WiredWX Hobby Weather ToolsLog in

 


Suspicious files in my document folder

2 posters

descriptionSuspicious files in my document folder - Page 4 EmptyRe: Suspicious files in my document folder

more_horiz
Start Malwarebytes and go to the
More Tools tab. There you'll find a button named Run Tool to run FileASSISSIN.

Then browse to these files:
c:\windows\system32\drivers\25b7bf45801895d6.sys
c:\windows\system32\drivers\39f53c95945612ae.sys


Select that file and click OK, then Yes to remove it.
*******************************************************
I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the Suspicious files in my document folder - Page 4 EsetOnline button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on Suspicious files in my document folder - Page 4 EsetSmartInstall to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the Suspicious files in my document folder - Page 4 EsetSmartInstallDesktopIcon-1 icon on your desktop.

•Check Suspicious files in my document folder - Page 4 EsetAcceptTerms
•Click the Suspicious files in my document folder - Page 4 EsetStart button.
•Accept any security warnings from your browser.
•Check Suspicious files in my document folder - Page 4 EsetScanArchives
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push Suspicious files in my document folder - Page 4 EsetListThreats
•Push Suspicious files in my document folder - Page 4 EsetExport, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the Suspicious files in my document folder - Page 4 EsetBack button.
•Push Suspicious files in my document folder - Page 4 EsetFinish
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

descriptionSuspicious files in my document folder - Page 4 EmptyRe: Suspicious files in my document folder

more_horiz
The module "wuaueng.dll" was loaded but the call to DllRegisterServer failed with error code 0x80070005.

I believe this is what is causing your problem with the Windows Updates.
This
site explains why you receive this message although they only mention XP. Could it be something to do with you not using Adm priveleges? Here's another site that may help. Please notice that Adm. is also mentioned. If none of these help, I think you should request help from Windows Vista about this problem.

descriptionSuspicious files in my document folder - Page 4 EmptyRe: Suspicious files in my document folder

more_horiz
Start Malwarebytes and go to the
More Tools tab. There you'll find a button named Run Tool to run FileASSISSIN.

Then browse to these files:
c:\windows\system32\drivers\25b7bf45801895d6.sys
c:\windows\system32\drivers\39f53c95945612ae.sys

Select that file and click OK, then Yes to remove it.


FileAssassin was able to remove 39f53c95945612ae.sys, but when I tried to remove 25b7bf45801895d6.sys, I just get the message You don't have permission to open this file.

descriptionSuspicious files in my document folder - Page 4 EmptyRe: Suspicious files in my document folder

more_horiz
C:\Qoobox\Quarantine\C\Windows\System32\drivers\_25b7bf45801895d6_.sys.zip a variant of Win32/Rootkit.Kryptik.HT trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Windows\System32\drivers\_39f53c95945612ae_.sys.zip a variant of Win32/Rootkit.Kryptik.HT trojan deleted - quarantined
C:\Users\Lou\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\4b83f3c4-302a17e0 multiple threats deleted - quarantined
C:\Users\Lou\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\77c3a532-53cc42a2 Java/TrojanDownloader.Agent.NAI trojan deleted - quarantined
C:\Users\Lou\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\799c6e88-7e033fcb multiple threats deleted - quarantined
C:\Users\Lou\Videos\Veoh\16_VeohWebPlayerSetup_eng.exe a variant of Win32/Toolbar.Zugo application deleted - quarantined

descriptionSuspicious files in my document folder - Page 4 EmptyRe: Suspicious files in my document folder

more_horiz
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=bb4d046c04010c43b47b1ddaaebd0b23
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-03-19 08:38:56
# local_time=2012-03-20 04:38:56 (+0800, China Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16774142 0 6 67394331 103706268 0 0
# compatibility_mode=3073 16777214 80 71 1417 7887021 0 0
# compatibility_mode=5892 16776574 100 100 1209976 169708531 0 0
# compatibility_mode=8192 67108863 100 0 1479 1479 0 0
# compatibility_mode=9217 16777214 0 4 102320204 102320204 0 0
# scanned=278860
# found=6
# cleaned=6
# scan_time=10132
C:\Qoobox\Quarantine\C\Windows\System32\drivers\_25b7bf45801895d6_.sys.zip a variant of Win32/Rootkit.Kryptik.HT trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Windows\System32\drivers\_39f53c95945612ae_.sys.zip a variant of Win32/Rootkit.Kryptik.HT trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Lou\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\4b83f3c4-302a17e0 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Lou\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\77c3a532-53cc42a2 Java/TrojanDownloader.Agent.NAI trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Lou\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\799c6e88-7e033fcb multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Lou\Videos\Veoh\16_VeohWebPlayerSetup_eng.exe a variant of Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C

descriptionSuspicious files in my document folder - Page 4 EmptyRe: Suspicious files in my document folder

more_horiz
You can use unlocker to delete that other file.Once you have UnLocker installed, search for that file and right-click on the file and select Unlocker then you should be able to delete it.

You can download and install Unlocker .

Please try this tool to fix the Update problem and let me know how it goes.

Please download Windows Update fix utility from here and run it.

descriptionSuspicious files in my document folder - Page 4 EmptyRe: Suspicious files in my document folder

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum