Help2Go
Free Computer Help.
Powered by Volunteers.


- Home
- Help! I'm Lost!
- Forums Home
- Tutorials
- Get Computer Help
- Spyware Help
- Help2Go Detective
- Software Picks
- Newsletter
- Testimonials
- Donate
- Search Help2Go
- Search Forums



Go Back   Help2Go > Spyware Help
Help needed Wiadebug found & can't remove! Help needed Wiadebug found & can't remove!
Register FAQ Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools
Old 01-12-2010, 04:56 PM   #1 (permalink)
Member
 
Join Date: Jan 2010
Posts: 1
Points: 0
Default Help needed Wiadebug found & can't remove!
HI
YESTERDAY WHILST SURFING THE NET I PRESSED AN WINDOWS SECURITY ALERT HOWEVER IT TURNED OUT TO BE ANTIVIRUS 2009, WHICH THEN TOOK OVER MY PC AFTER. aFTER RESTORING THE SYSTEM I DOWNLOADED MALWARE BYTES & SUPER ANTI SPYWARE, & RAN THEM PLUS AVG THEY FOUND MALWARE.PACKER.MORPHINE, & PASSWORD LOGGER & PC IS NOW WORKING. THEN I FOUND WIADEBUG, WIASERV IN MY C DRIVE. WHEN I TRY TO DELETE IT SAYS CAN'T DELETE AS BEING USED BY ANOTHER PROGRAM OR PERSON. COULD YOU PLEASE HELP ME TO REMOVE AS I'M SCARED MY PC IS STILL AT RISK OF CORRUPTION. I'M ATTACHING MY LOG REPORTS FROM MALWARE, SUPER ANTI SPYWARE, & TREND MICRO HIJACK ANY HELP GRATEFULLY APPRECIATED

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 01/12/2010 at 10:35 PM

Application Version : 4.33.1000

Core Rules Database Version : 4465
Trace Rules Database Version: 2284

Scan type : Complete Scan
Total Scan Time : 01:13:01

Memory items scanned : 519
Memory threats detected : 0
Registry items scanned : 6218
Registry threats detected : 0
File items scanned : 24641
File threats detected : 54

Adware.Tracking Cookie
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@cdn5.specificclick[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@atdmt[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@www.burstnet[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@mediaplex[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@ad.yieldmanager[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@bluestreak[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@xiti[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@premiumtv.122.2o7[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@burstnet[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@dynamic.media.adrevolver[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@content.yieldmanager[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@adviva[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@imrworldwide[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@serving-sys[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@dmtracker[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@tribalfusion[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@zedo[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@adbrite[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@247realmedia[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@fr.sitestat[3].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@bs.serving-sys[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@uk.at.atwola[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@tacoda[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@smartadserver[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@specificclick[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@www.burstbeacon[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@advertising[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@questionmarket[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@kontera[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@content.yieldmanager[3].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@insightexpressai[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@uk.sitestat[7].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@eas.apm.emediate[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@apmebf[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@ads.audience2media[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@revsci[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@statse.webtrendslive[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@adrevolver[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@media.adrevolver[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@fastclick[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@doubleclick[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@adtech[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@media6degrees[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@2o7[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@msnportal.112.2o7[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@fr.sitestat[4].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@server.lon.liveperson[3].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@tsleducation.112.2o7[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@statcounter[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@tradedoubler[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@112.2o7[2].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@burstbeacon[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@collective-media[1].txt
C:\Documents and Settings\Louise Davies\Cookies\louise_davies@server.lon.liveperson[2].txt

Malwarebytes' Anti-Malware 1.44
Database version: 3540
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/01/2010 21:15:16
mbam-log-2010-01-12 (21-15-16).txt

Scan type: Full Scan (C:\|)
Objects scanned: 212093
Time elapsed: 58 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:42:59, on 12/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Generic\Power4 Gear\BatteryLife.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Generic\Generic ChkMail\ChkMail.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: txthlpBHO Class - {060235DC-6D84-47BD-95D7-A4EF5099A59D} - C:\PROGRA~1\TEXTHE~1\READAN~1\TE3219~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\Generic\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Generic ChkMail.lnk = C:\Program Files\Generic\Generic ChkMail\ChkMail.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?ca0ed8ae50e54271a51b6af41a17c3d4
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?ca0ed8ae50e54271a51b6af41a17c3d4
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.ergo.co.uk
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/softwareupda...31/CTSUEng.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1163582952468
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupda...5034/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: DM1Service - OLYMPUS Corporation - C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe

--
End of file - 11030 bytes

ALSO I'VE FOUND NUMEROUS SVCEXE PROCESSES AND NOT SURE WHICH ONES TO REMOVE!

THANKS IN ADVANCE IT'S MY GIRFRIENDS PC & I'M IN THE DOGHOUSE
babybear is offline   Reply With Quote
Old 01-13-2010, 03:57 PM   #2 (permalink)
Help2Go Administrator
Supreme Guru
 
Canuck's Avatar
 
Join Date: May 2003
Location: Edmonton, Alberta, Canada
Posts: 8,986
Points: 1806
Default
Hi Babybear, our spyware fighters are fairly busy at the moment and so could be awhile before they get to you. In the meantime, arraknid pointed out that
Quote:
yours jumped out because the OP is trying to delete 2 system files that are present on all Windows installations. There are malware versions of both files, but as multiple scans came up with nothing, I'm wondering if he's wrongly identifying them.

It might be worth asking the question. This discusses both files.

And this final comment...

Quote:
ALSO I'VE FOUND NUMEROUS SVCEXE PROCESSES AND NOT SURE WHICH ONES TO REMOVE!
Perfectly normal. This explains what they are.
Thank arraknid

I might also mention that looking at the HJT log, you have way too many background processes (04) working and using up your RAM. You can safely delete most (except for AVG9_TRAY, Windows Defender, SynTPEnh (touchpad), ZoneAlarm Client, SUPERAntiSpyware, DWQueuedReporting) .. the keep list was shorter than the stop list .. All the others can be safely stopped as they are available either through All Programs or desktop shortcuts (not the icons in the time toolbar ..bottom right). If you're unsure of any of this you can copy the .exe (eg HControl.exe) paste it in the box SystemLookup - Global Search and search. I've gone through all of yours, none of them are bad .. red X , the ones with N are definatly not needed, the Us are User's choice .. which for the most part are not needed, especially at the expense of the laptops speed. So, in HJT, check the others that are not needed and click the 'Fixed Checked' button, Note, they can always be reactivated if needed.

Hope this helps, if you feel that this does not answer your questions, you can wait for a spyware expert, but as said, this may take some time.
__________________
Canuck is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -5. The time now is 10:55 PM.

Contact Us - Help2Go - Archive - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2
Copyright 1998-2010 Help2Go Networks, LLC
Creative Commons License