Hi,
*A few optionals that I would recommend be uninstalled.
BitComet 0.93
BitTorrent 4.0.4
Even when a program like this is not infected itself, it will still bring malware into your system because more than half of all files available for download from peer-to-peer networks have been deliberately infected with some form of malware. I recommend that you remove this program from your system.
if you decide to remove them, click
Start >
Control Panel >
Add or Remove Programs and uninstall the items I listed in
bold if found.
_______
Open HijackThis > choose Scan Only > Place a
checkmark in the boxes beside these entries in
bold.
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
If you or your system admin didn't set this entry, please fix it:
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
Close your browsers and all open windows except for HijackThis, then click "Fix checked". Exit HijackThis.
________
I would like you to scan a file for me.
Please go
HERE. Copy and paste the following file path in to the box.
C:\WINDOWS\system32\OggDSuninst.exe
Then click
submit.
Please post the results to your next reply.
If Jotti is too busy, you can go
HERE and do the same as above.
________
Your Java is out of date....
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components.
- Click Start > Control Panel
- Click Add/Remove Programs
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
- Click the Remove button.
- Repeat as many times as necessary to remove all versions of Java.
- Reboot your computer once all Java components are removed.
Then download
Java Runtime Environment 6u4, and install it to your computer.
________
*Click start > run > copy and paste:
rundll32 wbemupgd, UpgradeRepository
*Open notepad.
Copy and paste the text inside the Code Box below into Notepad
Choose File > Save As and under "Save as type", choose "
All Files".
Type
WMI.bat in the File name and save it to your desktop.
Code:
@echo off
rd /s /q "C:\VundoFix Backups"
cd /d %windir%\system32\wbem
for %%i in (*.dll) do RegSvr32 -s %%i
for %%i in (*.exe) do %%i /RegServer
notepad %windir%\system32\wbem\logs\setup.log
exit
Go to your Desktop and double-click on WMI.bat. A notepad file should appear, post the contents in your next reply.
_______
I'll try to disable that weird service running in your system. Please observe if something will not work after doing this.
click start > run > copy and paste:
sc config usprserv start= disabled
Reboot your system.
On your next reply, please include a
- Fresh DSS main.txt log.
- jotti scan results
- contents of the notepad
- A detailed description on how's your machine running.
__________________
UNITE and ASAP since 2006
If we have helped you, please consider
donating.
The past won't be able to hurt you unless you keep on looking back at it.