Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

please help...virus on my computer...!


  • This topic is locked This topic is locked

#16
mgeet

mgeet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hi

finally I have been able to get access to the internet with firefox and have done as per your last reply. below mentione dis the MBAm.log and KasReport.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4304

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/11/2010 1:25:53 PM
mbam-log-2010-07-11 (13-25-53).txt

Scan type: Quick scan
Objects scanned: 140881
Time elapsed: 5 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
========

Kaspersky Online :

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Sunday, July 11, 2010
Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Sunday, July 11, 2010 14:29:59
Records in database: 4233946
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan statistics:
Objects scanned: 97050
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 00:40:03

No threats found. Scanned area is clean.

Selected area has been scanned.
===

hope this helps..
Geet
  • 0

Advertisements


#17
mpascal

mpascal

    Math Nerd

  • Retired Staff
  • 3,644 posts
Neither scanner picked up anything, are you still having problems?
  • 0

#18
mgeet

mgeet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
hi

what happens is when I start my computer, it starts giving me errors as follows:

1. PureNetwrks Platform service has encountered a problem and needs to close.
2. Kaspersky Virus Removal tool has encountered a problem and needs close.
3. Pure network platform assistant has encountered a problem and needs to close.
4. Microsoft feed synchronization has encountered a problem and needs to close.
5. Linksys Wireless Network Monitor :
Access violation at address 77AFB041 in module "CRYPT32.dll'. Read of address FFFFFFFF.
And also it says "Your computer might be at risk:

Kaspersky internet Security is turned off. and this comes twice.

I have tried to delete it but it says " This action is only valid for products that are currently installed".

I deleted Ie8 but when I tried to reinstal it it says " Windows Internet explorer 8 setup utility has encountered a problem and needs to close".

hope this can help you find the problem

best regards
Geet
  • 0

#19
mgeet

mgeet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I can still access internet explorer...I am guessing ie8 got deleted but the earlier version is there. I do not know how to delete that as it does not show me anything in "add or delete programs".

please advise..

Also in my earlier mail, I meant Kaspersky cannot be deleted as the system says it is not there..( just wanted to clarify )
  • 0

#20
mpascal

mpascal

    Math Nerd

  • Retired Staff
  • 3,644 posts
You can remove Kaspersky using the tool in the link below.

http://support.kaspe.../?qid=208279463
  • 0

#21
mgeet

mgeet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I was able to delete kaspersky Internet security but now I cannot load any antivirus or internet security. I already have system mechanics as a firewall but no antivirus. Everytime, I try to load it it goes non responsive.

please help...I hope you read my response with the details of what happens when the system starts...'coz if no malware then why am I not able to load anything...I always have to load an application on a USB form other computer and load it into the infected one, then it works. But, I do the same for ie or kaspersky internet security, it immiediately goes non responsive


thks for your patience
geet
  • 0

#22
mpascal

mpascal

    Math Nerd

  • Retired Staff
  • 3,644 posts
Don't worry about downloading anti virus software right now unless I tell you to.

Download avz4.zip from here
  • Unzip it to your desktop to a folder named avz4
  • Double click on AVZ.exe to run it.
  • Run an update by clicking the Auto Update button on the Right of the Log window: Posted Image
  • Click Start to begin the update
Note: If you recieve an error message, chose a different source, then click Start again
  • Start AVZ.
  • Choose from the menu "File" => "Standard scripts " and mark the "Advanced System Analysis with malware removal mode enabled" check box.
    Posted Image
  • Click on the Execute selected scripts.
  • Automatic scanning, healing and system check will be executed.
  • A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.
  • It is necessary to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan.
  • All applications will work properly after the system restart.
When restarted
  • Start AVZ.
  • Choose from the menu "File" => "Standard Scripts" and mark the Advanced System Analysis check box.
    Posted Image
  • Click on the "Execute selected scripts".
  • A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.
Attach both virusinfo_syscure.zip and virusinfo_syscheck.zip to your next post

To attach a file, do the following:
  • Click Add Reply
  • Under the reply panel is the Attachments Panel
  • Browse for the attachment file you want to upload, then click the green Upload button
  • Once it has uploaded, click the Manage Current Attachments drop down box
  • Click on Posted Image to insert the attachment into your post

  • 0

#23
mgeet

mgeet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Attached File  virusinfo_syscheck.zip   31.63KB   44 downloads
Attached File  virusinfo_syscure.zip   32.51KB   34 downloads


here our the 2 zip files as requested.

Thks ...geet
  • 0

#24
mpascal

mpascal

    Math Nerd

  • Retired Staff
  • 3,644 posts
Hi there,

Double click on AVZ.exe
  • Click File -> Custom Scripts
  • Copy & paste the contents of the following codebox in the box in the program (start with begin and end with end)
    begin
    SetAVZPMStatus(True);
    SetAVZGuardStatus(True);
    SearchRootkit(true, true);
     DelBHO('{5067A26B-1337-4436-8AFE-EE169C2DA79F}');
     DelBHO('{2670000A-7350-4f3c-8081-5663EE0C6C49}');
     DelBHO('{5C255C8A-E604-49b4-9D64-90988571CECB}');
     DelBHO('{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}');
     TerminateProcessByName('f:\documents and settings\priesha\application data\systemproc\lsass.exe');
     DeleteFile('f:\documents and settings\priesha\application data\systemproc\lsass.exe');
     BC_DeleteFile('f:\documents and settings\priesha\application data\systemproc\lsass.exe');
    ExecuteSysClean;
    BC_Activate;
    RebootWindows(true);
    end.
  • Note: When you run the script, your PC will be restarted
  • Click Run
  • Restart your PC if it doesn't do it automatically.

  • 0

#25
mgeet

mgeet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
done that...!!!

when it rebooted, I still got the following errors:

1. Pure network platform service has encounterd a problem.
2. Pure Network Platforn assitant has encountered a problem.
3. Generic host process for win32 services has encountered a problem.
4. Access violation at address 77AFB041 in module 'CRYPT32.dd'. Read of address FFFFFFFF.
5. Winlogon.exe has encountered a problem.

IE still crashes at times...

awaiting for next move..
thanks
geet
  • 0

Advertisements


#26
mpascal

mpascal

    Math Nerd

  • Retired Staff
  • 3,644 posts
If you have a program named "Network Magic" in your Add / Remove programs, uninstall it. Reboot your computer and let me know what errors you get.
  • 0

#27
mgeet

mgeet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I do not have program named "network magic"...I doubled checked it.
  • 0

#28
mpascal

mpascal

    Math Nerd

  • Retired Staff
  • 3,644 posts
How about Pure Networks Network Magic?
  • 0

#29
mgeet

mgeet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
nothing by that name either...I have linksys advisor and driver for my linksys WMP300n wireless card
  • 0

#30
mpascal

mpascal

    Math Nerd

  • Retired Staff
  • 3,644 posts
Hi there,

Open OTL. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Change the Standard Registry and Extra Registry options to Use Safelist.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP