Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Split HJT log for jaideep


  • Please log in to reply
28 replies to this topic

#16 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:41 PM

Posted 06 April 2005 - 10:36 AM

Download the attached bat file and save it to your c:\ drive.

Reboot into safe mode. Click on start then run and type cmd and press enter.

At the dos prompt, type c:\delprot.bat and press enter.

When its done, type exit to exit the dos window and then reboot your computer back to normal mode. Fix those two entries in HJT, reboot, and post a new log

Attached Files



BC AdBot (Login to Remove)

 


#17 jaideep

jaideep
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 08 April 2005 - 09:08 AM

Download the attached bat file and save it to your c:\ drive.

Reboot into safe mode. Click on start then run and type cmd and press enter.

At the dos prompt, type c:\delprot.bat and press enter.

When its done, type exit to exit the dos window and then reboot your computer back to normal mode. Fix those two entries in HJT, reboot, and post a new log

Downloaded delprot.bat into my C:\directory.
Ran delprot.bat in DOS & in safe mode. Got the following message:-

"cannot find find path C:\WINDOWS\isrvs"
"cannot find the file specified"

Anyway tried to fix the 2 files running HJT. re-booted & posting a new log below :-

Logfile of HijackThis v1.99.1
Scan saved at 7:32:06 PM, on

4/8/2005
Platform: Windows XP SP2 (WinNT

5.01.2600)
MSIE: Internet Explorer v6.00 SP2

(6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program

Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust EZ

Armor\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common

Files\Real\Update_OB\realsched.exe
C:\Program Files\CA\eTrust EZ

Armor\eTrust EZ

Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ

Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program

Files\Webroot\Washer\wwDisp.exe
C:\Program Files\CA\eTrust EZ

Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\HijackThis.exe

O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B18-009027A5CD4

F} - c:\program

files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [GSICONEXE]

GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE]

dslagent.exe USB
O4 - HKLM\..\Run: [NeroFilterCheck]

C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program

Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe]

"C:\Program Files\Common

Files\Real\Update_OB\realsched.exe"

-osboot
O4 - HKLM\..\Run: [Corel Reminder]

"C:\Program

Files\Corel\Graphics10\Register\NAVB

rowser.exe" /r /i "C:\Program

Files\Corel\Graphics10\Register\NavL

oad.ini"
O4 - HKLM\..\Run: [Desktop Search]

C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis]

C:\WINDOWS\isrvs\ffisearch.exe
O4 - HKLM\..\Run: [CaAvTray]

"C:\Program Files\CA\eTrust EZ

Armor\eTrust EZ

Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID]

"C:\Program Files\CA\eTrust EZ

Armor\eTrust EZ

Antivirus\CAVRID.exe"
O4 - HKCU\..\Run: [Window Washer]

C:\Program

Files\Webroot\Washer\wwDisp.exe
O4 - Global Startup: Microsoft

Office.lnk = C:\Program

Files\Microsoft

Office\Office10\OSA.EXE
O8 - Extra context menu item:

&Google Search - res://c:\program

files\google\GoogleToolbar1.dll/cmse

arch.html
O8 - Extra context menu item:

Backward Links - res://c:\program

files\google\GoogleToolbar1.dll/cmba

cklinks.html
O8 - Extra context menu item: Cached

Snapshot of Page - res://c:\program

files\google\GoogleToolbar1.dll/cmca

che.html
O8 - Extra context menu item:

E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\Office10\

EXCEL.EXE/3000
O8 - Extra context menu item:

Similar Pages - res://c:\program

files\google\GoogleToolbar1.dll/cmsi

milar.html
O8 - Extra context menu item:

Translate into English -

res://c:\program

files\google\GoogleToolbar1.dll/cmtr

ans.html
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F79568

3} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F79568

3} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF:

{6414512B-B978-451D-A0D8-FCFDF33E833

C} (WUWebControl Class) -

http://v5.windowsupdate.microsoft.co

m/v5consumer/V5Controls/en/x86/clien

t/wuweb_site.cab?1110768092171
O23 - Service: CAISafe - Computer

Associates International, Inc. -

C:\Program Files\CA\eTrust EZ

Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: InCD Helper (InCDsrv)

- Ahead Software AG - C:\Program

Files\Ahead\InCD\InCDsrv.exe
O23 - Service: VET Message Service

(VETMSGNT) - Computer Associates

International, Inc. - C:\Program

Files\CA\eTrust EZ Armor\eTrust EZ

Antivirus\VetMsg.exe

#18 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:41 PM

Posted 08 April 2005 - 01:34 PM

Something got messed up with your log. Can you please post it again. It gives me a headache to read that

#19 jaideep

jaideep
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 09 April 2005 - 01:39 AM

Something got messed up with your log. Can you please post it again. It gives me a headache to read that

Logfile of HijackThis v1.99.1
Scan saved at 7:32:06 PM, on 4/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\HijackThis.exe

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Corel Reminder] "C:\Program Files\Corel\Graphics10\Register\NAVBrowser.exe" /r /i "C:\Program Files\Corel\Graphics10\Register\NavLoad.ini"
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1110768092171
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe

#20 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:41 PM

Posted 09 April 2005 - 04:59 PM

Do this directory exist?

C:\WINDOWS\isrvs\


How about in safe mode?

Did you run that delprot.bat in safe mode?

#21 jaideep

jaideep
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 10 April 2005 - 09:03 AM

Do this directory exist?

C:\WINDOWS\isrvs\


How about in safe mode?

Did you run that delprot.bat in safe mode?

Yes. Ran delprot.bat in safe Mode alright.

No. C:\Windows\isrvs\ does not exist in my computer in Safe or Normal Mode. That's the problem as to why it still shows up on my HJT log and just refuses to get fixed or deleted by HJT or any other.

#22 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:41 PM

Posted 10 April 2005 - 10:23 AM

Download the attached fix.reg and save it on your desktop. Then double-click on the file and allow it to import the changes.

Attached Files

  • Attached File  fix.reg   110bytes   3 downloads


#23 jaideep

jaideep
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 12 April 2005 - 08:34 AM

Download the attached fix.reg and save it on your desktop. Then double-click on the file and allow it to import the changes.

Done. Anything else to be done?

#24 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:41 PM

Posted 12 April 2005 - 11:05 PM

Let me see a new log

#25 jaideep

jaideep
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 13 April 2005 - 05:05 AM

Let me see a new log

Here's the new log :-

Logfile of HijackThis v1.99.1
Scan saved at 3:33:11 PM, on 4/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\Moffsoft FreeCalc\MoffFreeCalc.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\HijackThis.exe

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1110768092171
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAB6B411-78A7-4DAF-ABD5-F227271C2188}: NameServer = 202.9.145.6 202.9.145.94
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe

#26 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:41 PM

Posted 13 April 2005 - 03:28 PM

Delete c:\windows\system32\drivers\etc\hosts and update kapersky again. Reboot into safe mode and scan with it. Clean whatever it finds. Reboot again and scan again.

Then fix those two problem entries with hijackthis if they exist. And post a new log

#27 jaideep

jaideep
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 15 April 2005 - 10:14 AM

Delete c:\windows\system32\drivers\etc\hosts and update kapersky again. Reboot into safe mode and scan with it. Clean whatever it finds. Reboot again and scan again.

Then fix those two problem entries with hijackthis if they exist. And post a new log

Done & here's my HJT Log. Looks like all OK now. Is it?

Logfile of HijackThis v1.99.1
Scan saved at 5:17:10 PM, on 4/15/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis.exe

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://tdserver.bitstream.com/tdserver.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1110768092171
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe

#28 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:41 PM

Posted 15 April 2005 - 10:53 PM

YAY!!!

Your log is clean! Great job!

Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point.

You can find instructions on how to enable and reenable system restore here:

Managing Windows Millenium System Restore

or

Windows XP System Restore Guide

Renable system restore with instructions from tutorial above


Next,

This process will clean out your Temp files and your Temporary Internet Files. Please do both steps:

Step 1:Delete Temp Files
To clean out your temp files, click on Start and then run, and type %temp% and press the ok button.

This should open up the temp directory that your machine uses. Please delete all files that are found there. If you get an error when deleting a file, skip that file and delete all the others. If you had trouble deleting a file, reboot into Safe Mode and follow this step again. You should now be able to delete all the files.

Step 2: Delete Temporary Internet Files
Now I want you to open up Internet Explorer, and click on the Tools menu and then Internet Options. At the General tab, which should be the first tab you are currently on, click on the Delete Files button and put a checkmark in Delete offline content. Then press the OK button. This may take quite a while, so do not be alarmed with how long it takes. When it is done, your Temporary Internet Files will now be deleted.

Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:

Simple and easy ways to keep your computer safe and secure on the Internet


Glad I was able to help.

#29 jaideep

jaideep
  • Topic Starter

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 16 April 2005 - 01:17 AM

Thanks once again Grinler for your patience & help. Really appreciate it. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users