Seems the malware is gone but some windows problem. Let's try one last thing before we move you over to the XP forum afterwards.
Backup Registry with ERUNT
This tool will create a complete backup of your registry. A backup is created to ensure we have backup so encase anything goes wrong we can deal with it. Do not delete these backups until we are finished.
- Please download erunt-setup.exe to your desktop.
- Double click erunt-setup.exe. Follow the prompts and allow ERUNT to be installed with the settings at default. If you do not want a Desktop icon, feel free to uncheck that. When asked if you want to create an ERUNT entry in the startup folder, answer Yes. You can delete the installation file after use.
- Erunt will open when the installation is finished. Check all items to be backed up in the default location and click OK.
How to Restore from the ERUNT Backup
Only restore from the backups if instructed to, or you need to do so. You need it if after doing something, your computer will only boot in Safe Mode and you are unable to contact us (or anyone else) for help by other means, or if your computer will not boot into Windows at all.
To restore if you can boot, navigate to C:\WINDOWS\erdnt, choose the folder with the most recent date, and double click ERDNT.EXE. Check all boxes in the restoration options.
To restore from the Recovery Console using the Windows CD:
- Turn on your machine with the disk in the drive.
- Type in the number of the Windows installation you want to repair (usually 1), then press Enter.
- Type in the Administrator password (leave blank if you are unsure what it is or if you do not have one) and press Enter.
- Type without quotes "cd erdnt" followed by Enter.
- Type without quotes "dir" followed by Enter. This will list out the available folders, whose names are the date on which the backup was taken in (M)M-DD-YYYY format. Try the most recent dates first.
- Type without quotes "cd **name of the folder**" followed by Enter.
- Type without quotes "batch erdnt.con" followed by Enter.
- Type without quotes "exit" followed by Enter.
- Remove your CD from the drive and reboot your computer into the restored registry. If you still cannot boot, try again with an earlier restore date.
Create and Run batch script
- Copy the following into a notepad (Start>Run>"notepad"). Do not copy the word "quote".
net stop wuauserv >> C:\AUMessage.txt
regsvr32 /s c:\windows\system32\wuapi.dll
regsvr32 /s c:\windows\system32\wuaueng.dll
regsvr32 /s c:\windows\system32\wuaueng1.dll
regsvr32 /s c:\windows\system32\wuauserv.dll
regsvr32 /s c:\windows\system32\wucltui.dll
regsvr32 /s c:\windows\system32\wups.dll
regsvr32 /s c:\windows\system32\wups2.dll
regsvr32 /s c:\windows\system32\wuweb.dll
regsvr32 /s c:\windows\system32\MSXML3.dll
regsvr32 /s c:\windows\system32\qmgr.dll
regsvr32 /s c:\windows\system32\qmgrprxy.dll
regsvr32 /s c:\windows\system32\jscript.dll
regsvr32 /s c:\windows\system32\mucltui.dll
regsvr32 /s c:\windows\system32\atl.dll
net start wuauserv >> C:\AUMessage.txt
- Click File, then Save As... .
- Click Desktop on the left.
- Under the Save as type dropdown, select All Files.
- In the box File Name, input check.bat.
- Hit OK.
Double click on check.bat, and Black DOS window shall appear and then disappear. This is normal please do not panic. Notepad shall then open, post back with the contents of notepad in your next reply. Please note, when you recieve any warning message just follow the prompts to continue.
Also, download this tool and run it: http://www.microsoft.com/downloads/details...;displaylang=en
Run Scan with Kaspersky
Please do a scan with Kaspersky Online Scanner. Please note: Kaspersky requires Java Runtime Environment (JRE) be installed before scanning for malware, as ActiveX is no longer being used.)
If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
- Please disable your realtime protection software before proceeding. Refer to this page if you are unsure how.
- Open the Kaspersky WebScanner
- Click on the button on the main page.
- The program will launch and fill in the Information section on the left.
- Read the "Requirements and Limitations" then press the button.
- The program will begin downloading the latest program and definition files. It may take a while so please be patient and let it finish.
- Once the files have been downloaded, click on the ...button.
In the scan settings make sure the following are selected:
- Detect malicious programs of the following categories:
Viruses, Worms, Trojan Horses, Rootkits
Spyware, Adware, Dialers and other potentially dangerous programs
- Scan compound files (doesn't apply to the File scan area):
By default the above items should already be checked.
- Click the button, if you made any changes.
- Detect malicious programs of the following categories:
- Now under the Scan section on the left:
Select My Computer
- The program will now start and scan your system. This will run for a while, be patient and let it finish.
- Once the scan is complete, click on View scan report
- Now, click on the Save Report as button.
- Save the file to your desktop.
- Copy and paste that information in your next post.
Update Windows Installation
Your Microsoft Windows installation is out of date.
Whenever a security problem in its software is found, Microsoft will usually create a patch for it. After the patch is installed, attackers can't use the vulnerability to install malicious software on your PC, so keeping up with these patches will help to prevent malicious software being installed on your PC
Go here to check for & install updates to Microsoft applications.
Note: The update process uses ActiveX, so you will need to use Internet Explorer for it, and allow the ActiveX control that it wants to install.
Please reboot and repeat the update process until there are no more updates to install.
Was there any problems while doing any of the updates, if there was any updates please specify in your next reply.
Post back with:
-New DDS log