1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

My laptop is possible infected

Discussion in 'Malware and Virus Removal Archive' started by meloncito, 2008/03/08.

  1. 2008/03/08
    meloncito

    meloncito Inactive Thread Starter

    Joined:
    2008/02/07
    Messages:
    25
    Likes Received:
    0
    Hello, I think my laptop has a virus over there. I would like you to help me if is something wrong in my notebook. My DVD player is not working good. It plays movies very slow. I hope you could help me. I send you information from my computer to see if you found something wrong. Thank you.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 06:31:09 p.m., on 08/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Archivos de programa\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Archivos de programa\Synaptics\SynTP\SynTPLpr.exe
    C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe
    C:\Archivos de programa\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Archivos de programa\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\Archivos de programa\TOSHIBA\ConfigFree\NDSTray.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\toshiba\ivp\ism\pinger.exe
    C:\Archivos de programa\Toshiba\Windows Utilities\Hotkey.exe
    C:\WINDOWS\system32\hphmon05.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    C:\Archivos de programa\QuickTime\qttask.exe
    C:\Archivos de programa\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Archivos de programa\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
    C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\WINDOWS\system32\svchost.exe
    c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
    C:\Archivos de programa\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Archivos de programa\Internet Explorer\iexplore.exe
    C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashSimpl.exe
    C:\Documents and Settings\Gabriela Curiel\Escritorio\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.t1msn.com.mx/0SEESMX/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.t1msn.com.mx/0SEESMX/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t1msn.com.mx/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.t1msn.com.mx/0SEESMX/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar1.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [ATIPTA] "C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe "
    O4 - HKLM\..\Run: [SynTPLpr] C:\Archivos de programa\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Archivos de programa\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Archivos de programa\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "c:\Archivos de programa\Toshiba\Windows Utilities\Hotkey.exe" /lang ES
    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
    O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Archivos de programa\iTunes\iTunesHelper.exe "
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Archivos de programa\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Mobipocket Web Companion] C:\ARCHIV~1\COMMON~1\MOBIPO~1\webcomp.exe -m
    O4 - HKCU\..\Run: [swg] C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Iniciador rápido de Microsoft Office OneNote 2003.lnk = C:\Archivos de programa\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Archivos de programa\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibalatino.com
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Servicio de configuración de Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Archivos de programa\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Archivos de programa\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

    --
    End of file - 9809 bytes


    Deckard's System Scanner v20071014.68
    Run by Gabriela Curiel on 2008-03-08 18:34:55
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    21: 2008-03-09 00:35:03 UTC - RP154 - Deckard's System Scanner Restore Point
    20: 2008-03-04 22:24:34 UTC - RP153 - Punto de control del sistema
    19: 2008-02-21 23:57:18 UTC - RP152 - Punto de control del sistema
    18: 2008-02-20 22:12:13 UTC - RP151 - Punto de control del sistema
    17: 2008-02-19 02:36:21 UTC - RP150 - Punto de control del sistema


    -- First Restore Point --
    1: 2007-12-13 00:26:41 UTC - RP134 - Software Distribution Service 3.0


    Backed up registry hives.
    Performed disk cleanup.

    Total Physical Memory: 447 MiB (512 MiB recommended).


    -- HijackThis (run as Gabriela Curiel.exe) -------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 06:36:08 p.m., on 08/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Archivos de programa\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Archivos de programa\Synaptics\SynTP\SynTPLpr.exe
    C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe
    C:\Archivos de programa\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Archivos de programa\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\Archivos de programa\TOSHIBA\ConfigFree\NDSTray.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\toshiba\ivp\ism\pinger.exe
    C:\Archivos de programa\Toshiba\Windows Utilities\Hotkey.exe
    C:\WINDOWS\system32\hphmon05.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    C:\Archivos de programa\QuickTime\qttask.exe
    C:\Archivos de programa\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Archivos de programa\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
    C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\WINDOWS\system32\svchost.exe
    c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
    C:\Archivos de programa\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Documents and Settings\Gabriela Curiel\Escritorio\dss.exe
    C:\DOCUME~1\GABRIE~1\ESCRIT~1\Gabriela Curiel.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.t1msn.com.mx/0SEESMX/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.t1msn.com.mx/0SEESMX/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t1msn.com.mx/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.t1msn.com.mx/0SEESMX/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar1.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [ATIPTA] "C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe "
    O4 - HKLM\..\Run: [SynTPLpr] C:\Archivos de programa\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Archivos de programa\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Archivos de programa\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "c:\Archivos de programa\Toshiba\Windows Utilities\Hotkey.exe" /lang ES
    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
    O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Archivos de programa\iTunes\iTunesHelper.exe "
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Archivos de programa\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Mobipocket Web Companion] C:\ARCHIV~1\COMMON~1\MOBIPO~1\webcomp.exe -m
    O4 - HKCU\..\Run: [swg] C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Iniciador rápido de Microsoft Office OneNote 2003.lnk = C:\Archivos de programa\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Archivos de programa\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibalatino.com
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Servicio de configuración de Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Archivos de programa\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Archivos de programa\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

    --
    End of file - 9648 bytes

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>
    R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
    R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.2.0.3) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3>
    R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
    R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
    R2 TBiosDrv - c:\windows\system32\drivers\tbiosdrv.sys
    R3 qkbfiltr (Quanta HotKey Keyboard Filter Driver) - c:\windows\system32\drivers\qkbfiltr.sys <Not Verified; Quanta Computer, Inc.; Quanta HotKey Keyboard Filter Driver>
    R3 qmofiltr (Quanta HotKey Mouse Filter Driver) - c:\windows\system32\drivers\qmofiltr.sys <Not Verified; Quanta Computer, Inc.; Quanta Mouse Filter Device Driver>

    S2 s92084.sys - c:\windows\system32\s92084.sys (file missing)
    S3 PalmUSBD - c:\windows\system32\drivers\palmusbd.sys (file missing)


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 ACS (Servicio de configuración de Atheros) - c:\windows\system32\acs.exe
    R2 CFSvcs (ConfigFree Service) - c:\archivos de programa\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)>
    R2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
    R2 Swupdtmr - c:\toshiba\ivp\swupdate\swupdtmr.exe


    -- Device Manager: Disabled ----------------------------------------------------

    No disabled devices found.


    -- Scheduled Tasks -------------------------------------------------------------

    2008-03-08 14:41:01 270 --a------ C:\WINDOWS\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job
    2008-03-07 19:12:00 376 --a------ C:\WINDOWS\Tasks\HP Usg Daily.job
    2008-02-18 20:13:03 298 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2007-07-01 10:13:06 354 --a------ C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#7200#CN39D3B0Q9I5.job


    -- Files created between 2008-02-08 and 2008-03-08 -----------------------------

    Nothing created in this timespan.


    -- Find3M Report ---------------------------------------------------------------

    2008-01-09 20:56:20 0 d-------- C:\Archivos de programa\Windows Media Connect 2
    2007-12-30 21:41:20 4096 --a------ C:\WINDOWS\d3dx.dat


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA "= "C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe" [28/06/2005 10:05 p.m.]
    "SynTPLpr "= "C:\Archivos de programa\Synaptics\SynTP\SynTPLpr.exe" [08/10/2004 03:44 p.m.]
    "SynTPEnh "= "C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe" [08/10/2004 03:43 p.m.]
    "PadTouch "= "C:\Archivos de programa\TOSHIBA\Touch and Launch\PadExe.exe" [17/11/2004 11:56 a.m.]
    "SmoothView "= "C:\Archivos de programa\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [12/05/2005 12:16 p.m.]
    "NDSTray.exe "= "NDSTray.exe" []
    "dla "= "C:\WINDOWS\system32\dla\tfswctrl.exe" [31/05/2005 06:33 a.m.]
    "Pinger "= "c:\toshiba\ivp\ism\pinger.exe" [17/03/2005 06:37 p.m.]
    "Toshiba Hotkey Utility "= "c:\Archivos de programa\Toshiba\Windows Utilities\Hotkey.exe" [26/08/2005 07:14 p.m.]
    "HPHmon05 "= "C:\WINDOWS\system32\hphmon05.exe" [22/05/2003 08:56 p.m.]
    "avast! "= "C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 07:00 a.m.]
    "HPDJ Taskbar Utility "= "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [07/05/2003 01:56 p.m.]
    "PRISMSVR.EXE "= "C:\WINDOWS\system32\PRISMSVR.exe" []
    "QuickTime Task "= "C:\Archivos de programa\QuickTime\qttask.exe" [25/10/2006 06:58 p.m.]
    "iTunesHelper "= "C:\Archivos de programa\iTunes\iTunesHelper.exe" [30/10/2006 09:36 a.m.]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE "= "C:\WINDOWS\system32\ctfmon.exe" [20/08/2004 06:00 a.m.]
    "TOSCDSPD "= "C:\Archivos de programa\TOSHIBA\TOSCDSPD\toscdspd.exe" [12/04/2005 11:20 a.m.]
    "MsnMsgr "= "C:\Archivos de programa\MSN Messenger\MsnMsgr.exe" [19/01/2007 11:55 a.m.]
    "Mobipocket Web Companion "= "C:\ARCHIV~1\COMMON~1\MOBIPO~1\webcomp.exe" []
    "swg "= "C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/07/2007 04:01 p.m.]

    C:\Documents and Settings\Gabriela Curiel\Men£ Inicio\Programas\Inicio\
    Iniciador r*pido de Microsoft Office OneNote 2003.lnk - C:\Archivos de programa\Microsoft Office\OFFICE11\ONENOTEM.EXE [17/03/2005 01:06:14 p.m.]

    C:\Documents and Settings\All Users\Men£ Inicio\Programas\Inicio\
    RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [31/08/2005 05:06:41 p.m.]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
    "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe "

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    "C:\Archivos de programa\Hewlett-Packard\HP Software Update\HPWuSchd.exe "

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
    C:\Archivos de programa\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe




    -- End of Deckard's System Scanner: finished at 2008-03-08 18:36:54 ------------
     
    Last edited: 2008/03/08
    meloncito,
    #1
  2. 2008/03/08
    Geri Lifetime Subscription

    Geri Inactive Alumni

    Joined:
    2003/03/02
    Messages:
    4,580
    Likes Received:
    7
    Hi meloncito

    I'm not seeing anything in the logs.

    What make you think you're infected? Other then your DVD player What problems are you having?

    Lets run a on-line scan.

    Please do an online scan with Kaspersky WebScanner

    Click on “Accept” If your pop –up blocker blocks the ActiveX download, allow it, click on “Accept” again

    You will be promted to install an ActiveX component from Kaspersky, Click Yes or Install.
    • The program will launch and then begin downloading the latest definition files:
    • Once the files have been downloaded click on NEXT
    • Now click on Scan Settings
    • In the scan settings make that the following are selected:
      • Scan using the following Anti-Virus database:
      • Extended (if available otherwise Standard)
      • Scan Options:
      • Scan Archives
        Scan Mail Bases
    • Click OK
    • Now under select a target to scan:
      • Select My Computer
    • This will start the program and scan your system.
    • The scan will take a while so be patient and let it run.
    • Once the scan is complete it will display if your system has been infected.
      • Now click on the Save as Text button:
    • Save the file to your desktop.
    • Copy and paste that information in your next post.

    Please post the Kaspersky results. and answer my questions.

    Thanks
    Geri
     
    Geri,
    #2


  3. to hide this advert.

  4. 2008/03/09
    meloncito

    meloncito Inactive Thread Starter

    Joined:
    2008/02/07
    Messages:
    25
    Likes Received:
    0
    Hello and thank you

    Well, I thought I had a virus because avast detected it but I think avast erased it.
    Besides, when I play a DVD in any DVD player of my computer, the movie runs very slow, like if you play any video in an old computer machine, do you understand me? Also the movie has some stops.

    The strange thing is that I used to play DVD correctly. I don't know if the problem could be a virus or something related with the memory, but again... what could be if I usted to play movies correctly??

    What do you think?

    Here is the kaspersky scan, thank you very much for your help... have a nice day

    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Sunday, March 09, 2008 9:28:45 PM
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 10/03/2008
    Kaspersky Anti-Virus database records: 620850
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    C:\
    D:\

    Scan Statistics:
    Total number of scanned objects: 70773
    Number of viruses found: 2
    Number of infected objects: 5
    Number of suspicious objects: 0
    Duration of the scan process: 01:10:31

    Infected Object Name / Virus Name / Last Action
    C:\Archivos de programa\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
    C:\Archivos de programa\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
    C:\Archivos de programa\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
    C:\Archivos de programa\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
    C:\Archivos de programa\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
    C:\Archivos de programa\Alwil Software\Avast4\DATA\report\Protección residente.txt Object is locked skipped
    C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Archivos temporales de Internet\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Archivos temporales de Internet\Content.IE5\J36PENUJ\0000000001_000000000000000544197[2].swf Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Feeds Cache\index.dat Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Messenger\gaby.cu@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Messenger\gaby.cu@hotmail.com\SharingMetadata\pending.dat Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Messenger\gaby.cu@hotmail.com\SharingMetadata\Working\database_1674_EFC8_74EF_A8A7\dfsr.db Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Messenger\gaby.cu@hotmail.com\SharingMetadata\Working\database_1674_EFC8_74EF_A8A7\fsr.log Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Messenger\gaby.cu@hotmail.com\SharingMetadata\Working\database_1674_EFC8_74EF_A8A7\fsrtmp.log Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Messenger\gaby.cu@hotmail.com\SharingMetadata\Working\database_1674_EFC8_74EF_A8A7\tmp.edb Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\gaby.cu@hotmail.com\real\members.stg Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\gaby.cu@hotmail.com\shadow\members.stg Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Historial\History.IE5\MSHist012008030920080310\index.dat Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Temp\~DF8F6.tmp Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Temp\~DF90D.tmp Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Temp\~DFFE85.tmp Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Configuración local\Temp\~DFFE95.tmp Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1f4eade5-304189b9.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
    C:\Documents and Settings\Gabriela Curiel\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1f4eade5-304189b9.zip ZIP: infected - 1 skipped
    C:\Documents and Settings\Gabriela Curiel\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-367f7d2e-49862cf4.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
    C:\Documents and Settings\Gabriela Curiel\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-367f7d2e-49862cf4.zip ZIP: infected - 1 skipped
    C:\Documents and Settings\Gabriela Curiel\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Gabriela Curiel\NTUSER.DAT.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG Object is locked skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{92F853C0-4234-40B6-8E81-1BF835B2071C}\RP157\change.log Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\spload.dll Infected: Trojan-Downloader.Win32.Small.frw skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
    C:\WINDOWS\system32\drivers\sptd2189.sys Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\Temp\Perflib_Perfdata_5f8.dat Object is locked skipped
    C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.
     
    meloncito,
    #3
  5. 2008/03/09
    Geri Lifetime Subscription

    Geri Inactive Alumni

    Joined:
    2003/03/02
    Messages:
    4,580
    Likes Received:
    7
    Hi meloncito

    Please do the following.

    Using Windows Explorer (to get there right-click your Start button and go to "Explore "), please delete these files (if present):

    C:\WINDOWS\spload.dll


    Your Jaca cache is infected and out of date,

    You need to update your Java. Using Add/Remove Programs in the Control Panel, remove all Java and/or JRE installations. Reboot when done.

    Then, go to Sun and download then install the Java Runtime Environment (JRE) 6 Update 4.

    Please reboot your computer then run Kaspersky again and post the new log.

    Thanks
    Geri
     
    Geri,
    #4

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...