859E0A38FF} - C:\Program Files\GIL Virtual HDD\tsweblock.dll
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [PrintServer Diagnostic] C:\Program Files\Print Server\PTP\PSDiagnostic.exe
    O4 - HKLM\..\Run: [VHKTRAY] C:\Program Files\GIL Virtual HDD\VHKTRAY.exe
    O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 10.5.0.1091 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 10.5.0.1091 (User 'Default user')
    O4 - Startup: U.S. Robotics USB Phone.lnk = C:\Program Files\U.S. Robotics\U.S. Robotics USB Phone\U.S.RoboticsUSBPhone.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
    O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
    O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/insta...SSWebAgent.CAB
    O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb Control) - http://192.168.1.11/img/NetCamPlayerWeb.ocx
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE

    --
    End of file - 7920 bytes

  2. #2
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
    "BEFORE you POST" (READ this Procedure before Requesting Assistance)
    http://forums.spybot.info/showthread.php?t=288
    All advice given is taken at your own risk.
    Please make sure you have read this information so we are on the same page.

    I am not seeing evidence of Vundo infection in this HJT log, but the HJT version is out of date? If you still need help, please do this.

    1) Review the instructions again, if you missed the HJT version, you may have missed other important instructions.

    2) Remove from your computer the tools you said you used, I may use them again, but will want the newest versions downloaded from the links I provide.

    3) Take the time to describe the symptoms you are receiving, just recause Spybot S&D finds a cookie or an item it can't remove may mean your version of the tool is out of date and have nothing to do with malware. If you receive any error messages, post them "word for word" I need to know what programs is finding what and exactly what it is finding.

    4) C:\Documents and Settings\Bill and Shirley\Desktop\HiJackThis_v2.exe
    Delete that version of HJT completely from your computer.

    5) Download this self-installer version of HJT from here:
    http://www.trendsecure.com/portal/en...HJTInstall.exe
    Follow the prompts, the program will install where it is supposed to.

    6) Post a new HJT log, also post any information I requested above.

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  3. #3
    Junior Member
    Join Date
    Aug 2007
    Posts
    27

    Default My computer is infected

    Thank you for your quick response.
    i apoplgize this is my first time in a forum.
    I had to upload the properversion of HJT from another computer as whatever is in this computer would not let me download it.

    Here is my problem. It started when I would get popups online. This was a couple of weeks ago. Spybot S&D said it found virtumonde on the computer. I noticed my computer was slow ad the popups continued but now they were telling me to use skype to order whatever things i was looking at on the internet. Then my skype changed it no longer recognizes my skype name. Every time I try to download any anti-spyware program my computer disconnects from the internet. I ran the updated Spybot S & D in safe mode and nothing was found.
    I am not a computer expert and i appriciate your help.

    Here is the new HJT log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:51:05 PM, on 8/25/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Intel\ASF Agent\ASFAgent.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\Dell\OpenManage\Client\Iap.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
    C:\Program Files\Microsoft Windows OneCare Live\winss.exe
    C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Print Server\PTP\PSDiagnostic.exe
    C:\Program Files\GIL Virtual HDD\VHKTRAY.exe
    C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe
    C:\Program Files\U.S. Robotics\U.S. Robotics USB Phone\U.S.RoboticsUSBPhone.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper\CCHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: TSWLObj Class - {8A7B6C4E-282C-4000-8336-27859E0A38FF} - C:\Program Files\GIL Virtual HDD\tsweblock.dll
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [PrintServer Diagnostic] C:\Program Files\Print Server\PTP\PSDiagnostic.exe
    O4 - HKLM\..\Run: [VHKTRAY] C:\Program Files\GIL Virtual HDD\VHKTRAY.exe
    O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 10.5.0.1091 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 10.5.0.1091 (User 'Default user')
    O4 - Startup: U.S. Robotics USB Phone.lnk = C:\Program Files\U.S. Robotics\U.S. Robotics USB Phone\U.S.RoboticsUSBPhone.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
    O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
    O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/insta...SSWebAgent.CAB
    O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb Control) - http://192.168.1.11/img/NetCamPlayerWeb.ocx
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE

    --
    End of file - 7735 bytes

  4. #4
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    There is still nothing showing in the HJT log that looks like malware. Issues with Skype you will have to take up with their technical support.
    The inability to download could have something to do with your wireless equipment which I know absolutely nothing about. Do you have any issues downloading updates for the Microsoft Windows OneCare Live program you are running.
    You mention this all happened a couple of weeks ago, when was the last time you had any problems and exactly what were they. Spybot S&D will not remove a vundo infection but the other tools you said you ran may have. I would like to have a look at a comboxfix log, please make sure you have deleted the old combofix program and follow these instructions.

    Thanks to sUBs and anyone else who helped with this fix.

    Download ComboFix from Here or Here to your Desktop.
    • Double click combofix.exe and follow the prompts.
    • When finished, it shall produce a log for you. Post that log in your next reply

    Note: Do not mouseclick combofix's window while its running. That may cause it to stall

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  5. #5
    Junior Member
    Join Date
    Aug 2007
    Posts
    27

    Default

    I had to upload combofix from another computer. When I attempt to run the program the autoscan screen comes up and the program appears to start. A prompt then comes that tells me that my clock setting has been changed by combofix and not to change it as combo fix will restore it later and then the program stops.

    I neglected to mention that my computer had "win32.small.bkf on it several months ago. Spybot S & D removed it and i have not had any problems since.
    One other thing that I orgot to mention with the problem I am having now whateven infected my computer removed all of my system restore points.
    This morning I ran an online scan with Kapersky. Would it be helpful to post the log?
    Thanks again for your help.

  6. #6
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Not sure if I can help if you can not run the tools I use, you said you ran combofix before?
    Post the Kaspersky scan results. I will also mention it does me little good to know what occured in the past, I am interested in what you are finding on the computer with any of the tools you are using now. Can you tell me if you have an updated version of Spybot S&D that is fully immunized? What does it report when you run it?

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  7. #7
    Junior Member
    Join Date
    Aug 2007
    Posts
    27

    Default

    Sorry for the delay.
    I have used combofix and vundofix before. I was able to download the components for the kapersky scan and here is the log.
    I know that there is something in my computer because of its extreemly slow performance and whenever I go to a security related website I get disconnected from the website. Whateven this thing is it lets me go to other websites. It says that the log is too long so I will put it in another post.

  8. #8
    Junior Member
    Join Date
    Aug 2007
    Posts
    27

    Default

    The scan report is too long. It appears i will have to send it in three posts. Here is the first part.

    KASPERSKY ONLINE SCANNER REPORT
    Saturday, August 25, 2007 10:26:18 AM
    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.93.0
    Kaspersky Anti-Virus database last update: 24/08/2007
    Kaspersky Anti-Virus database records: 388954



    Scan Settings
    Scan using the following antivirus database extended
    Scan Archives true
    Scan Mail Bases true

    Scan Target My Computer
    A:\
    C:\
    D:\
    E:\
    F:\

    Scan Statistics
    Total number of scanned objects 68136
    Number of viruses found 0
    Number of infected objects 0
    Number of suspicious objects 0
    Duration of the scan process 03:23:59

    Infected Object Name Virus Name Last Action
    C:\a223630\laprxy.dll Object is locked skipped

    C:\a223630\lcladvd.xml Object is locked skipped

    C:\a223630\lcldocs.xml Object is locked skipped

    C:\a223630\license.chm Object is locked skipped

    C:\a223630\licmgr10.dll Object is locked skipped

    C:\a223630\licwmi.dll Object is locked skipped

    C:\a223630\licwmi.mof Object is locked skipped

    C:\a223630\lmrt.dll Object is locked skipped

    C:\a223630\locale.nls Object is locked skipped

    C:\a223630\localspl.dll Object is locked skipped

    C:\a223630\localui.dll Object is locked skipped

    C:\a223630\log.dll Object is locked skipped

    C:\a223630\logagent.exe Object is locked skipped

    C:\a223630\logon.scr Object is locked skipped

    C:\a223630\logonmgr.dll Object is locked skipped

    C:\a223630\logonui.exe Object is locked skipped

    C:\a223630\lsasrv.dll Object is locked skipped

    C:\a223630\lsass.exe Object is locked skipped

    C:\a223630\ltmdmnt.sys Object is locked skipped

    C:\a223630\ltmdmntt.sys Object is locked skipped

    C:\a223630\ltotape.sys Object is locked skipped

    C:\a223630\lwadihid.sys Object is locked skipped

    C:\a223630\mail.mar Object is locked skipped

    C:\a223630\manifest.xml Object is locked skipped

    C:\a223630\market.mar Object is locked skipped

    C:\a223630\mdmetech.inf Object is locked skipped

    C:\a223630\mdmlt3.inf Object is locked skipped

    C:\a223630\mdmrpci.inf Object is locked skipped

    C:\a223630\mdmsuprv.inf Object is locked skipped

    C:\a223630\memstpci.sys Object is locked skipped

    C:\a223630\migapp.inf Object is locked skipped

    C:\a223630\migism.dll Object is locked skipped

    C:\a223630\migism.inf Object is locked skipped

    C:\a223630\migism_a.dll Object is locked skipped

    C:\a223630\migload.exe Object is locked skipped

    C:\a223630\migrate.js Object is locked skipped

    C:\a223630\migrate.obe Object is locked skipped

    C:\a223630\migsys.inf Object is locked skipped

    C:\a223630\migwiz.exe Object is locked skipped

    C:\a223630\migwiz.inf Object is locked skipped

    C:\a223630\migwiz_a.exe Object is locked skipped

    C:\a223630\mindex.dll Object is locked skipped

    C:\a223630\mmcndmgr.dll Object is locked skipped

    C:\a223630\mnmdd.dll Object is locked skipped

    C:\a223630\mobsync.dll Object is locked skipped

    C:\a223630\mofcomp.exe Object is locked skipped

    C:\a223630\mofd.dll Object is locked skipped

    C:\a223630\moricons.dll Object is locked skipped

    C:\a223630\mouclass.sys Object is locked skipped

    C:\a223630\moviemk.exe Object is locked skipped

    C:\a223630\mpg2splt.ax Object is locked skipped

    C:\a223630\mpg4dmod.dll Object is locked skipped

    C:\a223630\mpg4ds32.ax Object is locked skipped

    C:\a223630\mplay32.exe Object is locked skipped

    C:\a223630\mplayer2.exe Object is locked skipped

    C:\a223630\mrxsmb.sys Object is locked skipped

    C:\a223630\msadce.dll Object is locked skipped

    C:\a223630\msadcf.dll Object is locked skipped

    C:\a223630\msadco.dll Object is locked skipped

    C:\a223630\msadcs.dll Object is locked skipped

    C:\a223630\msadds.dll Object is locked skipped

    C:\a223630\msadds32.ax Object is locked skipped

    C:\a223630\msado15.dll Object is locked skipped

    C:\a223630\msado20.tlb Object is locked skipped

    C:\a223630\msado21.tlb Object is locked skipped

    C:\a223630\msado25.tlb Object is locked skipped

    C:\a223630\msado26.tlb Object is locked skipped

    C:\a223630\msadomd.dll Object is locked skipped

    C:\a223630\msador15.dll Object is locked skipped

    C:\a223630\msadox.dll Object is locked skipped

    C:\a223630\msadp32.acm Object is locked skipped

    C:\a223630\msadrh15.dll Object is locked skipped

    C:\a223630\msaud32.acm Object is locked skipped

    C:\a223630\mscandui.dll Object is locked skipped

    C:\a223630\mscms.dll Object is locked skipped

    C:\a223630\msconf.dll Object is locked skipped

    C:\a223630\msconfig.exe Object is locked skipped

    C:\a223630\mscpx32r.dll Object is locked skipped

    C:\a223630\msctf.dll Object is locked skipped

    C:\a223630\msctfp.dll Object is locked skipped

    C:\a223630\msdadc.dll Object is locked skipped

    C:\a223630\msdaenum.dll Object is locked skipped

    C:\a223630\msdaer.dll Object is locked skipped

    C:\a223630\msdaipp.dll Object is locked skipped

    C:\a223630\msdaora.dll Object is locked skipped

    C:\a223630\msdaosp.dll Object is locked skipped

    C:\a223630\msdaprst.dll Object is locked skipped

    C:\a223630\msdaps.dll Object is locked skipped

    C:\a223630\msdarem.dll Object is locked skipped

    C:\a223630\msdart.dll Object is locked skipped

    C:\a223630\msdasc.dll Object is locked skipped

    C:\a223630\msdasql.dll Object is locked skipped

    C:\a223630\msdatl3.dll Object is locked skipped

    C:\a223630\msdatsrc.tlb Object is locked skipped

    C:\a223630\msdatt.dll Object is locked skipped

    C:\a223630\msdaurl.dll Object is locked skipped

    C:\a223630\msdbx.dll Object is locked skipped

    C:\a223630\msdfmap.dll Object is locked skipped

    C:\a223630\msdtcprx.dll Object is locked skipped

    C:\a223630\msdxm.ocx Object is locked skipped

    C:\a223630\msdxmlc.dll Object is locked skipped

    C:\a223630\msexch40.dll Object is locked skipped

    C:\a223630\msexcl40.dll Object is locked skipped

    C:\a223630\msgina.dll Object is locked skipped

    C:\a223630\msgrocm.dll Object is locked skipped

    C:\a223630\msgsc.dll Object is locked skipped

    C:\a223630\msgslang.dll Object is locked skipped

    C:\a223630\msh261.drv Object is locked skipped

    C:\a223630\msh263.drv Object is locked skipped

    C:\a223630\mshtml.dll Object is locked skipped

    C:\a223630\mshtml.tlb Object is locked skipped

    C:\a223630\mshtmled.dll Object is locked skipped

    C:\a223630\mshtmler.dll Object is locked skipped

    C:\a223630\msi.dll Object is locked skipped

    C:\a223630\msieftp.dll Object is locked skipped

    C:\a223630\msiexec.exe Object is locked skipped

    C:\a223630\msihnd.dll Object is locked skipped

    C:\a223630\msimain.sdb Object is locked skipped

    C:\a223630\msimg32.dll Object is locked skipped

    C:\a223630\msimn.exe Object is locked skipped

    C:\a223630\msimtf.dll Object is locked skipped

    C:\a223630\msisam11.dll Object is locked skipped

    C:\a223630\msjet40.dll Object is locked skipped

    C:\a223630\msjetol1.dll Object is locked skipped

    C:\a223630\msjro.dll Object is locked skipped

    C:\a223630\msjtes40.dll Object is locked skipped

    C:\a223630\mskssrv.sys Object is locked skipped

    C:\a223630\mslbui.dll Object is locked skipped

    C:\a223630\msltus40.dll Object is locked skipped

    C:\a223630\msmom.dll Object is locked skipped

    C:\a223630\msmsgs.cat Object is locked skipped

    C:\a223630\msmsgs.exe Object is locked skipped

    C:\a223630\msmsgs.inf Object is locked skipped

    C:\a223630\msmsgsin.exe Object is locked skipped

    C:\a223630\msn.inf Object is locked skipped

    C:\a223630\msn100.mar Object is locked skipped

    C:\a223630\msn14.mar Object is locked skipped

    C:\a223630\msn150.mar Object is locked skipped

    C:\a223630\msn163.mar Object is locked skipped

    C:\a223630\msn188.mar Object is locked skipped

    C:\a223630\msn220.mar Object is locked skipped

    C:\a223630\msn222.mar Object is locked skipped

    C:\a223630\msn238.mar Object is locked skipped

    C:\a223630\msn36.mar Object is locked skipped

    C:\a223630\msn6.exe Object is locked skipped

    C:\a223630\msnetobj.dll Object is locked skipped

    C:\a223630\msnmetal.dll Object is locked skipped

    C:\a223630\msnmigr.dll Object is locked skipped

    C:\a223630\msnmsn.inf Object is locked skipped

    C:\a223630\msnmtllc.dll Object is locked skipped

    C:\a223630\msnntmig.dll Object is locked skipped

    C:\a223630\msnspell.dll Object is locked skipped

    C:\a223630\msnsspc.dll Object is locked skipped

    C:\a223630\msnunin.exe Object is locked skipped

    C:\a223630\msobcomm.dll Object is locked skipped

    C:\a223630\msobmain.dll Object is locked skipped

    C:\a223630\msobshel.htm Object is locked skipped

    C:\a223630\msoe.dll Object is locked skipped

    C:\a223630\msoeacct.dll Object is locked skipped

    C:\a223630\msoert2.dll Object is locked skipped

    C:\a223630\msorcl32.dll Object is locked skipped

    C:\a223630\mspaint.exe Object is locked skipped

    C:\a223630\mspbde40.dll Object is locked skipped

    C:\a223630\mspmsp.dll Object is locked skipped

    C:\a223630\msrating.dll Object is locked skipped

    C:\a223630\msrd2x40.dll Object is locked skipped

    C:\a223630\msrdp.cab Object is locked skipped

    C:\a223630\msrdp.ocx Object is locked skipped

    C:\a223630\msrepl40.dll Object is locked skipped

    C:\a223630\msrle32.dll Object is locked skipped

    C:\a223630\msscds32.ax Object is locked skipped

    C:\a223630\msscp.dll Object is locked skipped

    C:\a223630\msscript.ocx Object is locked skipped

    C:\a223630\mst120.dll Object is locked skipped

    C:\a223630\mst123.dll Object is locked skipped

    C:\a223630\mstask.dll Object is locked skipped

    C:\a223630\mstee.sys Object is locked skipped

    C:\a223630\mstext40.dll Object is locked skipped

    C:\a223630\mstime.dll Object is locked skipped

    C:\a223630\mstinit.exe Object is locked skipped

    C:\a223630\mstsc.exe Object is locked skipped

    C:\a223630\mstscax.dll Object is locked skipped

    C:\a223630\mstsweb.cat Object is locked skipped

    C:\a223630\msuni11.dll Object is locked skipped

    C:\a223630\msutb.dll Object is locked skipped

    C:\a223630\msv1_0.dll Object is locked skipped

    C:\a223630\msvcp60.dll Object is locked skipped

    C:\a223630\msvcrt.dll Object is locked skipped

    C:\a223630\msvfw32.dll Object is locked skipped

    C:\a223630\msvidctl.dll Object is locked skipped

    C:\a223630\mswebdvd.dll Object is locked skipped

    C:\a223630\msxactps.dll Object is locked skipped

    C:\a223630\msxbde40.dll Object is locked skipped

    C:\a223630\msxml2.dll Object is locked skipped

    C:\a223630\msxml3.dll Object is locked skipped

    C:\a223630\muisetup.exe Object is locked skipped

    C:\a223630\mup.sys Object is locked skipped

    C:\a223630\mutohpen.sys Object is locked skipped

    C:\a223630\nac.dll Object is locked skipped

    C:\a223630\ncobjapi.dll Object is locked skipped

    C:\a223630\ncprov.dll Object is locked skipped

    C:\a223630\nddenb32.dll Object is locked skipped

    C:\a223630\ndis.sys Object is locked skipped

    C:\a223630\ndisnpp.dll Object is locked skipped

    C:\a223630\ndisuio.sys Object is locked skipped

    C:\a223630\ndiswan.sys Object is locked skipped

    C:\a223630\net.exe Object is locked skipped

    C:\a223630\net1.exe Object is locked skipped

    C:\a223630\netapi32.dll Object is locked skipped

    C:\a223630\netbios.sys Object is locked skipped

    C:\a223630\netbt.sys Object is locked skipped

    C:\a223630\netcfgx.dll Object is locked skipped

    C:\a223630\netdde.exe Object is locked skipped

    C:\a223630\netklsi.inf Object is locked skipped

    C:\a223630\netlogon.dll Object is locked skipped

    C:\a223630\netman.dll Object is locked skipped

    C:\a223630\netnm.inf Object is locked skipped

    C:\a223630\netoc.dll Object is locked skipped

    C:\a223630\netplwiz.dll Object is locked skipped

    C:\a223630\netrtsnt.inf Object is locked skipped

    C:\a223630\netsetup.exe Object is locked skipped

    C:\a223630\netshell.dll Object is locked skipped

    C:\a223630\netwlan.inf Object is locked skipped

    C:\a223630\netwlan2.inf Object is locked skipped

    C:\a223630\netwlan5.img Object is locked skipped

    C:\a223630\netwlan5.sys Object is locked skipped

    C:\a223630\netwv48.inf Object is locked skipped

    C:\a223630\new\apph_sp.sdb Object is locked skipped

    C:\a223630\new\apps_sp.chm Object is locked skipped

    C:\a223630\new\ati2dvaa.dll Object is locked skipped

    C:\a223630\new\ati2dvag.dll Object is locked skipped

    C:\a223630\new\ati2mtaa.sys Object is locked skipped

    C:\a223630\new\ati2mtag.sys Object is locked skipped

    C:\a223630\new\ati3d1ag.dll Object is locked skipped

    C:\a223630\new\ati3d2ag.dll Object is locked skipped

    C:\a223630\new\atiixpaa.inf Object is locked skipped

    C:\a223630\new\atiixpag.inf Object is locked skipped

    C:\a223630\new\atinbtxx.sys Object is locked skipped

    C:\a223630\new\atinmdxx.sys Object is locked skipped

    C:\a223630\new\atinpdxx.sys Object is locked skipped

    C:\a223630\new\atinraxx.sys Object is locked skipped

    C:\a223630\new\atinrvxx.sys Object is locked skipped

    C:\a223630\new\atinsnxx.sys Object is locked skipped

    C:\a223630\new\atinttxx.sys Object is locked skipped

    C:\a223630\new\atintuxx.sys Object is locked skipped

    C:\a223630\new\atinxbxx.sys Object is locked skipped

    C:\a223630\new\atinxsxx.sys Object is locked skipped

    C:\a223630\new\ativdaxx.ax Object is locked skipped

    C:\a223630\new\ativmvxx.ax Object is locked skipped

    C:\a223630\new\atixpwdm.inf Object is locked skipped

    C:\a223630\new\c_28603.nls Object is locked skipped

    C:\a223630\new\dsprpres.dll Object is locked skipped

    C:\a223630\new\encapi.dll Object is locked skipped

    C:\a223630\new\encdec.dll Object is locked skipped

    C:\a223630\new\faxpatch.exe Object is locked skipped

    C:\a223630\new\hccoin.dll Object is locked skipped

    C:\a223630\new\hidir.sys Object is locked skipped

    C:\a223630\new\hscupd.exe Object is locked skipped

    C:\a223630\new\irbus.inf Object is locked skipped

    C:\a223630\new\medctrro.exe Object is locked skipped

    C:\a223630\new\msctfime.ime Object is locked skipped

    C:\a223630\new\msftedit.dll Object is locked skipped

    C:\a223630\new\mssap.dll Object is locked skipped

    C:\a223630\new\mutohpen.sys Object is locked skipped

    C:\a223630\new\netbeac.inf Object is locked skipped

    C:\a223630\new\nettun.inf Object is locked skipped

    C:\a223630\new\nv4_disp.inf Object is locked skipped

    C:\a223630\new\nvct.inf Object is locked skipped

    C:\a223630\new\nvdm.inf Object is locked skipped

    C:\a223630\new\nvts.inf Object is locked skipped

    C:\a223630\new\oeaccess.inf Object is locked skipped

    C:\a223630\new\osloader.ntd Object is locked skipped

    C:\a223630\new\ramdisk.inf Object is locked skipped

    C:\a223630\new\sbe.dll Object is locked skipped

    C:\a223630\new\sbeio.dll Object is locked skipped

    C:\a223630\new\smtpsvc.dll Object is locked skipped

    C:\a223630\new\snchk.exe Object is locked skipped

    C:\a223630\new\sp1.cab Object is locked skipped

    C:\a223630\new\spgrmr.dll Object is locked skipped

    C:\a223630\new\usbehci.sys Object is locked skipped

    C:\a223630\new\wacompen.sys Object is locked skipped

    C:\a223630\new\winbrand.dll Object is locked skipped

    C:\a223630\new\winhttp.dll Object is locked skipped

    C:\a223630\new\wmaccess.inf Object is locked skipped

    C:\a223630\new\wmpocm.inf Object is locked skipped

    C:\a223630\new\wmvcore2.dll Object is locked skipped

    C:\a223630\new\wuau.adm Object is locked skipped

    C:\a223630\new\xpsp1res.dll Object is locked skipped

    C:\a223630\newdev.dll Object is locked skipped

    C:\a223630\neweula.htm Object is locked skipped

    C:\a223630\nic1394.sys Object is locked skipped

  9. #9
    Junior Member
    Join Date
    Aug 2007
    Posts
    27

    Default

    here is the second part of the scan.

    C:\a223630\nlhtml.dll Object is locked skipped

    C:\a223630\nmas.dll Object is locked skipped

    C:\a223630\nmasnt.dll Object is locked skipped

    C:\a223630\nmchat.dll Object is locked skipped

    C:\a223630\nmcom.dll Object is locked skipped

    C:\a223630\nmft.dll Object is locked skipped

    C:\a223630\nmmkcert.dll Object is locked skipped

    C:\a223630\nmnt.sys Object is locked skipped

    C:\a223630\nmoldwb.dll Object is locked skipped

    C:\a223630\nmwb.dll Object is locked skipped

    C:\a223630\npdrmv2.dll Object is locked skipped

    C:\a223630\npdsplay.dll Object is locked skipped

    C:\a223630\nppagent.exe Object is locked skipped

    C:\a223630\npptools.dll Object is locked skipped

    C:\a223630\npwmsdrm.dll Object is locked skipped

    C:\a223630\nt5.cat Object is locked skipped

    C:\a223630\ntdetect.com Object is locked skipped

    C:\a223630\ntdll.dll Object is locked skipped

    C:\a223630\ntfs.sys Object is locked skipped

    C:\a223630\ntio.sys Object is locked skipped

    C:\a223630\ntkrnlmp.exe Object is locked skipped

    C:\a223630\ntkrnlpa.exe Object is locked skipped

    C:\a223630\ntkrpamp.exe Object is locked skipped

    C:\a223630\ntlanman.dll Object is locked skipped

    C:\a223630\ntldr Object is locked skipped

    C:\a223630\ntmarta.dll Object is locked skipped

    C:\a223630\ntmsapi.dll Object is locked skipped

    C:\a223630\ntmsdba.dll Object is locked skipped

    C:\a223630\ntmssvc.dll Object is locked skipped

    C:\a223630\ntoskrnl.exe Object is locked skipped

    C:\a223630\ntprint.cat Object is locked skipped

    C:\a223630\ntprint.dll Object is locked skipped

    C:\a223630\ntshrui.dll Object is locked skipped

    C:\a223630\ntvdm.exe Object is locked skipped

    C:\a223630\nv4_disp.dll Object is locked skipped

    C:\a223630\nv4_mini.sys Object is locked skipped

    C:\a223630\nwprovau.dll Object is locked skipped

    C:\a223630\oakley.dll Object is locked skipped

    C:\a223630\obeip.dun Object is locked skipped

    C:\a223630\ocgen.dll Object is locked skipped

    C:\a223630\ocmsn.dll Object is locked skipped

    C:\a223630\odbc32.dll Object is locked skipped

    C:\a223630\odbc32gt.dll Object is locked skipped

    C:\a223630\odbcad32.exe Object is locked skipped

    C:\a223630\odbcbcp.dll Object is locked skipped

    C:\a223630\odbcconf.dll Object is locked skipped

    C:\a223630\odbcconf.exe Object is locked skipped

    C:\a223630\odbcconf.rsp Object is locked skipped

    C:\a223630\odbccp32.dll Object is locked skipped

    C:\a223630\odbccr32.dll Object is locked skipped

    C:\a223630\odbccu32.dll Object is locked skipped

    C:\a223630\odbcp32r.dll Object is locked skipped

    C:\a223630\odbctrac.dll Object is locked skipped

    C:\a223630\offfilt.dll Object is locked skipped

    C:\a223630\ohci1394.sys Object is locked skipped

    C:\a223630\ole32.dll Object is locked skipped

    C:\a223630\oleaut32.dll Object is locked skipped

    C:\a223630\oledb32.dll Object is locked skipped

    C:\a223630\oleprn.dll Object is locked skipped

    C:\a223630\oobebaln.exe Object is locked skipped

    C:\a223630\opengl32.dll Object is locked skipped

    C:\a223630\oschoice.exe Object is locked skipped

    C:\a223630\osk.exe Object is locked skipped

    C:\a223630\osloader.exe Object is locked skipped

    C:\a223630\p3.sys Object is locked skipped

    C:\a223630\packager.exe Object is locked skipped

    C:\a223630\page1.asp Object is locked skipped

    C:\a223630\parport.sys Object is locked skipped

    C:\a223630\pautoenr.dll Object is locked skipped

    C:\a223630\pchshell.dll Object is locked skipped

    C:\a223630\pchsvc.dll Object is locked skipped

    C:\a223630\pci.sys Object is locked skipped

    C:\a223630\pciidex.sys Object is locked skipped

    C:\a223630\pcmcia.sys Object is locked skipped

    C:\a223630\pcx500.sys Object is locked skipped

    C:\a223630\pdh.dll Object is locked skipped

    C:\a223630\perm2.sys Object is locked skipped

    C:\a223630\perm2dll.dll Object is locked skipped

    C:\a223630\perm3.sys Object is locked skipped

    C:\a223630\perm3dd.dll Object is locked skipped

    C:\a223630\phone.icw Object is locked skipped

    C:\a223630\phone.inf Object is locked skipped

    C:\a223630\phone.obe Object is locked skipped

    C:\a223630\pid.dll Object is locked skipped

    C:\a223630\ping.exe Object is locked skipped

    C:\a223630\pngfilt.dll Object is locked skipped

    C:\a223630\popc.dll Object is locked skipped

    C:\a223630\portcls.sys Object is locked skipped

    C:\a223630\ppa3.sys Object is locked skipped

    C:\a223630\printui.dll Object is locked skipped

    C:\a223630\privacy.hta Object is locked skipped

    C:\a223630\processr.sys Object is locked skipped

    C:\a223630\proctexe.ocx Object is locked skipped

    C:\a223630\ps5ui.dll Object is locked skipped

    C:\a223630\psapi.dll Object is locked skipped

    C:\a223630\psbase.dll Object is locked skipped

    C:\a223630\psched.sys Object is locked skipped

    C:\a223630\pscript5.dll Object is locked skipped

    C:\a223630\ptpusd.dll Object is locked skipped

    C:\a223630\qcap.dll Object is locked skipped

    C:\a223630\qdvd.dll Object is locked skipped

    C:\a223630\qedit.dll Object is locked skipped

    C:\a223630\qmgr.dll Object is locked skipped

    C:\a223630\qmgrprxy.dll Object is locked skipped

    C:\a223630\quartz.dll Object is locked skipped

    C:\a223630\query.dll Object is locked skipped

    C:\a223630\ramdisk.sys Object is locked skipped

    C:\a223630\rasapi32.dll Object is locked skipped

    C:\a223630\raschap.dll Object is locked skipped

    C:\a223630\rasdlg.dll Object is locked skipped

    C:\a223630\rasl2tp.sys Object is locked skipped

    C:\a223630\rasman.dll Object is locked skipped

    C:\a223630\rasmans.dll Object is locked skipped

    C:\a223630\rasppp.dll Object is locked skipped

    C:\a223630\raspptp.sys Object is locked skipped

    C:\a223630\rassapi.dll Object is locked skipped

    C:\a223630\rastapi.dll Object is locked skipped

    C:\a223630\rastls.dll Object is locked skipped

    C:\a223630\rcimlby.exe Object is locked skipped

    C:\a223630\rdbss.sys Object is locked skipped

    C:\a223630\rdchost.dll Object is locked skipped

    C:\a223630\rdpclip.exe Object is locked skipped

    C:\a223630\rdpdd.dll Object is locked skipped

    C:\a223630\rdpdr.sys Object is locked skipped

    C:\a223630\rdpsnd.dll Object is locked skipped

    C:\a223630\rdpwd.sys Object is locked skipped

    C:\a223630\rdpwsx.dll Object is locked skipped

    C:\a223630\rdsaddin.exe Object is locked skipped

    C:\a223630\redbook.sys Object is locked skipped

    C:\a223630\redir.exe Object is locked skipped

    C:\a223630\reg.exe Object is locked skipped

    C:\a223630\regapi.dll Object is locked skipped

    C:\a223630\regedit.exe Object is locked skipped

    C:\a223630\remotepg.dll Object is locked skipped

    C:\a223630\repdrvfs.dll Object is locked skipped

    C:\a223630\riched20.dll Object is locked skipped

    C:\a223630\rpcrt4.dll Object is locked skipped

    C:\a223630\rpcss.dll Object is locked skipped

    C:\a223630\rrcm.dll Object is locked skipped

    C:\a223630\rsaenh.dll Object is locked skipped

    C:\a223630\rshx32.dll Object is locked skipped

    C:\a223630\rstrui.exe Object is locked skipped

    C:\a223630\rtcdll.dll Object is locked skipped

    C:\a223630\rtcshare.exe Object is locked skipped

    C:\a223630\runonce.exe Object is locked skipped

    C:\a223630\samlib.dll Object is locked skipped

    C:\a223630\sapi.cpl Object is locked skipped

    C:\a223630\sapi.dll Object is locked skipped

    C:\a223630\savedump.exe Object is locked skipped

    C:\a223630\sbp2port.sys Object is locked skipped

    C:\a223630\sccbase.dll Object is locked skipped

    C:\a223630\sccsccp.dll Object is locked skipped

    C:\a223630\scecli.dll Object is locked skipped

    C:\a223630\scesrv.dll Object is locked skipped

    C:\a223630\schannel.dll Object is locked skipped

    C:\a223630\schedsvc.dll Object is locked skipped

    C:\a223630\script.dll Object is locked skipped

    C:\a223630\script_a.dll Object is locked skipped

    C:\a223630\scrnsave.scr Object is locked skipped

    C:\a223630\scsiport.sys Object is locked skipped

    C:\a223630\sdbinst.exe Object is locked skipped

    C:\a223630\secur32.dll Object is locked skipped

    C:\a223630\sens.dll Object is locked skipped

    C:\a223630\sensapi.dll Object is locked skipped

    C:\a223630\serial.sys Object is locked skipped

    C:\a223630\sessmgr.exe Object is locked skipped

  10. #10
    Junior Member
    Join Date
    Aug 2007
    Posts
    27

    Default

    Here is the third part of the scan. It tells me this is too long so i will also send a fourth and final part of the scan.

    C:\a223630\setup.exe Object is locked skipped

    C:\a223630\setup50.exe Object is locked skipped

    C:\a223630\setupapi.dll Object is locked skipped

    C:\a223630\setupqry.dll Object is locked skipped

    C:\a223630\setupqry.inf Object is locked skipped

    C:\a223630\setup_wm.exe Object is locked skipped

    C:\a223630\sfcfiles.dll Object is locked skipped

    C:\a223630\sfc_os.dll Object is locked skipped

    C:\a223630\sfloppy.sys Object is locked skipped

    C:\a223630\shdocvw.dll Object is locked skipped

    C:\a223630\shell32.dll Object is locked skipped

    C:\a223630\shfolder.dll Object is locked skipped

    C:\a223630\shgina.dll Object is locked skipped

    C:\a223630\shimeng.dll Object is locked skipped

    C:\a223630\shimgvw.dll Object is locked skipped

    C:\a223630\shlwapi.dll Object is locked skipped

    C:\a223630\shmgrate.exe Object is locked skipped

    C:\a223630\shsvcs.dll Object is locked skipped

    C:\a223630\shtml.dll Object is locked skipped

    C:\a223630\shtml.exe Object is locked skipped

    C:\a223630\sigtab.dll Object is locked skipped

    C:\a223630\sigverif.exe Object is locked skipped

    C:\a223630\simpdata.tlb Object is locked skipped

    C:\a223630\skeys.exe Object is locked skipped

    C:\a223630\sla30nd5.sys Object is locked skipped

    C:\a223630\slayerxp.dll Object is locked skipped

    C:\a223630\sl_anet.acm Object is locked skipped

    C:\a223630\smbali.sys Object is locked skipped

    C:\a223630\smbbatt.sys Object is locked skipped

    C:\a223630\smbclass.sys Object is locked skipped

    C:\a223630\smi2smir.exe Object is locked skipped

    C:\a223630\smlogcfg.dll Object is locked skipped

    C:\a223630\smlogsvc.exe Object is locked skipped

    C:\a223630\smss.exe Object is locked skipped

    C:\a223630\snmp.exe Object is locked skipped

    C:\a223630\snmpapi.dll Object is locked skipped

    C:\a223630\snmpcl.dll Object is locked skipped

    C:\a223630\snmpincl.dll Object is locked skipped

    C:\a223630\snmpsmir.dll Object is locked skipped

    C:\a223630\snmpthrd.dll Object is locked skipped

    C:\a223630\softkbd.dll Object is locked skipped

    C:\a223630\sonydcam.sys Object is locked skipped

    C:\a223630\spider.exe Object is locked skipped

    C:\a223630\splitter.sys Object is locked skipped

    C:\a223630\spoolss.dll Object is locked skipped

    C:\a223630\sptip.dll Object is locked skipped

    C:\a223630\sqloledb.dll Object is locked skipped

    C:\a223630\sqlsrv32.dll Object is locked skipped

    C:\a223630\sqlxmlx.dll Object is locked skipped

    C:\a223630\sr.sys Object is locked skipped

    C:\a223630\srchui.dll Object is locked skipped

    C:\a223630\srclient.dll Object is locked skipped

    C:\a223630\srrstr.dll Object is locked skipped

    C:\a223630\srsvc.dll Object is locked skipped

    C:\a223630\ss3dfo.scr Object is locked skipped

    C:\a223630\ssbezier.scr Object is locked skipped

    C:\a223630\ssdpapi.dll Object is locked skipped

    C:\a223630\ssdpsrv.dll Object is locked skipped

    C:\a223630\ssflwbox.scr Object is locked skipped

    C:\a223630\ssmarque.scr Object is locked skipped

    C:\a223630\ssmyst.scr Object is locked skipped

    C:\a223630\sspipes.scr Object is locked skipped

    C:\a223630\ssstars.scr Object is locked skipped

    C:\a223630\sstext3d.scr Object is locked skipped

    C:\a223630\stdprov.dll Object is locked skipped

    C:\a223630\sti.dll Object is locked skipped

    C:\a223630\sti_ci.dll Object is locked skipped

    C:\a223630\stobject.dll Object is locked skipped

    C:\a223630\storprop.dll Object is locked skipped

    C:\a223630\stream.sys Object is locked skipped

    C:\a223630\strmdll.dll Object is locked skipped

    C:\a223630\stub_fpsrvadm.exe Object is locked skipped

    C:\a223630\stub_fpsrvwin.exe Object is locked skipped

    C:\a223630\swflash.ocx Object is locked skipped

    C:\a223630\sxs.dll Object is locked skipped

    C:\a223630\sysaudio.sys Object is locked skipped

    C:\a223630\sysdm.cpl Object is locked skipped

    C:\a223630\sysmain.sdb Object is locked skipped

    C:\a223630\sysmod.dll Object is locked skipped

    C:\a223630\sysmod_a.dll Object is locked skipped

    C:\a223630\sysmon.ocx Object is locked skipped

    C:\a223630\syssetup.dll Object is locked skipped

    C:\a223630\tahoma.ttf Object is locked skipped

    C:\a223630\tahomabd.ttf Object is locked skipped

    C:\a223630\tape.sys Object is locked skipped

    C:\a223630\tapi32.dll Object is locked skipped

    C:\a223630\tapisrv.dll Object is locked skipped

    C:\a223630\taskmgr.exe Object is locked skipped

    C:\a223630\tcpip.sys Object is locked skipped

    C:\a223630\tcpip6.sys Object is locked skipped

    C:\a223630\tcptest.exe Object is locked skipped

    C:\a223630\tcptsat.dll Object is locked skipped

    C:\a223630\telnet.exe Object is locked skipped

    C:\a223630\termdd.sys Object is locked skipped

    C:\a223630\termsrv.dll Object is locked skipped

    C:\a223630\tffsport.sys Object is locked skipped

    C:\a223630\themeui.dll Object is locked skipped

    C:\a223630\times.ttf Object is locked skipped

    C:\a223630\tracert.exe Object is locked skipped

    C:\a223630\trebuc.ttf Object is locked skipped

    C:\a223630\triedit.dll Object is locked skipped

    C:\a223630\trkwks.dll Object is locked skipped

    C:\a223630\tscfgwmi.dll Object is locked skipped

    C:\a223630\tscfgwmi.mfl Object is locked skipped

    C:\a223630\tscfgwmi.mof Object is locked skipped

    C:\a223630\tscupgrd.exe Object is locked skipped

    C:\a223630\tshoot.chm Object is locked skipped

    C:\a223630\tsoc.dll Object is locked skipped

    C:\a223630\tsweb1.htm Object is locked skipped

    C:\a223630\tunmp.sys Object is locked skipped

    C:\a223630\udfs.sys Object is locked skipped

    C:\a223630\udhisapi.dll Object is locked skipped

    C:\a223630\ui.mar Object is locked skipped

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •