Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

virus attacks [RESOLVED]


  • This topic is locked This topic is locked

#16
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Lets do this then...


I noticed you already have Malwarebytes' in your computer.. Please run and update it..
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



Please also include a fresh DSS log in your next reply and tell me about your computer condition...



Regards
fenzodahl512
  • 0

Advertisements


#17
Kamal Pasha

Kamal Pasha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
will do as advised! Tnx again!
  • 0

#18
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Ok.. Will wait for you :)
  • 0

#19
Kamal Pasha

Kamal Pasha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Here's the MBAM log:


Malwarebytes' Anti-Malware 1.20
Database version: 963
Windows 5.1.2600 Service Pack 1

8:50:26 PM 7/19/2008
mbam-log-7-19-2008 (20-50-26).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Objects scanned: 206813
Time elapsed: 39 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
G:\GENERAL CD 1.4 OPEN\a-life_wi.exe (Adware.Agent) -> Quarantined and deleted successfully.
G:\Applications2\a-life_wi.exe (Adware.Agent) -> Quarantined and deleted successfully.
G:\Applications2\lingvosoft-flashcards-wind-engper.exe (Adware.Agent) -> Quarantined and deleted successfully.
  • 0

#20
Kamal Pasha

Kamal Pasha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
And here's the DSS log (main txt):

Deckard's System Scanner v20071014.68
Run by user on 2008-07-20 02:46:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------



-- Last 5 Restore Point(s) --
25: 2008-07-19 15:41:03 UTC - RP213 - Deckard's System Scanner Restore Point
24: 2008-07-18 19:44:49 UTC - RP212 - System Checkpoint
23: 2008-07-17 12:37:49 UTC - RP211 - System Checkpoint
22: 2008-07-15 20:48:14 UTC - RP210 - ComboFix created restore point
21: 2008-07-13 19:24:50 UTC - RP209 - Deckard's System Scanner Restore Point


-- First Restore Point --
1: 2008-06-10 15:19:10 UTC - RP189 - Software Distribution Service 3.0


Percentage of Memory in Use: 88% (more than 75%).
Total Physical Memory: 248 MiB (512 MiB recommended).


-- HijackThis (run as user.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:46:40 AM, on 7/20/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\pctspk.exe
C:\WINDOWS\System32\PV92Tray.exe
E:\opware32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
D:\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
E:\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\wuauclt.exe
E:\Mlifter\MLifter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\user\desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\USER\Application Data\Mozilla\Profiles\default\9kf33rt1.slt\prefs.js)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Encarta Web Companion Helper Object - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [Omnipage] E:\opware32.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ScanSoft Product Registration Reminder] "E:\EregEng\NAVBrowser.exe" /r /i "E:\EregEng\NavLoad.ini"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] E:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [L07AXLRD_19541843] "E:\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O12 - Plugin for .php: E:\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD7E53DA-93C0-4D8A-BB97-4202EFFE650B}: NameServer = 202.53.160.6 202.53.160.7
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

--
End of file - 9911 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 Ptserial (W2K Pctel Serial Device Driver) - c:\windows\system32\drivers\ptserial.sys <Not Verified; PCTEL, INC.; HSP Modem Serial Device>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
R3 Vmodem (W2K Vmodem) - c:\windows\system32\drivers\vmodem.sys <Not Verified; PCTEL, INC.; HSP Modem Modem Device>
R3 Vpctcom (W2K Vpctcom) - c:\windows\system32\drivers\vpctcom.sys <Not Verified; PCtel, Inc.; HSP Modem Virtual Control Device>
R3 Vvoice (W2K Vvoice) - c:\windows\system32\drivers\vvoice.sys <Not Verified; PCtel, Inc.; PCTEL HSP Modem Voice Device>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_24D3&SUBSYS_24D28086&REV_02\3&13C0B0C5&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_24D3&SUBSYS_24D28086&REV_02\3&13C0B0C5&0&FB
Service:


-- Process Modules -------------------------------------------------------------

C:\WINDOWS\system32\winlogon.exe (pid 492)
2007-04-19 12:41:36 294912 --a------ C:\Program Files\SUPERAntiSpyware\SASWINLO.dll <Not Verified; SUPERAntiSpyware.com; SUPERAntiSpyware WinLogon Processor>
2001-10-29 13:51:02 45056 --a------ C:\WINDOWS\system32\NavLogon.dll

C:\WINDOWS\system32\svchost.exe (pid 708)
2005-11-28 12:11:28 94208 --a------ C:\Program Files\Bonjour\mdnsNSP.dll <Not Verified; Apple Computer, Inc.; Bonjour>

C:\WINDOWS\system32\svchost.exe (pid 752)
2005-11-28 12:11:28 94208 --a------ C:\Program Files\Bonjour\mdnsNSP.dll <Not Verified; Apple Computer, Inc.; Bonjour>

C:\WINDOWS\explorer.exe (pid 1048)
2006-06-10 21:10:58 315392 --a------ C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\A\ESBRES.DLL <Not Verified; Microsoft Corporation; Microsoft Encarta>
2002-06-03 11:37:50 167936 --a------ E:\ophook32.dll <Not Verified; ScanSoft, Inc; OmniPage SE>
2004-05-21 12:49:52 6144 --a------ E:\Program Files\Yahoo!\Messenger\idle.dll <Not Verified; Yahoo! Inc.; Yahoo! Inc. idle>
2004-02-11 16:58:16 24613 --a------ C:\Documents and Settings\user\Local Settings\temp\IadHide5.dll <Not Verified; BackWeb; BackWeb IAdHide>
2008-07-01 04:08:32 77824 --a------ C:\Program Files\SUPERAntiSpyware\SASSEH.DLL <Not Verified; SuperAdBlocker.com; SuperAntiSpyware>
2007-02-27 11:39:26 61440 --a------ C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL <Not Verified; SUPERAntiSpyware.com; SUPERAntiSpyware Context Menu Extension>
2004-02-11 09:00:00 5120 --a------ C:\Program Files\WinZip\WZSHLSTB.DLL <Not Verified; WinZip Computing, Inc.; WinZip>
2008-07-20 01:22:36 65793 --a------ C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll <Not Verified; Avira GmbH; AntiVir Workstation>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [12/13/2003 06:50 AM]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [06/06/2004 09:45 AM]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [06/06/2004 09:41 AM]
"SoundMan"="SOUNDMAN.EXE" [04/24/2003 02:53 PM C:\WINDOWS\SOUNDMAN.EXE]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 11:50 AM]
"PCTVOICE"="pctspk.exe" [11/26/2003 07:08 PM C:\WINDOWS\system32\pctspk.exe]
"PV92TRAY"="PV92Tray.exe" [11/26/2003 07:09 PM C:\WINDOWS\system32\PV92Tray.exe]
"Omnipage"="E:\opware32.exe" [06/03/2002 11:38 AM]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [01/14/2004 07:10 AM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [10/31/2003 07:42 PM]
"QuickTime Task"="D:\qttask.exe" [02/06/2008 08:06 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [02/06/2008 10:12 PM]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [07/20/2008 01:22 AM]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [08/29/2005 07:09 PM]
"ScanSoft Product Registration Reminder"="E:\EregEng\NAVBrowser.exe" [09/12/2001 02:42 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [08/29/2002 01:41 PM]
"Yahoo! Pager"="E:\Program Files\Yahoo!\Messenger\ypager.exe" [05/21/2004 12:49 PM]
"L07AXLRD_19541843"="E:\Microsoft Student with Encarta Premium 2007 DVD\EDICT.exe" [06/10/2006 09:10 PM]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [08/21/2006 12:24 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [07/01/2008 04:08 AM]

C:\Documents and Settings\user\Start Menu\Programs\Startup\
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [8/29/2003 7:05:35 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [1/10/2008 12:36:32 AM]
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [1/10/2008 2:12:32 AM]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [1/14/2008 3:28:04 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 6:01:04 AM]
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [6/2/2006 4:29:26 AM]
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2/13/2004 2:12:08 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [07/01/2008 04:08 AM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 12:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,




-- End of Deckard's System Scanner: finished at 2008-07-20 02:50:05 ------------




AND EXTRA TEXT:


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 1.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 2.40GHz
Percentage of Memory in Use: 77%
Physical Memory (total/avail): 247.48 MiB / 54.75 MiB
Pagefile Memory (total/avail): 625.12 MiB / 144.73 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1923.14 MiB

C: is Fixed (FAT32) - 10.68 GiB total, 2.55 GiB free.
D: is Fixed (FAT32) - 13.12 GiB total, 4.93 GiB free.
E: is Fixed (FAT32) - 13.12 GiB total, 6.34 GiB free.
F: is Fixed (FAT32) - 13.12 GiB total, 5.72 GiB free.
G: is Fixed (FAT32) - 13.12 GiB total, 3.83 GiB free.
H: is Fixed (FAT32) - 13.11 GiB total, 7.74 GiB free.
I: is CDROM (No Media)
J: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 6Y080L0 - 76.33 GiB - 6 partitions
\PARTITION0 (bootable) - Unknown - 10.69 GiB - C:
\PARTITION1 - Unknown - 13.13 GiB - D:
\PARTITION2 - Unknown - 13.13 GiB - E:
\PARTITION3 - Unknown - 13.13 GiB - F:
\PARTITION4 - Unknown - 13.13 GiB - G:
\PARTITION5 - Unknown - 13.12 GiB - H:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\user\Application Data
CLASSPATH=D:\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=USER-DZUG3RQIG8
ComSpec=C:\WINDOWS\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\user
LOGONSERVER=\\USER-DZUG3RQIG8
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;D:\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=D:\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\user\LOCALS~1\Temp
TMP=C:\DOCUME~1\user\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=USER-DZUG3RQIG8
USERNAME=user
USERPROFILE=C:\Documents and Settings\user
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

user (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\PROGRA~1\Yahoo!\Common\unyt.exe
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee 6.0 PowerPack --> MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
Adobe Flash Player ActiveX --> C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 6.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
Adobe Shockwave Player --> C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log
ArcSoft PhotoBase 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}\setup.exe" -l0x9 -uninst
ArcSoft PhotoImpression 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{326D4A09-71E0-401B-9C69-94DBF32088D4}\setup.exe" -l0x9
ArcSoft PhotoStudio 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}\setup.exe" -l0x9 -uninst
Argus Digital Camera --> MsiExec.exe /X{44E75850-B838-43D2-8F37-84D3FB71FF6E}
Avira AntiVir Personal - Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Banglapedia --> C:\WINDOWS\iun506.exe C:\WINDOWS\bpirunin.ini
Bonjour --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E0A96F36-D546-4A2A-BDAA-2A2A578B2C0D} /l1033
CA Yahoo! Anti-Spy (remove only) --> "E:\CA Yahoo! Anti-Spy\uninstall.exe"
Canon CanoScan Toolbox 4.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BCE46757-7674-4416-BEDB-68205A60409E}\setup.exe" -l0x9
Canon PhotoRecord --> MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP1000 --> C:\WINDOWS\System32\CNMCP6e.exe "-PRINTERNAMECanon PIXMA iP1000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1000 Installer\Inst2\cnmi0409.dll"
Canon Utilities Easy-PhotoPrint --> C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe C:\Program Files\Canon\Easy-PhotoPrint\uninst.ini
Canon Utilities Easy-PrintToolBox --> C:\WINDOWS\BJPSUNST.EXE
CanoScan LiDE20,30 Manual --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B360A8E5-C171-4AAE-9777-65B3CDB0072C}\setup.exe" -l0x9
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Easy-WebPrint --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
Encyclopaedia Britannica 2007 Ultimate Reference Suite --> "D:\Ultimate Reference Suite DVD\UninstallerData\Uninstall Encyclopaedia Britannica 2007 Ultimate Reference Suite.exe"
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
essvcpt --> MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF}
Free Download Manager 2.1 --> "C:\Program Files\Free Download Manager\unins000.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hero DVD Player --> C:\HEROSOFT\Hero DVD Player\UNINST32.EXE
HijackThis 2.0.2 --> "C:\Documents and Settings\user\Local Settings\Temp\Temporary Directory 1 for HiJackThis.zip\HijackThis.exe" /uninstall
HLPPDOCK --> MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
HSP56 Modem Drivers --> ptuninst.exe
Intel® Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
kgcbaby --> MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday --> MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn --> MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt --> MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids --> MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove --> MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday --> MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140010_a6abf\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Learning Essentials for Microsoft Office --> MsiExec.exe /X{B348E585-E872-41DF-8234-E2D49917CFBB}
LiveUpdate 1.6 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Macromedia Flash MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F353D44-73BB-4971-B31D-F7642E9E9531}\Setup.exe" -l0x9 UNINSTALL
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MemoryLifter --> MsiExec.exe /X{58492510-7A30-42D1-B99D-DD710A4E585A}
Microsoft Math --> MsiExec.exe /I{07043840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Student 2007 for Learning Essentials --> RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files\Learning Essentials\1.0\en\US\Microsoft Student 2007\Uninstall\Uninstall.inf,Uninstall,,,N
Microsoft Student with Encarta Premium 2007 --> MsiExec.exe /I{07041881-E9B4-4DF6-A845-CAAFD093E477}
Mirapla Sky --> C:\Program Files\MiraplaSky\Uninstal.exe
Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser --> MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Netscape Browser (remove only) --> "E:\Netscape Browser\NSUninst.exe"
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OmniPage SE --> MsiExec.exe /I{6249C22D-E6A8-407B-BA8B-40298848ED94}
OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
SpywareBlaster 4.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2 --> "C:\Program Files\SpywareGuard\unins000.exe"
staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
USB MP3 Player WIN98 Drivers --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MP3\U-MP3\Uninst.isu"
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Yahoo! Messenger --> E:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE E:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type4297 / Error
Event Submitted/Written: 07/19/2008 06:40:57 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application WINWORD.EXE, version 11.0.5604.0, hang module WINWORD.EXE, version 11.0.5604.0, hang address 0x000085ab.

Event Record #/Type4292 / Error
Event Submitted/Written: 07/19/2008 00:38:38 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application WINWORD.EXE, version 11.0.5604.0, hang module WINWORD.EXE, version 11.0.5604.0, hang address 0x001be2f5.

Event Record #/Type4291 / Error
Event Submitted/Written: 07/19/2008 00:35:48 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application WINWORD.EXE, version 11.0.5604.0, hang module WINWORD.EXE, version 11.0.5604.0, hang address 0x000085ab.

Event Record #/Type4286 / Error
Event Submitted/Written: 07/18/2008 10:40:07 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application WINWORD.EXE, version 11.0.5604.0, hang module WINWORD.EXE, version 11.0.5604.0, hang address 0x00032b7c.

Event Record #/Type4285 / Error
Event Submitted/Written: 07/18/2008 10:08:42 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application WINWORD.EXE, version 11.0.5604.0, hang module WINWORD.EXE, version 11.0.5604.0, hang address 0x001a9ddf.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type10832 / Error
Event Submitted/Written: 07/19/2008 11:52:59 PM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The Bonjour Service service hung on starting.

Event Record #/Type10817 / Error
Event Submitted/Written: 07/19/2008 09:17:17 PM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The Bonjour Service service hung on starting.

Event Record #/Type10802 / Error
Event Submitted/Written: 07/19/2008 09:03:16 PM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The Bonjour Service service hung on starting.

Event Record #/Type10786 / Error
Event Submitted/Written: 07/19/2008 08:02:11 PM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The Bonjour Service service hung on starting.

Event Record #/Type10762 / Error
Event Submitted/Written: 07/19/2008 06:51:48 AM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The Bonjour Service service hung on starting.



-- End of Deckard's System Scanner: finished at 2008-07-20 02:50:05 ------------
  • 0

#21
Kamal Pasha

Kamal Pasha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
I hope there has been progress - and thank you so much for your time and trouble.


Kamal
  • 0

#22
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Your log looks good to my eyes.. Tell me about your computer behaviour..

Also, do this..

Please download DAFT and save it to your desktop:
  • Double-click the daft.exe icon.
  • Click on the Scan button.
  • Select everything it is displaying there
  • Click the Fix button.
  • Then rescan with DAFT again - it should say now that "All associations are OK"
  • Close DAFT if you receive that message. This means that it is fixed now.

Edited by fenzodahl512, 19 July 2008 - 03:49 PM.

  • 0

#23
Kamal Pasha

Kamal Pasha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
"All associations are OK" - says DAFT.

My computer bevaes OK.

AVIRA now and then finds Trojans, and SUPERAntispyware sometimes finds stuff - but that's all.

I guess it's ok now.

Tnx for everything - you've helped me a great deal!! I can't thank you enough.

Regards,

Kamal
  • 0

#24
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
That's look great..


Time for some housekeeping
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK
    Please note that the space between x and / is needed

    Posted Image




NEXT


Please Install/Update Sun Java

Updating Java:
  • Go to Start --> Control Panel --> Add or Remove Programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
  • It should have next icon next to it: Posted Image
  • Select it and click Remove. This will uninstall the previous (outdated) version of Java.
  • Then Download and install the newest version from here: Java Runtime Environment (JRE) 6 Update 7




NEXT


I noticed that you already have..

1. Avira Antivir as antivirus
2. Malwarebytes' as antispyware
3. ZoneAlarm as firewall



Lastly, to keep your operating system up to date please visit the link below monthly

To learn more about how to protect yourself while on the internet read this excellent article by Tony Klein: So how did I get infected in the first place?

Please also read an excellent article by miekiemoes :Help! My computer is slow!

And another excellent article by CastleCops Malware Prevention: Prevent Re-infection

Please reply to this thread once more and tell us about the computer behaviour before we can close this thread :)



Have a safe and happy computing day!


Regards
fenzodahl512
  • 0

#25
Kamal Pasha

Kamal Pasha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
My computer's behaving just fine. I have done as you advised, and installed JRE6u7. By the way, I did not have the previous JRE on my system. I shall read the recommended articles.

Thank you for your generous and detailed assistance. My warmest thanks for your support!

Best wishes,

Kamal
  • 0

Advertisements


#26
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP