Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HELP! Computer doesn't log on [CLOSED]


  • This topic is locked This topic is locked

#16
SeniorChief

SeniorChief

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Here you go:

I couldn't get Kaspersky to work, because of the corrupt internet explorer

Malwarebytes' Anti-Malware 1.14
Database version: 815

4:44:30 PM 6/2/2008
mbam-log-6-2-2008 (16-44-30).txt

Scan type: Quick Scan
Objects scanned: 42938
Time elapsed: 8 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\SYSTEM32\mssrv32.exe (Rootkit.Agent) -> Quarantined and deleted successfully.



[Processes - Non-Microsoft Only]
Unable to kill process psiservice.exe .
C:\WINDOWS\SYSTEM32\PSIService.exe moved successfully.
Unable to kill process viewpointservice.exe .
C:\Program Files\Viewpoint\Common\ViewpointService.exe moved successfully.
[Win32 Services - Non-Microsoft Only]
Service ProtexisLicensing stopped successfully.
Service ProtexisLicensing deleted successfully.
File C:\WINDOWS\SYSTEM32\PSIService.exe not found.
Service Viewpoint Manager Service stopped successfully.
Service Viewpoint Manager Service deleted successfully.
File C:\Program Files\Viewpoint\Common\ViewpointService.exe not found.
[Driver Services - Non-Microsoft Only]
Service adwarealert stopped successfully.
Service adwarealert deleted successfully.
File C:\WINDOWS\system32\DRIVERS\adwarealert.sys not found.
Service hkaqyeb.sys stopped successfully.
Service hkaqyeb.sys deleted successfully.
File C:\WINDOWS\System32\hkaqyeb.sys not found.
Service redbookk stopped successfully.
Service redbookk deleted successfully.
File C:\WINDOWS\System32\drivers\redbookk.sys not found.
[Registry - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DSS deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\MMTray deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\MoneyStartUp10.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NAV Agent deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3262582141-619540180-3980966549-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ not found.
HOSTS entry 127.0.0.2 http://www.webkinz.com/us_en/ not found.
HOSTS entry 127.0.0.2 webkinz not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EA756889-2338-43DB-8F07-D1CA6FB9C90D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EA756889-2338-43DB-8F07-D1CA6FB9C90D}\ not found.
Registry key HKEY_USERS\1-5-21-3262582141-619540180-3980966549-1005\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_USERS\1-5-21-3262582141-619540180-3980966549-1005\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}\ not found.
Registry value HKEY_USERS\S-1-5-21-3262582141-619540180-3980966549-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95fe080-8f5d-11d2-a20b-00aa003c157a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E023F504-0C5A-4750-A1E7-A9046DEA8A21}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E023F504-0C5A-4750-A1E7-A9046DEA8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{301DA1EE-F65C-4188-A417-9E915CC8FBFA}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{0483894E-2422-45E0-8384-021AFF1AF3CD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0483894E-2422-45E0-8384-021AFF1AF3CD}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{2670000A-7350-4f3c-8081-5663EE0C6C49} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{320AF880-6646-11D3-ABEE-C5DBF3571F46} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F46}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{320AF880-6646-11D3-ABEE-C5DBF3571F49} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{3369AF0D-62E9-4bda-8103-B4C75499B578} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3369AF0D-62E9-4bda-8103-B4C75499B578}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{724d43aa-0d85-11d4-9908-00400523e39a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{724d43aa-0d85-11d4-9908-00400523e39a}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95fe080-8f5d-11d2-a20b-00aa003c157a}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E023F504-0C5A-4750-A1E7-A9046DEA8A21}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
[Files/Folders - Created Within 90 days]
[Files/Folders - Modified Within 90 days]
C:\WINDOWS\System32\' moved successfully.
C:\WINDOWS\System32\comz7 folder moved successfully.
[Extra Files]
< Purity >
[Empty Temp Folders]
File delete failed. C:\Documents and Settings\Edward\Local Settings\Temp\Perflib_Perfdata_5dc.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Edward\Local Settings\Temp\skiollty.dll scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\SPL69.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
RecycleBin -> emptied.
< End of fix log >
OTScanIt by OldTimer - Version 1.0.15.9 fix logfile created on 06022008_142144

Files moved on Reboot...
File C:\Documents and Settings\Edward\Local Settings\Temp\Perflib_Perfdata_5dc.dat not found!
C:\Documents and Settings\Edward\Local Settings\Temp\skiollty.dll moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\SPL69.tmp not found!
  • 0

Advertisements


#17
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Lets reinstall Internet Explorer then.

Go to Start, Run and enter the following command by Copying and pasting into the run box:

rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %windir%\Inf\ie.inf

You will need to have your XP CD available, and insert it when prompted.

When you have IE back, please run the Kaspersky scan.

Regards,
RatHat
  • 0

#18
SeniorChief

SeniorChief

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Well Mark, I just found a new problem that might just piss you off.

My Windows Installer program is also corrupt, leaving it impossible to install/reinstall anything.

I've done some research but didn't find any legit info on how to fix this problem. (stuck at another roadblock!)

Edited by SeniorChief, 03 June 2008 - 05:51 PM.

  • 0

#19
SeniorChief

SeniorChief

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Go to Start, Run and enter the following command by Copying and pasting into the run box:

rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %windir%\Inf\ie.inf



Sorry, But I only have the Microsoft Windows XP Professional Including Service Pack 1 CD
  • 0

#20
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Let me look into what our options are here and see what I can come up with. Have you got any important files that you need on this machine, or do you have them backed up somewhere?

Regards,
RatHat
  • 0

#21
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Edward,

Are you using your computer to post here or the infected one? Are you using yours and transferring files by a flash drive or CD?

Either way, I would like you to install Firefox, you can download it from here. Install it normally, then install IE Tab into Firefox. Restart Firefox to activate the Add On.
At the bottom right in Firefox, you will now see a small Firefox icon.
Click it and it will change the browser engine to Internet Explorer.

Change the browser engine to IE, then run the Kaspersky scan.

If that fails, run an F-Secure online scan:
  • Go to http://support.f-sec.../home/ols.shtml
  • Scroll to the bottom of the page and click the Start scanning button. A window will pop up.
  • Allow the Active X control to be installed on your computer, then click the Accept button
  • Click Full System Scan and allow the components to download and the scan to complete.
  • If malware is found, check Submit samples to F-Secure then select Automatic cleaning
  • When cleaning has finished, click Show report (this will open an Internet Explorer window containing the report)
  • Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) in a new reply to this post
If Automatic cleaning with Submit samples hangs, click Cancel, then New Scan
  • When the cleaning option is presented, Uncheck Submit samples to F-Secure
  • Click Automatic cleaning
  • When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
  • Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) in a new reply to this post
Notes:
  • This scan will only work with Internet Explorer
  • You must have administrator rights to run this scan
  • This scan can take a while, so please be patient

Regards,
RatHat
  • 0

#22
SeniorChief

SeniorChief

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Well, I've been using both, but mostly this one so that I make easily post log files onto a post.

I'm having a little difficulty installing IE Tab, so you may have to wait a little longer for any new information.

**I believe that the reason why I'm having so many problems installing things on this computer is because my Windows installer application is corrupt. So, I found an upgrade to the installer on the windows site, Version 3.1, do you know if this will fix the older corrupt version?

Edited by SeniorChief, 07 June 2008 - 10:40 AM.

  • 0

#23
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Could you give me the link to the upgrade?

Regards,
RatHat
  • 0

#24
SeniorChief

SeniorChief

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Sure, here it is:

Link: Windows Installer 3.1 Redistributable (v2)

Edited by SeniorChief, 08 June 2008 - 02:43 PM.

  • 0

#25
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
That should not be a problem. Install it and see if the machine runs better.


Please download the Kaspersky Virus Removal Tool to your Desktop
  • Note that the version to download is at the bottom of the list
  • Double click the downloaded installer to run the installation tool
  • After installation the Kaspersky Virus Removal Tool will start automatically
  • Before scanning, click Settings (it will change to underlined when you mouse over it)
  • Under Action, make sure the Do not prompt for action radio button is set on
  • Ensure Disinfect and Delete if disinfection fails are both ticked
  • Click Apply then OK
  • Under Automatic Scan, put a tick mark next to My Computer
  • Click the Scan button to begin scanning
This will take a while so be patient.

When done, reboot, and try to run either the Kaspersky online scan, or if that fails, the F-Secure scan.

Regards,
RatHat
  • 0

Advertisements


#26
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP