have done steps still not sure??

No you have not run all the steps.

See Step 6 and run it and attach the logs. Then follow step 7 properly and get HJT installed correctly and attach a new log.

You OS is way out of date!
You have no antivirus and no firewall. Bad idea!

Also note, you show no signs of infections in you HJT log! That is also why we need the full READ ME to be run.

 

You startuplist log is not for the same PC as your HJT log. What are you doing?


Edit: I see what happen, you restored to a point in time where you only had Win XP original.

Well now you will have to get all of your updates all over again.

 

Please install HJT properly per step 7 of the READ ME. You have it here:

C:\Documents and Settings\Owner\Desktop\New Folder\HijackThis.exe

The READ ME clearly states not to do this and I already mentioned this in message # 2. I also mentioned in message # 2 that your HJT log is clean. There is no reason to post it anymore. You need to get your Windows Updates installed so you can get back to Win XP SP2 but if you think BitDefender was slow on dial-up, wait until you try to get your updates. The files will be huge. How did you update previously? Do you have a CD?

At anyrate, I'm not sure why you are posting in this forum.

 

You're welcome. If you have anymore malware problems let us know. Also make sure you check out the below:

How to Protect yourself from malware!

 

Python is programming language. Just let BitDefender run. If it does not get any further in another hour or so, then stop it and run Panda.

But why are you scanning anyway? Do you have malware problems?

 

BitDefender does repair (if it can) otherwise it tries to delete (again if it can). You can create a log with it as specified in the READ & RUN ME. Screen shots are typically not legible.

 

You must not run multiple sessions of HijackThis and you must run the correct one that is in C:\Program Files\highjt\hijackthis (unnecessary to make this longer folder name too). You were running the below:

C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe
C:\Program Files\highjt\hijackthis\HijackThis.exe

Are the below R0 & R1 lines your desired settings?
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.shaw.ca/start/enca/addons/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://start.shaw.ca/start/enca/addons/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.shaw.ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.shaw.ca/start/enca/addons/search/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.shaw.ca
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.shaw.ca/start/enca/addons/search/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.shaw.ca/start/enca/addons/search/

Your HJT log does not show any malware issues; however from your Panda log we do have a few things to do.

Look in Add/Remove Programs for SaveNow and uninstall if found.
USe Windows Explorer to find and delete the below files:
C:\Documents and Settings\Administrator\My Documents\My Pictures\dolphinfree.exe
C:\Documents and Settings\Default User\My Documents\My Pictures\dolphinfree.exe
C:\WINDOWS\SYSTEM32\config\systemprofile\My Documents\My Pictures\dolphinfree.exe

Now empty your Recycle Bin!

Run Ccleaner!

Let me know how things are working!

 

You're welcome. Make sure you do what I suggested in message # 8 now.

 

You're welcome. Surf safely!