 Cannot Run Anti-virus, No Internet Connection, Not Valid Win32 Apps...ugghh |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Forum Guidelines
Read this topic before posting a log. DO NOT post a ComboFix log unless requested to. Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
 Mar 31 2008, 07:16 PM
Post
#1
|
|
|
New Member  Group: Members Posts: 5 Joined: 7-January 08 Member No.: 181,892  |
This is my second time here at Bleeping Computer asking for help. I found my roommate was using p2p on my machine, so I decided to run a manual scan on the folder for the incoming files to ensure everything was fine. I was running AVG Free Edition, and when it found 2 infected files, my machine rebooted automatically before I could delete them. Now, my machine is running like crap, and I can't get an internet connection, or install any additional AV software. I tried running HIJackthis, but received "not a valid Win32 application". I searched around and found some instructions for WinPatrol, so I was able to obtain a log, and I have pasted it below. Thanks in advance for your help. When appropriate, I'd also like your thoughts on which Anti-Virus software I should use. Log created by WinPatrol version 14.0.2007.1:14.0.2007.1 Scan saved at 8:02:37 PM, on 3/31/2008 Platform: Windows XP SP2 Service Pack 2 (Build 2600) MSIE: Internet Explorer (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\PROGRAM FILES\WINDOWS STEADYSTATE\SCTSvc.exe C:\PROGRAM FILES\Lavasoft\AD-AWARE 2007\AAWSERVICE.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRAM FILES\COMMON FILES\Apple\MOBILE DEVICE SUPPORT\bin\APPLEMOBILEDEVICESERVICE.EXE C:\PROGRAM FILES\Symantec\LIVEUPDATE\ALUSCHEDULERSVC.EXE C:\WINDOWS\eHome\ehsched.exe C:\PROGRAM FILES\COMMON FILES\SONY SHARED\WMPlugIn\SONICSTAGEMONITORING.EXE C:\PROGRAM FILES\Sony\SONY TV TUNER LIBRARY\SMceMan.exe C:\PROGRAM FILES\CHECKPOINT\SECUREMOTE\bin\SR_SERVICE.EXE C:\PROGRAM FILES\CHECKPOINT\SECUREMOTE\bin\SR_WATCHDOG.EXE C:\PROGRAM FILES\Sony\VAIO MEDIA INTEGRATED SERVER\Photo\appsrv\PHOTOAPPSRV.EXE C:\PROGRAM FILES\Sony\VAIO MEDIA INTEGRATED SERVER\Video\GPVSvr.exe C:\PROGRAM FILES\VIEWPOINT\Common\VIEWPOINTSERVICE.EXE C:\PROGRAM FILES\Sony\VAIO MEDIA INTEGRATED SERVER\Platform\SV_Httpd.exe C:\PROGRAM FILES\Sony\VAIO MEDIA INTEGRATED SERVER\Platform\UPNPFRAMEWORK.EXE C:\PROGRAM FILES\Sony\SONY TV TUNER LIBRARY\RM_SV.exe C:\PROGRAM FILES\CHECKPOINT\SECUREMOTE\bin\SR_GUI.exe C:\WINDOWS\eHome\ehtray.exe C:\PROGRAM FILES\Sony\sHotKey\SHOTKEY.exe C:\WINDOWS\system32\ezSP_Px.exe C:\WINDOWS\eHome\ehmsas.exe C:\PROGRAM FILES\WINDOWS STEADYSTATE\Bubble.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRAM FILES\iTunes\ITUNESHELPER.EXE C:\WINDOWS\system32\wbem\unsecapp.exe C:\PROGRAM FILES\Java\JRE1.6.0_02\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRAM FILES\DYNDNS UPDATER\DynDNS.exe C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\wcescomm.exe C:\PROGRAM FILES\DNA\btdna.exe C:\Program Files\Microsoft ActiveSync\rapimgr.exe C:\PROGRAM FILES\2BRIGHTSPARKS\SyncBack\SyncBack.exe C:\PROGRAM FILES\iPod\bin\IPODSERVICE.EXE C:\WINDOWS\explorer.exe C:\DOCUMENTS AND SETTINGS\ETHAN FLOYD\APPLICATION DATA\U3\000018372771B30A\LAUNCHPAD.EXE C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O3 - Toolbar: - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - O4 - HKLM\..\Run: [ehTray]C:\WINDOWS\eHome\ehtray.exe O4 - HKLM\..\Run: [ATIModeChange]Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA]C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sHotKey]C:\Program Files\Sony\sHotKey\SHOTKEY.exe O4 - HKLM\..\Run: [ezShieldProtector for Px]C:\WINDOWS\system32\ezSP_Px.exe O4 - HKLM\..\Run: [VAIO Recovery]C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe O4 - HKLM\..\Run: [Bubble]%ProgramFiles%\Windows SteadyState\Bubble.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent]bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [iTunesHelper]C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task]C:\Program Files\QuickTime\qttask.exe -atboottime O4 - HKLM\..\Run: [AVG7_CC]C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [NapsterShell]C:\Program Files\Napster\napster.exe /systray O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe O4 - HKLM\..\Run: [WinPatrol]C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot O4 - HKCU\..\Run: [ctfmon.exe]C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DynDNS Updater]C:\Program Files\DynDNS Updater\DynDNS.exe O4 - HKCU\..\Run: [H/PC Connection Agent]C:\Program Files\Microsoft ActiveSync\wcescomm.exe O4 - HKCU\..\Run: [BitTorrent DNA]C:\Program Files\DNA\btdna.exe O4 - Global Startup: SyncBack.lnk=C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O11 - Options group: [Java (Sun)] Java (Sun) - C:\Program Files\Java\jre1.6.0_02\bin O14 - IERESET.INF: START_PAGE_URL = http://www.sony.com/vaiopeople O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL% O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL% O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL% O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL% O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL% O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/4.../OGAControl.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/9/b...heckControl.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} (http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo) - http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} (http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM) - http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1191898964126 O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Maid Control) - http://vsp.closetmaid.com/vsp/cmaidctl_vsp..._downloader.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_02) - http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} (http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim) - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.5.0_01) - http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) - http://java.sun.com/products/plugin/autodl...indows-i586.cab O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) - http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Ad-Aware 2007 Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\logishrd\SrvLnch\SrvLnch.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - - C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe O23 - Service: Sony SPTI Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Check Point SecuRemote Service - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe O23 - Service: Check Point SecuRemote WatchDog - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe O23 - Service: UPnPDevService - - C:\Program Files\Common Files\PnpManager\upnpmngr.exe O23 - Service: VAIO Media Music Server - - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName=VAIO Media Music Server O23 - Service: VAIO Media Music Server (HTTP) - - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot=Software\Sony Corporation\VAIO Media Platform\2.0 /RegExt=Applications\MusicServer\HTTP O23 - Service: VAIO Media Music Server (UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Photo Server - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe O23 - Service: VAIO Media Photo Server (HTTP) - - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot=SOFTWARE\Sony Corporation\VAIO Media Platform\2.0 /RegExt=\Applications\PhotoServer\HTTP O23 - Service: VAIO Media Photo Server (UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Video Server - - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName=VAIO Media Video Server O23 - Service: VAIO Media Video Server (HTTP) - - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot=SOFTWARE\Sony Corporation\VAIO Media Platform\2.0 /RegExt=\Applications\VideoServer\HTTP O23 - Service: VAIO Media Video Server (UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe --- Additional WinPatrol Info --- Default Browser: Windows® Internet Explorer - Internet Explorer version 7.00.6000.16574 MSIE: Internet Explorer (7.00.6000.16574) Firefox 2.0.0.13 installed in C:\Program Files\Mozilla Firefox. 873 IE Cookies in Folder: C:\Documents and Settings\Ethan Floyd\Cookies\ 144 Mozilla Cookies in Folder: C:\Documents and Settings\Ethan Floyd\Application Data\Mozilla\FireFox\Profiles\l9xdm0qh.default WP00 - HKLM\CCS: BootExecute = autocheck autochk * WP00 - HKLM\CS2: BootExecute = autocheck autochk * WP00 - HKLM\CS3: BootExecute = autocheck autochk * WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe WP03 - Windows Automatic Update = 1:Turn off Automatic Updates. WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http:// WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = http:// WP31 - Scheduled Tasks: [User_Feed_Synchronization-{A67D12D9-68A8-4F33-B97B-9B1934F1A5E8}.job]C:\WINDOWS\system32\msfeedssync.exe 03/31/2008 5:47 PM WP31 - Scheduled Tasks: [MP Scheduled Scan.job]C:\Program Files\Windows Defender\MpCmdRun.exe 03/31/2008 2:26 AM WP32 - Hidden File: C:\boot.ini WP32 - Hidden File: C:\hiberfil.sys WP32 - Hidden File: C:\IO.SYS WP32 - Hidden File: C:\MSDOS.SYS WP32 - Hidden File: C:\NTDETECT.COM WP32 - Hidden File: C:\ntldr WP32 - Hidden File: C:\pagefile.sys WP32 - Hidden File: C:\WINDOWS\QTFont.qfn WP32 - Hidden File: C:\WINDOWS\Thumbs.db WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest WP32 - Hidden File: C:\WINDOWS\winnt.bmp WP32 - Hidden File: C:\WINDOWS\winnt256.bmp WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest WP32 - Hidden File: C:\WINDOWS\system32\config\default.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\default.tmp.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.tmp.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.tmp.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\software.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\software.tmp.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\system.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\system.tmp.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\TempKey.LOG WP32 - Hidden File: C:\WINDOWS\system32\config\userdiff.LOG WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.dat WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.idx WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox2.dat WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox2.idx WP32 - Hidden File: C:\WINDOWS\system32\drivers\Sony_PCV-RZ44G(UC)_.mrk WP32 - Hidden File: C:\WINDOWS\system32\logonui.exe.manifest WP32 - Hidden File: C:\WINDOWS\system32\ncpa.cpl.manifest WP32 - Hidden File: C:\WINDOWS\system32\nwc.cpl.manifest WP32 - Hidden File: C:\WINDOWS\system32\Restore\filelist.xml WP32 - Hidden File: C:\WINDOWS\system32\sapi.cpl.manifest WP32 - Hidden File: C:\WINDOWS\system32\WindowsLogon.manifest WP32 - Hidden File: C:\WINDOWS\system32\wuaucpl.cpl.manifest WP33 - File Type .AVI: [Video Clip]C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:8 /Open %L WP33 - File Type .BAT: [MS-DOS Batch File]%1 %* WP33 - File Type .CAB: [Cabinet File]C:\WINDOWS\Explorer.exe /idlist,%I,%L WP33 - File Type .CAT: [Security Catalog]rundll32.exe cryptext.dll,CryptExtOpenCAT %1 WP33 - File Type .CHM: [Compiled HTML Help file]C:\WINDOWS\hh.exe %1 WP33 - File Type .COM: [MS-DOS Application]%1 %* WP33 - File Type .CMD: [Windows NT Command Script]%1 %* WP33 - File Type .CSS: [Cascading Style Sheet Document]C:\PROGRA~1\MICROS~3\OFFICE11\FRONTPG.EXE %1 WP33 - File Type .DOC: [Microsoft Word Document]C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /n /dde WP33 - File Type .EML: [Internet E-Mail Message]C:\Program Files\Outlook Express\msimn.exe /eml:%1 WP33 - File Type .EXE: [Application]%1 %* WP33 - File Type .INF: [Setup Information]C:\WINDOWS\System32\NOTEPAD.EXE %1 WP33 - File Type .JS: [JavaScript Source Code]C:\WINDOWS\System32\WScript.exe %1 %* WP33 - File Type .LOG: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1 WP33 - File Type .MSI: [Windows Installer Package]C:\WINDOWS\System32\msiexec.exe /i %1 %* WP33 - File Type .MSG: [Outlook Item]C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /f %1 WP33 - File Type .MID: [MIDI Sequence]C:\Program Files\Windows Media Player\wmplayer.exe /Open %L WP33 - File Type .MP3: [MPEG Layer 3 Audio]C:\Program Files\iTunes\iTunes.exe /open %L WP33 - File Type .PIF: [Shortcut to MS-DOS Program]%1 %* WP33 - File Type .RAM: [RealOne Player Presentation]C:\Program Files\Real\RealOne Player\RealPlay.exe %1 WP33 - File Type .REG: [Registration Entries]regedit.exe %1 WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /n /dde WP33 - File Type .SBS: [Spyware supplemental file]C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe %1 WP33 - File Type .SCR: [Screen Saver]%1 /S WP33 - File Type .TXT: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1 WP33 - File Type .URL: [Internet Shortcut]rundll32.exe ieframe.dll,OpenURL %l WP33 - File Type .VBS: [VBScript Script File]C:\WINDOWS\System32\WScript.exe %1 %* WP33 - File Type .VBE: [VBScript Encoded Script File]C:\WINDOWS\System32\WScript.exe %1 %* WP33 - File Type .WSF: [Windows Script File]C:\WINDOWS\System32\WScript.exe %1 %* WP33 - File Type .WSH: [Windows Script Host Settings File]C:\WINDOWS\System32\WScript.exe %1 %* WP33 - File Type .XLS: [Microsoft Excel Worksheet]C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE /e Memory currently in use: 66% Physical Memory Free: 177,764 KB Paging File Free: 1,719,716 KB Virtual Memory Free: 2,053,848 KB -- End of file |
 |
 
|
 |
Replies
(1 - 1)
|
Apr 12 2008, 05:12 AM
Post
#2
|
|
 MRU Expert Group: HJT Team Posts: 166 Joined: 13-February 07 From: Manchester (UK) Member No.: 111,512 |
Hello and welcome to the forums
My name is Katana and I will be helping you to remove any infection(s) that you may have. Please observe these rules while we work: 1. If you don't know, stop and ask! Don't keep going on. 2. Please reply to this thread. Do not start a new topic. 3. Please continue to respond until I give you the "All Clear" (Just because you can't see a problem doesn't mean it isn't there) If you can do those three things, everything should go smoothly :D I apologize for the delay in responding, but as you can probably see the forums are quite busy. Unfortunately there are far more people needing help than there are helpers. If you still require help please can you give an update on your problems This post has been edited by katana: Apr 12 2008, 05:12 AM --------------------  |
|
|
|
 |
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 22nd November 2009 - 12:57 AM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.