Solved 8 steps here.In need of fast help

Status
Not open for further replies.
I took this from my other thread.


Hey, today when i tried to uninstall Need for speed world i got an error message saying Regsvr32 could not read/find module (I've got swedish os sorta hard to translate) so i tried opening the dll and got the same message. Ive tried pretty much every .dll i have found in my computer and none of them work.Aero is disabled too so pretty much all system files i guess?
Please help me out on this one I just did a clean install of Win7 as my Vista was not working.

Thx in advance

EDIT
When i open system32 dll's i get this error.
The start address for DllRegisterServer was not found.
After using google it might just be DllRegisterServer entry point was not found, as i stated earlier i have swedish os
 
I still don't understand.
What do you mean by "opening dll"?
You don't open dll. What for would you like to open any dll?
 
There is no reason to double click on any dll file. It won't open for you, or for me.
I don't really see, how your issue is malware related.
 
I dont know i was told to go here as it could be a virus.
For example when i launch some injector maybe a counter strike hack i launch the exe and then it doesnt work as no dll files works on my pc. That is my problem
 
I still don't understand, what do you mean by not working dll.
Are you getting any error messages.

Is there anything else not working beside Counterstrike hack?
 
You may have a problem with your Windows installation.
Please, repost your issue at Windows forum.
 
I did but it was moved to Software and Utilities and then they told me it could be a virus messing with the files so they told me to go here.
 
Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:



netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
%systemroot%\*. /mp /s
/md5start
/md5stop
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs



* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Here are the logs
View attachment OTL.Txt

View attachment Extras.Txt

Off topic. There are some sites I cannot access when I go to them it says its not responding, it does not even load for a second. The sites works on other pc's in my home network but not on my pc ive tried different web browsers without any success ive also checked my hosts file and they arent there. My friend says I might have a rootkit thats why I post this, what would be the reason do you think?
 
You're running two AV programs, NOD32 by Eset and IObit Security 360. One of them has to go.
If you decide to keep NOD32, make sure to turn Windows firewall on.

======================================================================

Update your Java version here: http://www.java.com/en/download/installed.jsp
Uninstall all previous Java versions, through Add\Remove (Programs & Features in Vista/7).

========================================================================

I strongly suggest, you uninstall Registry Mechanic, Wise Registry Cleaner and DriverCure, if you still have them installed.

=====================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\F6FD.tmp -- (MEMSWEEP2)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:C5096E95
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:DFC5A2B2


:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
 
Broni said:
You're running two AV programs, NOD32 by Eset and IObit Security 360. One of them has to go.
Click to expand...

I think you have mixed up IObit security 360 with norton 360 ^^
IObit security 360 is just anti malware like malwarebytes etc
I will post logs later as i have to catch up with some work at the moment
Thx
 
You're right. In that case, you have to chose between iObit and Malwarebytes, because, you can't run two antimalware programs in real time, at the same time.
My strong vote of confidence goes to Malwarebytes.
 
All processes killed
========== OTL ==========
Service MEMSWEEP2 stopped successfully!
Service MEMSWEEP2 deleted successfully!
File C:\Windows\SysNative\F6FD.tmp not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
ADS C:\ProgramData\TEMP:C5096E95 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Chrille
->Temp folder emptied: 268004146 bytes
->Temporary Internet Files folder emptied: 1296154 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 103244999 bytes
->Flash cache emptied: 6170 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 930 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 893844 bytes

Total Files Cleaned = 356,00 mb


[EMPTYFLASH]

User: All Users

User: Chrille
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.9.0 log created on 07172010_075010

Files\Folders moved on Reboot...
C:\Users\Chrille\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\sqlite_plaF7xeWLhMWLUs not found!

Registry entries deleted on Reboot...
 
How is your computer doing at the moment?

1. Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.


2. Go to Kaspersky website and perform an online antivirus scan.

1. Disable your active antivirus program.
2. Read through the requirements and privacy statement and click on Accept button.
3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
4. When the downloads have finished, click on Settings.
5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

  • Spyware, Adware, Dialers, and other potentially dangerous programs
    [*] Archives
    [*] Mail databases
6. Click on My Computer under Scan.
7. Once the scan is complete, it will display the results. Click on View Scan Report.
8. You will see a list of infected items there. Click on Save Report As....
9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
 
I cant do the kaspersky online scan i only get this message, Launch of the Java application is interrupted! Please establish an uninterrupted Internet connection for work with this program.

I am on a uninterrupted internet connection (?) What should I do?
 
Run this instead of Kaspersky...

Please run a BitDefender Online Scan

  • Disable your antivirus program.
  • Click Start Scanner button.
  • Click Start scan button
  • Allow browser plug-in to be installed when prompted.
  • Click I Agree to agree to the EULA.
  • Please refrain from using the computer until the scan is finished.
  • When the scan is finished, click on View log.
  • Notepad will open with scan results.
  • Save the report to your desktop and post its content in your next reply.


There is no reason to worry, what Eset firewall is blocking. It only means, it works :)
 
Status
Not open for further replies.

Similar threads

A
Solved My computer was hit by unknown malware
2
Replies
30
Views
11K
Broni
Broni
R
Solved Help with my computer. viruses?
Replies
24
Views
4K
Broni
Broni
D
Solved Broni: Please Review Logs of My Old HP Pavilion ze2000, Windows XP! Part 1
Replies
21
Views
3K
Broni
Broni

Latest posts

Back