We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
All kinds of virus problems
Comments
-
I have opened malware and clicked on more tools, run tools, then a box opens that says open at the top
but how do I delete c:\documents and settings\Hayley\Start Menu\Programs\Startup\
uqwoni.exe what should i be looking in? do i put the above in the box that says file name? do I look in Documents,computer documents?
I get to the run tools part then i'm stuck, i have tried put the link in the file name and nothing happens, i have logged in to that persons name??
have done the hostsxpert and ccleaner ( it has scanned do i need to do anything with it now)
]0 -
Follow the link -
open c: drive open \documents and settings\ folder, open Hayley folder \open Start Menu folder\open Programs folder \open Startup folder\ and uqwoni.exe should be in there:idea:0 -
thanks will try that now
combo log:
ComboFix 10-11-12.06 - Alison_2 13/11/2010 17:46:26.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.185 [GMT 0:00]
Running from: c:\documents and settings\Alison_2\My Documents\ComboFix.exe
Command switches used :: c:\documents and settings\Alison_2\My Documents\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((( Files Created from 2010-10-13 to 2010-11-13 )))))))))))))))))))))))))))))))
.
2010-11-13 17:23 . 2008-04-14 01:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-11-13 17:23 . 2001-08-17 22:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-11-13 17:23 . 2008-04-14 01:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-11-13 17:23 . 2001-08-17 22:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-11-13 17:23 . 2001-08-17 22:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-11-13 17:23 . 2001-08-17 22:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-11-13 17:23 . 2001-08-17 12:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-11-13 17:23 . 2004-08-03 22:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-11-13 17:23 . 2008-04-13 19:46 19200 ----a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-11-13 17:23 . 2004-08-03 22:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-11-13 17:23 . 2008-04-14 01:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2010-11-13 17:21 . 2001-08-17 13:28 397502 ----a-w- c:\windows\system32\dllcache\vpctcom.sys
2010-11-13 17:20 . 2001-08-17 22:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll
2010-11-13 17:19 . 2001-08-17 12:12 34375 ----a-w- c:\windows\system32\dllcache\tpro4.sys
2010-11-13 17:18 . 2001-08-17 13:50 103936 ----a-w- c:\windows\system32\dllcache\sx.sys
2010-11-13 17:17 . 2001-08-17 12:51 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys
2010-11-13 17:16 . 2001-08-17 12:12 94698 ----a-w- c:\windows\system32\dllcache\sk98xwin.sys
2010-11-13 17:15 . 2001-08-17 22:36 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2010-11-13 17:14 . 2004-08-04 04:00 79872 ----a-w- c:\windows\system32\dllcache\rwia330.dll
2010-11-13 17:13 . 2001-08-17 13:28 128286 ----a-w- c:\windows\system32\dllcache\ptserli.sys
2010-11-13 17:12 . 2001-08-17 12:11 29769 ----a-w- c:\windows\system32\dllcache\pcntn5m.sys
2010-11-13 17:11 . 2008-04-13 19:46 61696 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2010-11-13 17:10 . 2001-08-17 22:36 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2010-11-13 17:09 . 2008-04-13 19:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys
2010-11-13 17:08 . 2001-08-17 13:28 727786 ----a-w- c:\windows\system32\dllcache\ltck000c.sys
2010-11-13 17:07 . 2001-08-17 13:50 38784 ----a-w- c:\windows\system32\dllcache\io8.sys
2010-11-13 17:06 . 2004-08-04 04:00 10129408 ----a-w- c:\windows\system32\dllcache\hwxkor.dll
2010-11-13 17:05 . 2001-08-17 22:36 48128 ----a-w- c:\windows\system32\dllcache\hpgt33tk.dll
2010-11-13 17:04 . 2001-08-17 22:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll
2010-11-13 17:03 . 2001-08-17 13:53 7296 ----a-w- c:\windows\system32\dllcache\elmsmc.sys
2010-11-13 17:02 . 2001-08-17 22:36 159828 ----a-w- c:\windows\system32\dllcache\digihlc.dll
2010-11-13 17:01 . 2001-08-17 13:51 20736 ----a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2010-11-13 17:00 . 2008-04-13 19:46 38912 ----a-w- c:\windows\system32\dllcache\avc.sys
2010-11-13 16:59 . 2010-11-13 16:59
d
w- c:\documents and settings\Hayley\Application Data\GlarySoft
2010-11-13 16:50 . 2010-11-13 16:50
d
w- c:\program files\Glary Utilities
2010-11-13 16:07 . 2010-11-13 16:07
d
w- c:\documents and settings\Hayley\Application Data\Malwarebytes
2010-11-12 15:17 . 2010-11-12 15:17 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-11-12 11:36 . 2010-11-12 11:36
d
w- c:\documents and settings\Alison_2\Application Data\Avira
2010-11-12 09:55 . 2010-04-29 15:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-12 09:55 . 2010-11-12 09:55
d
w- c:\program files\Malwarebytes' Anti-Malware
2010-11-12 09:55 . 2010-04-29 15:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-12 09:49 . 2010-11-12 09:49
d
w- c:\program files\CCleaner
2010-11-12 09:41 . 2010-11-12 09:42
d
w- c:\documents and settings\Administrator
2010-11-11 17:37 . 2010-11-11 17:38
dc----w- c:\documents and settings\All Users\Application Data\{E961CE1B-C3EA-4882-9F67-F859B555D097}
2010-11-11 17:35 . 2010-11-11 17:35
d
w- c:\program files\Lavasoft
2010-11-11 17:35 . 2010-11-11 17:35
d
w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-11-11 14:09 . 2010-08-02 16:10 126856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-11-11 14:09 . 2010-08-02 16:10 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-11 14:09 . 2010-06-17 15:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-11-11 14:09 . 2010-06-17 15:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-11-11 14:08 . 2010-11-11 14:08
d
w- c:\program files\Avira
2010-11-11 14:08 . 2010-11-11 14:08
d
w- c:\documents and settings\All Users\Application Data\Avira
2010-11-10 16:19 . 2010-11-10 16:19
d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-11-10 15:52 . 2010-11-10 15:54
d
w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-10-24 15:41 . 2010-09-15 01:29 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-10-21 16:29 . 2010-10-21 16:29
d
w- c:\program files\Hitman Pro 3.5
2010-10-21 15:51 . 2010-11-13 15:17 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-10-21 15:50 . 2010-10-21 16:11
d
w- c:\documents and settings\All Users\Application Data\Hitman Pro
2010-10-21 13:04 . 2010-10-21 16:19
d
w- c:\program files\PC Tools Security
2010-10-21 13:04 . 2010-10-21 16:17
d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-10-21 12:59 . 2010-10-21 16:17
d
w- c:\documents and settings\All Users\Application Data\PC Tools
2010-10-16 07:54 . 2010-10-16 07:56
d
w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 20:51 . 2010-07-10 15:30 222080
w- c:\windows\system32\MpSigStub.exe
2010-09-18 11:23 . 2004-08-10 11:51 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-10 11:51 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-10 11:51 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-10 11:51 953856
w- c:\windows\system32\mfc40u.dll
2010-09-15 03:50 . 2010-04-26 07:19 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-10 05:58 . 2004-08-10 11:51 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58 . 2004-08-10 11:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58 . 2004-08-10 11:51 1469440
w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51 . 2004-08-10 11:50 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2004-08-10 11:51 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-10 11:51 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-10 11:51 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-10 11:51 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2009-07-08 14:31 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12 . 2004-08-10 11:50 617472
w- c:\windows\system32\comctl32.dll
2010-08-16 08:45 . 2004-08-10 11:51 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.
Sigcheck
[7] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[7] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[7] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\spoolsv.exe
[7] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[7] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
c:\windows\System32\spoolsv.exe ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-09-02 13351304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-12-13 58992]
"Norton Ghost 10.0"="c:\program files\Norton Ghost\Agent\GhostTray.exe" [2005-12-07 1537696]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-19 30192]
"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2006-08-14 462336]
"HostManager"="c:\program files\Common Files\AOL\1178817961\ee\AOLSoftware.exe" [2006-11-17 50736]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"lxdxmon.exe"="c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe" [2008-06-13 668328]
"lxdxamon"="c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe" [2008-06-13 16040]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2008-06-13 320168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-07-13 47904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"HitmanPro35"="c:\program files\Hitman Pro 3.5\HitmanPro35 (1).exe" [2010-11-10 6387008]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Alison_2\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2007-12-05 12:59 10792 ----a-w- c:\program files\Citrix\GoToAssist\480\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RealTray"=c:\program files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\WINDOWS\\system32\\lxdxcoms.exe"=
"c:\\Program Files\\Lexmark 3600-4600 Series\\lxdxmon.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdxpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdxjswx.exe"=
"c:\\Program Files\\Lexmark 3600-4600 Series\\Diagnostics\\LXDXdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP"= 10426:UDP:SingleClick ICC
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11/11/2010 14:09 135336]
R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;c:\windows\system32\drivers\hnm_wrls_pkt.sys [12/01/2006 21:27 13696]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 wsppkt;Wireless Security Protocol;c:\windows\system32\drivers\wsp_pkt.sys [12/01/2006 21:29 13568]
S2 gupdate1ca4c0dba28c3c0;Google Update Service (gupdate1ca4c0dba28c3c0);c:\program files\Google\Update\GoogleUpdate.exe [13/10/2009 14:01 133104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [28/10/2006 12:19 30192]
.
Contents of the 'Scheduled Tasks' folder
2010-11-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
2010-11-13 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-11-13 21:55]
2010-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 14:01]
2010-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 14:01]
2010-11-12 c:\windows\Tasks\User_Feed_Synchronization-{0396CA5A-DB15-4EC1-9729-3B3A77F3D5D1}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.ebay.co.uk/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s
IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-13 18:10
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERS\S-1-5-21-2226809926-1596684466-3194300632-1010\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(624)
c:\program files\Citrix\GoToAssist\480\G2AWinLogon.dll
- - - - - - - > 'explorer.exe'(3932)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\System32\DLA\DLASHX_W.DLL
c:\windows\system32\DLAAPI_W.DLL
c:\windows\System32\DLA\DLACResW.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
.
Other Running Processes
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\CTsvcCDA.exe
c:\windows\System32\GEARSec.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxdxcoms.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
c:\program files\Microsoft ActiveSync\WCESCOMM.EXE
c:\program files\Skype\Phone\Skype.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2010-11-13 18:19:37 - machine was rebooted
ComboFix-quarantined-files.txt 2010-11-13 18:19
ComboFix2.txt 2010-11-12 15:07
ComboFix3.txt 2010-02-13 19:38
ComboFix4.txt 2010-02-13 18:45
Pre-Run: 25,658,068,992 bytes free
Post-Run: 25,677,905,920 bytes free
- - End Of File - - 2AE7C96AE29D42D75C4A4D02780EAB9F0 -
have followed your instructions and all goes well until you open the last start up folder and there is nothing there, I tried with all the names and nothing in any of them?0
-
Something has already removed them
Did you run Glary Utilities 'System File Checker'?:idea:0 -
yes I have now done everything you asked bar those that appear to have gone
Thank you so much for your help
Do you think the computer is ok now?0 -
Impossible to say for sure. But it seems ok to me:idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 349.9K Banking & Borrowing
- 252.6K Reduce Debt & Boost Income
- 453K Spending & Discounts
- 242.8K Work, Benefits & Business
- 619.6K Mortgages, Homes & Bills
- 176.4K Life & Family
- 255.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards