Windows Antivirus pro and other error messages

View previous topic View next topic Go down

Solved Windows Antivirus pro and other error messages

Post by makebelieve on 31st August 2009, 9:32 pm

I am constantly getting windows anvirus pro popping up on the screen which i am unable to permentaly get rid of. When i try to install or run antivirus software, hijackthis or any application i get an error message saying "This application has failed to start because the appliction configuration is incorrect.Reinstalling the application may fix this problem."
Please can you help me fix this problem.

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 1st September 2009, 5:42 pm

Please download SystemLook from one of the links below and save it to your Desktop.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code:

    :filefind
    scecli.dll
    netlogon.dll
    eventlog.dll

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 2nd September 2009, 6:37 pm

I have downloaded systemlook but the laptop will not run any programme with an exe file extension it seems, so I am unable to run it.

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 2nd September 2009, 7:37 pm


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt just yet.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 2nd September 2009, 8:06 pm

When i try to run dds.scr i get the error message
"CMD This application failed to start because the application configuration is incorrect. Reinstalling the application may fix the problem".

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 2nd September 2009, 10:00 pm

Hello.
Download this:
[You must be registered and logged in to see this link.]

Then run it, see if you can run DDS after that.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 2nd September 2009, 10:03 pm

It wont let me run vcredist_x86.exe because of the file extension

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 2nd September 2009, 10:13 pm

Download the GMER rootkit scan from here: [You must be registered and logged in to see this link.]

  1. Unzip it and start GMER.
  2. Click the >>> tab and then click the Scan button.
  3. Once done, click the Copy button.
  4. This will copy the results to your clipboard.
  5. Paste the results in your next reply.
Note:
If you're having problems with running GMER.exe, try it in safe mode. This tools works in safe mode.
You can also try renaming it since some malware blocks GMER.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 2nd September 2009, 10:21 pm

It will not run GMER either i am getting the same error message because it has an exe file extension.
Tried in safe mode but it's saying bgwp6rek.exe is not a valid Win32 application.

After reading other peoples posts i have noticed i have something called desot in my win32 folder.
Does this help?

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 2nd September 2009, 11:51 pm

Yep, helps alot.

Please delete this file in red:
C:\Windows\system32\desot.exe

Next, download [You must be registered and logged in to see this link.] file.

Download it to your Desktop.
Double click it to run it; select yes to the registry merge prompt.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 3rd September 2009, 6:15 pm

I deleted the desot file and ran the ExeErrorFix ok but when i tried to run mbam-setup.exe i get the same error message about the application configuration is incorrect.
And everytime i delete the desot file, come out of the system32 folder and go back in the desot file has reappeared.

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 3rd September 2009, 7:11 pm

Just to update you whilst looking around the net i found the following instructions to fix the error that stops applications from running.

Use the following instructions to remove Windows Antivirus Pro (Uninstall instructions)
1. Remove Windows Antivirus Pro main components.
Please download OTM by OldTimer from here. Once Save Dialog opens, please rename a file from OTM.exe to OTM.com and click Save button to save it to desktop.

Run OTM. Copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:processes
svchast.exe
Windows Antivirus Pro.exe

:services
AntipPro2009_12

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F54AF7DE-6038-4026-8433-CC30E3F17212}]

:files
%windir%\system32\desot.exe
%windir%\system32\dddesot.dll
%windir%\svchast.exe

Click the red Moveit! button. When the tool is finished, it will produce a report for you. If you are asked to reboot the machine choose Yes.

2. Repair running .exe files.
Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.

Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.


I can now run applications. Can you help me from here to make sure all is ok? Antivirus pro has stopped popping up as well.

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 3rd September 2009, 10:35 pm

Hello.
Please run MBAM, I doubt your clean.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 4th September 2009, 8:38 am

Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 5.1.2600 Service Pack 1

04/09/2009 09:34:34
mbam-log-2009-09-04 (09-34-34).txt

Scan type: Quick Scan
Objects scanned: 115097
Time elapsed: 11 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 41

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Win AntiVirus Pro (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Windows antiVirus pro (Rogue.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Windows AntiVirus Pro (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Matt Sheldrake\Start Menu\Programs\Windows AntiVirus Pro (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Windows AntiVirus Pro\msvcm80.dll (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\msvcp80.dll (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\msvcr80.dll (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\Windows Antivirus Pro.exe (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\dbsinit.exe (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\wispex.html (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\i1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\i2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\i3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\j1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\j2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\j3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\jj1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\jj2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\jj3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\l1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\l2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\l3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\pix.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\t1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\t2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\up1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\up2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w11.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w3.jpg (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\wt1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\wt2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\wt3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Matt Sheldrake\Start Menu\Programs\Windows AntiVirus Pro\Windows Antivirus Pro.lnk (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\bennuar.old (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\sonhelp.htm (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\sysnet.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\ppp3.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\ppp4.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Matt Sheldrake\Desktop\Windows Antivirus Pro.lnk (Rogue.WindowsAntiVirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\onhelp.htm (Rogue.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\wispex.html (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\bincd32.dat (Malware.Trace) -> Quarantined and deleted successfully.

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 4th September 2009, 3:18 pm

Lets keep going!


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt just yet.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 4th September 2009, 3:22 pm

DDS (Ver_09-07-30.01) - NTFSx86
Run by Claire Sheldrake at 16:21:27.96 on 04/09/2009
Internet Explorer: 6.0.2800.1106
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.511.316 [GMT 1]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
SVCHOST.EXE
SVCHOST.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AOL 7.0\aoltray.exe
C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Program Files\Samsung\Digimax Viewer 1.0\DigimaxViewer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Claire Sheldrake\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uDefault_Page_URL = [You must be registered and logged in to see this link.]
uWindow Title = Tiscali 10.0
mDefault_Page_URL = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mWindow Title = Tiscali 10.0
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.5\NppBho.dll
TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.5\UIBHO.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\System32\browseui.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [ATIModeChange] Ati2mdxx.exe
mRun: [PCTVOICE] pctspk.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [DadApp] c:\program files\dell\accessdirect\dadapp.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [DVDSentry] c:\windows\system32\DSentry.exe
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [AdaptecDirectCD] "c:\program files\roxio\easy cd creator 5\directcd\DirectCD.exe"
mRun: [Lexmark X74-X75] "c:\program files\lexmark x74-x75\lxbbbmgr.exe"
mRun: [iTunesHelper] c:\program files\itunes\iTunesHelper.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol70t~1.lnk - c:\program files\aol 7.0\aoltray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\belkin~1.lnk - c:\program files\belkin\usb f5d7050\wireless utility\Belkinwcui.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digima~1.lnk - c:\program files\samsung\digimax viewer 1.0\DigimaxViewer.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\MSMSGS.EXE
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: DirectAnimation Java Classes - [You must be registered and logged in to see this link.]
DPF: Microsoft XML Parser for Java - [You must be registered and logged in to see this link.]
DPF: {33564D57-9980-0010-8000-00AA00389B71} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]

============= SERVICES / DRIVERS ===============

R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2007-1-10 108648]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2007-1-10 108648]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-2-23 109616]
R3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2008-3-26 1251720]
S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20080720.003\NAVENG.SYS [2008-7-21 89936]
S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20080720.003\NAVEX15.SYS [2008-7-21 856336]

=============== Created Last 30 ================

2009-09-03 20:16 --d----- c:\docume~1\claire~1\applic~1\Malwarebytes
2009-09-03 20:16 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-03 20:16 18,456 a------- c:\windows\system32\drivers\mbam.sys
2009-09-03 20:16 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-09-03 20:16 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-09-03 19:53 --d----- C:\_OTM
2009-08-31 21:57 a-d----- c:\windows\system32\images
2009-08-31 21:05 --d----- c:\program files\common files\SupportSoft
2009-08-11 10:16 --d----- C:\Mileage 2009

==================== Find3M ====================


============= FINISH: 16:21:54.43 ===============

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 6th September 2009, 6:47 pm

Bump

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Origin on 6th September 2009, 10:11 pm

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to svchost as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on svchost.exe.
  • Follow the prompts. NOTE:
  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouse click combofix's window whilst it's running. That may cause it to stall.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31523
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 8th September 2009, 10:14 am

ComboFix 09-09-07.03 - Claire Sheldrake 08/09/2009 11:00.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.511.318 [GMT 1:00]
Running from: c:\documents and settings\Claire Sheldrake\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\fad.sys
c:\windows\system32\images
c:\windows\system32\images\i1.gif
c:\windows\system32\images\i2.gif
c:\windows\system32\images\i3.gif
c:\windows\system32\images\j1.gif
c:\windows\system32\images\j2.gif
c:\windows\system32\images\j3.gif
c:\windows\system32\images\jj1.gif
c:\windows\system32\images\jj2.gif
c:\windows\system32\images\jj3.gif
c:\windows\system32\images\l1.gif
c:\windows\system32\images\l2.gif
c:\windows\system32\images\l3.gif
c:\windows\system32\images\pix.gif
c:\windows\system32\images\t1.gif
c:\windows\system32\images\t2.gif
c:\windows\system32\images\up1.gif
c:\windows\system32\images\up2.gif
c:\windows\system32\images\w1.gif
c:\windows\system32\images\w11.gif
c:\windows\system32\images\w2.gif
c:\windows\system32\images\w3.gif
c:\windows\system32\images\w3.jpg
c:\windows\system32\images\wt1.gif
c:\windows\system32\images\wt2.gif
c:\windows\system32\images\wt3.gif

.
((((((((((((((((((((((((( Files Created from 2009-08-08 to 2009-09-08 )))))))))))))))))))))))))))))))
.

2009-09-03 19:16 . 2009-09-03 19:16 -------- d-----w- c:\documents and settings\Claire Sheldrake\Application Data\Malwarebytes
2009-09-03 19:16 . 2009-08-03 12:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-03 19:16 . 2009-09-03 19:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-03 19:16 . 2009-09-03 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-03 19:16 . 2009-08-03 12:36 18456 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-03 18:53 . 2009-09-03 18:53 -------- d-----w- C:\_OTM
2009-08-31 20:05 . 2009-08-31 20:05 -------- d-----w- c:\documents and settings\Matt Sheldrake\Local Settings\Application Data\SupportSoft
2009-08-31 20:05 . 2009-08-31 20:05 -------- d-----w- c:\program files\Common Files\SupportSoft
2009-08-11 09:16 . 2009-08-11 09:16 -------- d-----w- C:\Mileage 2009

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-12 14:43 . 2003-03-21 20:17 -------- d-----w- c:\program files\AOL 7.0
.

------- Sigcheck -------

[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip6fw.sys

[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mspmsnsv.dll

[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\xmlprov.dll

c:\windows\system32\drivers\ip6fw.sys ... is missing !!
c:\windows\system32\mspmsnsv.dll ... is missing !!
c:\windows\system32\xmlprov.dll ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-11-15 1670144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-11-07 294912]
"DadApp"="c:\program files\Dell\AccessDirect\dadapp.exe" [2002-11-01 208560]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2002-10-11 126976]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2002-10-11 561152]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-07-17 28672]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2003-03-21 26112]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"Lexmark X74-X75"="c:\program files\Lexmark X74-X75\lxbbbmgr.exe" [2002-07-31 57344]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2004-06-04 286720]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-02-20 98304]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 115816]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"ATIModeChange"="Ati2mdxx.exe" - c:\windows\SYSTEM32\Ati2mdxx.exe [2001-09-04 28672]
"PCTVOICE"="pctspk.exe" - c:\windows\SYSTEM32\pctspk.exe [2002-07-18 163840]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2002-08-29 13312]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AOL 7.0 Tray Icon.lnk - c:\program files\AOL 7.0\aoltray.exe [2003-3-21 32839]
Belkin Wireless USB Utility.lnk - c:\program files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe [2005-10-28 1404928]
Digimax Viewer 1.0.lnk - c:\program files\Samsung\Digimax Viewer 1.0\DigimaxViewer.exe [2003-10-25 331776]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [23/02/2008 21:21 109616]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST
.
Contents of the 'Scheduled Tasks' folder

2003-03-27 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\System32\OOBE\OOBEBALN.EXE [2002-08-29 05:00]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mWindow Title = Tiscali 10.0
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
DPF: DirectAnimation Java Classes - [You must be registered and logged in to see this link.]
DPF: Microsoft XML Parser for Java - [You must be registered and logged in to see this link.]
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-09-08 11:07
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(668)
c:\windows\System32\ODBC32.dll

- - - - - - - > 'lsass.exe'(732)
c:\windows\System32\dssenh.dll
.
Completion time: 2009-09-08 11:10
ComboFix-quarantined-files.txt 2009-09-08 10:09

Pre-Run: 14,041,083,904 bytes free
Post-Run: 14,365,798,400 bytes free

129 --- E O F --- 2009-08-31 22:06

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 8th September 2009, 2:20 pm

Now open a new notepad file.
Input this into the notepad file:

FCopy::
c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip6fw.sys | c:\windows\system32\drivers\ip6fw.sys
c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mspmsnsv.dll | c:\windows\system32\mspmsnsv.dll
c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\xmlprov.dll | c:\windows\system32\xmlprov.dll

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 8th September 2009, 2:54 pm

ComboFix 09-09-07.03 - Claire Sheldrake 08/09/2009 15:46.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.511.306 [GMT 1:00]
Running from: c:\documents and settings\Claire Sheldrake\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Claire Sheldrake\Desktop\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
--------------- FCopy ---------------

c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip6fw.sys --> c:\windows\system32\drivers\ip6fw.sys
c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mspmsnsv.dll --> c:\windows\system32\mspmsnsv.dll
c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\xmlprov.dll --> c:\windows\system32\xmlprov.dll
.
((((((((((((((((((((((((( Files Created from 2009-08-08 to 2009-09-08 )))))))))))))))))))))))))))))))
.

2009-09-08 14:46 . 2004-08-04 07:56 129536 ----a-w- c:\windows\system32\xmlprov.dll
2009-09-08 14:46 . 2004-08-04 07:56 52224 ----a-w- c:\windows\system32\mspmsnsv.dll
2009-09-03 19:16 . 2009-09-03 19:16 -------- d-----w- c:\documents and settings\Claire Sheldrake\Application Data\Malwarebytes
2009-09-03 19:16 . 2009-08-03 12:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-03 19:16 . 2009-09-03 19:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-03 19:16 . 2009-09-03 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-03 19:16 . 2009-08-03 12:36 18456 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-03 18:53 . 2009-09-03 18:53 -------- d-----w- C:\_OTM
2009-08-31 20:05 . 2009-08-31 20:05 -------- d-----w- c:\documents and settings\Matt Sheldrake\Local Settings\Application Data\SupportSoft
2009-08-31 20:05 . 2009-08-31 20:05 -------- d-----w- c:\program files\Common Files\SupportSoft
2009-08-11 09:16 . 2009-08-11 09:16 -------- d-----w- C:\Mileage 2009

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-12 14:43 . 2003-03-21 20:17 -------- d-----w- c:\program files\AOL 7.0
.

------- Sigcheck -------

[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\ip6fw.sys

[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mspmsnsv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\SYSTEM32\mspmsnsv.dll

[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\xmlprov.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-11-15 1670144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-11-07 294912]
"DadApp"="c:\program files\Dell\AccessDirect\dadapp.exe" [2002-11-01 208560]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2002-10-11 126976]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2002-10-11 561152]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-07-17 28672]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2003-03-21 26112]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"Lexmark X74-X75"="c:\program files\Lexmark X74-X75\lxbbbmgr.exe" [2002-07-31 57344]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2004-06-04 286720]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-02-20 98304]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 115816]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"ATIModeChange"="Ati2mdxx.exe" - c:\windows\SYSTEM32\Ati2mdxx.exe [2001-09-04 28672]
"PCTVOICE"="pctspk.exe" - c:\windows\SYSTEM32\pctspk.exe [2002-07-18 163840]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2002-08-29 13312]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AOL 7.0 Tray Icon.lnk - c:\program files\AOL 7.0\aoltray.exe [2003-3-21 32839]
Belkin Wireless USB Utility.lnk - c:\program files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe [2005-10-28 1404928]
Digimax Viewer 1.0.lnk - c:\program files\Samsung\Digimax Viewer 1.0\DigimaxViewer.exe [2003-10-25 331776]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [23/02/2008 21:21 109616]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST
.
Contents of the 'Scheduled Tasks' folder

2003-03-27 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\System32\OOBE\OOBEBALN.EXE [2002-08-29 05:00]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mWindow Title = Tiscali 10.0
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
DPF: DirectAnimation Java Classes - [You must be registered and logged in to see this link.]
DPF: Microsoft XML Parser for Java - [You must be registered and logged in to see this link.]
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-09-08 15:50
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(668)
c:\windows\System32\ODBC32.dll

- - - - - - - > 'lsass.exe'(732)
c:\windows\System32\dssenh.dll
.
Completion time: 2009-09-08 15:52
ComboFix-quarantined-files.txt 2009-09-08 14:52
ComboFix2.txt 2009-09-08 10:10

Pre-Run: 14,386,991,104 bytes free
Post-Run: 14,373,154,816 bytes free

110 --- E O F --- 2009-08-31 22:06

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 8th September 2009, 8:04 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 8th September 2009, 8:17 pm

It seems to working fine. Is it free from virus' now?

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 10th September 2009, 6:48 pm

Bump

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 11th September 2009, 9:59 pm

Bump

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Origin on 12th September 2009, 5:11 am

Your logs show no sign of infection, what Anti virus are you currently running?


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31523
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 12th September 2009, 7:15 pm

The antivirus had expired. I am just about to install Norton Internet security 2009 premium edition.

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Belahzur on 12th September 2009, 10:37 pm

Hello.
Okay, install Norton 2009, then this should be fine.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by makebelieve on 12th September 2009, 11:07 pm

Thanks for all your help.

makebelieve
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-31
OS OS : Windows XP
Points Points : 26599
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Windows Antivirus pro and other error messages

Post by Dr Jay on 16th September 2009, 9:10 pm

Since this issue appears to be solved, this topic is now closed and being marked solved.

If you need the topic reopened, PM an administrator, moderator, or staff.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum