Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My internet Explorer won't load... [RESOLVED]


  • This topic is locked This topic is locked

#16
Roman Pope

Roman Pope

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
The sound problem didn't reveal itself, yet. I'll give it some time. I should have a pretty good indication by tonight.

Explorer killed successfully
File/Folder C:\Program Files\BitDefender not found.
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\Lang moved successfully.
C:\Program Files\Common Files\BitDefender\BitDefender Update Service moved successfully.
C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_4870\Plugins moved successfully.
C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_4870 moved successfully.
C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_4865\Plugins moved successfully.
C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_4865 moved successfully.
C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner moved successfully.
Folder move failed. C:\Program Files\Common Files\BitDefender\BitDefender Firewall scheduled to be moved on reboot.
C:\Program Files\Common Files\BitDefender\BitDefender Communicator moved successfully.
Folder move failed. C:\Program Files\Common Files\BitDefender scheduled to be moved on reboot.
< EmptyTemp >
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_160.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
< purity >
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07072008_073017

Files moved on Reboot...
C:\Program Files\Common Files\BitDefender\BitDefender Firewall moved successfully.
C:\Program Files\Common Files\BitDefender moved successfully.
File move failed. C:\WINDOWS\temp\Perflib_Perfdata_160.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Deckard's System Scanner v20071014.68
Run by Administrator on 2008-07-07 07:34:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:34, on 2008-07-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\ADMINI~1.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vif.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O4 - HKCU\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .bmp: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1190595128265
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valu...018/flashax.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://fortuneloung...ic/FlashAX2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{39E127CF-79A1-4567-A963-D2AACDBEACCC}: NameServer = 192.168.0.1
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 6183 bytes

-- Files created between 2008-06-07 and 2008-07-07 -----------------------------

2008-07-05 16:41:13 0 d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-07-05 16:41:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-05 16:41:10 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-29 20:32:25 0 d-------- C:\Program Files\Trend Micro
2008-06-23 16:52:17 139264 --a------ C:\WINDOWS\system32\eax.dll <Not Verified; Creative Technology Ltd; EAX Unified>
2008-06-23 16:52:17 0 d-------- C:\Program Files\Creative
2008-06-23 16:44:02 233472 -ra------ C:\WINDOWS\system32\MafiaSetup.exe <Not Verified; ; MafiaInstallShield Application>
2008-06-21 12:28:01 0 d-------- C:\Program Files\gBurner
2008-06-18 08:17:27 0 d-------- C:\Program Files\Compaq
2008-06-18 08:17:25 0 d-------- C:\CPQSYSTEM
2008-06-15 16:52:44 0 d-------- C:\Program Files\BitComet
2008-06-14 09:29:29 0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-09 23:32:25 0 d-------- C:\Program Files\SopCast


-- Find3M Report ---------------------------------------------------------------

2008-07-07 07:33:02 0 d-------- C:\Program Files\Common Files
2008-07-03 20:45:30 0 d-------- C:\Documents and Settings\Administrator\Application Data\Azureus
2008-07-03 20:08:27 0 d-------- C:\Program Files\Paradox Interactive
2008-07-02 22:01:27 0 d-------- C:\Program Files\Azureus
2008-06-23 22:07:57 0 d-------- C:\Program Files\Windows Live
2008-06-23 19:14:10 0 d-------- C:\Program Files\ArtMoney
2008-06-16 20:59:31 0 d-------- C:\Program Files\Command And Conquer 3 Tiberium Wars
2008-06-07 15:03:09 0 d-------- C:\Program Files\Paradox Entertainment
2008-06-07 15:03:09 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-27 21:20:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\temp
2008-05-25 23:44:23 0 d-------- C:\Program Files\Game Speed Changer
2008-05-22 17:18:09 0 d-------- C:\Program Files\Cpukiller
2008-05-10 11:20:40 0 d-------- C:\Program Files\1C
2008-05-10 10:53:01 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-05-09 08:06:34 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 08:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 08:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 08:00]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2006-11-17 16:49]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-15 19:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 21:42 C:\WINDOWS\SOUNDMAN.EXE]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41]
"nwiz"="nwiz.exe" [2007-12-05 02:41 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" []
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" []
"RAM Idle Professional"="C:\Program Files\RAM Idle LE\RAM_XP.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00]
"ASUS SmartDoctor"="C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe" [2005-08-08 17:56]
"AGEIA PhysX SysTray"="C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe" [2007-07-23 10:05]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 05:39]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]
C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"srservice"=2 (0x2)
"SharedAccess"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx scan


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{660c0941-1472-11dd-a28c-044b80808003}]
AutoRun\command- K:\setupSNK.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ECABE060-DAD2-D904-EED9-EF6419549337}]
C:\WINDOWS\system32\svchost.exe



-- End of Deckard's System Scanner: finished at 2008-07-07 07:34:42 ------------
  • 0

Advertisements


#17
Roman Pope

Roman Pope

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
I guess I don't have to wait...
Generic Host Process for Win32 Services has encountred a problem and needs to close.

Something to do with:

EventType : BEX P1 : svchost.exe P2 : 5.1.2600.2180 P3 : 41107ed6
P4 : netapi32.dll P5 : 5.1.2600.2180 P6 : 411096ac P7 : 0000a3c0
P8 : c0000409 P9 : 00000000

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WER22fe.dir00\svchost.exe.mdmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WER22fe.dir00\appcompat.txt
  • 0

#18
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Please copy everything inside the quote box below and paste it into notepad. Go up to "File > Save As", click the drop-down box to change the "Save As Type" to "All Files". Save it as remtask.bat on your desktop.

REGEDIT /E "%USERPROFILE%\Desktop\test3.txt" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters

Double-click remtask.bat A window will open and close quickly, this is normal. A new textfile test3.txt will be created on your Desktop. Please post its content on your next reply..

If you do not sure how to make a batch file, please visit HERE for the tutorial.


Regards
fenzodahl512
  • 0

#19
Roman Pope

Roman Pope

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"NbProvider"="_tcp"
"NameServerPort"=dword:00000089
"CacheTimeout"=dword:000927c0
"BcastNameQueryCount"=dword:00000003
"BcastQueryTimeout"=dword:000002ee
"NameSrvQueryCount"=dword:00000003
"NameSrvQueryTimeout"=dword:000005dc
"Size/Small/Medium/Large"=dword:00000001
"SessionKeepAlive"=dword:0036ee80
"TransportBindName"="\\Device\\"
"EnableLMHOSTS"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{22439976-B3C8-4790-9770-447BA6606B5B}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{39E127CF-79A1-4567-A963-D2AACDBEACCC}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{47B2FA12-E875-44F1-8A4E-A7434F358E20}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{5C101BAB-F57D-4B21-B4DF-B2B7B412EF8D}]
"NameServerList"=hex(7):00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{D2FFD851-BFB0-4EA4-80D0-53957763E200}]
"NameServerList"=hex(7):00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{FEB41F21-480E-481C-870B-CDE2E44C479C}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
  • 0

#20
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello, Please download Symantec W32.Blaster.Worm Removal Tool and save it to your Desktop
[list][*]Double-click the FixBlast.exe file to start the removal tool.
[*]Click Start to begin the process, and then allow the tool to run.
[*]After the process is finished, a log FixBlast.txt will be created on your Desktop. Please post its content on your next reply..




NEXT


Please go HERE and download Security Update for Windows XP (KB921883). Install it to your computer..


Tell me about it in your next reply.. Do you still get the errors?


Regards
fenzodahl512
  • 0

#21
Roman Pope

Roman Pope

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
The file "11-{6FCC3F1C-B251-7EF8-B2AA-F18DB1ED9248}-v1-{BBEBF810-4534-4062-B358-30F2A397D19E}-v11-Downloaded.frx" in the folder "C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\[email protected]\DFSR\Staging\CS{6FCC3F1C-B251-7EF8-B2AA-F18DB1ED9248}\01" was not scanned.

The file "12-{2E86F1E1-9275-ACFC-C437-D96EA496E112}-v1-{BBEBF810-4534-4062-B358-30F2A397D19E}-v12-Downloaded.frx" in the folder "C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\[email protected]\DFSR\Staging\CS{2E86F1E1-9275-ACFC-C437-D96EA496E112}\01" was not scanned.

The file "10-{00BF56EC-990E-AF8E-7B56-DCD30E850214}-v1-{BBEBF810-4534-4062-B358-30F2A397D19E}-v10-Downloaded.frx" in the folder "C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\[email protected]\DFSR\Staging\CS{00BF56EC-990E-AF8E-7B56-DCD30E850214}\01" was not scanned.

The file "C:\Documents and Settings\Administrator\My Documents\Azureus Downloads\Fedde Le Grand Live Mix 2007-08-12 + Aftershock Promotions Downloader Vol. 5 [2007]\Aftershock Promotions Downloader Vol. 5 [2007]\06 - Shakira - Hips Don't Lie (Stoned Hipshaker Remix).mp3" could not be scanned.

The file "10 - Stargroove and Trox - No Reasons (Distorded Remix).mp3" in the folder "C:\Documents and Settings\Administrator\My Documents\Azureus Downloads\Fedde Le Grand Live Mix 2007-08-12 + Aftershock Promotions Downloader Vol. 5 [2007]\Aftershock Promotions Downloader Vol. 5 [2007]" was not scanned.

W32.Blaster.Worm has not been found on your computer.
  • 0

#22
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Tell me about that error after you install the Microsoft Security Update.. Do you still have the same error?
  • 0

#23
Roman Pope

Roman Pope

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
I have to wait now because the error pops when it wants - not when I do something specific.
But overall, is my system clean?
  • 0

#24
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts

I have to wait now because the error pops when it wants - not when I do something specific.
But overall, is my system clean?



Your latest log looks clean to my eyes...


Now for some cleanup..
  • Make sure you have an Internet Connection.
  • Double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OtMoveit2 to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.




NEXT


Please Install/Update Sun Java

Updating Java:
  • Go to Start --> Control Panel --> Add or Remove Programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
  • It should have next icon next to it: Posted Image
  • Select it and click Remove. This will uninstall the previous (outdated) version of Java.
  • Then Download and install the newest version from here: Java Runtime Environment (JRE) 6 Update 6




NEXT


Let's clean your Restore Points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous Restore Points which are likely to be infected)
To create a new Restore Point.
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • Check Turn off System Restore.
  • Click Apply, and then click OK. This will flush your old System Restore.
  • Then please UNCHECK the Turn off System Restore.
  • Click again on Apply, and then click OK. This will create a new Restore Point
System Restore will now be active again

If you are using Windows Vista, please go HERE for tutorial on how to use, disable and enable System Restore




NEXT


I noticed you already have..

1. Avast! Antivirus as your antivirus
2. Malwarebytes' as your antispyware..




I also haven't seen any third-party firewall in your logs.. Do you have any? If you don't, please install ONLY ONE of these free and excellent firewall below:
After you install the third party firewall, please disable your Windows firewall. Please go to My Computer >> Control Panel >> Windows Firewall and choose Off (not recommended) option. Then please click Apply and Ok.



Lastly, to keep your operating system up to date please visit the link below monthly

To learn more about how to protect yourself while on the internet read this excellent article by Tony Klein: So how did I get infected in the first place?

Please also read an excellent article by miekiemoes :Help! My computer is slow!

And another excellent article by CastleCops Malware Prevention: Prevent Re-infection

Please reply to this thread once more and tell us about the computer behaviour before we can close this thread :)



Have a safe and happy computing day!


Regards
fenzodahl512
  • 0

#25
Roman Pope

Roman Pope

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
Sorry, wild night out... do it tonight.
  • 0

Advertisements


#26
Roman Pope

Roman Pope

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
Seems like all the problems are solved... thank you very much!
  • 0

#27
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP