windows cannot find regsvr.exe Make sure you typed the name correctly

In My Previous Post i have mentioned that i am facing one problem in windows xp when i restart the system one error message is displayed " windows cannot find regsvr.exe Make sure you typed the name correctly and then try again . To search for a file click start button and then click search.Mr Arie told me to send the log file plz find the log below

Deckard's System Scanner v20071014.68

Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
24: 2008-07-16 12:58:26 UTC - RP91 - Deckard's System Scanner Restore Point
23: 2008-07-16 10:30:41 UTC - RP90 - System Checkpoint
22: 2008-07-15 08:49:03 UTC - RP89 - System Checkpoint
21: 2008-07-14 08:12:59 UTC - RP88 - System Checkpoint
20: 2008-07-11 11:12:55 UTC - RP87 - System Checkpoint


-- First Restore Point --
1: 2008-06-17 06:03:35 UTC - RP68 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as .exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:29:15 PM, on 7/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\TpShocks.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\NetMeeting\conf.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\rsvp.exe
C:\WINDOWS\system32\notepad.exe
\\d\Software\Anti spyware\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
F2 - REG:system.ini: Shell=Explorer.exe regsvr.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [BLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKLM\..\Run: [CDMA1X CARD] "C:\Program Files\ZTE CDMA1X CARD\Startup.exe "
O4 - HKLM\..\Run: [Venturi Configurator] C:\Program Files\Venturi Client\Configurator\ventcfg.exe -nomsgbox
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\RunOnce: [!CleanupNetMeetingDispDriver] "C:\WINDOWS\system32\rundll32.exe" msconf.dll,CleanupNetMeetingDispDriver 0
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Msn Messsenger] C:\WINDOWS\system32\regsvr.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (file missing)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O16 - DPF: {CAFECAFE-0013-0001-0021-ABCDEFABCDEF}
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain =
O17 - HKLM\Software\..\Telephony: DomainName =
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain =
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (file missing)
O23 - Service: Microsoft Office Diagnostics Service (odserv) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: Venturi Client (VenturiClient) - Venturi Wireless - C:\Program Files\Venturi Client\Client\ventc.exe

--
End of file - 7956 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 Shockprf - c:\windows\system32\drivers\shockprf.sys <Not Verified; Lenovo; ThinkVantage Active Protection System>
R1 ShockMgr - c:\windows\system32\drivers\shockmgr.sys <Not Verified; Lenovo.; ThinkVantage Active Protection System>
R1 TPHKDRV - c:\windows\system32\drivers\tphkdrv.sys <Not Verified; IBM Corporation; ThinkPad OnScreenDisplay>
R1 TPPWR - c:\windows\system32\drivers\tppwr.sys <Not Verified; IBM Corp.; IBM ThinkPad Utility>
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.2.0.3) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel(R) Wireless LAN Packet Driver>

S1 oxser (OX16C95x Serial port driver) - c:\windows\system32\drivers\oxser.sys <Not Verified; OEM; OX16C95x>
S3 UIUSys (Conexant Setup API) - c:\windows\system32\drivers\uiusys.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 RegSrvc - c:\windows\system32\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module>
R2 TPHDEXLGSVC (ThinkPad HDD APS Logging Service) - system32\tphdexlg.exe <Not Verified; Lenovo.; ThinkVantage Active Protection System>

S3 Microsoft Office Groove Audit Service - "c:\program files\microsoft office\office12\grooveauditservice.exe" (file missing)
S3 odserv (Microsoft Office Diagnostics Service) - "c:\program files\common files\microsoft shared\office12\odserv.exe" (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-03-29 11:56:33 300 --a------ C:\WINDOWS\Tasks\BMMTask.job


-- Files created between 2008-06-16 and 2008-07-16 -----------------------------

2008-07-16 18:25:32 0 d-------- C:\Program Files\Trend Micro
2008-07-06 16:21:59 0 d--hs---- C:\WINDOWS\system32\28463
2008-07-05 15:43:40 0 d-------- C:\Documents and Settings\\Application Data\U3
2008-06-30 14:46:33 0 d-------- C:\Program Files\Network Associates
2008-06-30 14:45:35 0 d-------- C:\Program Files\Common Files\McAfee
2008-06-30 14:41:47 0 d-------- C:\Program Files\McAfee
2008-06-30 14:41:47 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee


-- Find3M Report ---------------------------------------------------------------

2008-07-16 09:32:30 68768 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2008-07-11 11:19:53 0 d-------- C:\Documents and Settings\\Application Data\AdobeUM
2008-06-30 14:45:35 0 d-------- C:\Program Files\Common Files
2008-06-08 23:08:31 0 d-------- C:\Program Files\MKE
2008-06-08 23:08:31 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-08 23:07:28 0 d-------- C:\Program Files\ZTE CDMA1X CARD
2008-06-08 20:48:33 0 d-------- C:\Program Files\Venturi Client


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP "= "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [10/14/2004 09:11 AM]
"SoundMAX "= "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [09/23/2004 12:41 PM]
"TpShocks "= "TpShocks.exe" [11/07/2005 11:14 AM C:\WINDOWS\system32\TpShocks.exe]
"BMMLREF "= "C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE" [04/20/2005 01:38 AM]
"BMMMONWND "= "C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll" [04/20/2005 01:38 AM]
"BLOG "= "C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [04/20/2005 01:38 AM]
"IgfxTray "= "C:\WINDOWS\System32\igfxtray.exe" [11/02/2004 10:03 AM]
"HotKeysCmds "= "C:\WINDOWS\System32\hkcmd.exe" [11/02/2004 09:59 AM]
"TPHOTKEY "= "C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" [12/15/2005 02:00 PM]
"McAfeeUpdaterUI "= "C:\Program Files\McAfee\Common Framework\udaterui.exe" [03/14/2008 04:00 AM]
"GrooveMonitor "= "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM]
"CDMA1X CARD "= "C:\Program Files\ZTE CDMA1X CARD\Startup.exe" [11/29/2006 08:44 AM]
"Venturi Configurator "= "C:\Program Files\Venturi Client\Configurator\ventcfg.exe" [11/20/2006 09:13 PM]
"ShStatEXE "= "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [05/12/2008 03:30 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [08/04/2004 12:56 AM]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]
"Msn Messsenger "= "C:\WINDOWS\system32\regsvr.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"!CleanupNetMeetingDispDriver "= "C:\WINDOWS\system32\rundll32.exe" msconf.dll,CleanupNetMeetingDispDriver 0

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousUserGroupPolicy "=0 (0x0)
"SynchronousMachineGroupPolicy "=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage "=1 (0x1)
"NoDispScrSavPage "=1 (0x1)
"Wallpaper "=\\42dc1\GroupPolicy\WallPaper\background.JPG
"WallpaperStyle "=0

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceActiveDesktopOn "=1 (0x1)
"NoActiveDesktopChanges "=1 (0x1)
"NofolderOptions "=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell "= "Explorer.exe regsvr.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
notifyf2.dll 07/05/2005 11:45 PM 28672 C:\WINDOWS\system32\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
tphklock.dll 11/30/2005 08:16 PM 24576 C:\WINDOWS\system32\tphklock.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@= "Volume shadow copy "


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
AutoRun\command- G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63054843-0337-11dd-8445-000d60fe6c6e}]
AutoRun\command- G:\1ce.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e882838-4995-11dd-8494-000d60fe6c6e}]
AutoRun\command- G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e882839-4995-11dd-8494-000d60fe6c6e}]
AutoRun\command- H:\ntde1ect.com
explore\Command- H:\ntde1ect.com
open\Command- H:\ntde1ect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da496350-4a7d-11dd-8495-000d60fe6c6e}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Sys.exe




-- Hosts -----------------------------------------------------------------------




-- End of Deckard's System Scanner: finished at 2008-07-16 18:30:27 ------------

 

Hi Mithun
Welcome.

Please do the following.

Please re-open HiJackThis and scan only. Check the boxes next to all the entries listed below.

F2 - REG:system.ini: Shell=Explorer.exe regsvr.exe

Now close all windows other than HiJackThis, then click Fix Checked.

Close HJT.

Open “Notepad” Copy the contents of the code box below to the blank Notepad.
Click "File" > "Save as "
In the "Save In" box at the top click the down arrow and select DeskTop

In the “File name” type in: fix.reg
In the “Save As Type” select: All Files
Once saved, Go to your desktop double click “fix.reg file” and let it merge with the registry.

Code:

REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63054843-0337-11dd-8445-000d60fe6c6e}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e882839-4995-11dd-8494-000d60fe6c6e}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da496350-4a7d-11dd-8495-000d60fe6c6e}] 

Please download Flash_Disinfector.exe by sUBs and save it to your desktop:

http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

NOTE: In the event you already have Flash_Disinfector, this is a new version that I need you to download.

Hold down the Shift key and insert your flash drive. (USB thumb drives)
It is important to hold the shift key while plugging in flash drive so the virus does not run and re-infect system.

• Double-click Flash_Disinfector.exe to run it.
  Follow any prompts that may appear.
  Your desktop will vanish for a while, and then reappear. This is normal.
  Wait until the program has finished scanning, then please exit the program.

Repeat this step if you have more than one flash drives.


Empty this folder:

C:\WINDOWS\temp

Now do this.

Download ComboFix from Here to your Desktop.

It's best to disable realtime protection applications as they sometimes interfere with the tool.
Check this link for any applicable programs you may have.

• Close all open programs and windows
• Double click combofix.exe and follow the prompts.
• Vista users right click Combofix.exe and select Run As Administrator.
• When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Note - ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note - Combofix makes some changes when run to prevent autorun/autoplay of ALL CDs, floppies and USB devices, to assist with malware removal & increase security. If this is an issue or makes it difficult for you to use those devices, please ask how to reset it.


Thanks
Geri

 

hi Geri

Thanks for your quote but as you mentioned in ur quote that i have to post another log what i am trying to say is that is this resolve the problem or i have to post another log . I have to do these steps on users system so i cant take his system twice .And also i want to know that is there any chances for data loss if i do the above steps

 

Hi

Yes more logs will be needed, without them I don't know what the tools are doing and what else may need to be done.

It is always possible when using a extremely powerful tool like Combofix. It is not very likely but it is possible.

Please explain this.
What users are you speaking of?
I would suggest that the person that owns this computer register and follow the steps given if you don't have access to the computer.

Geri