0

Hi!
So every time my computer loads and finishes, explorer.exe immediatly restarts. It continues to do this for awhile (varying amounts of time) and then just stops with nothing but my desktop picture displaying.

I've Used AVG spyware and anti-virus scanners as well as SS&D and only came up with a few tracking cookies.. Online scanners like Panda won't work, they just sit "loading" or being "idle" (probably a different problem all together)

Any help would be greatly appreciated!

Heres my Hijack This Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:24:35 PM, on 12/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F3 - REG:win.ini: load=C:\WINDOWS\system32\mlljg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.01\RivaTuner.exe" /S
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1175523821921
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1175794432671
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6902 bytes

2
Contributors
8
Replies
9
Views
9 Years
Discussion Span
Last Post by gerbil
0

After reading around and seeing some other similar problems i decided to run VundoFix.
It decided to remove:
gjllm.ini2
gjllm.ini
mlljg.dll
tuvvstq.dll

It had to delete them after rebooting, but explorer is no longer crashing!


VundoFix V6.7.7

Checking Java version...

Scan started at 6:36:46 PM 12/29/2007

Listing files found while scanning....

C:\WINDOWS\system32\gjllm.ini
C:\WINDOWS\system32\gjllm.ini2
C:\WINDOWS\system32\mlljg.dll
C:\WINDOWS\system32\tuvvstq.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\gjllm.ini
C:\WINDOWS\system32\gjllm.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\gjllm.ini2
C:\WINDOWS\system32\gjllm.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\mlljg.dll
C:\WINDOWS\system32\mlljg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tuvvstq.dll
C:\WINDOWS\system32\tuvvstq.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\tuvvstq.dll
C:\WINDOWS\system32\tuvvstq.dll Could not be deleted.

Performing Repairs to the registry.
Done!

****************************************

Also, I'm not sure if AVG did this somehow, but all my Favorites in firefox are gone, as well as my bookmarks..? ZoneAlarm, which i previously had installed, is now gone and the AVG Anti-Spyware .exe file disappeared. Also my internet speed (3mbs DSL) is being really slow, im downloading things at <50kb/s when it should be upwards of 300+kb/s. Other small little things are different too, like text sizes when viewing files and wierd things like that..

0

Hello, nate.
I don't see an AV service...?
That vundo log shows that it could NOT delete a file: tuvvstq.dll
Rerun Vundofix a couple more times; if it still cannot remove it then let's try this:
==This one is a general purpose deleter, Unlocker: http://filehippo.com/download_unlocker/
Dclick the exe to install it, unchecking the updater and assistant boxes. It runs from the rclick context menu, and that is cool.
Navigate to that file, C:\WINDOWS\system32\tuvvstq.dll and remove it, then run Vundofix again.
Fix these entries with hijackthis if they remain...

F3 - REG:win.ini: load=C:\WINDOWS\system32\mlljg.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

Now clean and scan:
==Download this temp file cleaner from http://www.atribune.org/ccount/click.php?id=1 --click in the download window to run it, and when ATF Cleaner opens go Select all, and then Empty Selected.
Next click Firefox [if you have that browser..] at the top, Select All again, and Empty Selected again. Follow that procedure also if you have Opera.
Close ATF.
==Please use IE to do an online scan at panda:- http://www.pandasoftware.com/products/activescan?
-select a link to the scan... free online virus scan...., enter a valid? email and follow through, choosing My Computer for a full system scan.
Post the log it produces here plus that vundofix log again.

Since you already have AVG AS, why not get AVG AV? http://free.grisoft.com/doc/5390/lng/us/tpl/v5

0

Alright, thank you for taking the time to help me!

I got rid of: tuvvstq.dll with Unlocker.
Fixed the entries in HijackThis.
And cleaned with the ATF Cleaner (over 1gb!).

The Panda ActiveScan didn't work however, I ran it in IE as you said and got to the part where i choose what i want to scan, and a little blip appears at the top. It wants to run the following add-on controles from Panda Software. I say ok, it refreshes, and then does the same thing..? Every time i refresh it also gives me a little option of whether i want to re-send my information or not. (In order to refresh i have to resend). I click yes and I reach my problem. I click no and it displays a blank web-page.
I've got AVG AV.. Just not running it right now =D

Here's the VundoFix log:
VundoFix V6.7.7

Checking Java version...

Scan started at 5:19:16 PM 12/30/2007

Listing files found while scanning....

No infected files were found.

0

Alright, here's the Panda scan results:


Incident Status Location

Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Hershey\Cookies\hershey@ad.yieldmanager[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Hershey\Cookies\hershey@atdmt[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Hershey\Cookies\hershey@doubleclick[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Hershey\Cookies\hershey@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Hershey\Cookies\hershey@serving-sys[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Hershey\Cookies\hershey@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Hershey\Cookies\hershey@tribalfusion[1].txt
Possible Virus. Not disinfected C:\Program Files\MSN\MSNCoreFiles\Setup\msnunin.exe
Possible Virus. Not disinfected C:\WINDOWS\ServicePackFiles\i386\msnunin.exe
Hacktool:Generic Application Not disinfected F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe
Adware:Adware/ActiveSearch Not disinfected F:\Program Files\BearShare Applications\BearShare MediaBar\MediaBar.dll
Possible Virus. Not disinfected F:\Program Files\InstallShield Installation Information\{52A5F706-2FCC-4C14-9E9A-345C2DCB25E9}\Setup.exe
Virus:Generic Malware Disinfected F:\Program Files\Online Services\PeoplePC\Utilities\AtlBrowser.exe
Adware:Adware/ActiveSearch Not disinfected F:\RECYCLER\S-1-5-21-1747285975-316173714-3372606291-1010\Dc147.exe
Virus:Generic Malware Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP108\A0091899.dll
Potentially unwanted tool:Application/KillApp.B Not disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP91\A0073853.exe
Adware:Adware/Yazzle Not disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP91\A0080879.exe
Adware:Adware/DollarRevenue Not disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP91\A0080904.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP92\A0080974.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP92\A0080975.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP92\A0080976.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP92\A0080977.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP92\A0080978.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP92\A0080979.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP92\A0080980.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP92\A0080981.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP92\A0080982.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP93\A0081012.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP93\A0081025.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP93\A0081026.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP93\A0081028.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP94\A0083168.exe
Adware:Adware/PurityScan Not disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP94\A0083187.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP94\A0083198.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP94\A0083202.rbf
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083245.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083246.EXE
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083247.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083248.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083249.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083250.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083251.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083252.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083253.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083254.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083255.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083256.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083257.EXE
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083258.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083259.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083260.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083261.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083262.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083263.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083264.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083265.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083266.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083267.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083268.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083269.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083270.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083271.EXE
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083272.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083273.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083274.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083275.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083276.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083277.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083278.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083279.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083280.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083281.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083282.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083283.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083284.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083285.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083286.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083287.EXE
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083288.EXE
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083289.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083290.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083291.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083292.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083293.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083294.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083295.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083296.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083297.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083298.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083299.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083300.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083301.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083302.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083303.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083304.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083305.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083306.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083307.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083308.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083309.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083310.EXE
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083311.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083312.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083313.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083314.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083315.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083316.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083317.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083319.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083320.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083321.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083322.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083323.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083324.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083325.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083326.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083327.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083328.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083329.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083330.EXE
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083331.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083332.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083333.EXE
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083334.EXE
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083335.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083336.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083337.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083339.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083341.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083342.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083343.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083344.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083345.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083346.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083347.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083348.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083349.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083350.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083351.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083352.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083353.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083354.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083355.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083356.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083357.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083358.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083359.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083360.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083361.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083362.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083363.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083364.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083365.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083366.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083367.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083368.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083369.exe
Virus:W32/Parite.B Disinfected F:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP95\A0083370.exe

0

nate, I am a little concerned by these detections:
Possible Virus. Not disinfected C:\Program Files\MSN\MSNCoreFiles\Setup\msnunin.exe
Possible Virus. Not disinfected C:\WINDOWS\ServicePackFiles\i386\msnunin.exe
Possible Virus. Not disinfected F:\Program Files\InstallShield Installation Information\{52A5F706-2FCC-4C14-9E9A-345C2DCB25E9}\Setup.exe

First, lets get rid of all your restore points and make a fresh one....
==You SHOULD clear all your system restore points because some have been infected.... Panda may have cleaned them, but we cannot be sure it found everything. So go control panel > system > system restore tab, check Turn off sys res on all drives, Apply and OK. Do it all again but uncheck that box, Apply and OK.
[[a quick way in is Start > run, paste: control sysdm.cpl,,4 -and OK]]
Now make a fresh, clean restore point: Start > programs > accessories > system tools > system restore and create a restore point now!!
[[the quick way to System Restore is Start > run, paste: %systemroot%\system32\restore\rstrui.exe -and OK]]

Good. Now fire up AVG AV, update it and run a FULL system scan. Post the result if it finds anything... there is a possibility that you will have to delete those files above and dl fresh copies.
Parite A, B are just two parts of a file infector virus. It doesn't do anything except spread itself via networks......afaik. It does cause explorer.exe to remain running so that it can spread into any and all .exe and .scr files on your sys [and any networks]

0

AVG came up clean! Explorer is working fine, now I just need to get all my bookmarks and such back. Thank you for your help!

0

Can't help on the bookmarks aspect, I'm afraid; this gives you a chance to review stuff... :)
Cheers.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.