Registry problem?!

**Geri** · 30th July 2008

Hi

Quote:

I don't see the Java Icon in the control panel.

OK please do this.

Using Windows Explorer (to get there right-click your Start button and go to "Explore"),
Go to,

C:\Program Files\Java and click on java.
Double click on jre1.5.0_06
Double click on the bin folder
Double click on javacpl.exe.

That should open up the control panel,
Find the update button or tab in the Java Control Panel. Update your Java then reboot.
after you update look and see if Java is in the control panel if not let me know. If it is then do the following.

If you are unable to update you can manually update by going here:
- http://java.sun.com/javase/downloads/index.jsp
After the reboot, go back into the Control Panel and double-click the Java Icon.
On the general tab, at the bottom it has "temporary internet files"
Click the settings button. Then the Delete files button.
There are two options in the window to clear the cache - Leave both Checked
- Applications and Applets
  Trace and Log files
Click OK
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
Click OK to leave the Java Control Panel.
Delete older versions from Add/Remove list.

Reboot into safe mode.
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete these files (if present):

C:\WINDOWS\system32\msiebbar.dll

After that, Reboot.

Please post a new Kaspersky scan.

Thanks
Geri

ditmore07 · 30th July 2008

I found it. It was in the control panel but I couldn't see it using the category view. I had to switch it to classic view.
Thanks!

Here is the new scan.

Tuesday, July 29, 2008 10:33:18 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 30/07/2008
Kaspersky Anti-Virus database records: 1026230

Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
C:\
D:\
F:\

Scan Statistics
Total number of scanned objects 81336
Number of viruses found 3
Number of infected objects 5
Number of suspicious objects 0
Duration of the scan process 01:05:24

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ad391678a806ec4d691e83aaa393b6f_24ad f822-76f7-4481-b30b-ff1b40f8687f Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\THE DITMORES\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\THE DITMORES\Desktop\Deckard\System Scanner\backup\DOCUME~1\THEDIT~1\LOCALS~1\Temp\av17.exe/data0006 Infected: not-a-virus:FraudTool.Win32.AntiVermins.21 skipped

C:\Documents and Settings\THE DITMORES\Desktop\Deckard\System Scanner\backup\DOCUME~1\THEDIT~1\LOCALS~1\Temp\av17.exe NSIS: infected - 1 skipped

C:\Documents and Settings\THE DITMORES\Desktop\Deckard\System Scanner\backup\DOCUME~1\THEDIT~1\LOCALS~1\Temp\laf16.tmp Infected: not-a-virus:FraudTool.Win32.WorldSecurityOnline.c skipped

C:\Documents and Settings\THE DITMORES\Desktop\Deckard\System Scanner\backup\DOCUME~1\THEDIT~1\LOCALS~1\Temp\laf40.tmp Infected: not-a-virus:FraudTool.Win32.WorldSecurityOnline.c skipped

C:\Documents and Settings\THE DITMORES\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\THE DITMORES\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\THE DITMORES\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\THE DITMORES\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\THE DITMORES\Local Settings\History\History.IE5\MSHist012008072920080730\index.dat Object is locked skipped

C:\Documents and Settings\THE DITMORES\Local Settings\Temp\Perflib_Perfdata_7c4.dat Object is locked skipped

C:\Documents and Settings\THE DITMORES\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\THE DITMORES\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\THE DITMORES\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\THE DITMORES\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Yahoo!\Messenger\logs\billing_THE DITMORES.log Object is locked skipped

C:\Program Files\Yahoo!\Messenger\logs\client_THE DITMORES.log Object is locked skipped

C:\Program Files\Yahoo!\Messenger\logs\network_THE DITMORES.log Object is locked skipped

C:\RECYCLER\S-1-5-21-375990865-3649405252-1317309753-1006\Dc4.dll Infected: Trojan-Downloader.Win32.Agent.wis skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP609\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt Object is locked skipped

C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{A623C0DA-F2CC-4751-A657-8B4F8B6CF1C5}.crmlog Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

**Geri** · 30th July 2008

Hi ditmore07
OK That looks good.

Please do this.

Delete dss.exe and this folder C:\Deckard

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Let me know how things are running.

Thanks
Geri