TechSpot

Spoolsv.exe cpu usage always at 97% plus other problems

By wwollmuth
Oct 25, 2010
  1. 1. spoolsv.exe cpu usage always at 97% plus other problems
    2. internet explorer i.e. IE7 no longer works on my XP laptop no matter how many times i remove it and reinstall it , before this, but after getting the malware bug, it constantly redirected me to web pages i didn't want to go to - then it stopped working altogether
    3. so I down loaded FIREFOX but fire fox redirects me too but not as bad as IE7, then FireFox gets into this update loop where it tries to update itself then says it cant, so then it automatically tries again, and again and gets stuck in a loop of doing this..so have to shut down then remove and reinstall - so every few days have to remove and then reinstall...fire fox - but my MS Outlook Express still works ok - Thank God.
    4. so I bought and downloaded StopZilla because some other unsolicited malware was telling my that my registry was corrupted with over 2,000 problems - but stopzilla didn't do anything to get rid of my problem - it just slowed my laptop way down so removed it - now I am looking for other help to get my laptop up and running fast like it always has for the past 3 years or more - up until some sort of malware got into my system 3 or 4 weeks ago - ever since , i cannot shut down or put it into standby and bring it back up - I have to kill it with the switch and then turn it back on... and then spoolsv.exe will suddenly somewhere along the line start running at 97% where i have to use the Windows Task Manager to "end the process" but then I loose my audio until the next time I reboot.
     
  2. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Welcome aboard [​IMG]

    Stopzilla is a rogue program. You wasted your money, because you have to uninstall it.
    Sorry :(

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
     
  3. wwollmuth

    wwollmuth TS Rookie Topic Starter

    Scan report

    well when I googled what to do STOPZILLA was highly rated as the program to get rid of my problems ! so here is my report - 1 virus was found - it has been deleted.



    Avira AntiVir Personal
    Report file date: Monday, October 25, 2010 02:22

    Scanning for 2963531 virus strains and unwanted programs.

    The program is running as an unrestricted full version.
    Online services are available:

    Licensee : Avira AntiVir Personal - FREE Antivirus
    Serial number : 0000149996-ADJIE-0000001
    Platform : Windows XP
    Windows version : (Service Pack 3) [5.1.2600]
    Boot mode : Normally booted
    Username : SYSTEM
    Computer name : WMWOODWOLLMUTH

    Version information:
    BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
    AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/1/2010 18:37:38
    AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 18:57:04
    LUKE.DLL : 10.0.2.3 104296 Bytes 3/8/2010 00:33:04
    LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 01:27:49
    VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 23:37:42
    VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 22:37:42
    VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 17:29:03
    VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 05:10:03
    VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 05:10:27
    VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 05:11:16
    VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 05:11:54
    VBASE009.VDF : 7.10.11.134 2048 Bytes 9/13/2010 05:11:54
    VBASE010.VDF : 7.10.11.135 2048 Bytes 9/13/2010 05:11:54
    VBASE011.VDF : 7.10.11.136 2048 Bytes 9/13/2010 05:11:54
    VBASE012.VDF : 7.10.11.137 2048 Bytes 9/13/2010 05:11:54
    VBASE013.VDF : 7.10.11.165 172032 Bytes 9/15/2010 05:11:57
    VBASE014.VDF : 7.10.11.202 144384 Bytes 9/18/2010 05:11:59
    VBASE015.VDF : 7.10.11.231 129024 Bytes 9/21/2010 05:12:00
    VBASE016.VDF : 7.10.12.4 126464 Bytes 9/23/2010 05:12:02
    VBASE017.VDF : 7.10.12.38 146944 Bytes 9/27/2010 05:12:04
    VBASE018.VDF : 7.10.12.64 133120 Bytes 9/29/2010 05:12:05
    VBASE019.VDF : 7.10.12.99 134144 Bytes 10/1/2010 05:12:07
    VBASE020.VDF : 7.10.12.122 131584 Bytes 10/5/2010 05:12:09
    VBASE021.VDF : 7.10.12.148 119296 Bytes 10/7/2010 05:12:10
    VBASE022.VDF : 7.10.12.175 142848 Bytes 10/11/2010 05:12:12
    VBASE023.VDF : 7.10.12.198 131584 Bytes 10/13/2010 05:12:14
    VBASE024.VDF : 7.10.12.216 133120 Bytes 10/14/2010 05:12:16
    VBASE025.VDF : 7.10.12.238 137728 Bytes 10/18/2010 05:12:17
    VBASE026.VDF : 7.10.12.254 129536 Bytes 10/20/2010 05:12:19
    VBASE027.VDF : 7.10.13.22 137728 Bytes 10/22/2010 05:12:20
    VBASE028.VDF : 7.10.13.23 2048 Bytes 10/22/2010 05:12:21
    VBASE029.VDF : 7.10.13.24 2048 Bytes 10/22/2010 05:12:21
    VBASE030.VDF : 7.10.13.25 2048 Bytes 10/22/2010 05:12:21
    VBASE031.VDF : 7.10.13.28 17408 Bytes 10/24/2010 05:12:21
    Engineversion : 8.2.4.84
    AEVDF.DLL : 8.1.2.1 106868 Bytes 10/25/2010 05:12:59
    AESCRIPT.DLL : 8.1.3.45 1368443 Bytes 10/25/2010 05:12:59
    AESCN.DLL : 8.1.6.1 127347 Bytes 10/25/2010 05:12:54
    AESBX.DLL : 8.1.3.1 254324 Bytes 10/25/2010 05:13:01
    AERDL.DLL : 8.1.9.2 635252 Bytes 10/25/2010 05:12:54
    AEPACK.DLL : 8.2.3.11 471416 Bytes 10/25/2010 05:12:50
    AEOFFICE.DLL : 8.1.1.8 201081 Bytes 10/25/2010 05:12:47
    AEHEUR.DLL : 8.1.2.36 2974072 Bytes 10/25/2010 05:12:45
    AEHELP.DLL : 8.1.14.0 246134 Bytes 10/25/2010 05:12:32
    AEGEN.DLL : 8.1.3.23 401779 Bytes 10/25/2010 05:12:30
    AEEMU.DLL : 8.1.2.0 393588 Bytes 10/25/2010 05:12:28
    AECORE.DLL : 8.1.17.0 196982 Bytes 10/25/2010 05:12:27
    AEBB.DLL : 8.1.1.0 53618 Bytes 10/25/2010 05:12:25
    AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 18:03:38
    AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 18:03:35
    AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 22:47:40
    AVREG.DLL : 10.0.3.0 53096 Bytes 4/1/2010 18:35:46
    AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/1/2010 18:39:51
    AVARKT.DLL : 10.0.0.14 227176 Bytes 4/1/2010 18:22:13
    AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 15:53:30
    SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 18:57:58
    AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 21:38:56
    NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 20:41:00
    RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 19:10:20
    RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/9/2010 20:14:29

    Configuration settings for the scan:
    Jobname.............................: Complete system scan
    Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
    Logging.............................: low
    Primary action......................: interactive
    Secondary action....................: ignore
    Scan master boot sector.............: on
    Scan boot sector....................: on
    Boot sectors........................: C:, D:,
    Process scan........................: on
    Extended process scan...............: on
    Scan registry.......................: on
    Search for rootkits.................: on
    Integrity checking of system files..: off
    Scan all files......................: All files
    Scan archives.......................: on
    Recursion depth.....................: 20
    Smart extensions....................: on
    Macro heuristic.....................: on
    File heuristic......................: medium

    Start of the scan: Monday, October 25, 2010 02:22

    Starting search for hidden objects.
    HKEY_LOCAL_MACHINE\System\ControlSet004\Services\NtmsSvc\Config\Standalone\drivelist
    [NOTE] The registry entry is invisible.
    c:\program files\common files\microsoft shared\works shared\wkufind.exe
    c:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    [NOTE] The process is not visible.
    c:\windows\system32\ctfmon.exe
    c:\WINDOWS\system32\ctfmon.exe
    [NOTE] The process is not visible.

    The scan of running processes will be started
    Scan process 'rsmsink.exe' - '30' Module(s) have been scanned
    Scan process 'avscan.exe' - '68' Module(s) have been scanned
    Scan process 'dllhost.exe' - '46' Module(s) have been scanned
    Scan process 'vssvc.exe' - '49' Module(s) have been scanned
    Scan process 'avcenter.exe' - '65' Module(s) have been scanned
    Scan process 'msdtc.exe' - '41' Module(s) have been scanned
    Scan process 'dllhost.exe' - '60' Module(s) have been scanned
    Scan process 'taskmgr.exe' - '40' Module(s) have been scanned
    Scan process 'avgnt.exe' - '48' Module(s) have been scanned
    Scan process 'sched.exe' - '46' Module(s) have been scanned
    Scan process 'avshadow.exe' - '27' Module(s) have been scanned
    Scan process 'avguard.exe' - '55' Module(s) have been scanned
    Scan process 'ccSvcHst.exe' - '89' Module(s) have been scanned
    Scan process 'alg.exe' - '34' Module(s) have been scanned
    Scan process 'wmiprvse.exe' - '41' Module(s) have been scanned
    Scan process 'WMPNetwk.exe' - '52' Module(s) have been scanned
    Scan process 'ULCDRSvr.exe' - '12' Module(s) have been scanned
    Scan process 'svchost.exe' - '41' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '36' Module(s) have been scanned
    Scan process 'ccSvcHst.exe' - '161' Module(s) have been scanned
    Scan process 'MDM.EXE' - '23' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '18' Module(s) have been scanned
    Scan process 'CommandService.exe' - '18' Module(s) have been scanned
    Scan process 'WMPNSCFG.exe' - '28' Module(s) have been scanned
    Scan process 'AbacastDistributedOnDemand.exe' - '37' Module(s) have been scanned
    Scan process 'NMBgMonitor.exe' - '36' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '27' Module(s) have been scanned
    Scan process 'Monitor.exe' - '32' Module(s) have been scanned
    Scan process 'CMPDPSRV.EXE' - '25' Module(s) have been scanned
    Scan process 'WkUFind.exe' - '12' Module(s) have been scanned
    Scan process 'AGRSMMSG.exe' - '20' Module(s) have been scanned
    Scan process 'SynTPEnh.exe' - '27' Module(s) have been scanned
    Scan process 'IntuitUpdateService.exe' - '61' Module(s) have been scanned
    Scan process 'IJPLMSVC.EXE' - '17' Module(s) have been scanned
    Scan process 'svchost.exe' - '35' Module(s) have been scanned
    Scan process 'svchost.exe' - '35' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '112' Module(s) have been scanned
    Scan process 'Explorer.EXE' - '142' Module(s) have been scanned
    Scan process 'svchost.exe' - '42' Module(s) have been scanned
    Scan process 'svchost.exe' - '33' Module(s) have been scanned
    Scan process 'smc.exe' - '87' Module(s) have been scanned
    Scan process 'svchost.exe' - '172' Module(s) have been scanned
    Scan process 'svchost.exe' - '39' Module(s) have been scanned
    Scan process 'svchost.exe' - '51' Module(s) have been scanned
    Scan process 'lsass.exe' - '58' Module(s) have been scanned
    Scan process 'services.exe' - '37' Module(s) have been scanned
    Scan process 'winlogon.exe' - '67' Module(s) have been scanned
    Scan process 'csrss.exe' - '12' Module(s) have been scanned
    Scan process 'smss.exe' - '2' Module(s) have been scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!

    Starting to scan executable files (registry).
    The registry was scanned ( '521' files ).


    Starting the file scan:

    Begin scan in 'C:\' <BOOT>
    C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\QBackup\{829C441F-B92A-401B-A030-5DFBD92D3F88}\{BCDF9818-7111-4421-BC56-F2EA47BE11D8}.qbd
    [0] Archive type: HIDDEN
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    --> FIL\\\?\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\QBackup\{829C441F-B92A-401B-A030-5DFBD92D3F88}\{BCDF9818-7111-4421-BC56-F2EA47BE11D8}.qbd
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    Begin scan in 'D:\' <RECOVER>

    Beginning disinfection:
    C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\QBackup\{829C441F-B92A-401B-A030-5DFBD92D3F88}\{BCDF9818-7111-4421-BC56-F2EA47BE11D8}.qbd
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE] The file was deleted!


    End of the scan: Monday, October 25, 2010 07:50
    Used time: 2:24:35 Hour(s)

    The scan has been done completely.

    8096 Scanned directories
    316205 Files were scanned
    1 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    1 files were deleted
    0 Viruses and unwanted programs were repaired
    1 Files were moved to quarantine
    0 Files were renamed
    0 Files cannot be scanned
    316204 Files not concerned
    14962 Archives were scanned
    0 Warnings
    0 Notes
    430094 Objects were scanned with rootkit scan
    3 Hidden objects were found
     
  4. wwollmuth

    wwollmuth TS Rookie Topic Starter

    Avira AntiVir Personal
    Report file date: Monday, October 25, 2010 02:22

    Scanning for 2963531 virus strains and unwanted programs.

    The program is running as an unrestricted full version.
    Online services are available:

    Licensee : Avira AntiVir Personal - FREE Antivirus
    Serial number : 0000149996-ADJIE-0000001
    Platform : Windows XP
    Windows version : (Service Pack 3) [5.1.2600]
    Boot mode : Normally booted
    Username : SYSTEM
    Computer name : WMWOODWOLLMUTH

    Version information:
    BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
    AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/1/2010 18:37:38
    AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 18:57:04
    LUKE.DLL : 10.0.2.3 104296 Bytes 3/8/2010 00:33:04
    LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 01:27:49
    VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 23:37:42
    VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 22:37:42
    VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 17:29:03
    VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 05:10:03
    VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 05:10:27
    VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 05:11:16
    VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 05:11:54
    VBASE009.VDF : 7.10.11.134 2048 Bytes 9/13/2010 05:11:54
    VBASE010.VDF : 7.10.11.135 2048 Bytes 9/13/2010 05:11:54
    VBASE011.VDF : 7.10.11.136 2048 Bytes 9/13/2010 05:11:54
    VBASE012.VDF : 7.10.11.137 2048 Bytes 9/13/2010 05:11:54
    VBASE013.VDF : 7.10.11.165 172032 Bytes 9/15/2010 05:11:57
    VBASE014.VDF : 7.10.11.202 144384 Bytes 9/18/2010 05:11:59
    VBASE015.VDF : 7.10.11.231 129024 Bytes 9/21/2010 05:12:00
    VBASE016.VDF : 7.10.12.4 126464 Bytes 9/23/2010 05:12:02
    VBASE017.VDF : 7.10.12.38 146944 Bytes 9/27/2010 05:12:04
    VBASE018.VDF : 7.10.12.64 133120 Bytes 9/29/2010 05:12:05
    VBASE019.VDF : 7.10.12.99 134144 Bytes 10/1/2010 05:12:07
    VBASE020.VDF : 7.10.12.122 131584 Bytes 10/5/2010 05:12:09
    VBASE021.VDF : 7.10.12.148 119296 Bytes 10/7/2010 05:12:10
    VBASE022.VDF : 7.10.12.175 142848 Bytes 10/11/2010 05:12:12
    VBASE023.VDF : 7.10.12.198 131584 Bytes 10/13/2010 05:12:14
    VBASE024.VDF : 7.10.12.216 133120 Bytes 10/14/2010 05:12:16
    VBASE025.VDF : 7.10.12.238 137728 Bytes 10/18/2010 05:12:17
    VBASE026.VDF : 7.10.12.254 129536 Bytes 10/20/2010 05:12:19
    VBASE027.VDF : 7.10.13.22 137728 Bytes 10/22/2010 05:12:20
    VBASE028.VDF : 7.10.13.23 2048 Bytes 10/22/2010 05:12:21
    VBASE029.VDF : 7.10.13.24 2048 Bytes 10/22/2010 05:12:21
    VBASE030.VDF : 7.10.13.25 2048 Bytes 10/22/2010 05:12:21
    VBASE031.VDF : 7.10.13.28 17408 Bytes 10/24/2010 05:12:21
    Engineversion : 8.2.4.84
    AEVDF.DLL : 8.1.2.1 106868 Bytes 10/25/2010 05:12:59
    AESCRIPT.DLL : 8.1.3.45 1368443 Bytes 10/25/2010 05:12:59
    AESCN.DLL : 8.1.6.1 127347 Bytes 10/25/2010 05:12:54
    AESBX.DLL : 8.1.3.1 254324 Bytes 10/25/2010 05:13:01
    AERDL.DLL : 8.1.9.2 635252 Bytes 10/25/2010 05:12:54
    AEPACK.DLL : 8.2.3.11 471416 Bytes 10/25/2010 05:12:50
    AEOFFICE.DLL : 8.1.1.8 201081 Bytes 10/25/2010 05:12:47
    AEHEUR.DLL : 8.1.2.36 2974072 Bytes 10/25/2010 05:12:45
    AEHELP.DLL : 8.1.14.0 246134 Bytes 10/25/2010 05:12:32
    AEGEN.DLL : 8.1.3.23 401779 Bytes 10/25/2010 05:12:30
    AEEMU.DLL : 8.1.2.0 393588 Bytes 10/25/2010 05:12:28
    AECORE.DLL : 8.1.17.0 196982 Bytes 10/25/2010 05:12:27
    AEBB.DLL : 8.1.1.0 53618 Bytes 10/25/2010 05:12:25
    AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 18:03:38
    AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 18:03:35
    AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 22:47:40
    AVREG.DLL : 10.0.3.0 53096 Bytes 4/1/2010 18:35:46
    AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/1/2010 18:39:51
    AVARKT.DLL : 10.0.0.14 227176 Bytes 4/1/2010 18:22:13
    AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 15:53:30
    SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 18:57:58
    AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 21:38:56
    NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 20:41:00
    RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 19:10:20
    RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/9/2010 20:14:29

    Configuration settings for the scan:
    Jobname.............................: Complete system scan
    Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
    Logging.............................: low
    Primary action......................: interactive
    Secondary action....................: ignore
    Scan master boot sector.............: on
    Scan boot sector....................: on
    Boot sectors........................: C:, D:,
    Process scan........................: on
    Extended process scan...............: on
    Scan registry.......................: on
    Search for rootkits.................: on
    Integrity checking of system files..: off
    Scan all files......................: All files
    Scan archives.......................: on
    Recursion depth.....................: 20
    Smart extensions....................: on
    Macro heuristic.....................: on
    File heuristic......................: medium

    Start of the scan: Monday, October 25, 2010 02:22

    Starting search for hidden objects.
    HKEY_LOCAL_MACHINE\System\ControlSet004\Services\NtmsSvc\Config\Standalone\drivelist
    [NOTE] The registry entry is invisible.
    c:\program files\common files\microsoft shared\works shared\wkufind.exe
    c:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    [NOTE] The process is not visible.
    c:\windows\system32\ctfmon.exe
    c:\WINDOWS\system32\ctfmon.exe
    [NOTE] The process is not visible.

    The scan of running processes will be started
    Scan process 'rsmsink.exe' - '30' Module(s) have been scanned
    Scan process 'avscan.exe' - '68' Module(s) have been scanned
    Scan process 'dllhost.exe' - '46' Module(s) have been scanned
    Scan process 'vssvc.exe' - '49' Module(s) have been scanned
    Scan process 'avcenter.exe' - '65' Module(s) have been scanned
    Scan process 'msdtc.exe' - '41' Module(s) have been scanned
    Scan process 'dllhost.exe' - '60' Module(s) have been scanned
    Scan process 'taskmgr.exe' - '40' Module(s) have been scanned
    Scan process 'avgnt.exe' - '48' Module(s) have been scanned
    Scan process 'sched.exe' - '46' Module(s) have been scanned
    Scan process 'avshadow.exe' - '27' Module(s) have been scanned
    Scan process 'avguard.exe' - '55' Module(s) have been scanned
    Scan process 'ccSvcHst.exe' - '89' Module(s) have been scanned
    Scan process 'alg.exe' - '34' Module(s) have been scanned
    Scan process 'wmiprvse.exe' - '41' Module(s) have been scanned
    Scan process 'WMPNetwk.exe' - '52' Module(s) have been scanned
    Scan process 'ULCDRSvr.exe' - '12' Module(s) have been scanned
    Scan process 'svchost.exe' - '41' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '36' Module(s) have been scanned
    Scan process 'ccSvcHst.exe' - '161' Module(s) have been scanned
    Scan process 'MDM.EXE' - '23' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '18' Module(s) have been scanned
    Scan process 'CommandService.exe' - '18' Module(s) have been scanned
    Scan process 'WMPNSCFG.exe' - '28' Module(s) have been scanned
    Scan process 'AbacastDistributedOnDemand.exe' - '37' Module(s) have been scanned
    Scan process 'NMBgMonitor.exe' - '36' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '27' Module(s) have been scanned
    Scan process 'Monitor.exe' - '32' Module(s) have been scanned
    Scan process 'CMPDPSRV.EXE' - '25' Module(s) have been scanned
    Scan process 'WkUFind.exe' - '12' Module(s) have been scanned
    Scan process 'AGRSMMSG.exe' - '20' Module(s) have been scanned
    Scan process 'SynTPEnh.exe' - '27' Module(s) have been scanned
    Scan process 'IntuitUpdateService.exe' - '61' Module(s) have been scanned
    Scan process 'IJPLMSVC.EXE' - '17' Module(s) have been scanned
    Scan process 'svchost.exe' - '35' Module(s) have been scanned
    Scan process 'svchost.exe' - '35' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '112' Module(s) have been scanned
    Scan process 'Explorer.EXE' - '142' Module(s) have been scanned
    Scan process 'svchost.exe' - '42' Module(s) have been scanned
    Scan process 'svchost.exe' - '33' Module(s) have been scanned
    Scan process 'smc.exe' - '87' Module(s) have been scanned
    Scan process 'svchost.exe' - '172' Module(s) have been scanned
    Scan process 'svchost.exe' - '39' Module(s) have been scanned
    Scan process 'svchost.exe' - '51' Module(s) have been scanned
    Scan process 'lsass.exe' - '58' Module(s) have been scanned
    Scan process 'services.exe' - '37' Module(s) have been scanned
    Scan process 'winlogon.exe' - '67' Module(s) have been scanned
    Scan process 'csrss.exe' - '12' Module(s) have been scanned
    Scan process 'smss.exe' - '2' Module(s) have been scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!

    Starting to scan executable files (registry).
    The registry was scanned ( '521' files ).


    Starting the file scan:

    Begin scan in 'C:\' <BOOT>
    C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\QBackup\{829C441F-B92A-401B-A030-5DFBD92D3F88}\{BCDF9818-7111-4421-BC56-F2EA47BE11D8}.qbd
    [0] Archive type: HIDDEN
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    --> FIL\\\?\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\QBackup\{829C441F-B92A-401B-A030-5DFBD92D3F88}\{BCDF9818-7111-4421-BC56-F2EA47BE11D8}.qbd
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    Begin scan in 'D:\' <RECOVER>

    Beginning disinfection:
    C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\QBackup\{829C441F-B92A-401B-A030-5DFBD92D3F88}\{BCDF9818-7111-4421-BC56-F2EA47BE11D8}.qbd
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE] The file was deleted!


    End of the scan: Monday, October 25, 2010 07:50
    Used time: 2:24:35 Hour(s)

    The scan has been done completely.

    8096 Scanned directories
    316205 Files were scanned
    1 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    1 files were deleted
    0 Viruses and unwanted programs were repaired
    1 Files were moved to quarantine
    0 Files were renamed
    0 Files cannot be scanned
    316204 Files not concerned
    14962 Archives were scanned
    0 Warnings
    0 Notes
    430094 Objects were scanned with rootkit scan
    3 Hidden objects were found
     
  5. Broni

    Broni Malware Annihilator Posts: 52,898   +344

     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...