Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Trojans & Worm/Generic.FX ?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Trojans & Worm/Generic.FX ?

Unread postby Mad-Friend » August 30th, 2006, 10:13 am

Hello, Mad-Friend here,
a short time ago I had a Trojan horse dialer problem which through some wonderful help was resolved. I have AVG anti virus and all scan I run detect no virus, but in test results I now have 5 Trojans showing. AVG says they are embedded.
My computer has been runnning slow so I did a search for the latest viruses listed by AVG.
Worm/Generic.FX under Net.exe shows 17 files and under at.exe shows 14 files. Are these viruses? and if so how do I eliminate them please?

I will post a HJT log so you can examine it and also (if I can a test result from Panda which shows 19 spyware infections which Panda has not removed).

Logfile of HijackThis v1.99.1
Scan saved at 15:11:14, on 30/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Tesconet\Tesconet.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\DOCUME~1\trish\LOCALS~1\Temp\Temporary Directory 8 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tesco.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tesco.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by WHSmithnet
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tesco.net
O15 - Trusted Zone: http://register-tesco.qa.business.ntl.com
O15 - Trusted Zone: http://memberservices.tesco.net
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E544C53-6967-6E02-BBAD-233AD71832A8} (NTLSignup1 Class) - https://tesco.autoregister.net/tesco/NTLSignup.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1075279500
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{130E35C2-9F50-49DC-9AC2-B670A46D45A8}: NameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{130E35C2-9F50-49DC-9AC2-B670A46D45A8}: NameServer = 194.168.4.100 194.168.8.100
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe


Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\trish\Cookies\trish@adopt.hbmediapro[2].txt
Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\trish\Cookies\trish@anm.co[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\trish\Cookies\trish@apmebf[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\trish\Cookies\trish@atwola[2].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\trish\Cookies\trish@banner[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\trish\Cookies\trish@belnk[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\trish\Cookies\trish@cgi-bin[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\trish\Cookies\trish@dist.belnk[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\trish\Cookies\trish@errorsafe[2].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\trish\Cookies\trish@gostats[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\trish\Cookies\trish@go[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\trish\Cookies\trish@i.screensavers[2].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\trish\Cookies\trish@offeroptimizer[2].txt
Spyware:Cookie/SpywareStormer Not disinfected C:\Documents and Settings\trish\Cookies\trish@spywarestormer[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\trish\Cookies\trish@winfixer[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\trish\Cookies\trish@www.errorsafe[2].txt
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\trish\Cookies\trish@www48.seeq[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\trish\Cookies\trish@xiti[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\trish\Cookies\trish@xmts[1].txt
Please help.
Yours sincerely Mad-Friend.
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm
Advertisement
Register to Remove

Unread postby random/random » August 30th, 2006, 12:34 pm

Download ATF Cleaner by Attribune
  • Double-click ATF-Cleaner.exe to run the program.
  • Click Main at the top and choose Select All from the list.
  • Click the Empty Selected button.
If you use Firefox browser:
  • Click Firefox at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser:
  • Click Opera at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Run an online virus scan called Kapersky from HERE.

1. Click on "Kaspersky Online Scanner"
2. A new smaller window will pop up. Press on "Accept". After reading the contents.
3. Now Kaspersky will update the anti-virus database. Let it run.
4. Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.
5. Then click on "My Computer". And the scan will start.
6. Once finished, save a log as ".txt" to the desktop. And restart.


Post back with the Kaspersky log and a new HijackThis log
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

Unread postby Mad-Friend » August 30th, 2006, 1:50 pm

Dear random/random, thankyou for replying to me. I have followed your instructions, downloaded ATF.Cleaner and run it successfully. I couldn't download "Kapersky ONline Scanner", it failed stating;
"I must have administritive rights to this computer (I own it lock stock and barrel :? ) and must have the IE Security settings set to medium level. Not sure how to do that....actually I have no idea how to do that.

Stuck and puzzled, sorry. :oops:
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm

Unread postby random/random » August 30th, 2006, 1:53 pm

Let's check your IE settings and see if we can get an Kaspersky going.
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click on the Security tab
  3. Click the Internet icon so it becomes highlighted.
  4. Click on Default Level and click Ok
  5. Click on the Custom Level button.
    • Change the Download signed ActiveX controls to Prompt
    • Change the Download unsigned ActiveX controls to Disable
    • Check that Script ActiveX controls marked safe for scripting is set to Enabled or Prompt
    • Check that Run ActiveX controls and plugins is Enabled
    • Change the Initialise and script ActiveX controls not marked as safe to Disable
    • Change the Installation of desktop items to Prompt
    • Change the Launching programs and files in an IFRAME to Prompt
    • Change the Navigate sub-frames across different domains to Prompt
    • Check that Active Scripting is set to Enabled
    • When all these settings have been made, click on the OK button.
    • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  6. Next press the Apply button and then the OK to exit the Internet Properties page.
Open a new IE window and try to run the Kaspersky scan.
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

Unread postby Mad-Friend » August 30th, 2006, 2:26 pm

Dear random/random,
thankyou for replying and your interest.
I followed your advice to the letter but still got the same red box come up with same comment and refusal to install Kapersky. :(
Not sure what to do now. Should I abandom that and reset my original settings on IE?
Yours perplexed Mad-Friend.
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm

Unread postby random/random » August 30th, 2006, 2:36 pm

Ok, let's try something else

  • Create a folder on your desktop called Sysclean.
  • Go to http://www.trendmicro.com/download/dcs.asp and download sysclean package to the folder you made.
  • Go to http://www.trendmicro.com/download/pattern.asp and download the Virus Pattern File (Official Pattern Release) to your desktop.
    This file will be called lptXXX.zip (XXX represents the version number)
  • Unzip lptXXX.zip and you'll get the file lpt$vpn.XXX. Read here how to unzip/extract properly.
  • Move the lpt$vpn.XXX to the Sysclean-folder you created on your desktop.
  • Open the sysclean-folder and doubleclick sysclean.com.
  • Check: "Automatically clean or delete detected files".
  • Click scan.
Open your sysclean-folder and copy and paste the contents of sysclean.log in your next reply.
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

Unread postby Mad-Friend » August 30th, 2006, 3:31 pm

:oops: confession time. If you haven't guessed by now let me enlighten you random/random I am not computer literate. I did my best to follow your latest advice. Made a new folder, placed it in my desktop downloaded the sysclean package but didn't know how to do it into the folder I made, so have no idea where it has downloaded itself. :oops: I've searched but can't find it.....help, please.
Feeling dumb and sick.
Yours in mild dispair Mad-Friend
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm

Unread postby Mad-Friend » August 30th, 2006, 3:35 pm

Dear random/random,
please scrap that last plea........I have found and (don't ask me how I did it) put it in the folder I made. I will now try to follow the rest of your advice.
Hold on to your hat. ;)
Mad-Friend.
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm

Unread postby Mad-Friend » August 30th, 2006, 3:45 pm

Dear random/random,
I am downloading the Virus Pattern File Official Release to desktop (hope I'm downloading the right one) I'm downloading the top one for windows. I will take around 40 minutes. I rather feel out of my depth here and hope I can run these downloads right. Please keep your fingers crossed for me. I'll get back to you later tonight with the results.
Thankyou for all your help it is much appreciated.
Mad-Friend
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm

Unread postby Mad-Friend » August 30th, 2006, 5:20 pm

Hi random/random,
I confess I didn't quite get it right. I downloaded the virus official pattern put it in my sysclean folder but instead of right-clicking the sysclean folder I double left clicked. I didn't see an option for "Automatically clean or delete detected files" but ran a scan. The results are as follows;

Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\trish\Cookies\trish@adopt.hbmediapro[2].txt
Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\trish\Cookies\trish@anm.co[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\trish\Cookies\trish@apmebf[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\trish\Cookies\trish@atwola[2].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\trish\Cookies\trish@banner[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\trish\Cookies\trish@belnk[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\trish\Cookies\trish@cgi-bin[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\trish\Cookies\trish@dist.belnk[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\trish\Cookies\trish@errorsafe[2].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\trish\Cookies\trish@gostats[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\trish\Cookies\trish@go[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\trish\Cookies\trish@i.screensavers[2].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\trish\Cookies\trish@offeroptimizer[2].txt
Spyware:Cookie/SpywareStormer Not disinfected C:\Documents and Settings\trish\Cookies\trish@spywarestormer[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\trish\Cookies\trish@winfixer[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\trish\Cookies\trish@www.errorsafe[2].txt
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\trish\Cookies\trish@www48.seeq[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\trish\Cookies\trish@xiti[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\trish\Cookies\trish@xmts[1].txt
erm bear with me, it isn't working right. Can't seem to paste the results.
Panicking right now. Sorry.
Will try to submit the results when I've figured out how.
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm

Unread postby Mad-Friend » August 30th, 2006, 5:25 pm

Dear random/random,
I can see the results of the scan but can't paste them to you. I have scan box, view log, advanced and exit. What am I to do next please? If I exit will it automatically save scan results? Or, will I lose them?
Baffled and puzzled.
Mad-Friend.
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm

Unread postby random/random » August 30th, 2006, 5:29 pm

You need to close the appplication, and then open the sysclean.log file in notepad to be able to copy and paste the results here
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

Unread postby Mad-Friend » August 30th, 2006, 5:41 pm

:) Thankyou random/random,
tried it, here are the results;

--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/


2006-08-30, 21:43:07, Auto-clean mode specified.
2006-08-30, 21:43:07, Running scanner "C:\Documents and Settings\trish\Desktop\sysclean\TSC.BIN"...
2006-08-30, 21:43:17, Scanner "C:\Documents and Settings\trish\Desktop\sysclean\TSC.BIN" has finished running.
2006-08-30, 21:43:17, TSC Log:

Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows XP(Build 2600: Service Pack 2)

Start time : Wed Aug 30 2006 21:43:08

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\trish\Desktop\sysclean\tsc.ptn" (version 776) [success]

Complete time : Wed Aug 30 2006 21:43:17
Execute pattern count(2946), Virus found count(0), Virus clean count(0), Clean failed count(0)

2006-08-30, 21:43:37, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2006-08-30, 21:43:53, An error was detected on "D:\System Volume Information\*.*": Access is denied.
2006-08-30, 22:05:09, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/30/2006 21:44:00
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 701 (130412 Patterns) (2006/08/29) (370100)
Command Line: C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\trish\Desktop\sysclean

38199 files have been read.
38199 files have been checked.
34116 files have been scanned.
45844 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/30/2006 22:05:09
---------*---------*---------*---------*---------*---------*---------*---------*
2006-08-30, 22:05:09, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/30/2006 21:44:00
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 701 (130412 Patterns) (2006/08/29) (370100)
Command Line: C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\trish\Desktop\sysclean

38199 files have been read.
38199 files have been checked.
34116 files have been scanned.
45844 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/30/2006 22:05:09 21 minutes 8 seconds (1267.64 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-08-30, 22:05:09, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/30/2006 21:44:00
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 701 (130412 Patterns) (2006/08/29) (370100)
Command Line: C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\trish\Desktop\sysclean

38199 files have been read.
38199 files have been checked.
34116 files have been scanned.
45844 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/30/2006 22:05:09 21 minutes 8 seconds (1267.64 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-08-30, 22:05:09, Scanner "C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN" has finished running.
2006-08-30, 22:08:10, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/30/2006 22:05:10
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 701 (130412 Patterns) (2006/08/29) (370100)
Command Line: C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\trish\Desktop\sysclean

6751 files have been read.
6751 files have been checked.
6330 files have been scanned.
23692 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/30/2006 22:08:10
---------*---------*---------*---------*---------*---------*---------*---------*
2006-08-30, 22:08:10, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/30/2006 22:05:10
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 701 (130412 Patterns) (2006/08/29) (370100)
Command Line: C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\trish\Desktop\sysclean

6751 files have been read.
6751 files have been checked.
6330 files have been scanned.
23692 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/30/2006 22:08:10 2 minutes 56 seconds (175.63 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-08-30, 22:08:10, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/30/2006 22:05:10
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 701 (130412 Patterns) (2006/08/29) (370100)
Command Line: C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\trish\Desktop\sysclean

6751 files have been read.
6751 files have been checked.
6330 files have been scanned.
23692 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/30/2006 22:08:10 2 minutes 56 seconds (175.63 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-08-30, 22:08:10, Scanner "C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN" has finished running.
2006-08-30, 22:08:13, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/30/2006 22:08:10
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 701 (130412 Patterns) (2006/08/29) (370100)
Command Line: C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=C:\Documents and Settings\trish\Desktop\sysclean

50 files have been read.
50 files have been checked.
46 files have been scanned.
46 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/30/2006 22:08:13
---------*---------*---------*---------*---------*---------*---------*---------*
2006-08-30, 22:08:13, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/30/2006 22:08:10
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 701 (130412 Patterns) (2006/08/29) (370100)
Command Line: C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=C:\Documents and Settings\trish\Desktop\sysclean

50 files have been read.
50 files have been checked.
46 files have been scanned.
46 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/30/2006 22:08:13 1 second (0.94 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-08-30, 22:08:13, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/30/2006 22:08:10
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 701 (130412 Patterns) (2006/08/29) (370100)
Command Line: C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=C:\Documents and Settings\trish\Desktop\sysclean

50 files have been read.
50 files have been checked.
46 files have been scanned.
46 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/30/2006 22:08:13 1 second (0.94 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-08-30, 22:08:13, Scanner "C:\Documents and Settings\trish\Desktop\sysclean\VSCANTM.BIN" has finished running.

Hope I've done it right.
Thankyou, Mad-Friend
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm

Unread postby random/random » August 30th, 2006, 5:44 pm

Are you having any more problems?
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

Unread postby Mad-Friend » August 31st, 2006, 7:34 am

Morning random/random,
I logged off and went to bed (my head was spinning with all this).
Problems:
computer is still slow though marginally faster. Icons continue to go off when computer starts though they do come back.
I am sure I did something wrong when trying to install the Virus Pattern into the sysclean folder. Although it shows it is there, it is also still on my desktop. :? Anyway when I ran the scan I watched what was happening. The scan took place in two halves. The first half of the scan took around 35 or so minutes and most of the files etc. scanned showed ERROR 94 behind each one. It then abruptly stopped scanning. A second box appeared and was scanned with no errors showing. I posted the results having no idea if I've done it right or not (I feel not).

What do you advise please random/random?
Mad-Friend
Regular Member
 
Posts: 42
Joined: July 29th, 2006, 2:32 pm
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 505 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware