Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » cant delete virus

[Fixed] Hijackthis! Logs - cant delete virus posted in the Security & Safety forums; OK - please attach a new HijackThis log. Thanks....

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 2 of 3 < 1 2 3 >
  #8  
Old 12-17-2007
Senior Security Analyst
  
Join Date: Dec 2006
Location: In a van, down by the river
Posts: 547
PC Experience: Experienced
dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page
Default Re: cant delete virus
OK - please attach a new HijackThis log.

Thanks.


__________________
Steve
  #9  
Old 12-18-2007
johannly's Avatar
Bronze Member
My PC
 
Join Date: Dec 2007
Posts: 41
PC Experience: Some Experience
johannly - See this Members User comments on their Profile page
Default Re: cant delete virus
thx dahli now my laptop is running too slow, at 80 to 100%
i checked the running process n the stuff that were taking resources didnt add 20%
but i still at 100%

this is my log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:38:34 PM, on 12/18/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\COMODO\CBOClean\BOC425.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Windows\System32\mobsync.exe
C:\Windows\explorer.exe
D:\Downloads\firefox\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Dictionar Englez Roman - English Romanian Dictionary Online
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Personalized Start Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9211472-6EE8-4E26-BD29-D14B804790CF}: NameServer = 200.13.249.101,200.75.78.78
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - KALiNKOsoft - D:\Saved Games\control\pinnacle_updater.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6614 bytes
  #10  
Old 12-20-2007
Senior Security Analyst
  
Join Date: Dec 2006
Location: In a van, down by the river
Posts: 547
PC Experience: Experienced
dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page
Default Re: cant delete virus
Next, disable your antivirus program and close Internet Explorer. Click on your Start Menu and rightclick on the Internet Explorer icon and choose "Run as Administrator". IE will open again. Go here -> ESET Online Scanner and run an online scan using ESET Online Scanner (you will need to use Internet Explorer for this scan). If you accept the Terms of Use, check the box and click Start. After the ActiveX Control has loaded, it will take a couple minutes for the scanner to get ready. Next, check the following boxes:

Remove found threats
Scan unwanted applications

Click Start. This scan may take a while, so please be patient. Go to C:\Program Files\EsetOnlineScanner\ and open the file log.txt. Click Edit - Select All then copy/paste that log back here.


__________________
Steve
  #11  
Old 12-28-2007
johannly's Avatar
Bronze Member
My PC
 
Join Date: Dec 2007
Posts: 41
PC Experience: Some Experience
johannly - See this Members User comments on their Profile page
Default Re: cant delete virus
i dunno what is going on with my laptop but something is fishy , something is taking all my resources
lately my laptop is getting worse i scanned with eset online scanner as suggested but it found nothing, i scanned again with bitdefender online scanner n it found something in the recycle bin same thing i said at the beggining of the threat
now things r going really bad with my laptop vista is crashing more often than before, many programs stop responding too often, my firewall crashes often too, i have comodo firewall

sometimes simple programs all of a sudden start taking my resources like 50% or more n i have 2 gigas of ram n a dual core processor of 2.2 Ghz so i dnt think its normal

ohh another weird stuff i set the laptop to install updates at 5 am n it installs n restarts the laptop several times well i guess is normal but i dnt think is normal that the updater keeps appearing during the day , n some times it says updates ready to install n that should restart i do it n takes around half hour installing when is done restart n i check 5 mins later n says that updates r ready to install
i think is not normal

today after the actualizations were installed my yahoo didnt work anymore when i open the chat
a gray window appears

i attach images of the task manage the process r arranged from the one taking more resources to less, can do the numbers n u gonna see that the process running dnt add the % of the process that appears in total

here some pix n the log of eset n a new hijacthis log

laptop running at 46% but the process r not taking all that , i think something is hidden


laptop at 72%


laptop at 86%


yahoo chat.. window is gray


eset log
# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=2751 (20071227)
# vers_arch_module=1.059 (20071108)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=512770a86ce34f4282e92252ac1d8f19
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2007-12-28 07:16:02
# local_time=2007-12-28 02:16:02 (-0500, SA Pacific Standard Time)
# country="United States"
# osver=6.0.6000 NT
# scanned=273944
# found=0
# scan_time=3044

new hijack log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:17:40 PM, on 12/28/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Toshiba\IVP\ISM\pinger.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Toshiba\IVP\ISM\ivpsvmgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Winamp\winamp.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Windows\System32\mspaint.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\taskmgr.exe
D:\Downloads\firefox\stuff\HiJackThis\HijackThis.e xe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Dictionar Englez Roman - English Romanian Dictionary Online
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Personalized Start Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/reso...PUpldro-ro.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9211472-6EE8-4E26-BD29-D14B804790CF}: NameServer = 200.13.249.101,200.75.78.78
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BOCore - Unknown owner - C:\Program Files\Comodo\CBOClean\BOCORE.exe (file missing)
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - KALiNKOsoft - D:\Saved Games\control\pinnacle_updater.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8311 bytes
  #12  
Old 12-29-2007
johannly's Avatar
Bronze Member
My PC
 
Join Date: Dec 2007
Posts: 41
PC Experience: Some Experience
johannly - See this Members User comments on their Profile page
Default Re: cant delete virus
this is my new log


BitDefender Log File !!!!!
Product : BitDefender Total Security 2008 Version : BitDefender UIScanner v.11 Log date : 10:15:23 29/12/2007 Log path : C:\ProgramData\BitDefender\Desktop\Profiles\Logs\d eep_scan\1198941323_1_02.xml

Scan Paths: Path0000: C:\ Path0001: D:\

Scan Options: Scan for viruses : Yes Scan for adware : Yes Scan for spyware : Yes Scan for applications : Yes Scan for dialers : Yes Scan for rootkits : Yes

Target selection options: Scan registry keys : Yes Scan cookies : Yes Scan boot sectors : Yes Scan memory processes : Yes Scan archives : Yes Scan runtime packers : Yes Scan emails : Yes Scan all files : Yes Heuristic Scan : Yes Scanned extensions :
Excluded extensions :


Target Processing Default action for infected objects : Disinfect Default action for suspicious objects : None Default action for hidden objects : None

Scan engines summary Number of virus signatures : 962683 Archive plugins : 41 Email plugins : 6 Scan plugins : 12 Archive plugins : 41 System plugins : 4 Unpack plugins : 7

Overall scan summary Scanned items : 136328 Infected items : 1 Suspicious items : 0 Resolved items : 0 Individual viruses found : 1 Scanned directories : 13271 Scanned boot sectors : 6 Scanned archives : 1581 Input-output errors : 55 Scan time : 00:06:32:22 Files per second : 5

Scanned processes summary Scanned : 56 Infected : 0

Scanned registry keys summary Scanned : 377 Infected : 0

Scanned cookies summary Scanned : 0 Infected : 0

Remaining issues: Object Name Threat Name Final Status D:\$RECYCLE.BIN\S-1-5-21-574533234-3886537389-1924437317-1000\$RN93J4F.exe=](CAB Sfx r)=]setup1.exe Backdoor.Bot.3365 Delete Failed (file was in an archive)

 Resolved issues: Object Name Threat Name Final Status

the antivirus cant delete it, i try to get access to the folder n it doesnt let me, how can i get rid of that virus ?


by the way how can i know what is taking my resources, i just cant find a logical xplanation
when i add the process in this pic the total is 20 but in reality my laptop was running at 73%
do i have something hidden taking all my resources ?





Last edited by johannly; 12-29-2007 at 05:17 PM.
  #13  
Old 01-03-2008
Senior Security Analyst
  
Join Date: Dec 2006
Location: In a van, down by the river
Posts: 547
PC Experience: Experienced
dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page
Default Re: cant delete virus
Try and take ownership of the file:

How to take ownership of a file or folder in Windows XP


__________________
Steve
  #14  
Old 01-14-2008
johannly's Avatar
Bronze Member
My PC
 
Join Date: Dec 2007
Posts: 41
PC Experience: Some Experience
johannly - See this Members User comments on their Profile page
Default Re: cant delete virus
dahli thx that solved all , was really helpful well im not using xp but knowing what i should look for , i googled it n i could delete the virus, i really appreciate it now i wont have to format my D:/ partition

dahli about the problem that my laptop is running so slow after i used the recovery disk it was working fine till vista updated , then my laptop was working so slow again
i decided to use the recovery disk again n test with out letting vista update n since then my laptop is working normal, but i still concerned if i should let it update or not, when i let it update my laptop is running at almost 100% most of the day , doesnt restart , once i counted the time well i went to sleep n let it restarting n installing the updates when i woke up next day it was still restarting

any advice ??

thx



Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 2 of 3 < 1 2 3 >

Bookmarks

« backdoor help | [Fixed] spyware +adware »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 05:59 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top
Mobile Phone
Mobile phone information from Three.

Compare
Compare current accounts with moneyextra.

Cell Phones
Get Your Free Cell Phone Today.