virtumundo!!!! help!! new log..:D

Status
Not open for further replies.
i did follow your post.. i just didn't post them in order.. however, if there was something wrong with what i did, i did it again.. here's my rerun..:D:D


ComboFix 08-05-21.3 - martin 2008-05-27 16:57:54.4 - NTFSx86
Running from: C:\Documents and Settings\martin\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\martin\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\Program Files\Firefox Setup 2.0.0.3.exe
C:\WINDOWS\system32\hjltfqgi.dll
C:\WINDOWS\system32\rqRIxyyx.dll.vir
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\web\related.htm
.

((((((((((((((((((((((((( Files Created from 2008-04-27 to 2008-05-27 )))))))))))))))))))))))))))))))
.

2008-05-24 20:29 . 2008-05-24 20:29 0 --a------ C:\WINDOWS\BM1fd74f42.xml
2008-05-24 16:34 . 2008-05-24 16:34 <DIR> d-------- C:\VundoFix Backups
2008-05-24 16:15 . 2008-05-24 16:15 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-23 22:06 . 2008-05-23 22:15 <DIR> d-------- C:\Program Files\ESET
2008-05-23 22:06 . 2008-05-23 22:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-05-23 21:31 . 2008-05-23 21:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-05-23 21:30 . 2008-05-23 21:30 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-05-22 09:22 . 2008-05-22 09:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-05-16 08:56 . 2008-05-16 08:56 <DIR> d-------- C:\Program Files\WinFF
2008-05-16 08:56 . 1999-01-01 03:34 <DIR> d-------- C:\Documents and Settings\martin\Application Data\WinFF
2008-05-09 22:19 . 2008-05-09 22:19 <DIR> d-------- C:\Program Files\YouTube Downloader
2008-05-06 11:38 . 2004-03-09 09:58 646,656 --a------ C:\WINDOWS\system32\sxs.dll
2008-05-06 11:38 . 2004-03-09 09:58 646,656 --a--c--- C:\WINDOWS\system32\dllcache\sxs.dll
2008-05-06 11:37 . 2008-05-06 11:37 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-05-06 11:33 . 2008-05-06 11:34 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-05-06 11:20 . 2008-05-06 11:41 <DIR> d--h-c--- C:\WINDOWS\$xpsp1hfm$
2008-05-05 23:32 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-05 23:32 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-23 13:41 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-22 07:04 --------- d-----w C:\Documents and Settings\martin\Application Data\uTorrent
2008-05-10 06:34 --------- d-----w C:\Documents and Settings\martin\Application Data\U3
2008-04-27 17:21 --------- d-----w C:\Documents and Settings\martin\Application Data\Image Zone Express
2008-04-27 11:41 --------- d-----w C:\Program Files\LimeWire
2008-04-24 18:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVG7
2008-04-24 11:54 --------- d-----w C:\Program Files\Trend Micro
2008-04-22 04:17 --------- d-----w C:\Program Files\Kaspersky Lab
2008-04-22 02:01 --------- d-----w C:\Documents and Settings\martin\Application Data\AVG7
2008-04-17 02:27 --------- d-----w C:\Program Files\Yahoo!
2007-12-14 20:58 784 -c--a-w C:\Documents and Settings\martin\Application Data\mpauth.dat
2007-11-06 07:51 348 ----a-w C:\Documents and Settings\martin\.cb_layout.bin
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((( snapshot@2008-05-24_20.25.47.53 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-24 12:10:55 2,048 -cs-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-27 09:03:14 2,048 -cs-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

R1 epfwtdir;epfwtdir;C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [2008-03-13 16:52]
R3 cwbmidi_device;Crystal WDM MPU-401 UART Driver;C:\WINDOWS\System32\drivers\cwbmidi.sys [2001-08-17 12:19]
R3 cwbwdm_device;Crystal WDM Audio Codec Driver;C:\WINDOWS\System32\drivers\cwbwdm.sys [2001-08-17 12:19]
S3 NtApm;NT Apm/Legacy Interface Driver;C:\WINDOWS\System32\DRIVERS\NtApm.sys [2001-08-17 21:47]
S3 V0090VID;Creative WebCam Vista Plus;C:\WINDOWS\System32\DRIVERS\V0090Vid.sys [2005-04-14 09:00]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-27 17:03:53
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\HPZipm12.exe
.
**************************************************************************
.
Completion time: 2008-05-27 17:08:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-27 09:08:12
ComboFix2.txt 2008-05-26 14:26:41
ComboFix3.txt 2008-05-26 14:03:16
ComboFix4.txt 2008-05-24 12:26:37

Pre-Run: 4,546,035,712 bytes free
Post-Run: 4,539,285,504 bytes free

91 --- E O F --- 2008-05-06 03:42:18
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:13:21 PM, on 5/27/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\martin\My Documents\My Pictures\rj\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/mic...ols/en/x86/client/wuweb_site.cab?915122538904
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ols/en/x86/client/muweb_site.cab?915122508300
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSEC.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

--
End of file - 3214 bytes
 
jotti scan

Scan taken on 27 May 2008 09:15:08 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing



i could already surf in google and some other sites that was unable last time.. i just want to make sure that the virus is removed from my computer... thanks a lot for your help..:D:D
 
It's still showing the same files.

One last time make sure you follow it exactly and if not then tech pro will help you remove the remaining infections.
 
On the contrary RedMo0n, the instructions were followed the first time and it was my bad for not seeing it but these newer logs assisted me a lot. We only have one more file to look over, and I would like you to submit it to Jotti so I can see if it's malware.

Jotti File Submission:
  • Please go to Jotti's malware scan
  • Copy and paste the following file path into the "File to upload & scan"box on the top of the page:
    • C:\WINDOWS\BM1fd74f42.xml
  • Click on the submit button
  • Please post the results in your next reply.
 
when i submit it, it shows this message.. i even tried turning my firewall off..


The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file
 
Please give me a few moments and I will tell you what to do. We are currently trying to get our malware upload systems finished, and we will get up and running in the next few hours. Please hold with us. In the mean time I would like you to take that file and zip it in an archive on your desktop.

This is the file that I need you to put in the zip on your desktop:
C:\WINDOWS\BM1fd74f42.xml

Please name the zip file: "VundoMRaT.zip"

Please wait for further instruction on what to do with the ZIP file.
 
Actually .. forget it, please delete that file :) Then follow these steps:

Step1

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Step2

Please do an online scan with Kaspersky WebScanner

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    • Extended (if available otherwise Standard)
    • Scan Options:
    • Scan Archives
      Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    • Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Logs Required In Next Post
-----------------------------

MBAM Log
Kasperky Log
 
Malwarebytes' Anti-Malware 1.12
Database version: 722

Scan type: Quick Scan
Objects scanned: 33095
Time elapsed: 8 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, January 01, 1999 3:35:51 AM
Operating System: Microsoft Windows XP Professional, (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 29/05/2008
Kaspersky Anti-Virus database records: 811007
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 26251
Number of viruses found: 2
Number of infected objects: 6
Number of suspicious objects: 0
Duration of the scan process: 01:16:13

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Charon\CACHE.NDB Object is locked skipped
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Logs\virlog.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Logs\warnlog.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\martin\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\cert8.db Object is locked skipped
C:\Documents and Settings\martin\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\history.dat Object is locked skipped
C:\Documents and Settings\martin\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\key3.db Object is locked skipped
C:\Documents and Settings\martin\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\parent.lock Object is locked skipped
C:\Documents and Settings\martin\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\search.sqlite Object is locked skipped
C:\Documents and Settings\martin\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\martin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Application Data\Mozilla\Firefox\Profiles\r6kaxuio.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\martin\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Temp\fla9C.tmp Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Temp\Perflib_Perfdata_76c.dat Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Temp\~DF9B33.tmp Object is locked skipped
C:\Documents and Settings\martin\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\martin\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\martin\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe/script.au3 Infected: Trojan.Win32.KillAV.rx skipped
C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe Embedded: infected - 1 skipped
C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe UPX: infected - 1 skipped
C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe PE_Patch.UPX: infected - 1 skipped
C:\Program Files\Yahoo!\Messenger\logs\billing_martin.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\client_martin.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\GIPS.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\network_martin.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\p2pce.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\voice.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\YSDP.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\YSIP.log Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\hjltfqgi.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.trv skipped
C:\System Volume Information\_restore{7E68F45D-B775-4D02-BA8B-6F1C67E5D78C}\RP4\A0001087.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.trv skipped
C:\System Volume Information\_restore{7E68F45D-B775-4D02-BA8B-6F1C67E5D78C}\RP6\change.log Object is locked skipped
C:\WINDOWS\Debug\oakley.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
G
Computer slow and work in background
Replies
0
Views
2K
grecycle99
G
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
M
computer suddenly slowed down.
Replies
0
Views
3K
mike3dp
M
N
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding"
Replies
0
Views
4K
nev
N
Back
Top Bottom