Suspected Virus - can't boot in windows xp professional

View previous topic View next topic Go down

Re: Suspected Virus - can't boot in windows xp professional

Post by admzjp719 on 1st January 2010, 4:03 am

Thanks for your help, Belahzur and before I forget, I hope you have a very Happy and Prosperous New Year! Here is the latest log for whenever you get a chance to look at it.

GooredFix by jpshortstuff (28.12.09.1)
Log created at 22:54 on 31/12/2009 (Daddy-o)
Firefox version 3.0.15 (en-US)

========== GooredScan ==========

Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{DCBB510C-D88F-4084-B59B-8D67D2E22D50} -> Success!
Deleting C:\Documents and Settings\Rob\Local Settings\Application Data\{DCBB510C-D88F-4084-B59B-8D67D2E22D50} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{F4B9C3EE-E997-4833-88AA-8384F5FFEC85} -> Success!
Deleting C:\Documents and Settings\John\Local Settings\Application Data\{F4B9C3EE-E997-4833-88AA-8384F5FFEC85} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{082940C9-E66F-42F0-92E2-D52BE70CE600} -> Success!
Deleting C:\Documents and Settings\Donna\Local Settings\Application Data\{082940C9-E66F-42F0-92E2-D52BE70CE600} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{E144C95D-AEED-42B0-B535-2A5B77684897} -> Success!
Deleting C:\Documents and Settings\Daave\Local Settings\Application Data\{E144C95D-AEED-42B0-B535-2A5B77684897} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{7C83F2DC-B35A-4EF4-9046-A704EB4F6D9D} -> Success!
Deleting C:\Documents and Settings\Daddy-o\Local Settings\Application Data\{7C83F2DC-B35A-4EF4-9046-A704EB4F6D9D} -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [02:39 23/03/2008]
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [19:16 31/03/2008]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [13:02 11/07/2008]
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [00:12 12/12/2008]
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [02:27 19/04/2009]
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [02:17 06/08/2009]
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [17:43 30/12/2009]

C:\Documents and Settings\Daddy-o\Application Data\Mozilla\Firefox\Profiles\zeh2x2ra.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b} [21:15 04/09/2009]
{3112ca9c-de6d-4884-a869-9855de68056c} [17:46 30/12/2009]
{77b819fa-95ad-4f2c-ac7c-486b356188a9} [04:19 04/06/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"flashplugin@idm"="C:\Documents and Settings\Rob\Application Data\IDM\bin\flash" [02:38 20/04/2009]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [03:19 16/08/2009]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [17:43 30/12/2009]

-=E.O.F=-


Last edited by admzjp719 on 1st January 2010, 4:04 am; edited 1 time in total (Reason for editing : error in name)

admzjp719
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-12-29
Gender Gender : Male
OS OS : windows xp professional
Points Points : 25639
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Suspected Virus - can't boot in windows xp professional

Post by Belahzur on 1st January 2010, 3:54 pm

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Viewpoint Media Player

Please download [You must be registered and logged in to see this link.] and install it. It will install over version 3.0 you currently have installed, so you won't lose any bookmarked websites.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Suspected Virus - can't boot in windows xp professional

Post by admzjp719 on 1st January 2010, 5:56 pm

Hi - I deleted the Video Mgr and updated Firefox. The PC seems to run okay, but unfortunately, I still get the DEP pop up. Not sure about that one yet. The window is titled: "Data Execution Prevention - Microsoft Windows. It states to help protect your computer, windows has closed this programs. Name: Generic Host Process for win32 services. publisher Microsoft corporation." Everytime I colse it, in a few seconds it pops back up. Thanks again for your help.

admzjp719
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-12-29
Gender Gender : Male
OS OS : windows xp professional
Points Points : 25639
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Suspected Virus - can't boot in windows xp professional

Post by admzjp719 on 3rd January 2010, 6:25 am

Hi - here's an update. I updated some drivers - directed by Dell - I guess having reinstalled xp caused me to have to update them, too. So far, and i'm crossing my fingers (!) the DEP popup has gone away. So far, so good. Thanks again for your help. By the way, do i have to delete or uninstall any of the things you had my use for cleaning/troubleshooting?

admzjp719
Novice
Novice

Posts Posts : 22
Joined Joined : 2009-12-29
Gender Gender : Male
OS OS : windows xp professional
Points Points : 25639
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Suspected Virus - can't boot in windows xp professional

Post by Belahzur on 3rd January 2010, 9:34 pm

Delete DDS and Gooredfix, along with all the logs it made. Keep MBAM though, it's good for on demand scanning.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum