Unsolved
This post is more than 5 years old
34 Posts
0
1913
April 9th, 2006 18:00
new Sun Java program is installed-hopefully
I have installed the new version of Sun Java and I have uninstalled the old (1.4.2_03) version. I am posting my HJT log. I am assuming when you say post an updated/revised HJT log, that it automatically update/revises itself. I just opened the HJT log and copied it.
LadyZ510
Logfile of HijackThis v1.99.1
Scan saved at 9:23:51 AM, on 4/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Scan saved at 9:23:51 AM, on 4/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\HJT\HijackThis.exe
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\HJT\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\x1IEBHO.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [MPFEXE] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GhostSurfDelSatellite] "C:\Program Files\SpyCatcher\DeleteSatellite.exe"
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Display All Images with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/228"
O8 - Extra context menu item: Display Image with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/227"
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - https://music.msn.com/client/msnmusax3112.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: lirnsble - lirnsble.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\x1IEBHO.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [MPFEXE] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GhostSurfDelSatellite] "C:\Program Files\SpyCatcher\DeleteSatellite.exe"
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Display All Images with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/228"
O8 - Extra context menu item: Display Image with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/227"
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - https://music.msn.com/client/msnmusax3112.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: lirnsble - lirnsble.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
LadyZ510
34 Posts
0
April 12th, 2006 23:00
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 12/04/2006
Kaspersky Anti-Virus database records: 176293
Scan SettingsScan using the following antivirus databasestandardScan ArchivestrueScan Mail Basestrue Scan TargetMy ComputerC:\
D:\ Scan StatisticsTotal number of scanned objects58105Number of viruses found2Number of infected objects30Number of suspicious objects0Duration of the scan process00:52:12
Infected Object Name Virus Name Last ActionC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP323\A0030786.dllInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP325\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP326\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP327\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP328\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP329\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP330\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP331\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP332\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP333\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP334\A0031786.dllInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP334\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP335\A0032786.dllInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP335\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP336\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP337\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP338\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP339\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP340\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP341\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP342\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP343\A0032827.dllInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP343\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP344\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP345\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP346\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP352\A0033896.dllInfected: Trojan.Win32.Crypt.oskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP357\A0034150.dllInfected: Trojan.Win32.Crypt.oskippedC:\WINDOWS\system32\vmtgsvut.dllInfected: Trojan.Win32.Crypt.oskipped Scan process completed. Wednesday, April 12, 2006 5:05:59 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 12/04/2006
Kaspersky Anti-Virus database records: 176293
Scan SettingsScan using the following antivirus databasestandardScan ArchivestrueScan Mail Basestrue Scan TargetMy ComputerC:\
D:\ Scan StatisticsTotal number of scanned objects58105Number of viruses found2Number of infected objects30Number of suspicious objects0Duration of the scan process00:52:12
Infected Object Name Virus Name Last ActionC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP323\A0030786.dllInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP325\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP326\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP327\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP328\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP329\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP330\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP331\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP332\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP333\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP334\A0031786.dllInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP334\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP335\A0032786.dllInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP335\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP336\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP337\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP338\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP339\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP340\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP341\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP342\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP343\A0032827.dllInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP343\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP344\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP345\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP346\snapshot\MFEX-1.DATInfected: SpamTool.Win32.Small.rskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP352\A0033896.dllInfected: Trojan.Win32.Crypt.oskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP357\A0034150.dllInfected: Trojan.Win32.Crypt.oskippedC:\WINDOWS\system32\vmtgsvut.dllInfected: Trojan.Win32.Crypt.oskipped Scan process completed.
LadyZ510
34 Posts
0
April 12th, 2006 23:00
Logfile of HijackThis v1.99.1
Scan saved at 6:32:45 AM, on 4/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\x1IEBHO.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MPFEXE] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GhostSurfDelSatellite] "C:\Program Files\SpyCatcher\DeleteSatellite.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Display All Images with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/228"
O8 - Extra context menu item: Display Image with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/227"
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - https://music.msn.com/client/msnmusax3112.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
LadyZ510
34 Posts
0
April 13th, 2006 00:00
Hi Algal,
When I went to disable Spysweeper, I did not see the "automatically restore default without notification." I just went over to the left and clicked on shields and unchecked everything. Now, how do I enable this again (Sorry I did not take note of exactly which ones I was disabling?)
--LadyZ
LadyZ510
34 Posts
0
April 13th, 2006 13:00
Algal,
when I launched my word processor this morning, a spysweeper alert came on and said that it had detected that WPWIN12.exe was attempting to access the internet and did I want to allow it. I accidentally told it to allow it. Did I allow a virus? I meant to reply no, but I must've clicked the wrong one? --LadyZ
ALgal
1.2K Posts
0
April 13th, 2006 15:00
I want you to clear your restore points which should clear up those infected _restore files. Your hijackthis log appears to be clean.
http://www.fileresearchcenter.com/W/WPWIN12.EXE-3305.html
It is a Word Perfect file so you should be fine.
For SpySweeper on the shields options everything should be enabled (green arrows) except for IE tracking cookies shield and Common Ad Sites shield.
System Restore for Windows XP
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)
Turn off System Restore.
Reboot.
Turn ON System Restore.
Please run Kapersky again and let's see the results.
LadyZ510
34 Posts
0
April 14th, 2006 14:00
KASPERSKY ON-LINE SCANNER REPORT
Friday, April 14, 2006 11:08:21 AMOperating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 14/04/2006
Kaspersky Anti-Virus database records: 176742
Scan SettingsScan using the following antivirus databasestandardScan ArchivestrueScan Mail Basestrue Scan TargetMy ComputerC:\
D:\ Scan StatisticsTotal number of scanned objects54834Number of viruses found1Number of infected objects1Number of suspicious objects0Duration of the scan process01:02:50
Infected Object Name Virus Name Last ActionC:\WINDOWS\system32\vmtgsvut.dllInfected: Trojan.Win32.Crypt.oskipped Scan process completed.
ALgal
1.2K Posts
0
April 15th, 2006 10:00
Let's get that one remaining file.
STEP 1.
======
Delete Files with Killbox
Download Pocket Killbox from http://www.downloads.subratam.org/KillBox.zip and unzip it; save it to your Desktop. DO NOT RUN IT YET.
==========
Double-click on KillBox.exe to launch the program. It is the red circle with a large white X in it
- Highlight the files in bold RED below and press the Ctrl key and the C key at the same time to copy them to the clipboard
C:\WINDOWS\system32\vmtgsvut.dll
In Killbox click on the File menu and then the Paste from Clipboard item
in the Full Path of File to Delete field drop down the arrow and make sure that all of the files are listed
(Please note that the tool checks your computer for the presence of the files pasted into the box so if files are not present, it is possible that you might not see all files you pasted into the box.)
Click the option to Delete on Reboot
- If not greyed out click the checkbox for Unregister .dll Before Deleting
- click End Explorer Shell while Killing File
- Now click on the red button with a white 'X' in the middle to delete the files
- Click Yes when it says all files will be deleted on the next reboot
- Click Yes when it asks if you want to reboot now
(Note: If you get a "PendingFileRenameOperations Registry Data has been Removed by External Process!" message then just reboot manually)
Note: Killbox will let you know if a file does not exist. If that happens, just continue on.
If you have any issues with this method you can copy and paste the lines one at a time into the killbox top box. Then click the " Single File" button. Then click the Red X ...and for the confirmation message that will appear, you will need to click Yes. A second message will ask to Reboot now? you will need to click No until the last one at which time you click yes to allow the reboot.
Please run Kapersky again and post the results.
LadyZ510
34 Posts
0
April 15th, 2006 12:00
Good morning Algal,
I was not sure what it means to "unzip" a file, but I played with it and was able to get to the red circle with the white X so I think I am ok there. :smileyhappy:
I am having a little problem though with C:\WINDOWS . . . vmtgsvut.dll. It is telling me that I need a program to open this with. I was going to just try and open it using internet explorer, but I thought, maybe, I better ask first if this is ok. It said that I could go online and that it would automatically choose a program, but that is not what it did. So, how do I get a program so that I can open this file. Many thanks, Lady Z
ALgal
1.2K Posts
0
April 15th, 2006 14:00
You should not have to open the file. All you should have to do is to run Killbox with the file path pasted in it. Killbox should take care of the file.
LadyZ510
34 Posts
0
April 15th, 2006 14:00
ALgal
1.2K Posts
0
April 15th, 2006 17:00
I did not want anyone jumping the gun downloading and then immediately running it before reading the rest. So when you are reading and it says to run, run it.
Hope this clears things up.
Susan
LadyZ510
34 Posts
0
April 15th, 2006 20:00
Hi Algal,
alright, I got it. (I am preparing for finals and my brain is "fried.") Here is the report. I am no expert, but it looks like the 'pesky critter' is hanging on for dear life. --
KASPERSKY ON-LINE SCANNER REPORTSaturday, April 15, 2006 5:30:20 PMOperating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 15/04/2006
Kaspersky Anti-Virus database records: 176890
Scan SettingsScan using the following antivirus databasestandardScan ArchivestrueScan Mail Basestrue Scan TargetMy ComputerC:\
D:\ Scan StatisticsTotal number of scanned objects55051Number of viruses found1Number of infected objects3Number of suspicious objects0Duration of the scan process01:01:11
Infected Object Name Virus Name Last ActionC:\!KillBox\vmtgsvut.dllInfected: Trojan.Win32.Crypt.oskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1\A0000012.dllInfected: Trojan.Win32.Crypt.oskippedC:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP2\A0000021.dllInfected: Trojan.Win32.Crypt.oskipped Scan process completed.
ALgal
1.2K Posts
0
April 15th, 2006 23:00
Good job! Everything is looking better.
STEP 1.
======
Delete Files and Folders
Please delete the following files/folders:
C:\!KillBox\ vmtgsvut.dll=======file
If you have any problem deleting these items, reboot into Safe Mode (tap F8 during bootup, use arrow keys to select Safe Mode, then hit 'enter') and try again.
Empty your recycle bin
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)
Turn off System Restore.
Reboot.
Turn ON System Restore.
Now run Kapersky again and post the results please.
Message Edited by ALgal on 04-15-200607:40 PM
LadyZ510
34 Posts
0
April 16th, 2006 00:00
Oh . . . good, I thought it said that I was still infected. Was I reading the Kasperski Report wrong? I will take care of these "next steps" right now.
signed,
A very grateful LadyZ
LadyZ510
34 Posts
0
April 16th, 2006 01:00
Total number of files scanned 54953
Number of viruses found 0
Number of infected objects 0
Number of suspicious objects 0
Duration of the scan process 1:01:24
No Malware has been detected. The sections that have been scanned are clean
Hurray! You are terrific! :smileyvery-happy: