Anti virus system pro/help me?

View previous topic View next topic Go down

Anti virus system pro/help me?

Post by duwy on 16th November 2009, 3:47 pm

i used your anti malware for the [antivirus system pro]and it caught a few of the viruses but the program is still running and giving me popups and some of its sites.i then ran hijackthis and it gave me this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:38:18 م, on 16/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SurfBouncer OpenVPN\bin\openvpn-gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\yykkgw\jxwssysguard.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.227 aviraplatinum2009.microsoft.com
O1 - Hosts: 91.212.127.227 aviraplatinum2009.com
O1 - Hosts: 91.212.127.227 [You must be registered and logged in to see this link.]
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\SurfBouncer OpenVPN\bin\openvpn-gui.exe
O4 - HKLM\..\Run: [dqrgutsn] C:\Documents and Settings\Administrator\Local Settings\Application Data\yykkgw\jxwssysguard.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [dqrgutsn] C:\Documents and Settings\Administrator\Local Settings\Application Data\yykkgw\jxwssysguard.exe
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST" WISE_SETUP_EXE_PATH="c:\nvidia\displaydriver\191.07\winxp\english\PhysX_9.09.0814_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [You must be registered and logged in to see this link.]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\SurfBouncer OpenVPN\bin\openvpnserv.exe

--
End of file - 8260 bytes


btw:my computer has a problem running in normal mode. ANY help is appreciated,thank you all admins.

duwy
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-16
OS OS : xp
Points Points : 25891
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by Belahzur on 16th November 2009, 6:35 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O1 - Hosts: ::1 localhost
    O1 - Hosts: 91.212.127.227 aviraplatinum2009.microsoft.com
    O1 - Hosts: 91.212.127.227 aviraplatinum2009.com
    O1 - Hosts: 91.212.127.227 [You must be registered and logged in to see this link.]
    O4 - HKLM\..\Run: [dqrgutsn] C:\Documents and Settings\Administrator\Local Settings\Application Data\yykkgw\jxwssysguard.exe
    O4 - HKCU\..\Run: [dqrgutsn] C:\Documents and Settings\Administrator\Local Settings\Application Data\yykkgw\jxwssysguard.exe
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe



  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by duwy on 20th November 2009, 6:48 am

Malwarebytes' Anti-Malware 1.41
Database version: 3201
Windows 5.1.2600 Service Pack 2

20/11/2009 10:40:37 ص
mbam-log-2009-11-20 (10-40-37).txt

Scan type: Quick Scan
Objects scanned: 108452
Time elapsed: 7 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Administrator\Local Settings\Temp\576.exe (Trojan.Agent) -> Quarantined and deleted successfully.

duwy
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-16
OS OS : xp
Points Points : 25891
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by Belahzur on 20th November 2009, 4:50 pm

Hello.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste BOTH LOGS back here, use more than one post if needed.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by duwy on 21st November 2009, 11:15 am

DDS (Ver_09-10-26.01) - NTFSx86
Run by Administrator at 15:09:18.06 on Sat 11/21/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.1023.200 [GMT 4:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SurfBouncer OpenVPN\bin\openvpn-gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\SurfBouncer OpenVPN\bin\openvpn.exe
C:\Documents and Settings\Administrator\Desktop\garena moe\Garena\Garena.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Documents and Settings\Administrator\Desktop\garena moe\dds.pif

============== Pseudo HJT Report ===============

uStart Page = google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "c:\program files\common files\wise installation wizard\wisc5c1c0f0d62f4dbf81d4d7ef397c228b_9_09_0814.msi" transforms="c:\program files\common files\wise installation wizard\wisc5c1c0f0d62f4dbf81d4d7ef397c228b_9_09_0814.mst" wise_setup_exe_path="c:\nvidia\displaydriver\191.07\winxp\english\PhysX_9.09.0814_SystemSoftware.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SMSERIAL] sm56hlpr.exe
mRun: [ShStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe" /StartedFromRunKey
mRun: [Network Associates Error Reporting Service] "c:\program files\common files\network associates\talkback\TBMon.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [openvpn-gui] c:\program files\surfbouncer openvpn\bin\openvpn-gui.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [You must be registered and logged in to see this link.]
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-11-16 207280]
R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [2009-10-21 58464]
R3 GarenaPEngine;GarenaPEngine;c:\docume~1\admini~1\locals~1\temp\QQU20.tmp [2009-11-21 25616]
R3 tap0901;TAP-Win32 Adapter V9;c:\windows\system32\drivers\tap0901.sys [2008-11-19 25216]

=============== Created Last 30 ================

2009-11-20 06:51:32 268 ---ha-w- C:\sqmdata17.sqm
2009-11-20 06:51:32 244 ---ha-w- C:\sqmnoopt17.sqm
2009-11-20 06:28:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-20 06:28:05 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-20 06:28:05 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-19 05:42:21 268 ---ha-w- C:\sqmdata16.sqm
2009-11-19 05:42:21 244 ---ha-w- C:\sqmnoopt16.sqm
2009-11-18 21:12:56 268 ---ha-w- C:\sqmdata15.sqm
2009-11-18 21:12:55 244 ---ha-w- C:\sqmnoopt15.sqm
2009-11-18 13:42:47 268 ---ha-w- C:\sqmdata14.sqm
2009-11-18 13:42:47 244 ---ha-w- C:\sqmnoopt14.sqm
2009-11-18 11:40:53 268 ---ha-w- C:\sqmdata13.sqm
2009-11-18 11:40:53 244 ---ha-w- C:\sqmnoopt13.sqm
2009-11-17 03:32:27 268 ---ha-w- C:\sqmdata12.sqm
2009-11-17 03:32:27 244 ---ha-w- C:\sqmnoopt12.sqm
2009-11-17 01:21:15 0 d-----w- c:\docume~1\admini~1\applic~1\SmartDraw
2009-11-16 16:31:25 0 d-----w- c:\program files\Enigma Software Group
2009-11-16 16:16:09 268 ---ha-w- C:\sqmdata11.sqm
2009-11-16 16:16:09 244 ---ha-w- C:\sqmnoopt11.sqm
2009-11-16 16:14:07 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
2009-11-16 16:14:06 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-11-16 16:14:03 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-11-16 16:14:03 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
2009-11-16 16:14:03 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-11-16 16:14:03 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-11-16 16:13:56 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
2009-11-16 16:13:56 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-11-16 16:13:43 0 d-----w- c:\program files\common files\PC Tools
2009-11-16 16:13:42 0 d-----w- c:\program files\Spyware Doctor
2009-11-16 16:13:42 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2009-11-16 16:13:42 0 d-----w- c:\docume~1\admini~1\applic~1\PC Tools
2009-11-16 15:20:34 0 d-----w- c:\program files\Trend Micro
2009-11-16 14:34:22 268 ---ha-w- C:\sqmdata10.sqm
2009-11-16 14:34:22 244 ---ha-w- C:\sqmnoopt10.sqm
2009-11-16 14:26:20 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2009-11-16 14:19:10 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-11-15 13:36:11 268 ---ha-w- C:\sqmdata09.sqm
2009-11-15 13:36:11 244 ---ha-w- C:\sqmnoopt09.sqm
2009-11-03 11:05:41 216064 ----a-w- c:\windows\system32\CNMLM8R.DLL
2009-11-02 17:29:37 244 ---ha-w- C:\sqmnoopt07.sqm
2009-11-02 17:29:37 232 ---ha-w- C:\sqmdata07.sqm
2009-11-02 13:24:14 268 ---ha-w- C:\sqmdata06.sqm
2009-11-02 13:24:14 244 ---ha-w- C:\sqmnoopt06.sqm
2009-10-31 12:28:20 0 d-----w- c:\docume~1\admini~1\applic~1\LimeWire
2009-10-31 12:25:17 73728 ----a-w- c:\windows\system32\javacpl.cpl
2009-10-31 12:25:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-31 12:17:58 0 d-----w- c:\program files\LimeWire
2009-10-30 20:47:42 268 ---ha-w- C:\sqmdata05.sqm
2009-10-30 20:47:42 244 ---ha-w- C:\sqmnoopt05.sqm
2009-10-30 16:33:46 0 d-----w- C:\QUARANTINE
2009-10-30 04:22:20 345384 ----a-w- c:\windows\system32\dsNcCredProv.dll
2009-10-30 04:22:15 0 d-----w- c:\program files\Juniper Networks
2009-10-30 04:21:49 0 d-----w- c:\docume~1\alluse~1\applic~1\Juniper Networks
2009-10-30 04:21:49 0 d-----w- c:\docume~1\admini~1\applic~1\Juniper Networks
2009-10-29 16:16:24 268 ---ha-w- C:\sqmdata04.sqm
2009-10-29 16:16:24 244 ---ha-w- C:\sqmnoopt04.sqm
2009-10-29 14:14:44 268 ---ha-w- C:\sqmdata03.sqm
2009-10-29 14:14:44 244 ---ha-w- C:\sqmnoopt03.sqm
2009-10-28 18:07:29 31768 ----a-w- c:\windows\system32\wucltui.dll.mui
2009-10-28 18:07:28 23576 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2009-10-28 18:07:28 23576 ----a-w- c:\windows\system32\wuapi.dll.mui
2009-10-28 18:07:28 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2009-10-28 18:07:27 0 d-----w- c:\windows\system32\SoftwareDistribution
2009-10-28 14:52:46 268 ---ha-w- C:\sqmdata02.sqm
2009-10-28 14:52:46 244 ---ha-w- C:\sqmnoopt02.sqm
2009-10-28 11:27:59 3255 ----a-w- c:\windows\system32\wbem\Outlook_01ca57c1b454743e.mof
2009-10-26 11:45:47 268 ---ha-w- C:\sqmdata01.sqm
2009-10-26 11:45:47 244 ---ha-w- C:\sqmnoopt01.sqm
2009-10-25 02:16:39 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-25 02:16:03 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-10-25 02:16:03 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-10-25 02:15:53 59264 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2009-10-25 02:15:53 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2009-10-25 02:15:49 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-10-25 02:15:49 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys

==================== Find3M ====================

2009-10-21 05:19:25 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-21 05:19:25 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-21 05:17:41 172032 ------w- c:\windows\Setup1.exe
2009-10-21 05:17:40 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-10-21 05:17:08 90112 ----a-w- c:\windows\system32\agsaami.dll
2009-10-21 05:17:08 610304 ----a-w- c:\windows\system32\agsaamg.dll
2009-10-21 05:17:08 372736 ----a-w- c:\windows\system32\agsaamc.dll
2009-10-21 05:17:08 2535424 ----a-w- c:\windows\system32\agsaamj.dll
2009-10-21 05:17:08 1986560 ----a-w- c:\windows\system32\akll.dll
2009-10-21 05:17:08 196608 ----a-w- c:\windows\system32\maag.dll
2009-10-21 05:17:08 1245184 ----a-w- c:\windows\system32\bkll.dll
2009-10-21 05:17:08 1212416 ----a-w- c:\windows\system32\ckll.dll
2009-10-20 16:41:15 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-27 12:12:22 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 12:12:22 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 12:12:22 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-27 12:12:22 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 12:12:22 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 12:12:22 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 12:12:22 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 12:12:22 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 12:12:22 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 12:12:22 10756096 ----a-w- c:\windows\system32\nvoglnt.dll

============= FINISH: 15:10:47.81 ===============

duwy
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-16
OS OS : xp
Points Points : 25891
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by duwy on 21st November 2009, 11:25 am

I sent the second log through a p.m.

duwy
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-16
OS OS : xp
Points Points : 25891
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by duwy on 21st November 2009, 11:30 am

i might have double posted this:

I sent you the second log to you through a p.m

duwy
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-16
OS OS : xp
Points Points : 25891
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by Belahzur on 21st November 2009, 9:37 pm

Can you post the other log [attach.txt]


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by duwy on 22nd November 2009, 2:58 am

DDS (Ver_09-10-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 20/10/2009 08:46:16 م
System Uptime: 22/11/2009 04:00:16 ص (2 hours ago)

Motherboard: Acer | | EC51GM
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | CPU 1 | 3192/200mhz
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | CPU 1 | 3192/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 78 GiB total, 64.507 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is FIXED (NTFS) - 149 GiB total, 142.753 GiB free.
I: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&258F370F&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&258F370F&0
Service: i8042prt

==== System Restore Points ===================

RP27: 05/11/2009 09:35:30
RP28: 06/11/2009 10:35:31
RP29: 07/11/2009 10:54:29
RP30: 08/11/2009 11:11:02
RP31: 09/11/2009 11:24:37
RP32: 16/08/2006 12:34:10
RP33: 17/08/2006 01:25:54
RP34: 18/08/2006 02:53:14
RP35: 12/11/2009 10:44:16
RP36: 13/11/2009 10:55:10
RP37: 14/11/2009 11:48:34
RP38: 16/11/2009 12:22:32
RP39: 17/11/2009 12:59:41
RP40: 19/11/2009 12:18:40
RP41: 20/11/2009 03:15:03
RP42: 21/11/2009 04:39:36

==== Installed Programs ======================

قاموس صخر الجديد
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS
Adobe Reader 9.1
Canon MP140 series
Garena
Golden Al-Wafi Translator
HijackThis 2.0.2
Java 2 Runtime Environment, SE v1.4.2_19
Java(TM) 6 Update 16
Juniper Networks Network Connect 6.3.0
K-Lite Codec Pack 2.80 Full
LimeWire 5.3.6
Malwarebytes' Anti-Malware
McAfee VirusScan Enterprise
Microsoft Office 2003 Arabic User Interface Pack
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Motorola SM56 Speakerphone Modem
Nero Suite
NVIDIA Drivers
NVIDIA nView Desktop Manager
OpenVPN openvpn-2.1_rc19-install
PowerDVD
RealPlayer
Realtek High Definition Audio Driver
Rhapsody Player Engine
Skype web features
Skype™ 4.1
VideoLAN VLC media player 0.8.5
WebFldrs XP
Windows Installer 3.1 (KB893803)
Windows Live Messenger
WinRAR archiver
محول الصوتيات 5.9

==== Event Viewer Messages From Past Week ========

22/11/2009 04:00:47 ص, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
22/11/2009 04:00:47 ص, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
22/11/2009 04:00:36 ص, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0019216C0D3C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
21/11/2009 10:43:20 ص, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
21/11/2009 10:43:20 ص, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
21/11/2009 10:43:09 ص, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 0019216C0D3C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
21/11/2009 05:43:35 ص, error: Dhcp [1002] - The IP address lease 10.7.0.198 for the Network Card with network address 00FF37A40F4E has been denied by the DHCP server 10.7.0.197 (The DHCP Server sent a DHCPNACK message).
21/11/2009 05:34:06 م, error: Dhcp [1002] - The IP address lease 10.7.3.14 for the Network Card with network address 00FF37A40F4E has been denied by the DHCP server 10.7.0.197 (The DHCP Server sent a DHCPNACK message).
21/11/2009 05:31:59 م, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 0019216C0D3C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
21/11/2009 03:37:20 م, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 00:16:44:98:3F:F8. Network operations on this system may be disrupted as a result.
21/11/2009 03:37:19 م, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 00:16:44:98:3F:F8. Network operations on this system may be disrupted as a result.
21/11/2009 03:36:49 م, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 00:16:44:98:3F:F8. Network operations on this system may be disrupted as a result.
21/11/2009 02:46:01 م, error: Dhcp [1002] - The IP address lease 10.7.0.198 for the Network Card with network address 00FF37A40F4E has been denied by the DHCP server 10.7.3.13 (The DHCP Server sent a DHCPNACK message).
20/11/2009 10:43:22 ص, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
20/11/2009 10:43:22 ص, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
19/11/2009 12:47:07 ص, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
19/11/2009 12:47:07 ص, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
19/11/2009 09:41:17 ص, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
19/11/2009 09:41:17 ص, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
19/11/2009 07:22:44 م, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\SHELL32.dll. Reference error message: The operation completed successfully. .
19/11/2009 07:22:44 م, error: SideBySide [58] - Syntax error in manifest or policy file "C:\WINDOWS\system32\SHELL32.dll" on line 0.
18/11/2009 07:36:03 ص, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0019216C0D3C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
18/11/2009 07:33:03 ص, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0019216C0D3C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
18/11/2009 03:59:59 م, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
18/11/2009 03:59:59 م, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
18/11/2009 03:56:26 م, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: ‏‏أعد تشغيل الخدمة.
17/11/2009 07:23:35 ص, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
17/11/2009 07:23:35 ص, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
17/11/2009 06:11:36 م, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
17/11/2009 06:11:36 م, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
17/11/2009 05:17:57 ص, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
17/11/2009 05:17:57 ص, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
17/11/2009 05:17:47 ص, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0019216C0D3C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
17/11/2009 05:13:34 ص, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Network Associates McShield service to connect.
17/11/2009 05:13:34 ص, error: Service Control Manager [7000] - The Network Associates McShield service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
17/11/2009 05:13:28 ص, error: Service Control Manager [7034] - The Network Associates McShield service terminated unexpectedly. It has done this 1 time(s).
17/11/2009 05:11:07 ص, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
17/11/2009 05:11:07 ص, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Spyware Doctor\SDContextExt32.dll. Reference error message: The operation completed successfully. .
17/11/2009 05:11:06 ص, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
17/11/2009 05:10:43 ص, error: Service Control Manager [7034] - The PC Tools Auxiliary Service service terminated unexpectedly. It has done this 1 time(s).
17/11/2009 05:09:46 ص, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
17/11/2009 05:09:46 ص, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Spyware Doctor\SDContextExt32.dll. Reference error message: The operation completed successfully. .
17/11/2009 05:09:46 ص, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
17/11/2009 05:08:35 ص, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
17/11/2009 05:08:35 ص, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
17/11/2009 03:06:42 م, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
17/11/2009 03:06:42 م, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
16/11/2009 08:42:51 م, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
16/11/2009 08:42:51 م, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Spyware Doctor\SDContextExt32.dll. Reference error message: The operation completed successfully. .
16/11/2009 08:42:51 م, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
16/11/2009 08:41:52 م, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
16/11/2009 08:41:52 م, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
16/11/2009 08:39:06 م, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
16/11/2009 08:39:06 م, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Spyware Doctor\SDContextExt32.dll. Reference error message: The operation completed successfully. .
16/11/2009 08:39:06 م, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
16/11/2009 08:39:01 م, error: Service Control Manager [7034] - The PC Tools Auxiliary Service service terminated unexpectedly. It has done this 1 time(s).
16/11/2009 08:38:21 م, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
16/11/2009 08:38:21 م, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Spyware Doctor\SDContextExt32.dll. Reference error message: The operation completed successfully. .
16/11/2009 08:38:21 م, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
16/11/2009 08:14:25 م, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
16/11/2009 08:14:25 م, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Spyware Doctor\SDContextExt32.dll. Reference error message: The operation completed successfully. .
16/11/2009 08:14:25 م, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
16/11/2009 06:48:25 م, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
16/11/2009 06:48:25 م, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
16/11/2009 06:35:54 م, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
16/11/2009 06:35:54 م, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
16/11/2009 05:31:24 م, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
16/11/2009 05:31:24 م, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
16/11/2009 05:09:50 م, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
16/11/2009 05:09:50 م, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
16/11/2009 05:00:07 م, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0019216C0D3C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
16/11/2009 04:37:19 م, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00:22:FA:41:69:98. Network operations on this system may be disrupted as a result.
16/11/2009 04:20:50 م, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00:22:FA:41:69:98. Network operations on this system may be disrupted as a result.
15/11/2009 05:38:43 م, error: Dhcp [1002] - The IP address lease 10.7.3.14 for the Network Card with network address 00FF37A40F4E has been denied by the DHCP server 10.7.0.197 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================

duwy
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-16
OS OS : xp
Points Points : 25891
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by Belahzur on 22nd November 2009, 7:41 pm

Hello.

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Java 2 Runtime Environment, SE v1.4.2_19
    Java(TM) 6 Update 16
    LimeWire 5.3.6

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTM.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    C:\sqmdata*.sqm
    C:\sqmnoopt*.sqm
    c:\docume~1\admini~1\applic~1\LimeWire


  • Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by duwy on 23rd November 2009, 11:58 am

Thx anyway belahzur, i really appreciate your help on the topic.

I have two questions:

Is the virus still on my computer? if not thank you
How long does it take for this virus to destroy your computer considering you have no protection?

duwy
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-16
OS OS : xp
Points Points : 25891
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by Belahzur on 23rd November 2009, 8:23 pm

1. Doesn't appear to be, log looks okay.
2. Not long, maybe a day or two without protection, but we'll install some protection once I get the OTM log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by duwy on 24th November 2009, 3:32 am

lol thx but i just got norton on my computer ,will that do as protection?

duwy
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-16
OS OS : xp
Points Points : 25891
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Anti virus system pro/help me?

Post by Belahzur on 24th November 2009, 9:33 pm

As long as you keep it updated. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum