Security Tool and maybe more malaware

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 8th November 2009, 3:34 am

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:33:14, on 2009-11-07
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\vVX6000.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\program files\steam\steam.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Zabaware\HalReader\HalReader.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Nexon\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Nexon\Spyware Doctor\BDT\PCTBrowserDefender.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Nexon\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Ultra Hal Text-to-Speech Reader Startup.lnk = ?
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - [You must be registered and logged in to see this link.]
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - [You must be registered and logged in to see this link.]
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [You must be registered and logged in to see this link.]
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - [You must be registered and logged in to see this link.]
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - [You must be registered and logged in to see this link.]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - [You must be registered and logged in to see this link.]
O16 - DPF: {BFD90062-6B5E-4F8F-87B1-5F022C14E32F} (ActiveReceiver Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - [You must be registered and logged in to see this link.]
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - [You must be registered and logged in to see this link.]
O16 - DPF: {FA30EC32-668B-4B60-B13C-4C84EB90C3C9} (ActiveID Control) - [You must be registered and logged in to see this link.]
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Nexon\Spyware Doctor1\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Nexon\Spyware Doctor1\pctsSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 10176 bytes

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 8th November 2009, 11:17 pm

Please use Internet Explorer and run a [You must be registered and logged in to see this link.]

  • Please check I agree with the Terms and Conditions and click Start Here
  • You will need to allow an Active X install for the scan to run.
  • Leave the scanning options at default and click Start Scan
Please post the results in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302989
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 9th November 2009, 2:41 am

can't still cannot use internet, says unauthorised right to use iexplorer.exe.

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 9th November 2009, 4:17 am

I cant open iexplorer.exe at all and mozilla cannot connect. I cant use any programs automatic update such as the mbam one it says I'm not connected.

However my connection does show in my tool bar, I can also connect to wlmsn. I did a reset of dns, ip release ip renew in cmd DOS still didnt fȋxed anything.

I think ill just refrmt my hard drive, I havent moved since a 2 weeks now Sad tearing

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 9th November 2009, 7:30 am

Are you saying you want to do a reformat and reinstall?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302989
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 9th November 2009, 5:07 pm

DragonMaster Jay wrote:Are you saying you want to do a reformat and reinstall?

Well my problem is that my Windows copy is at my mom house a 3 hours drive :S . I would like to avoid to reformat and reinstall everything and lose a lot of data, reinstalling all those hardware drivers etc...

But so far i'm out of solutions. I read others forum where people also lost connection after a spyware, malaware virus removal, and they all ended up giving up and reformating because the solutions proposed didnt worked.

Plus here I'v been telling you guys 5 times I don't have internet acces with iexplorer or firefox and you keep giving me internet links to do online scans. I ... cannot.. connect! I can only connect with limewire and windows live messenger.

Can you help? Ill go get my windows copy next weekend, so I still have a week to try everything you tell me!

Cheers

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 10th November 2009, 1:16 am

There may not be a reason to do the reformat and reinstall.

My apologies on the Internet issue. Most of the time, we instruct users to transfer the download from another computer, on to the infected computer - using a flash drive, burnt CD/DVD, or external drive.

With that in mind, we are going to need a tool that will probably help restore the connection. Please transfer the download from another computer to the infected one.

Download Dial-A-Fix from [You must be registered and logged in to see this link.].

Save it to your Desktop.

Open Dial-a-fix.exe

Click the green checkmark at the bottom of the window; this should select all options.

Now, click GO.

Allow it to run (the status will be displayed at the bottom), and follow any prompts you receive.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302989
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 10th November 2009, 3:15 am

Hi,

It doesnt work, I got a bunch of error 127 during the scan. saying a .dll file is either corrupted or not recognized. Should I write them down for you?

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 10th November 2009, 5:14 am

Yes, knowing the DLLs will be good. Having the log will be better.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302989
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 10th November 2009, 5:20 am

how do I get the log? does it save it somewhere?

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 10th November 2009, 5:38 am

Ok I got it.

Log of DIal-a-fix

00:25:36 | Dial-a-fix was unable to determine your version of Internet Explorer
Notes about this log:
1) "->" denotes an external command being executed, and "-> (number)" indicates
the return code from the previous command
2) Not all external command return codes are accurate, or useful
3) Sometimes commands return 0 (no error) even when they fail or crash
4) If an error occurs while registering an object, please send an email to:
[You must be registered and logged in to see this link.] and include a copy of this log

DAF version: v0.60.0.24

--- System info ---
OS: Microsoft Windows XP Service Pack 3
IE version: 8.0.6001.18702
MPC: 76412-OEM
CPU: AMD Athlon(tm) 64 Processor 3500+ (~2220MHz)
CPU: CPU is 64-bit or has 64-bit extensions
BIOS: 2005-06-30
Memory (approx): 1023MB
Uptime: 0 hour(s)
Current directory: C:\Nexon\Dial-a-fix-v0.60.0.24
---

2009-11-10 00:25:36 -- Dial-a-fix : [v0.60.0.24] -- started
00:25:36 | Policy scan started
00:25:36 | Policy scan ended - no restrictive policies were found
--- Emptying temp folders ---
00:25:44 | Deleting C:\Documents and Settings\joe\Local Settings\temp...
00:25:44 | C:\Documents and Settings\joe\Local Settings\temp could not be completely emptied, please reboot and try again
00:25:44 | Deleting C:\WINDOWS\temp...
00:25:44 | C:\WINDOWS\temp has been re-created
00:25:44 | Deleting C:\DOCUME~1\joe\LOCALS~1\Temp...
00:25:44 | C:\DOCUME~1\joe\LOCALS~1\Temp could not be completely emptied, please reboot and try again
--- MSI ---
00:25:47 | Registered: C:\WINDOWS\system32\msi.dll
--- Windows Update ---
--- Registration: Windows Update/Automatic Update DLLs ---
00:25:55 | Unregistered: C:\WINDOWS\system32\msxml.dll
00:25:55 | Registered: C:\WINDOWS\system32\msxml.dll
00:25:55 | Unregistered: C:\WINDOWS\system32\msxml2.dll
00:25:55 | Registered: C:\WINDOWS\system32\msxml2.dll
00:25:58 | Unregistered: C:\WINDOWS\system32\msxml3.dll
00:25:58 | Registered: C:\WINDOWS\system32\msxml3.dll
00:25:58 | Unregistered: C:\WINDOWS\system32\qmgr.dll
00:25:58 | Registered: C:\WINDOWS\system32\qmgr.dll
00:25:58 | Unregistered: C:\WINDOWS\system32\qmgrprxy.dll
00:25:58 | Registered: C:\WINDOWS\system32\qmgrprxy.dll
00:25:58 | Unregistered: C:\WINDOWS\system32\muweb.dll
00:25:58 | Registered: C:\WINDOWS\system32\muweb.dll
00:25:58 | Unregistered: C:\WINDOWS\system32\winhttp.dll
00:25:59 | Registered: C:\WINDOWS\system32\winhttp.dll
00:25:59 | Registered: C:\WINDOWS\system32\wuapi.dll
00:25:59 | Unregistered: C:\WINDOWS\system32\wuaueng.dll
00:25:59 | Registered: C:\WINDOWS\system32\wuaueng.dll
00:25:59 | Unregistered: C:\WINDOWS\system32\wuaueng1.dll
00:25:59 | Registered: C:\WINDOWS\system32\wuaueng1.dll
00:25:59 | Unregistered: C:\WINDOWS\system32\wucltui.dll
00:25:59 | Registered: C:\WINDOWS\system32\wucltui.dll
00:25:59 | Unregistered: C:\WINDOWS\system32\wups.dll
00:25:59 | Registered: C:\WINDOWS\system32\wups.dll
00:25:59 | Unregistered: C:\WINDOWS\system32\wups2.dll
00:25:59 | Registered: C:\WINDOWS\system32\wups2.dll
00:25:59 | Unregistered: C:\WINDOWS\system32\wuweb.dll
00:25:59 | Registered: C:\WINDOWS\system32\wuweb.dll
00:25:59 | Registered: C:\WINDOWS\system32\ole32.dll
--- SSL/HTTPS/Cryptography ---
00:26:11 | Executed 'cmd.exe /c rmdir /q /s C:\WINDOWS\system32\Catroot2'
--- Registration: SSL/HTTPS/Cryptography ---
00:26:15 | Unregistered: C:\WINDOWS\system32\cryptdlg.dll
00:26:15 | Registered: C:\WINDOWS\system32\cryptdlg.dll
00:26:15 | Unregistered: C:\WINDOWS\system32\cryptui.dll
00:26:15 | Registered: C:\WINDOWS\system32\cryptui.dll
00:26:16 | Unregistered: C:\WINDOWS\system32\cryptext.dll
00:26:16 | Registered: C:\WINDOWS\system32\cryptext.dll
00:26:16 | Unregistered: C:\WINDOWS\system32\dssenh.dll
00:26:16 | Registered: C:\WINDOWS\system32\dssenh.dll
00:26:16 | Unregistered: C:\WINDOWS\system32\gpkcsp.dll
00:26:16 | Registered: C:\WINDOWS\system32\gpkcsp.dll
00:26:16 | Unregistered: C:\WINDOWS\system32\initpki.dll
00:26:36 | Registered: C:\WINDOWS\system32\initpki.dll
00:26:36 | Unregistered: C:\WINDOWS\system32\licdll.dll
00:26:36 | Registered: C:\WINDOWS\system32\licdll.dll
00:26:36 | Unregistered: C:\WINDOWS\system32\mssign32.dll
00:26:36 | Registered: C:\WINDOWS\system32\mssign32.dll
00:26:36 | Unregistered: C:\WINDOWS\system32\mssip32.dll
00:26:36 | Registered: C:\WINDOWS\system32\mssip32.dll
00:26:37 | Unregistered: C:\WINDOWS\system32\scardssp.dll
00:26:37 | Registered: C:\WINDOWS\system32\scardssp.dll
00:26:37 | Unregistered: C:\WINDOWS\system32\sccbase.dll
00:26:37 | Registered: C:\WINDOWS\system32\sccbase.dll
00:26:37 | Unregistered: C:\WINDOWS\system32\scecli.dll
00:26:37 | Registered: C:\WINDOWS\system32\scecli.dll
00:26:37 | Unregistered: C:\WINDOWS\system32\softpub.dll
00:26:37 | Registered: C:\WINDOWS\system32\softpub.dll
00:26:37 | Unregistered: C:\WINDOWS\system32\slbcsp.dll
00:26:37 | Registered: C:\WINDOWS\system32\slbcsp.dll
00:26:37 | Unregistered: C:\WINDOWS\system32\regwizc.dll
00:26:37 | Registered: C:\WINDOWS\system32\regwizc.dll
00:26:37 | Unregistered: C:\WINDOWS\system32\rsaenh.dll
00:26:37 | Registered: C:\WINDOWS\system32\rsaenh.dll
00:26:37 | Unregistered: C:\WINDOWS\system32\winhttp.dll
00:26:37 | Registered: C:\WINDOWS\system32\winhttp.dll
00:26:37 | Unregistered: C:\WINDOWS\system32\wintrust.dll
00:26:37 | Registered: C:\WINDOWS\system32\wintrust.dll
--- Registration: ActiveX controls/codecs ---
00:26:37 | Registered: C:\WINDOWS\system32\acelpdec.ax
00:26:37 | Registered: C:\WINDOWS\system32\actxprxy.dll
00:26:37 | Registered: C:\WINDOWS\system32\asctrls.ocx
00:26:37 | Registered: C:\WINDOWS\system32\daxctle.ocx
00:26:38 | Registered: C:\WINDOWS\system32\hhctrl.ocx
00:26:38 | Registered: C:\WINDOWS\system32\l3codecx.ax
00:26:38 | Registered: C:\WINDOWS\system32\licmgr10.dll
00:26:38 | Registered: C:\WINDOWS\system32\mpg4ds32.ax
00:26:39 | Registered: C:\WINDOWS\system32\msdxm.ocx
00:26:39 | Registered: C:\WINDOWS\system32\proctexe.ocx
00:26:39 | Registered: C:\WINDOWS\system32\tdc.ocx
00:26:39 | Registered: C:\WINDOWS\system32\wshom.ocx
--- Registration: Control Panel applets ---
00:26:39 | DllInstalled: C:\WINDOWS\system32\inetcpl.cpl
00:26:39 | DllInstalled: C:\WINDOWS\system32\appwiz.cpl
00:26:39 | Registered: C:\WINDOWS\system32\appwiz.cpl
00:26:39 | DllInstalled: C:\WINDOWS\system32\nusrmgr.cpl
00:26:39 | Registered: C:\WINDOWS\system32\nusrmgr.cpl
--- Registration: Direct[X|Draw|Show|Media] ---
00:26:40 | Registered: C:\WINDOWS\system32\quartz.dll
00:26:40 | Registered: C:\WINDOWS\system32\danim.dll
00:26:40 | Registered: C:\WINDOWS\system32\dmscript.dll
00:26:40 | Registered: C:\WINDOWS\system32\dmstyle.dll
00:26:40 | Registered: C:\WINDOWS\system32\dxmasf.dll
00:26:40 | Registered: C:\WINDOWS\system32\dxtmsft.dll
00:26:40 | Registered: C:\WINDOWS\system32\dxtrans.dll
00:26:40 | Registered: C:\WINDOWS\system32\sbe.dll
--- Registration: Programming cores/runtimes ---
00:26:40 | Registered: C:\WINDOWS\system32\atl.dll
00:26:40 | Registered: C:\WINDOWS\system32\corpol.dll
00:26:40 | Registered: C:\WINDOWS\system32\jscript.dll
00:26:40 | Registered: C:\WINDOWS\system32\dispex.dll
00:26:40 | Registered: C:\WINDOWS\system32\scrrun.dll
00:26:40 | Registered: C:\WINDOWS\system32\scrobj.dll
00:26:40 | Registered: C:\WINDOWS\system32\vbscript.dll
00:26:40 | Registered: C:\WINDOWS\system32\wshext.dll
--- Registration: Explorer/IE/OE/shell/WMP ---
00:26:40 | Registered: C:\WINDOWS\system32\activeds.dll
00:26:40 | Registered: C:\WINDOWS\system32\audiodev.dll
00:26:40 | DllInstalled: C:\WINDOWS\system32\browseui.dll
00:26:40 | Registered: C:\WINDOWS\system32\browseui.dll
00:26:41 | Registered: C:\WINDOWS\system32\browsewm.dll
00:26:41 | Registered: C:\WINDOWS\system32\cabview.dll
00:26:41 | Registered: C:\WINDOWS\system32\cdfview.dll
00:26:41 | Registered: C:\WINDOWS\system32\clbcatex.dll
00:26:41 | Registered: C:\WINDOWS\system32\clbcatq.dll
00:26:41 | Registered: C:\WINDOWS\system32\comcat.dll
00:26:41 | Registered: C:\WINDOWS\system32\cscui.dll
00:26:41 | Registered: C:\WINDOWS\system32\credui.dll
00:26:41 | Registered: C:\WINDOWS\system32\datime.dll
00:26:41 | Registered: C:\WINDOWS\system32\devmgr.dll
00:26:41 | Registered: C:\WINDOWS\system32\dfsshlex.dll
00:26:41 | Registered: C:\WINDOWS\system32\dmdlgs.dll
00:26:41 | Registered: C:\WINDOWS\system32\dmdskmgr.dll
00:26:41 | Registered: C:\WINDOWS\system32\dmloader.dll
00:26:41 | Registered: C:\WINDOWS\system32\dmocx.dll
00:26:41 | Registered: C:\WINDOWS\system32\dmview.ocx
00:26:41 | DllInstalled: C:\WINDOWS\system32\dsuiext.dll
00:26:41 | Registered: C:\WINDOWS\system32\dsuiext.dll
00:26:41 | DllInstalled: C:\WINDOWS\system32\dsquery.dll
00:26:41 | Registered: C:\WINDOWS\system32\dsquery.dll
00:26:41 | Registered: C:\WINDOWS\system32\dskquoui.dll
00:26:41 | Registered: C:\WINDOWS\system32\els.dll
00:26:41 | Registered: C:\WINDOWS\system32\es.dll
00:26:41 | Registered: C:\WINDOWS\system32\fontext.dll
00:26:41 | Registered: C:\WINDOWS\system32\hlink.dll
00:26:41 | Registered: C:\WINDOWS\system32\hnetcfg.dll
00:26:42 | Registered: C:\WINDOWS\system32\iedkcs32.dll
00:26:42 | Registered: C:\WINDOWS\system32\iepeers.dll
00:26:42 | Error 127: C:\WINDOWS\system32\iesetup.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
00:28:04 | Error 127: C:\WINDOWS\system32\iesetup.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18702
00:28:20 | Registered: C:\WINDOWS\system32\ils.dll
00:28:20 | Error 127: C:\WINDOWS\system32\imgutil.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
00:30:12 | Registered: C:\WINDOWS\system32\inetcfg.dll
00:30:12 | Registered: C:\WINDOWS\system32\inetcomm.dll
00:30:12 | Error 127: C:\WINDOWS\system32\inseng.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
00:30:42 | Error 127: C:\WINDOWS\system32\inseng.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18702
00:30:44 | Registered: C:\WINDOWS\system32\laprxy.dll
00:30:44 | Registered: C:\WINDOWS\system32\lmrt.dll
00:30:44 | Registered: C:\WINDOWS\system32\mlang.dll
00:30:45 | Registered: C:\WINDOWS\system32\mmcndmgr.dll
00:30:45 | Registered: C:\WINDOWS\system32\mmcshext.dll
00:30:45 | Registered: C:\WINDOWS\system32\mscoree.dll
00:30:45 | Error 127: C:\WINDOWS\system32\mshtml.dll is not registerable or the file is corrupted. Version: 8.00.6001.18828
00:31:30 | Error 127: C:\WINDOWS\system32\mshtml.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18828
00:31:36 | Registered: C:\WINDOWS\system32\mshtmled.dll
00:31:36 | Registered: C:\WINDOWS\system32\msieftp.dll
00:31:36 | Registered: C:\WINDOWS\system32\msoeacct.dll
00:31:36 | Registered: C:\WINDOWS\system32\msr2c.dll
00:31:36 | Error 127: C:\WINDOWS\system32\msrating.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
00:32:14 | DllInstalled: C:\WINDOWS\system32\mydocs.dll
00:32:14 | Registered: C:\WINDOWS\system32\mydocs.dll
00:32:15 | Registered: C:\WINDOWS\system32\mstime.dll
00:32:15 | Registered: C:\WINDOWS\system32\netcfgx.dll
00:32:15 | DllInstalled: C:\WINDOWS\system32\netplwiz.dll
00:32:15 | Registered: C:\WINDOWS\system32\netplwiz.dll
00:32:15 | Registered: C:\WINDOWS\system32\netman.dll
00:32:15 | Registered: C:\WINDOWS\system32\netshell.dll
00:32:15 | Registered: C:\WINDOWS\system32\ntmsevt.dll
00:32:15 | Registered: C:\WINDOWS\system32\ntmsmgr.dll
00:32:15 | DllInstalled: C:\WINDOWS\system32\ntmssvc.dll
00:32:15 | Registered: C:\WINDOWS\system32\ntmssvc.dll
00:32:15 | Error 127: C:\WINDOWS\system32\occache.dll is not registerable or the file is corrupted. Version: 8.00.6001.18828
00:32:47 | Error 127: C:\WINDOWS\system32\occache.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18828
00:32:50 | Registered: C:\WINDOWS\system32\ole32.dll
00:32:50 | Registered: C:\WINDOWS\system32\oleaut32.dll
00:32:50 | Registered: C:\WINDOWS\system32\oleacc.dll
00:32:50 | Registered: C:\WINDOWS\system32\olepro32.dll
00:32:50 | DllInstalled: C:\WINDOWS\system32\photowiz.dll
00:32:50 | Registered: C:\WINDOWS\system32\photowiz.dll
00:32:50 | Error 127: C:\WINDOWS\system32\pngfilt.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
00:33:15 | Registered: C:\WINDOWS\system32\remotepg.dll
00:33:15 | Registered: C:\WINDOWS\system32\rpcrt4.dll
00:33:15 | Registered: C:\WINDOWS\system32\rshx32.dll
00:33:15 | Registered: C:\WINDOWS\system32\sendmail.dll
00:33:15 | Registered: C:\WINDOWS\system32\slayerxp.dll
00:33:15 | DllInstalled: C:\WINDOWS\system32\shdocvw.dll
00:33:15 | Registered: C:\WINDOWS\system32\shdocvw.dll
00:33:15 | Registered: C:\WINDOWS\system32\shell32.dll
00:33:17 | DllInstalled: C:\WINDOWS\system32\shell32.dll
00:33:17 | Registered: C:\WINDOWS\system32\shmedia.dll
00:33:17 | DllInstalled: C:\WINDOWS\system32\shimgvw.dll
00:33:17 | Registered: C:\WINDOWS\system32\shimgvw.dll
00:33:17 | DllInstalled: C:\WINDOWS\system32\shsvcs.dll
00:33:17 | Registered: C:\WINDOWS\system32\shsvcs.dll
00:33:17 | Registered: C:\WINDOWS\system32\srclient.dll
00:33:17 | Unregistered: C:\WINDOWS\system32\stobject.dll
00:33:17 | Registered: C:\WINDOWS\system32\stobject.dll
00:33:17 | DllInstalled: C:\WINDOWS\system32\themeui.dll
00:33:17 | Registered: C:\WINDOWS\system32\themeui.dll
00:33:17 | Registered: C:\WINDOWS\system32\twext.dll
00:33:17 | DllInstalled: C:\WINDOWS\system32\urlmon.dll
00:33:17 | Registered: C:\WINDOWS\system32\urlmon.dll
00:33:17 | Registered: C:\WINDOWS\system32\userenv.dll
00:33:17 | Error 127: C:\WINDOWS\system32\webcheck.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
00:33:40 | Error 127: C:\WINDOWS\system32\webcheck.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18702
00:33:42 | Registered: C:\WINDOWS\system32\webvw.dll
00:33:42 | Registered: C:\WINDOWS\system32\winhttp.dll
00:33:42 | DllInstalled: C:\WINDOWS\system32\wininet.dll
00:33:42 | Registered: C:\WINDOWS\system32\zipfldr.dll
00:33:42 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdadc.dll
00:33:42 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaenum.dll
00:33:42 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaer.dll
00:33:42 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaipp.dll
00:33:42 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaora.dll
00:33:42 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaosp.dll
00:33:42 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaps.dll
00:33:42 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdasc.dll
00:33:43 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdasql.dll
00:33:43 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdatt.dll
00:33:43 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msdaurl.dll
00:33:43 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\msxactps.dll
00:33:43 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\oledb32.dll
00:33:43 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\oledb32r.dll
00:33:43 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\sqloledb.dll
00:33:43 | Registered: C:\Program Files\Fichiers communs\system\Ole DB\sqlxmlx.dll


_____________________________

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 10th November 2009, 5:46 am

It appears Internet Explorer (8?) is corrupted.

Please go to Control Panel > Add or Remove programs, and uninstall Internet Explorer.

Then, see if you can access the Internet.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302989
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 10th November 2009, 5:55 am

I think I deleted it... Not sure it was shown as IE8 upgrades. Also went in windows elements unclicked iexplorer icon and it delted it as well.

Now I rebooted. So how do I reinstall it?

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 10th November 2009, 6:12 am

ouch, windows automatic updater made me redownload ie8 which I did but it failed. I also still cannot connect to online updater and other programs using an internet connection such as steam. Even worst my windows live messnger is asking to re install the new update and it fails too.

I think I deleted something I shouldnt have

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 10th November 2009, 6:26 am

Go Start and then to Run,
Type in: sfc /scannow
Click OK.
Have Windows CD/DVD handy.
If System File Checker (sfc) finds any errors, it may ask you for the CD/DVD.
If sfc does not find any errors in Windows XP, it will simply quit, without any message.

If you don't have Windows CD....

Go Start and then Run
type in regedit and click OK


Navigate to the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup

On the right hand side, find: SourcePath

It probably has an entry pointing to your CD-ROM drive, usually D and that is why it is asking for the XP CD.
All we need to do is change it to: C:
Now, double click the SourcePath setting and a new box will pop up.
Change the drive letter from your CD drive to your root drive, usually C:
Close Registry Editor.

Now restart your computer and try sfc /scannow again!

After the first run, reboot your computer. Do a second run. Now the scan and fix is finished.

==

Then, see if those errors persist, please.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302989
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 10th November 2009, 6:57 am

yeah I do have my windows XP copy is just the cd key is at my mom house.

So anyway I performed the first scan, it didnt said nothing the CD Drive was spinning but it just finished like that. Am I supposed to get a report or something? Anyway because it takes a while to do I will perform the 2nd one tomorrow and let you know the result tomorrow night. Its 2 am and I work tomorrow, well in 5 hours!

Thanks for the help so far DragonMaster Jay!

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 10th November 2009, 11:01 pm

Hi Dragonmaster Jay,

After second scan nothing happened. No errors reported to fix, still have all my issues.

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 11th November 2009, 8:07 pm

Would you be able to transfer a download of Internet Explorer from another computer to yours, to install?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302989
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 11th November 2009, 8:11 pm

Im not sure I understand what your asking. I have acces to a laptop with internt and a USB storage key. Would that do it?

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 11th November 2009, 8:15 pm

Yes, it should.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302989
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 11th November 2009, 8:18 pm

Ok cool, so what should I do?

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 12th November 2009, 5:22 am

Download Internet Explorer from here: [You must be registered and logged in to see this link.]
Save the download, not open it.
Then, transfer the saved download to your flash drive or other storage media, and then on to the infected computer.

Install it after it gets transferred on to the infected computer. Did this work?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302989
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 12th November 2009, 9:14 pm

Hi DragonMaster Jay,

It doesnt install, it does the same when windows update try to make me install it. It fails at the second step (detecting spyware etc) and at the third (installing explorer 8) and then it stops telling me it cant install explorer 8.

THings you should know:

Any programs that requieres the internet doesnt work. Anything related to explorer or spybots removal most of them dont work. My connection is on and alive tho.

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by delpiero0 on 12th November 2009, 9:19 pm

oh and since the beggining, when I click on the ie icon, I get the error message that windows cannot access the file or doesnt have the approprate authorisation to do so.

Again, I think thatg my problem is more as if I have been stripped off my admin rights on my computer.

delpiero0
Intermediate
Intermediate

Posts Posts : 61
Joined Joined : 2009-11-03
OS OS : XP
Points Points : 26003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool and maybe more malaware

Post by Dr Jay on 13th November 2009, 1:43 am

Once again, transfer the download, and then open it.

  1. Download peek.bat from the download link below and save it to your Desktop.

  • Double-click peek.bat to run it.
      A black Command Prompt window will appear shortly: the program is running.

  • Once it is finished, copy and paste the entire contents of the Log.txt (transfer the text file back, etc) file it creates as a reply to this post.


  • Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 13th November 2009, 2:39 am

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C63-623B

    R‚pertoire de C:\WINDOWS\$NtServicePackUninstall$

    2004-08-05 07:00 186ÿ368 scecli.dll

    R‚pertoire de C:\WINDOWS\$NtServicePackUninstall$

    2004-08-05 07:00 407ÿ040 netlogon.dll

    R‚pertoire de C:\WINDOWS\$NtServicePackUninstall$

    2004-08-05 07:00 55ÿ808 eventlog.dll
    3 fichier(s) 649ÿ216 octets

    R‚pertoire de C:\WINDOWS\ERDNT\cache

    2008-04-13 21:33 187ÿ392 scecli.dll

    R‚pertoire de C:\WINDOWS\ERDNT\cache

    2008-04-13 21:33 407ÿ040 netlogon.dll

    R‚pertoire de C:\WINDOWS\ERDNT\cache

    2008-04-13 21:33 56ÿ320 eventlog.dll
    3 fichier(s) 650ÿ752 octets

    R‚pertoire de C:\WINDOWS\ServicePackFiles\i386

    2008-04-13 21:33 187ÿ392 scecli.dll

    R‚pertoire de C:\WINDOWS\ServicePackFiles\i386

    2008-04-13 21:33 407ÿ040 netlogon.dll

    R‚pertoire de C:\WINDOWS\ServicePackFiles\i386

    2008-04-13 21:33 56ÿ320 eventlog.dll
    3 fichier(s) 650ÿ752 octets

    R‚pertoire de C:\WINDOWS\system32

    2008-04-13 21:33 187ÿ392 scecli.dll

    R‚pertoire de C:\WINDOWS\system32

    2008-04-13 21:33 407ÿ040 netlogon.dll

    R‚pertoire de C:\WINDOWS\system32

    2008-04-13 21:33 56ÿ320 eventlog.dll
    3 fichier(s) 650ÿ752 octets

    R‚pertoire de C:\WINDOWS\system32\dllcache

    2008-04-13 21:33 187ÿ392 scecli.dll

    R‚pertoire de C:\WINDOWS\system32\dllcache

    2008-04-13 21:33 407ÿ040 netlogon.dll

    R‚pertoire de C:\WINDOWS\system32\dllcache

    2008-04-13 21:33 56ÿ320 eventlog.dll
    3 fichier(s) 650ÿ752 octets

    Total des fichiers list‚sÿ:
    15 fichier(s) 3ÿ252ÿ224 octets
    0 R‚p(s) 11ÿ234ÿ775ÿ040 octets libres

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 13th November 2009, 3:35 am

    Please download SystemLook from one of the links below and save it to your Desktop.
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:

      :filefind
      scecli.dll
      netlogon.dll
      eventlog.dll
      winlogon.exe
      comres.dll
      crypt32.dll
      gpedit.dll
      rundll32.exe
      sfc.dll
      svchost.exe
      cngaudit.dll
      beep.sys
      wscntfy.exe
      atapi.sys

    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 13th November 2009, 3:47 am

    There you go sir

    SystemLook v1.0 by jpshortstuff (29.08.09)
    Log created at 22:43 on 12/11/2009 by joe (Administrator - Elevation successful)

    ========== filefind ==========

    Searching for "scecli.dll"
    C:\WINDOWS\$NtServicePackUninstall$\scecli.dll -----c 186368 bytes [22:30 22/08/2008] [12:00 05/08/2004] DEC0397F35D027874804EC72979D03CC
    C:\WINDOWS\ERDNT\cache\scecli.dll --a--- 187392 bytes [04:45 03/11/2009] [02:33 14/04/2008] 973B36634C544948C663E8269AA1B3A3
    C:\WINDOWS\ServicePackFiles\i386\scecli.dll ------ 187392 bytes [02:33 14/04/2008] [02:33 14/04/2008] 973B36634C544948C663E8269AA1B3A3
    C:\WINDOWS\system32\dllcache\scecli.dll --a--c 187392 bytes [12:00 05/08/2004] [02:33 14/04/2008] 973B36634C544948C663E8269AA1B3A3
    C:\WINDOWS\system32\scecli.dll ------ 187392 bytes [12:00 05/08/2004] [02:33 14/04/2008] 973B36634C544948C663E8269AA1B3A3

    Searching for "netlogon.dll"
    C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll -----c 407040 bytes [22:30 22/08/2008] [12:00 05/08/2004] FAF07FDCDE76000621A28D19F8E2E8EB
    C:\WINDOWS\ERDNT\cache\netlogon.dll --a--- 407040 bytes [04:45 03/11/2009] [02:33 14/04/2008] 04821179C3171554C1BD1F9888A113E2
    C:\WINDOWS\ServicePackFiles\i386\netlogon.dll ------ 407040 bytes [02:33 14/04/2008] [02:33 14/04/2008] 04821179C3171554C1BD1F9888A113E2
    C:\WINDOWS\system32\dllcache\netlogon.dll --a--c 407040 bytes [12:00 05/08/2004] [02:33 14/04/2008] 04821179C3171554C1BD1F9888A113E2
    C:\WINDOWS\system32\netlogon.dll ------ 407040 bytes [12:00 05/08/2004] [02:33 14/04/2008] 04821179C3171554C1BD1F9888A113E2

    Searching for "eventlog.dll"
    C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll -----c 55808 bytes [22:30 22/08/2008] [12:00 05/08/2004] 21E83876A6287F15538EF187D286FE11
    C:\WINDOWS\ERDNT\cache\eventlog.dll --a--- 56320 bytes [04:45 03/11/2009] [02:33 14/04/2008] 4EC800BDF80521B0207BD2301DFC7D14
    C:\WINDOWS\ServicePackFiles\i386\eventlog.dll ------ 56320 bytes [02:33 14/04/2008] [02:33 14/04/2008] 4EC800BDF80521B0207BD2301DFC7D14
    C:\WINDOWS\system32\dllcache\eventlog.dll --a--c 56320 bytes [12:00 05/08/2004] [02:33 14/04/2008] 4EC800BDF80521B0207BD2301DFC7D14
    C:\WINDOWS\system32\eventlog.dll ------ 56320 bytes [12:00 05/08/2004] [02:33 14/04/2008] 4EC800BDF80521B0207BD2301DFC7D14

    Searching for "winlogon.exe"
    C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe -----c 506368 bytes [22:30 22/08/2008] [12:00 05/08/2004] D2DE785AEAB0BB8CA4C14A8A199DBE4E
    C:\WINDOWS\ERDNT\cache\winlogon.exe --a--- 512000 bytes [04:45 03/11/2009] [02:34 14/04/2008] DD73D6B9F6B4CB630CF35B438B540174
    C:\WINDOWS\ServicePackFiles\i386\winlogon.exe ------ 512000 bytes [02:34 14/04/2008] [02:34 14/04/2008] DD73D6B9F6B4CB630CF35B438B540174
    C:\WINDOWS\system32\dllcache\winlogon.exe --a--c 512000 bytes [12:00 05/08/2004] [02:34 14/04/2008] DD73D6B9F6B4CB630CF35B438B540174
    C:\WINDOWS\system32\winlogon.exe ------ 512000 bytes [12:00 05/08/2004] [02:34 14/04/2008] DD73D6B9F6B4CB630CF35B438B540174

    Searching for "comres.dll"
    C:\WINDOWS\$NtServicePackUninstall$\comres.dll -----c 851968 bytes [22:30 22/08/2008] [12:00 05/08/2004] 19428638D8F4440F67519BD03A623BBB
    C:\WINDOWS\ServicePackFiles\i386\comres.dll ------ 851968 bytes [02:33 14/04/2008] [02:33 14/04/2008] F4B7146C7EED6C4E158DCD9B5266C25A
    C:\WINDOWS\system32\comres.dll --a--- 851968 bytes [12:00 05/08/2004] [02:33 14/04/2008] F4B7146C7EED6C4E158DCD9B5266C25A
    C:\WINDOWS\system32\dllcache\comres.dll --a--c 851968 bytes [12:00 05/08/2004] [02:33 14/04/2008] F4B7146C7EED6C4E158DCD9B5266C25A

    Searching for "crypt32.dll"
    C:\WINDOWS\$NtServicePackUninstall$\crypt32.dll -----c 604672 bytes [22:30 22/08/2008] [12:00 05/08/2004] FD8631128E14583F135EB4B3F37EF626
    C:\WINDOWS\ServicePackFiles\i386\crypt32.dll ------ 606208 bytes [02:33 14/04/2008] [02:33 14/04/2008] 39976DAD9564B336B153184268DB032F
    C:\WINDOWS\system32\crypt32.dll --a--- 606208 bytes [12:00 05/08/2004] [02:33 14/04/2008] 39976DAD9564B336B153184268DB032F
    C:\WINDOWS\system32\dllcache\crypt32.dll --a--c 606208 bytes [12:00 05/08/2004] [02:33 14/04/2008] 39976DAD9564B336B153184268DB032F

    Searching for "gpedit.dll"
    No files found.

    Searching for "rundll32.exe"
    C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe -----c 33792 bytes [22:30 22/08/2008] [12:00 05/08/2004] F5402CD47B7389DDC21F92119A906EEE
    C:\WINDOWS\ServicePackFiles\i386\rundll32.exe ------ 33792 bytes [02:34 14/04/2008] [02:34 14/04/2008] 93AD0B78C7357A05F50E594EC7C22300
    C:\WINDOWS\system32\dllcache\rundll32.exe --a--c 33792 bytes [12:00 05/08/2004] [02:34 14/04/2008] 93AD0B78C7357A05F50E594EC7C22300
    C:\WINDOWS\system32\rundll32.exe --a--- 33792 bytes [12:00 05/08/2004] [02:34 14/04/2008] 93AD0B78C7357A05F50E594EC7C22300

    Searching for "sfc.dll"
    C:\WINDOWS\$NtServicePackUninstall$\sfc.dll -----c 5120 bytes [22:30 22/08/2008] [12:00 05/08/2004] 94559DE281DADCB58E6A3919C7EAC0B4
    C:\WINDOWS\ERDNT\cache\sfc.dll --a--- 5120 bytes [04:45 03/11/2009] [02:33 14/04/2008] 9A4E7ECBB5B7FB86F3B926AB039F4FEC
    C:\WINDOWS\ServicePackFiles\i386\sfc.dll ------ 5120 bytes [02:33 14/04/2008] [02:33 14/04/2008] 9A4E7ECBB5B7FB86F3B926AB039F4FEC
    C:\WINDOWS\system32\dllcache\sfc.dll --a--c 5120 bytes [12:00 05/08/2004] [02:33 14/04/2008] 9A4E7ECBB5B7FB86F3B926AB039F4FEC
    C:\WINDOWS\system32\sfc.dll ------ 5120 bytes [12:00 05/08/2004] [02:33 14/04/2008] 9A4E7ECBB5B7FB86F3B926AB039F4FEC

    Searching for "svchost.exe"
    C:\WINDOWS\$NtServicePackUninstall$\svchost.exe -----c 14336 bytes [22:30 22/08/2008] [12:00 05/08/2004] 1BD6C2F707A275CB7C16FD99FE0F31CA
    C:\WINDOWS\ERDNT\cache\svchost.exe --a--- 14336 bytes [04:45 03/11/2009] [02:34 14/04/2008] E4BDF223CD75478BF44567B4D5C2634D
    C:\WINDOWS\ServicePackFiles\i386\svchost.exe ------ 14336 bytes [02:34 14/04/2008] [02:34 14/04/2008] E4BDF223CD75478BF44567B4D5C2634D
    C:\WINDOWS\system32\dllcache\svchost.exe --a--c 14336 bytes [12:00 05/08/2004] [02:34 14/04/2008] E4BDF223CD75478BF44567B4D5C2634D
    C:\WINDOWS\system32\svchost.exe ------ 14336 bytes [12:00 05/08/2004] [02:34 14/04/2008] E4BDF223CD75478BF44567B4D5C2634D

    Searching for "cngaudit.dll"
    No files found.

    Searching for "beep.sys"
    C:\WINDOWS\ERDNT\cache\beep.sys --a--- 4224 bytes [04:45 03/11/2009] [12:00 05/08/2004] DA1F27D85E0D1525F6621372E7B685E9
    C:\WINDOWS\system32\dllcache\beep.sys --a--c 4224 bytes [12:00 05/08/2004] [12:00 05/08/2004] DA1F27D85E0D1525F6621372E7B685E9
    C:\WINDOWS\system32\drivers\beep.sys ------ 4224 bytes [12:00 05/08/2004] [12:00 05/08/2004] DA1F27D85E0D1525F6621372E7B685E9

    Searching for "wscntfy.exe"
    C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe -----c 13824 bytes [22:31 22/08/2008] [12:00 05/08/2004] 54CDDAD404557ED98433D6ECBFC92691
    C:\WINDOWS\ERDNT\cache\wscntfy.exe --a--- 13824 bytes [04:45 03/11/2009] [02:34 14/04/2008] 02DA31AB433A6C1110A736C85701DECA
    C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe ------ 13824 bytes [02:34 14/04/2008] [02:34 14/04/2008] 02DA31AB433A6C1110A736C85701DECA
    C:\WINDOWS\system32\dllcache\wscntfy.exe --a--c 13824 bytes [12:00 05/08/2004] [02:34 14/04/2008] 02DA31AB433A6C1110A736C85701DECA
    C:\WINDOWS\system32\wscntfy.exe ------ 13824 bytes [12:00 05/08/2004] [02:34 14/04/2008] 02DA31AB433A6C1110A736C85701DECA

    Searching for "atapi.sys"
    C:\WINDOWS\$NtServicePackUninstall$\atapi.sys -----c 95360 bytes [22:30 22/08/2008] [12:00 05/08/2004] CDFE4411A69C224BD1D11B2DA92DAC51
    C:\WINDOWS\ERDNT\cache\atapi.sys --a--- 96512 bytes [02:33 06/11/2009] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674
    C:\WINDOWS\ServicePackFiles\i386\atapi.sys ------ 96512 bytes [18:40 13/04/2008] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674
    C:\WINDOWS\system32\dllcache\atapi.sys --a--c 96512 bytes [04:26 03/11/2009] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674
    C:\WINDOWS\system32\drivers\atapi.sys ------ 96512 bytes [04:26 03/11/2009] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674

    -=End Of File=-

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 13th November 2009, 11:57 pm

    Sorry this has been difficult. I need to take a big picture of your system here:

    (if you have an old version, please use that.)

    Please download the latest version of Kaspersky GetSystemInfo (GSI) from [You must be registered and logged in to see this link.] and save it to your Desktop.
    • Please close all other applications running on your system.
    • Please double click GetSystemInfo.exe to open it.
    • Click the Settings button.
    • Set it to Maximum
    • IMPORTANT! Then please click Customize - choose Driver / Ports tab and
    • Uncheck Scan Ports.
    • Click Create Report to run it.
    • It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop. Please upload the folder to [You must be registered and logged in to see this link.] and click the Submit button.

    THE ZIP FOLDER ABOVE CAN BE TRANSFERRED TO ANOTHER COMPUTER IF NECESSARY, THEN UPLOAD TO THE PARSER
    Please copy and paste the url of the GSI Parser report (not the log) in your next reply.


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 14th November 2009, 2:34 am

    here it is Dragn Mastah Jay!

    [You must be registered and logged in to see this link.]

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 14th November 2009, 2:53 am

    Download [You must be registered and logged in to see this link.]

    • Extract it to Desktop and double click SREngLdr.EXE to run it
    • Select System Repair from the left pane.
    • Click on File Association
    • Select all entries that has an Error status click [Repair]
    • Refer to this image for an example:


    • Close SREng now.


    ==

    Please download [You must be registered and logged in to see this link.] to your desktop

    • Double click the program to run it. It will only take a few seconds to run.
    • You will be prompted to press any key at the end to close it
    • Once it is finished, it will remove itself. If not, delete it yourself


    ==

    Please navigate to this webpage: [You must be registered and logged in to see this link.] and see the section "Fix it for me" and click the Microsoft Fix-It button. This will download a fix utility to repair the security settings on your computer, due to damages of malware or other harmful system changes. Install the file after download.

    ==

    Please re-open Malwarebytes, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply.


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 14th November 2009, 3:30 am

    Hi DragonMaster Jay,

    THe first program did not found any error status all files were considered normal is the status.

    The second program the RBFA seemes t have a virus detected by my office pc. Anyway I was still able to DL it on my usb key put it on my desktop, however when I used I had multiuple errors dialog box.

    Third seemed to work, funny enough it was asking if I wanted to seek help online I clicked by curiosity see if I would connect... and... I DID!

    Im performing the Malwarebytes scan right now, however I couldnt update it.

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 14th November 2009, 3:55 am

    Malaware detected nothing

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 14th November 2009, 4:04 am

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2775
    Windows 5.1.2600 Service Pack 3

    2009-11-13 22:52:43
    mbam-log-2009-11-13 (22-52-43).txt

    Type de recherche: Examen rapide
    Eléments examinés: 91181
    Temps écoulé: 2 minute(s), 36 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 14th November 2009, 4:06 am

    So we fȋxed explorer. But I tried right away to update spyware removal, connect to msn, connect to steam, do online scans, nȯne of them worked.

    Sad tearing

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 14th November 2009, 4:37 am

    You have been proper patient. Right On!

    I am ever so curious if your Internet connection is all the way blocked, or just partially. Let me think

    Let's do this, please:

    Please reboot to Safe Mode with Networking (tap the F8 key just before Windows starts to load and select the Safe Mode with Networking option from the menu).

    Then, please try to access the Internet. Is it possible?

    Also, are you running an antivirus software or antispyware? Please list any that your currently have installed.


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 14th November 2009, 4:56 am

    Just so you know, when you asked me to remove internet explorer since then msn doesnt work.

    Ok so I did rebooted on safe mode with network. I dont know if its normal but I had the choice to log in either as joe my usual profile or... administrator...

    So it didnt connected to the internet Sad tearing

    For anti virus I have Norton 360 Internet Security, but its expired.

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 14th November 2009, 4:58 am

    !!! When I turned the PC off it told me :"some users opened sessions on this cmputer, closing the computer might make them lose unsaved data or work" smething like that in french....

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 14th November 2009, 9:58 pm

    Please download [You must be registered and logged in to see this link.] (by S!Ri)
    Extract the content (a folder named SmitfraudFix) to your Desktop.

    Double-click smitfraudfix.exe
    Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
    Please copy/paste the content of that report into your next reply.


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 14th November 2009, 10:46 pm

    SmitFraudFix v2.424

    Rapport fait à 17:44:16,42, 2009-11-14
    Executé à partir de C:\Documents and Settings\joe\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\vVX6000.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Logitech\Gaming Software\LWEMon.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Zabaware\HalReader\HalReader.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\cmd.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts


    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\joe


    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\joe\LOCALS~1\Temp


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\joe\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\joe\Favoris


    »»»»»»»»»»»»»»»»»»»»»»»» Bureau


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"


    »»»»»»»»»»»»»»»»»»»»»»»» o4Patch
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    o4Patch
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    Agent.OMZ.Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]


    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

    »»»»»»»»»»»»»»»»»»»»»»»» RK

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""




    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 192.168.0.1

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{CC639DF9-27EF-469C-B576-FBF0361F3B58}: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{CC639DF9-27EF-469C-B576-FBF0361F3B58}: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{CC639DF9-27EF-469C-B576-FBF0361F3B58}: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1


    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


    »»»»»»»»»»»»»»»»»»»»»»»» Fin

    THANKS FOR NOT GIVING UP ON ME MASTAH JAY

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 15th November 2009, 12:35 am

    LSP-Check using LSPFix

    1. Please download LSPFix from [You must be registered and logged in to see this link.].
    2. Run the LSPFix.exe that you have just finished downloading.
    3. Write down all files that are in the left column (example: mswsock.dll, winrnr.dll, rsvpsp.dll) and then post them in your next reply, along with whether or not you see the phrase "No problems found".


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 15th November 2009, 12:48 am

    mswsock.dll tcpip
    winrnr.dll NTDS
    rsvpsp.dll (Protocol handler)

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 15th November 2009, 12:59 am

    Did you see the phrase "No problems found."


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 15th November 2009, 1:00 am

    yes

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 15th November 2009, 1:05 am

    Good.

    Press start, then run and enter cmd - then hit OK.

    In the command prompt window, press in the following code exactly:


    netsh winsock reset catalog

    Then, exit out.
    ==

    Do you have Internet after performing the above process?


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 15th November 2009, 1:20 am

    Same as before, which means I do have access to internet, hwever any programs or applications using internet give me a ''no connection'' error report. (such as spyware updates, gaming programs like steam.exe) Also ie8 and windows live messenger still get errors and cant reinstall. Same for any online anti-virus scans, tells me I dont accept the host certificate.

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 15th November 2009, 1:24 am

    Please download Firefox from [You must be registered and logged in to see this link.] and then transfer it to the infected computer. Install it, then run it. Anything?


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 15th November 2009, 1:34 am

    Hi,

    It installs but it doesnt connect.

    Heres the error msg in their report:
    Erreur : [Exception... "Component returned failure code: 0x80040111 (NS_ERROR_NOT_AVAILABLE) [nsIChannel.contentType]" nsresult: "0x80040111 (NS_ERROR_NOT_AVAILABLE)" location: "JS frame :: [You must be registered and logged in to see this link.] :: FP_onStartRequest :: line 1440" data: no]
    Fichier Source : [You must be registered and logged in to see this link.]
    Ligne : 1440

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by Dr Jay on 15th November 2009, 2:05 am

    If you still have Inherit, no need to re-download it.
    Please download [You must be registered and logged in to see this link.] by sUBs

    1. Drag and drop the following files onto Inherit:
      C:\WINDOWS\system32\iesetup.dll
      C:\WINDOWS\system32\imgutil.dll
      C:\WINDOWS\system32\inseng.dll
      C:\WINDOWS\system32\mshtml.dll
      C:\WINDOWS\system32\msrating.dll
      C:\WINDOWS\system32\occache.dll
      C:\WINDOWS\system32\pngfilt.dll
      C:\WINDOWS\system32\webcheck.dll


    2. This shall restore permissions to the file.


    Then, restart the computer. Now see if you can do any activities online.


    Dr. Jay (DJ)


    [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

    Dr Jay
    Head Administrator
    Head Administrator

    Posts Posts : 14314
    Joined Joined : 2009-09-06
    Gender Gender : Male
    OS OS : Windows 10 Home & Pro
    Arch. Arch. : x64 (64-bit)
    Protection Protection : Bitdefender Total Security
    Points Points : 302989
    # Likes # Likes : 10

    View user profile

    Back to top Go down

    Re: Security Tool and maybe more malaware

    Post by delpiero0 on 15th November 2009, 2:18 am

    I did what you said, dragged the file in inherit.exe, I had a little dialog box saying "ok" to each file.

    Still can't connetc with firefox and other apps Shocking Whoa

    delpiero0
    Intermediate
    Intermediate

    Posts Posts : 61
    Joined Joined : 2009-11-03
    OS OS : XP
    Points Points : 26003
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Page 1 of 2 1, 2  Next

    View previous topic View next topic Back to top

    - Similar topics

     
    Permissions in this forum:
    You cannot reply to topics in this forum