still slow

Started by monica1230, Oct 29 2006 12:19 PM

Next

You cannot reply to this topic

23 replies to this topic

#1 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 29 October 2006 - 12:19 PM

hi. ive done installing comodo firewall, avg anti spyware and antivirus (both free editions). i also scanned with bit defender online. but i do not know why exactly is my computer like this. i mean, for regular intervals of time, my pc would not respond, as in 2 to 3 minutes. then it would run again fine, yup for about a minute or so. when i look at my Task Manager, i observed that when my pc would be normal, "System \Idle Process" would have 98 to 99 of the CPU usage.but otherwise, services.exe would have all 99 cpu usage.. that's when it won't give a response or freeze for a while. is it really supposed to have that much of cpu usage?

also i went to C:/windows/system32 because that is where services.exe is. i noticed that there are two services.exe... the one with an icon i normally see that windows uses for such files. but the other have an ordinary applications icon.

i already scanned with avg both for virus and spyware but it all came out clean. anyways, ive included my hijackthis log and a picture for you to see what i am refering to.

Logfile of HijackThis v1.99.1
Scan saved at 6:27:41 PM, on 10/29/2006
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\regsvc.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\system32\stisvc.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\Bagaporo\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Comodo Firewall] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe

BitDefender Online Scanner - Real Time Virus Report

Generated at: Sun, Oct 29, 2006 - 14:28:16

--------------------------------------------------------------------------------

Scan Info

Scanned Files
32795

Infected Files
4

Virus Detected

VBS.Redlof.Gen
4

--------------------------------------------------------------------------------

This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#2 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 30 October 2006 - 12:14 AM

Update your windows. Then post a new hijackthis log.

Back to top

#3 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 30 October 2006 - 06:20 PM

Logfile of HijackThis v1.99.1
Scan saved at 2:11:30 AM, on 10/31/2006
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\regsvc.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\system32\stisvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Bagaporo\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://update.microsoft.com/windowsupdate/...t.aspx?ln=en-us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Comodo Firewall] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - Startup: Folder.htt
O4 - Global Startup: Folder.htt[size=5]
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1162219339828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1162227692093
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe

what are those folder.htt for?
ive updated windows. one more thing i noticed is that the names of services.exe, lsas, smss, etc. are now of capital letters in the taskmanager... is that something? :rolleyes:

and also the services.exe still eats up so many (have the most CPU usage)..

i'll sleep now.. already 2:20am here... thanks much and God bless u all...

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#4 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 30 October 2006 - 11:19 PM

Run Kaspersky WebScanner

Please go HERE and click Kaspersky Online Scanner
Read and Accept the Agreement
You will be promted to install an ActiveX component from Kaspersky, Click Yes.
If you see a Windows dialog asking if you want to install this software, click the Install button.
The program will launch and then begin downloading the latest definition files,
When the "Update progress" line changes to "Ready" and the "NEXT ->" button becomes available, please click on it.
Click on the Scan Settings button, and in the next window select the Extended database, and click Ok.
Under "Please select a target to scan:", click My Computer to start the scan.
When the scan is finished, click the "Save as Text" button, and save the file as kavscan.txt to your Desktop, close the Kaspersky On-line Scanner window.
Paste kaspersky log onto forum.

Back to top

#5 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 31 October 2006 - 07:03 AM

KASPERSKY ONLINE SCANNER REPORT
Tuesday, October 31, 2006 2:52:09 PM
Operating System: Microsoft Windows 2000 Professional, Service Pack 3 (Build 2195)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 31/10/2006
Kaspersky Anti-Virus database records: 223016

Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\

Scan Statistics
Total number of scanned objects 24304
Number of viruses found 1
Number of infected objects 30 / 0
Number of suspicious objects 0
Duration of the scan process 02:07:27

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Start Menu\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\Bagaporo\Application Data\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\Bagaporo\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Bagaporo\Desktop\setup.exe Object is locked skipped

C:\Documents and Settings\Bagaporo\Favorites\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\Bagaporo\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Bagaporo\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Bagaporo\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Bagaporo\Local Settings\History\History.IE5\MSHist012006103120061101\index.dat Object is locked skipped

C:\Documents and Settings\Bagaporo\Local Settings\Temp\Free Download Manager\ticE.tmp Object is locked skipped

C:\Documents and Settings\Bagaporo\Local Settings\Temp\~DF40E7.tmp Object is locked skipped

C:\Documents and Settings\Bagaporo\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Bagaporo\NetHood\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\Bagaporo\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Bagaporo\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\Bagaporo\SendTo\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\Bagaporo\Start Menu\Programs\Startup\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Documents and Settings\Bagaporo\Templates\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\gboy\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\gboy\list of games\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\gboy\list of games\laro\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\jr_folder\application\C++\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\jr_folder\application\Exer A.html Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\jr_folder\application\Exer B.html Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\jr_folder\application\Exer C.html Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\jr_folder\application\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\jr_folder\application\PE.html Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\jr_folder\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\jr_folder\monarchs\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\My Documents\Malware_Removal_Guide.html Infected: Virus.VBS.Redlof.k skipped

C:\WINDOWS\All Users\Application Data\avg7\Log\emc.log Object is locked skipped

C:\WINDOWS\All Users\Application Data\Comodo\Personal Firewall\Logs\cpf.lock Object is locked skipped

C:\WINDOWS\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped

C:\WINDOWS\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped

C:\WINDOWS\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\WINDOWS\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\WINDOWS\CSC\00000001 Object is locked skipped

C:\WINDOWS\Debug\ipsecpa.log Object is locked skipped

C:\WINDOWS\Debug\oakley.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\WINDOWS\FONTS\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\WINDOWS\SchedLog.Txt Object is locked skipped

C:\WINDOWS\security\logs\scepol.log Object is locked skipped

C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\78c6c5460c235010103d445602f2c6c0\BIT34.tmp Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\SYSTEM32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\SYSTEM32\config\default Object is locked skipped

C:\WINDOWS\SYSTEM32\config\default.LOG Object is locked skipped

C:\WINDOWS\SYSTEM32\config\SAM Object is locked skipped

C:\WINDOWS\SYSTEM32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\SYSTEM32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\SYSTEM32\config\SECURITY Object is locked skipped

C:\WINDOWS\SYSTEM32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\SYSTEM32\config\software Object is locked skipped

C:\WINDOWS\SYSTEM32\config\software.LOG Object is locked skipped

C:\WINDOWS\SYSTEM32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\SYSTEM32\config\system Object is locked skipped

C:\WINDOWS\SYSTEM32\config\SYSTEM.ALT Object is locked skipped

C:\WINDOWS\SYSTEM32\folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\WINDOWS\Web\Folder.htt Infected: Virus.VBS.Redlof.k skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

there was no save as text. i just saved it as html and i copy-pasted it here. also i deleted one folder.htt on one location specified on the report but after deleting one, i thought there were so many so i'll just leave them alone and wait for ur advice. thanks in advance.

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#6 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 31 October 2006 - 09:55 PM

Wow you managed to get infected right after formatting? Thats bad luck. That virus is a nasty one too.

Uninstall AVG antivirus. Then get this offer for etrust ez antivirus:
http://home3.ca.com/...gistration.aspx

Let it scan your computer and then run a new kaspersky scan and post if for me.

Back to top

#7 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 01 November 2006 - 02:15 AM

ok. i'll do this as fast as i can so i can let u see the results today before u log out. :rolleyes:

thanks...

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#8 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 01 November 2006 - 03:49 PM

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, November 01, 2006 11:30:29 PM
Operating System: Microsoft Windows 2000 Professional, Service Pack 3 (Build 2195)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 1/11/2006
Kaspersky Anti-Virus database records: 223444
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 29751
Number of viruses found: 1
Number of infected objects: 28 / 0
Number of suspicious objects: 0
Duration of the scan process: 03:45:08

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Start Menu\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Documents and Settings\Bagaporo\Application Data\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Documents and Settings\Bagaporo\Application Data\Mozilla\Firefox\Profiles\fts5xk8v.default\Cache\0034F529d01 Object is locked skipped
C:\Documents and Settings\Bagaporo\Application Data\Mozilla\Firefox\Profiles\fts5xk8v.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Bagaporo\Application Data\Mozilla\Firefox\Profiles\fts5xk8v.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Bagaporo\Application Data\Mozilla\Firefox\Profiles\fts5xk8v.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Bagaporo\Application Data\Mozilla\Firefox\Profiles\fts5xk8v.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Bagaporo\Application Data\Mozilla\Firefox\Profiles\fts5xk8v.default\cert8.db Object is locked skipped
C:\Documents and Settings\Bagaporo\Application Data\Mozilla\Firefox\Profiles\fts5xk8v.default\history.dat Object is locked skipped
C:\Documents and Settings\Bagaporo\Application Data\Mozilla\Firefox\Profiles\fts5xk8v.default\key3.db Object is locked skipped
C:\Documents and Settings\Bagaporo\Application Data\Mozilla\Firefox\Profiles\fts5xk8v.default\parent.lock Object is locked skipped
C:\Documents and Settings\Bagaporo\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Bagaporo\Favorites\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Documents and Settings\Bagaporo\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Bagaporo\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Bagaporo\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Bagaporo\Local Settings\Temp\Free Download Manager\tic2.tmp Object is locked skipped
C:\Documents and Settings\Bagaporo\Local Settings\Temp\~DF4752.tmp Object is locked skipped
C:\Documents and Settings\Bagaporo\Local Settings\Temp\~DF48A9.tmp Object is locked skipped
C:\Documents and Settings\Bagaporo\Local Settings\Temp\~DF6839.tmp Object is locked skipped
C:\Documents and Settings\Bagaporo\Local Settings\Temp\~DFEA0E.tmp Object is locked skipped
C:\Documents and Settings\Bagaporo\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Bagaporo\NetHood\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Documents and Settings\Bagaporo\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Bagaporo\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Documents and Settings\Bagaporo\SendTo\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Documents and Settings\Bagaporo\Templates\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\gboy\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\gboy\list of games\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\gboy\list of games\laro\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\jr_folder\application\C++\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\jr_folder\application\Exer A.html Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\jr_folder\application\Exer B.html Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\jr_folder\application\Exer C.html Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\jr_folder\application\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\jr_folder\application\PE.html Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\jr_folder\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\jr_folder\monarchs\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\My Documents\Malware_Removal_Guide.html Infected: Virus.VBS.Redlof.k skipped
C:\Program Files\TypingMaster\TypingTest\database\HAPPY.wks Object is locked skipped
C:\Program Files\TypingMaster\TypingTest\database\Sarah.usr Object is locked skipped
C:\WINDOWS\All Users\Application Data\Comodo\Personal Firewall\Logs\cpf.lock Object is locked skipped
C:\WINDOWS\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\WINDOWS\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\ipsecpa.log Object is locked skipped
C:\WINDOWS\Debug\oakley.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\WINDOWS\FONTS\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\WINDOWS\SchedLog.Txt Object is locked skipped
C:\WINDOWS\security\logs\scepol.log Object is locked skipped
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\1e28e3e44d278a5858d1239e481f944c\BIT3C.tmp Object is locked skipped
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\bcba83bfbd8696dcc681193357beb552\download\BIT961.tmp Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SYSTEM.ALT Object is locked skipped
C:\WINDOWS\SYSTEM32\folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\WINDOWS\Web\Folder.htt Infected: Virus.VBS.Redlof.k skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

i wonder why avg doesn't even noticed that virus. i always adored avg but i am having second thoughts for it now. and i also installed and scanned with ca anti virus that you mentioned. it didn't also noticed the redlof virus. now what do i do next ridge? i hope i everything would be fine soon.

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#9 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 01 November 2006 - 10:17 PM

Sysclean

First create a new folder on your desktop by right clicking an empty space and choosing New>Folder. Rename the folder sysclean.
Download the following file and place it in your new folder.
http://www.trendmicro.com/ftp/products/tsc/cpr/tsc.zip
Now download the most recent virus detection file and extract(unzip) it in the sysclean folder with the first file.
<a href="http://www.trendmicro.com/ftp/products/tsc/cpr/tsc.zip" target="_blank">http://www.trendmicro.com/ftp/products/tsc/cpr/tsc.zip</a>
Now Open the Sysclean folder and double click the sysclean file and press scan. Sysclean will now scan and automatically clean your computer of all possible viruses. Once sysclean is done it might ask you to reboot your computer. If it does not ask you to reboot do it anyway.
After the reboot open the sysclean folder and look for SYSCLEAN.LOG. Post that log onto the forum.

Back to top

#10 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 02 November 2006 - 04:32 AM

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 09:43:25, Auto-clean mode specified.
2006-11-02, 09:43:25, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 09:47:40, Auto-clean mode specified.
2006-11-02, 09:47:40, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 09:48:04, Auto-clean mode specified.
2006-11-02, 09:48:04, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...
2006-11-02, 09:48:04, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 09:48:04, TSC Log:

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 09:48:41, Auto-clean mode specified.
2006-11-02, 09:48:41, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...
2006-11-02, 09:48:41, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 09:48:41, TSC Log:

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 10:26:14, Auto-clean mode specified.
2006-11-02, 10:26:14, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 10:26:46, Auto-clean mode specified.
2006-11-02, 10:26:46, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...
2006-11-02, 10:26:46, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 10:26:46, TSC Log:

2006-11-02, 10:27:26, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2006-11-02, 10:31:24, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 10:31:24, TSC Log:

Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows 2000(Build 2195: Service Pack 3)

Start time : Thu Nov 02 2006 09:43:27

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Bagaporo\Desktop\sysclean\tsc.ptn" (version 802) [success]

Complete time : Thu Nov 02 2006 09:46:22
Execute pattern count(2969), Virus found count(0), Virus clean count(0), Clean failed count(0)

Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows 2000(Build 2195: Service Pack 3)

Start time : Thu Nov 02 2006 09:47:41

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Bagaporo\Desktop\sysclean\tsc.ptn" (version 802) [success]
Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows 2000(Build 2195: Service Pack 3)

Start time : Thu Nov 02 2006 10:26:17

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Bagaporo\Desktop\sysclean\tsc.ptn" (version 802) [success]

Complete time : Thu Nov 02 2006 10:31:23
Execute pattern count(2969), Virus found count(0), Virus clean count(0), Clean failed count(0)

2006-11-02, 10:31:56, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2006-11-02, 10:37:25, Files Detected:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

C:\Documents and Settings\All Users\Start Menu\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Application Data\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Favorites\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\NetHood\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\SendTo\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Templates\Folder.htt [VBS_REDLOF.S]
C:\Folder.htt [VBS_REDLOF.S]
C:\My Documents\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\list of games\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\list of games\laro\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\C++\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\Exer A.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Exer B.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Exer C.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\PE.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\monarchs\Folder.htt [VBS_REDLOF.S]
C:\My Documents\Malware_Removal_Guide.html [VBS_REDLOF.Y]
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:32:07
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

2006-11-02, 10:37:25, Files Clean:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\All Users\Start Menu\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Application Data\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Favorites\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\NetHood\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\SendTo\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Templates\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\list of games\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\list of games\laro\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\application\C++\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer A.html
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer B.html
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer C.html
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\application\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\PE.html
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\monarchs\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\Malware_Removal_Guide.html
2006-11-02, 10:37:25, Clean Fail:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

2006-11-02, 10:37:25, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN" has finished running.
2006-11-02, 10:40:05, Files Detected:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

C:\Documents and Settings\All Users\Start Menu\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Application Data\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Favorites\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\NetHood\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\SendTo\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Templates\Folder.htt [VBS_REDLOF.S]
C:\Folder.htt [VBS_REDLOF.S]
C:\My Documents\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\list of games\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\list of games\laro\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\C++\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\Exer A.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Exer B.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Exer C.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\PE.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\monarchs\Folder.htt [VBS_REDLOF.S]
C:\My Documents\Malware_Removal_Guide.html [VBS_REDLOF.Y]
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:32:07
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

2006-11-02, 10:40:05, Files Clean:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\All Users\Start Menu\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Application Data\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Favorites\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\NetHood\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\SendTo\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Templates\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\list of games\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\list of games\laro\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\application\C++\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer A.html
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer B.html
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer C.html
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\application\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\PE.html
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\monarchs\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\Malware_Removal_Guide.html
2006-11-02, 10:40:05, Clean Fail:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

2006-11-02, 10:40:05, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN" has finished running.

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 10:40:30, Auto-clean mode specified.
2006-11-02, 10:40:30, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...
2006-11-02, 10:44:56, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 10:44:56, TSC Log:

Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows 2000(Build 2195: Service Pack 3)

Start time : Thu Nov 02 2006 10:40:33

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Bagaporo\Desktop\sysclean\tsc.ptn" (version 802) [success]

Complete time : Thu Nov 02 2006 10:44:55
Execute pattern count(2969), Virus found count(0), Virus clean count(0), Clean failed count(0)

2006-11-02, 10:45:35, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2006-11-02, 11:45:59, Files Detected:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:45:49
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

C:\WINDOWS\folder.htt [VBS_REDLOF.S]
C:\WINDOWS\FONTS\Folder.htt [VBS_REDLOF.S]
C:\WINDOWS\SYSTEM32\folder.htt [VBS_REDLOF.S]
C:\WINDOWS\Web\Folder.htt [VBS_REDLOF.S]
29803 files have been read.
29803 files have been checked.
24505 files have been scanned.
91080 files have been scanned. (including files in archived)
4 files containing viruses.
Found 4 viruses totally.
Maybe 0 viruses totally.
Stop At : 11/2/2006 11:45:56
---------*---------*---------*---------*---------*---------*---------*---------*
2006-11-02, 11:45:59, Files Clean:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:45:49
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

Success Clean [ VBS_REDLOF.S]( 1) from C:\WINDOWS\folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\WINDOWS\FONTS\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\WINDOWS\SYSTEM32\folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\WINDOWS\Web\Folder.htt
29803 files have been read.
29803 files have been checked.
24505 files have been scanned.
91080 files have been scanned. (including files in archived)
4 files containing viruses.
Found 4 viruses totally.
Maybe 0 viruses totally.
Stop At : 11/2/2006 11:45:56 1 hour 3 seconds (3603.89 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-11-02, 11:45:59, Clean Fail:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:45:49
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

29803 files have been read.
29803 files have been checked.
24505 files have been scanned.
91080 files have been scanned. (including files in archived)
4 files containing viruses.
Found 4 viruses totally.
Maybe 0 viruses totally.
Stop At : 11/2/2006 11:45:56 1 hour 3 seconds (3603.89 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-11-02, 11:45:59, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN" has finished running.

i noticed that after doing ur instructions, i have 3 files in the sysclean folder. i double clicked the file with the .com extension. but it said that i must download the LPT$VPN.*

So that's what i did. i then extracted it to the same sysclean folder. then i double clicked again the .com file. afterwards, it started in dos mode with many virus patterns thing. then some files appeared in the sysclean folder, while some files disappeared, like the .com file i just double clicked. anyways, i started this several times and completed only once, i mean the .com file. :rolleyes:

and these are the results. it said it cleaned the virus... hurray. but still my computer is slow for awhile and fine also for awhile, just as everything as it was before. thanks again.
i also posted hijack this log...

Logfile of HijackThis v1.99.1
Scan saved at 12:20:58 PM, on 11/2/2006
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\regsvc.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\system32\stisvc.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\CCleaner\ccleaner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bagaporo\Desktop\HijackThis.exe
C:\Program Files\CA\CA Internet Security Suite\ccupdate\CCUpdate.exe
C:\WINDOWS\System32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://update.microsoft.com/windowsupdate/...t.aspx?ln=en-us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Comodo Firewall] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1162219339828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1162227692093
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#11 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 02 November 2006 - 04:42 AM

Log looks good. One more scan just to make sure everything is 100% clean.

Download Superantispyware

Load Superantispyware and click the check for updates button.
Once the update is finished click the scan your computer button.
Check Perform Complete Scan and then next.
Superantispyware will now scan your computer and when its finished it will list all the infections it has found.
Make sure that they all have a check next to them and press next.
Click finish and you will be taken back to the main interface.
Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
Copy and paste the log onto the forum.

Post scan log and a new hijackthis log.

Back to top

#12 OFFLINE TeeJay3800

Power Member

Members
675 posts

Gender:Male
Location:Metro Detroit

Posted 02 November 2006 - 05:28 AM

This may be unrelated, but I noticed you have 2000 SP3. It was my understanding that SP3 is no longer supported by Microsoft. Definitely upgrade to SP4 so you can get the latest security patches.

Dell Latitude D600
Windows 7 Ultimate 32-bit SP1

Back to top

#13 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 02 November 2006 - 08:03 AM

TeeJay3800, on Nov 2 2006, 01:28 PM, said:

This may be unrelated, but I noticed you have 2000 SP3. It was my understanding that SP3 is no longer supported by Microsoft. Definitely upgrade to SP4 so you can get the latest security patches.

rridgely told me to update my windows earlier on this post. and i went to microsoft windows update. from the choices, there were only sp1 to sp3. i did not remember seeing sp4. so i chose sp3. thanks anyway for your concern

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#14 OFFLINE TeeJay3800

Power Member

Members
675 posts

Gender:Male
Location:Metro Detroit

Posted 02 November 2006 - 08:10 AM

Sorry, I missed that part. Its very strange that you weren't offered an upgrade to SP4, considering that it was released back in mid 2003.

Windows 2000 SP4 info and download

Dell Latitude D600
Windows 7 Ultimate 32-bit SP1

Back to top

#15 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 02 November 2006 - 08:27 AM

ok. i'll try to update to sp4 as soon as i get home. currently im here at school

thanks

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#16 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 02 November 2006 - 03:08 PM

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 09:43:25, Auto-clean mode specified.
2006-11-02, 09:43:25, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 09:47:40, Auto-clean mode specified.
2006-11-02, 09:47:40, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 09:48:04, Auto-clean mode specified.
2006-11-02, 09:48:04, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...
2006-11-02, 09:48:04, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 09:48:04, TSC Log:

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 09:48:41, Auto-clean mode specified.
2006-11-02, 09:48:41, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...
2006-11-02, 09:48:41, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 09:48:41, TSC Log:

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 10:26:14, Auto-clean mode specified.
2006-11-02, 10:26:14, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 10:26:46, Auto-clean mode specified.
2006-11-02, 10:26:46, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...
2006-11-02, 10:26:46, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 10:26:46, TSC Log:

2006-11-02, 10:27:26, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2006-11-02, 10:31:24, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 10:31:24, TSC Log:

Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows 2000(Build 2195: Service Pack 3)

Start time : Thu Nov 02 2006 09:43:27

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Bagaporo\Desktop\sysclean\tsc.ptn" (version 802) [success]

Complete time : Thu Nov 02 2006 09:46:22
Execute pattern count(2969), Virus found count(0), Virus clean count(0), Clean failed count(0)

Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows 2000(Build 2195: Service Pack 3)

Start time : Thu Nov 02 2006 09:47:41

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Bagaporo\Desktop\sysclean\tsc.ptn" (version 802) [success]
Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows 2000(Build 2195: Service Pack 3)

Start time : Thu Nov 02 2006 10:26:17

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Bagaporo\Desktop\sysclean\tsc.ptn" (version 802) [success]

Complete time : Thu Nov 02 2006 10:31:23
Execute pattern count(2969), Virus found count(0), Virus clean count(0), Clean failed count(0)

2006-11-02, 10:31:56, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2006-11-02, 10:37:25, Files Detected:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

C:\Documents and Settings\All Users\Start Menu\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Application Data\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Favorites\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\NetHood\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\SendTo\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Templates\Folder.htt [VBS_REDLOF.S]
C:\Folder.htt [VBS_REDLOF.S]
C:\My Documents\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\list of games\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\list of games\laro\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\C++\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\Exer A.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Exer B.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Exer C.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\PE.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\monarchs\Folder.htt [VBS_REDLOF.S]
C:\My Documents\Malware_Removal_Guide.html [VBS_REDLOF.Y]
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:32:07
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

2006-11-02, 10:37:25, Files Clean:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\All Users\Start Menu\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Application Data\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Favorites\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\NetHood\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\SendTo\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Templates\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\list of games\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\list of games\laro\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\application\C++\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer A.html
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer B.html
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer C.html
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\application\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\PE.html
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\monarchs\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\Malware_Removal_Guide.html
2006-11-02, 10:37:25, Clean Fail:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

2006-11-02, 10:37:25, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN" has finished running.
2006-11-02, 10:40:05, Files Detected:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

C:\Documents and Settings\All Users\Start Menu\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Application Data\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Favorites\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\NetHood\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\SendTo\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Templates\Folder.htt [VBS_REDLOF.S]
C:\Folder.htt [VBS_REDLOF.S]
C:\My Documents\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\list of games\Folder.htt [VBS_REDLOF.S]
C:\My Documents\gboy\list of games\laro\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\C++\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\Exer A.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Exer B.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Exer C.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\application\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\application\PE.html [VBS_REDLOF.Y]
C:\My Documents\jr_folder\Folder.htt [VBS_REDLOF.S]
C:\My Documents\jr_folder\monarchs\Folder.htt [VBS_REDLOF.S]
C:\My Documents\Malware_Removal_Guide.html [VBS_REDLOF.Y]
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:32:07
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

2006-11-02, 10:40:05, Files Clean:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\All Users\Start Menu\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\All Users\Start Menu\Programs\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Application Data\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Favorites\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\NetHood\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\PrintHood\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\SendTo\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Start Menu\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Start Menu\Programs\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Templates\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\list of games\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\gboy\list of games\laro\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\application\C++\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer A.html
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer B.html
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\Exer C.html
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\application\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\jr_folder\application\PE.html
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\My Documents\jr_folder\monarchs\Folder.htt
Success Clean [ VBS_REDLOF.Y]( 6552) from C:\My Documents\Malware_Removal_Guide.html
2006-11-02, 10:40:05, Clean Fail:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:27:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

2006-11-02, 10:40:05, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN" has finished running.

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 10:40:30, Auto-clean mode specified.
2006-11-02, 10:40:30, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...
2006-11-02, 10:44:56, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 10:44:56, TSC Log:

Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows 2000(Build 2195: Service Pack 3)

Start time : Thu Nov 02 2006 10:40:33

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Bagaporo\Desktop\sysclean\tsc.ptn" (version 802) [success]

Complete time : Thu Nov 02 2006 10:44:55
Execute pattern count(2969), Virus found count(0), Virus clean count(0), Clean failed count(0)

2006-11-02, 10:45:35, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2006-11-02, 11:45:59, Files Detected:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:45:49
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

C:\WINDOWS\folder.htt [VBS_REDLOF.S]
C:\WINDOWS\FONTS\Folder.htt [VBS_REDLOF.S]
C:\WINDOWS\SYSTEM32\folder.htt [VBS_REDLOF.S]
C:\WINDOWS\Web\Folder.htt [VBS_REDLOF.S]
29803 files have been read.
29803 files have been checked.
24505 files have been scanned.
91080 files have been scanned. (including files in archived)
4 files containing viruses.
Found 4 viruses totally.
Maybe 0 viruses totally.
Stop At : 11/2/2006 11:45:56
---------*---------*---------*---------*---------*---------*---------*---------*
2006-11-02, 11:45:59, Files Clean:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:45:49
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

Success Clean [ VBS_REDLOF.S]( 1) from C:\WINDOWS\folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\WINDOWS\FONTS\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\WINDOWS\SYSTEM32\folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\WINDOWS\Web\Folder.htt
29803 files have been read.
29803 files have been checked.
24505 files have been scanned.
91080 files have been scanned. (including files in archived)
4 files containing viruses.
Found 4 viruses totally.
Maybe 0 viruses totally.
Stop At : 11/2/2006 11:45:56 1 hour 3 seconds (3603.89 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-11-02, 11:45:59, Clean Fail:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 10:45:49
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

29803 files have been read.
29803 files have been checked.
24505 files have been scanned.
91080 files have been scanned. (including files in archived)
4 files containing viruses.
Found 4 viruses totally.
Maybe 0 viruses totally.
Stop At : 11/2/2006 11:45:56 1 hour 3 seconds (3603.89 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-11-02, 11:45:59, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN" has finished running.

/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/

2006-11-02, 21:49:53, Auto-clean mode specified.
2006-11-02, 21:49:53, Running scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN"...
2006-11-02, 21:56:42, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\TSC.BIN" has finished running.
2006-11-02, 21:56:42, TSC Log:

Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows 2000(Build 2195: Service Pack 3)

Start time : Thu Nov 02 2006 21:49:56

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Bagaporo\Desktop\sysclean\tsc.ptn" (version 802) [success]

Complete time : Thu Nov 02 2006 21:56:41
Execute pattern count(2969), Virus found count(0), Virus clean count(0), Clean failed count(0)

2006-11-02, 21:57:38, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2006-11-02, 22:19:47, Files Detected:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 21:57:51
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

C:\Documents and Settings\Bagaporo\Desktop\galing sa MEMORY\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Desktop\galing sa MEMORY\gboy\Folder.htt [VBS_REDLOF.S]
C:\Documents and Settings\Bagaporo\Desktop\galing sa MEMORY\gboy\list of games\Folder.htt [VBS_REDLOF.S]
30038 files have been read.
30038 files have been checked.
24714 files have been scanned.
91435 files have been scanned. (including files in archived)
3 files containing viruses.
Found 3 viruses totally.
Maybe 0 viruses totally.
Stop At : 11/2/2006 22:19:46
---------*---------*---------*---------*---------*---------*---------*---------*
2006-11-02, 22:19:47, Files Clean:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 21:57:51
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Desktop\galing sa MEMORY\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Desktop\galing sa MEMORY\gboy\Folder.htt
Success Clean [ VBS_REDLOF.S]( 1) from C:\Documents and Settings\Bagaporo\Desktop\galing sa MEMORY\gboy\list of games\Folder.htt
30038 files have been read.
30038 files have been checked.
24714 files have been scanned.
91435 files have been scanned. (including files in archived)
3 files containing viruses.
Found 3 viruses totally.
Maybe 0 viruses totally.
Stop At : 11/2/2006 22:19:46 21 minutes 53 seconds (1312.97 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-11-02, 22:19:47, Clean Fail:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 11/2/2006 21:57:51
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 895 (139662 Patterns) (2006/10/31) (389500)
Command Line: C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Bagaporo\Desktop\sysclean

30038 files have been read.
30038 files have been checked.
24714 files have been scanned.
91435 files have been scanned. (including files in archived)
3 files containing viruses.
Found 3 viruses totally.
Maybe 0 viruses totally.
Stop At : 11/2/2006 22:19:46 21 minutes 53 seconds (1312.97 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-11-02, 22:19:47, Scanner "C:\Documents and Settings\Bagaporo\Desktop\sysclean\VSCANTM.BIN" has finished running.

Logfile of HijackThis v1.99.1
Scan saved at 10:57:01 PM, on 11/2/2006
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\regsvc.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\system32\stisvc.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Bagaporo\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://update.microsoft.com/windowsupdate/...t.aspx?ln=en-us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Comodo Firewall] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1162219339828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1162227692093
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

SUPERAntiSpyware Scan Log
Generated 11/02/2006 at 03:29 PM

Application Version : 3.3.1020

Core Rules Database Version : 3119
Trace Rules Database Version: 1142

Scan type : Complete Scan
Total Scan Time : 01:47:50

Memory items scanned : 271
Memory threats detected : 0
Registry items scanned : 3690
Registry threats detected : 0
File items scanned : 17970
File threats detected : 0

all are clean now. i wonder why my pc is still like this.
also when i ran sysclean, in the dos mode window, i can see as it scans each file. it encounters
errors especially with things inside system32 folder. but these aren't mentioned in the log file it produced.

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#17 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 02 November 2006 - 09:44 PM

First lets make sure its not comodo slowing your pc down. Disable it and let me know if you see improvement in speeds.

Back to top

#18 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 03 November 2006 - 02:07 AM

im here at school right now, so i can't do that for now. but before i installed comodo i remember my pc is like that. so i guess comodo isn't causing my pc to slow down.

i did however mentioned to you earlier in this post that there are two services.exe in my systems32 folder.
and its eating very much of the cpu usage everytime i peek at task manager. and thats when my pc is slowing down.

and when my pc starts up, comodo is asking for permission for lsass and something else for connection to internet. it said this is quite suspiscious and is quite like a trojan.

and also when i check the lan connection, i use wifi, i have a larger sent packets than received packets though i am just browsing the internet. isn't this something?

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

#19 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 03 November 2006 - 02:22 AM

Lsass is legit. (so is the services)
http://www.liutilities.com/products/wintas...slibrary/lsass/

The log you posted is clean. I guess if you want you can run a few other spyware scans but they shouldn't find anything.

Back to top

#20 OFFLINE monica1230

Member

Members
21 posts

Location:Philippines

Posted 03 November 2006 - 01:37 PM

Ok. if that's what you say. anyways, im now online and i disabled comodo. but still the problem persists. i hope wwe can find a solution to this.
im sorry if im causing too much trouble. anyways, thank you very much for all your help.

My Webpage (^ ^,)

"If you hear a voice within you say, 'You are not a painter,'
then by all means paint…and that voice will be silenced."

— Vincent Van Gogh

Back to top

Next

Back to Spyware Hell