I've run Sysclean & Adaware SE. Neither seems to have found the source of my
problem. Running Sysclean in Safe mode seems to cause problems.
Details below.
WinPatrol says I have a browser object called Related.htm. I can't find any
info on this in the list of known browser objects at
http://www.sysinfo.org/bholist.php. It has also twice reported that the
file associations for .CAB have changed, but doesn't specify what's changed
it.
Downloaded Adaware & Sysclean.com. Ran MD5 checksum verification on
Sysclean.com - checksums matched. Unzipped sysclean, downloaded latest
pattern file, unzipped it & copied lpt$vpn.246 to the same folder as
Sysclean.exe. Rebooted while holding down F8. During boot up sequence got
the
message:
CMOS/GPNVChexcksum bad!
Continued & started up in Safe Mode. Ran Sysclean by double-clicking on
Sysclean.exe in Windows explorer. Twice (before & after starting Sysclean)
got a message saying "
If you run a text-based program in safe mode, you risk corruption of the
video display or experiencing other anomalies...". Closed all other
application before
starting scan with automatic clean/delete of infected files. Sysclean ran
for about 25 minutes before a message came up saying vscantn (might be wrong
spelling, I forgot to write it down) had performed an illegal operation &
would be shut down This happened while it was scanning the root directory
(C:*.*). Had to use button on the PC casing to perform a hardware shut down.
While rebooting held down F8 again & again got the message:
CMOS/GPNVChexcksum bad!
Also, mouse was not detected.
Again continued & started in Safe mode. Mouse not working.
Scandisk log said "Log file generated at 06:10PM on Friday, January 04,
1980....There was one lost cluster."
Sysclean.log was empty.
TSCDebug.log said "Debug Information Level=0"
Ran Sysclean as before. After about 30 minutes got windows message saying
Pstores had pergformed an illegal operation & would be shut down. When I
closed that, got the same message for vscantm. Sysclean finishefd & produced
a liog, but when I exited I saw a Windows message saying Sysclean had
performed an illegal operation.
TSCDebug.log said "Debug Information Level=0"
SYSCLEAN.log was as follows:
/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
|
http://www.trendmicro.com |
\--------------------------------------------------------------/
1980-01-04, 18:37:24, Auto-clean mode specified.
1980-01-04, 18:37:24, Running scanner "C:\MY
DOCUMENTS\SECURITY\TSC.BIN"...
1980-01-04, 18:42:09, Scanner "C:\MY DOCUMENTS\SECURITY\TSC.BIN" has
finished running.
1980-01-04, 18:42:09, TSC Log:
Damage Cleanup Engine (DCE) 3.6(Build 1120)
Windows 98
Start time : Fri Jan 04 1980 18:41:37
Load Damage Cleanup Template (DCT) "C:\MY DOCUMENTS\SECURITY\tsc.ptn"
(version 449) [success]
Complete time : Fri Jan 04 1980 18:42:09
Execute pattern count(1391), Virus found count(0), Virus clean count(0),
Clean failed count(0)
1980-01-04, 18:46:08, An error occurred while scanning file
"C:\WINDOWS\WIN386.SWP": Access is denied.
1980-01-04, 19:12:29, Running scanner "C:\MY
DOCUMENTS\SECURITY\VSCANTM.BIN"...
1980-01-04, 19:13:07, Files Detected:
1980-01-04, 19:13:07, Files Clean:
1980-01-04, 19:13:07, Clean Fail:
1980-01-04, 19:13:07, Scanner "C:\MY DOCUMENTS\SECURITY\VSCANTM.BIN" has
finished running.
--------------------------- end of SYSCLEAN.log ------------------------
Booted up in normal mode. No checksum problem reported during boot-up
sequence. Stopped anti-virus, firewall & other windows applications. Ran
Sysclean. No illegal operation errors reported. Log file seems to have
appended new report to old one. My system time needs to be reset, but
Sysclean only detected one virus, in an email attachment I already
suspected. However, it was unable to scan my swop file & reported an error.
New report as follows:
/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
|
http://www.trendmicro.com |
\--------------------------------------------------------------/
1980-01-04, 13:49:02, Auto-clean mode specified.
1980-01-04, 13:49:02, Running scanner "C:\MY
DOCUMENTS\SECURITY\TSC.BIN"...
1980-01-04, 13:49:54, Scanner "C:\MY DOCUMENTS\SECURITY\TSC.BIN" has
finished running.
1980-01-04, 13:49:54, TSC Log:
Damage Cleanup Engine (DCE) 3.6(Build 1120)
Windows 98
Start time : Fri Jan 04 1980 13:49:02
Load Damage Cleanup Template (DCT) "C:\MY DOCUMENTS\SECURITY\tsc.ptn"
(version 449) [success]
Complete time : Fri Jan 04 1980 13:49:54
Execute pattern count(1391), Virus found count(0), Virus clean count(0),
Clean failed count(0)
1980-01-04, 13:49:56, An error occurred while scanning file
"C:\WIN386.SWP": Access is denied.
1980-01-04, 14:12:13, Running scanner "C:\MY
DOCUMENTS\SECURITY\VSCANTM.BIN"...
1980-01-04, 14:44:59, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/4/1980 14:12:15
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 246 (75549 Patterns) (2004/11/11) (224600)
Command Line: C:\MY DOCUMENTS\SECURITY\VSCANTM.BIN /NBPM /S /CLEANALL
/LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\MY
DOCUMENTS\SECURITY
23338 files have been read.
23338 files have been checked.
15902 files have been scanned.
54484 files have been scanned. (including files in archived)
1 files containing viruses.
Found 2 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/4/1980 14:44:58
---------*---------*---------*---------*---------*---------*---------*------
---*
1980-01-04, 14:44:59, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/4/1980 14:12:15
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 246 (75549 Patterns) (2004/11/11) (224600)
Command Line: C:\MY DOCUMENTS\SECURITY\VSCANTM.BIN /NBPM /S /CLEANALL
/LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\MY
DOCUMENTS\SECURITY
Success Clean [ WORM_NETSKY.P]( 1) from C:\My Documents\Hacker
details\possible email with virus 1.txt,(message.scr)
23338 files have been read.
23338 files have been checked.
15902 files have been scanned.
54484 files have been scanned. (including files in archived)
1 files containing viruses.
Found 2 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/4/1980 14:44:58 32 minutes 39 seconds (1959.14 seconds) has
elapsed.
---------*---------*---------*---------*---------*---------*---------*------
---*
1980-01-04, 14:44:59, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/4/1980 14:12:15
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 246 (75549 Patterns) (2004/11/11) (224600)
Command Line: C:\MY DOCUMENTS\SECURITY\VSCANTM.BIN /NBPM /S /CLEANALL
/LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\MY
DOCUMENTS\SECURITY
23338 files have been read.
23338 files have been checked.
15902 files have been scanned.
54484 files have been scanned. (including files in archived)
1 files containing viruses.
Found 2 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/4/1980 14:44:58 32 minutes 39 seconds (1959.14 seconds) has
elapsed.
---------*---------*---------*---------*---------*---------*---------*------
---*
1980-01-04, 14:44:59, Scanner "C:\MY DOCUMENTS\SECURITY\VSCANTM.BIN" has
finished running.
--------------------------- end of SYSCLEAN.log ------------------------
Ran a compl;ete scan of system using up to date AVG. No viruses found.
Ran Adaware SE. It found 9 critical objects, all tagged "Alexa", which it
says are low threat.
Similar Threads
