I Read The Sticky "read this before..." thread and here is my log...

It does not look like you ran ALL of the READ & RUN ME. Please run ALL of it. If you cannot run something explain why and what happens. I see no reason why you cannot download and run ShowNew & GetRunKey and you did not run Windows Defender or either online scanner.

Why are you running without an antivirus program, without an antispyware program, and without a firewall!

Please attach the below log too!

Let's get an installed programs list from HijackThis too!

• Run HijackThis, click Open the Misc Tools section
• Click Open Uninstall Manager
• Click Save List (generates uninstall_list.txt)
• Click Save, to save it to a file where you can find it.
• Attach the uninstall_list.txt file to your next message.

 

Actually according to your HJT logs, neither Bitdefender nor PandaActiveScan were ever started. This means the scans themselves were never run. So I assume what you really meant was that you tried to run them but actually never go to the point of actually running the scans.

It looks to me like you have been experimenting too much on your own and have deleted too many things that you should not have been touching. You HJT is very small and indicates that you have been removing stuff on your own. You are probably looking at a reinstall if things do not work properly. But I will give you somethings to do anyway (even though I'm not sure it is going to help you resolve all your problems).

First goto Add/Remove programs and uninstall all of the below:
Java 2 Runtime Environment, SE v1.4.2_06
KaZaA Media Desktop
Viewpoint Manager (Remove Only)
Viewpoint Media Player (Remove Only)

Now Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now reboot your PC but boot into Safe Mode.

Run Windows Explorer and locate the below files (make sure viewing of hidden files is enable per the READ ME):
C:\WINNT\system32\bez6n4r21.exe
C:\WINNT\system32\n9nyb.exe
C:\WINNT\system32\wnsintsv.exe
C:\WINNT\system32\winnb58.dll
C:\WINNT\system32\atmtd.dll.tmp
C:\Program Files\Common Files\{80DE3EC4-0277-1033-0724-000525200001} <--- delete the whole folder if found

Now reboot into normal mode and let me know what your status is.

This PC has no protection software and is going to get re-infected pretty quickly if you don't get it protected ASAP. You should work thru the below link:

How to Protect yourself from malware!

 

HJT = HijackThis

Are you still having problems?

 

No! I just cannot be here all the time and we are very busy. One thing you must learn though is to post once and then wait for any answer. Each time you post another message you are hurting yourself. You send yourself to the bottom of our work queue each time you post. We work from oldest to newest order. When you bump your thread by adding unnecessary messages or to post intermediate incomplete information rather than waiting until your scans are complete, you loose your place and make it take even longer to get an answer. The moral.....don't bump and when you actually have all necessary information to post. If you are running 3 scans, don't post messages saying you are running them and don't post after each scan. When you complete all 3 scans, then post all logs and any other information. You posted 8 messages after my last one! There should have been only one!

The reason what didn't show up???? What are you deleting? You should only be doing what we give you and nothing else. If you are referring to the Bitdefender and PandaActiveScan lines in your HJT log, you should not be removing them.

Was this PC upgraded from Windows ME to Windows 2000??? I see files in a _Restore folder which is not part of Windows 2000.

Start by downloading - Pocket KillBox

Extract it to its own folder somewhere that you will be able to locate it later.

Now run Pocket Killbox by doubleclicking on killbox.exe
Choose Tools > Delete Temp Files and click Delete Selected Temp Files.
Then after it deletes the files click the Exit (Save Settings) button.
NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue.

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

C:\Documents and Settings\Administrator\Application Data\tvmcwrd.dll
C:\Documents and Settings\Administrator\Application Data\?asks\rundll32.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\dia152.exe
C:\Documents and Settings\All Users\Application Data\SecTaskMan\chkntfs.dll.q_63A4001_q
C:\Documents and Settings\All Users\Application Data\SecTaskMan\spoolsv.dll.q_63A4001_q
C:\Documents and Settings\zechariaz\Local Settings\Temp\~187280.tmp
C:\Documents and Settings\zechariaz\Local Settings\Temp\~19352.tmp
C:\Documents and Settings\zechariaz\Local Settings\Temp\~632852.tmp
C:\Documents and Settings\zechariaz\Local Settings\Temp\~972012.tmp
C:\RECYCLER\S-1-5-21-1085031214-1343024091-1708537768-1003\Dc6.dll
C:\WINDOWS\Downloaded Program Files\SbCIe01f.dll
C:\WINDOWS\SYSTEM\freedial.exe
C:\WINDOWS\SYSTEM\stub.exe
C:\WINDOWS\TEMP\newnet\kazaa-298.exe
C:\WINNT\Digital Signature 20020312.htm
C:\WINNT\Downloaded Program Files\CONFLICT.1\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.1\HDPlugin1019.dll
C:\WINNT\Downloaded Program Files\CONFLICT.10\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.11\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.12\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.2\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.2\HDPlugin1019.dll
C:\WINNT\Downloaded Program Files\CONFLICT.3\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.3\HDPlugin1019.dll
C:\WINNT\Downloaded Program Files\CONFLICT.4\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.4\HDPlugin1019.dll
C:\WINNT\Downloaded Program Files\CONFLICT.5\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.5\HDPlugin1019.dll
C:\WINNT\Downloaded Program Files\CONFLICT.6\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.6\HDPlugin1019.dll
C:\WINNT\Downloaded Program Files\CONFLICT.7\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.8\HDPlugin1018.dll
C:\WINNT\Downloaded Program Files\CONFLICT.9\HDPlugin1018.dll
C:\WINNT\inf\alchem.inf
C:\WINNT\inf\biini.inf
C:\WINNT\MDialer\Dial05-t5.exe
C:\WINNT\system32\ezsys.exe
C:\WINNT\system32\gbhordm.exe
C:\WINNT\system32\y102-d.exe
C:\_Restore\TEMP\A0052418.CPY
C:\_Restore\TEMP\A0064507.CPY

• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If Killbox does not reboot just reboot your PC yourself.

After reboot, run PandaActive Scan again and attach a new Panda log.

Make sure you tell me how things are working now! I suspect some of your problems are due to deleting thinsg you should not have been touching. Looks like you even delete a couple files for some Windows Services:
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: WMDM PMSP Service - Unknown owner - C:\WINNT\System32\mspmspsv.exe (file missing)

 

Run this which may help fix your problem with Office:

Windows Installer CleanUp Utility

Most of what is in you Panda logs is just backups from what we fixed with Killbox. And a bunch of other items are just cookies which are not problems.

Run Killbox and click File, Cleanup, and Delete all Backups

Now run Windows Explorer and locate the below file and delete it:
C:\WINNT\Digital Signature 20031130.htm

Now do a new PandaScan and attach the log. Ignore cookies.

Are you still having actual malware problems? If so, tell me exactly what they are. If they are popups, tell me what the popups say and where they are coming from.

 

Run this Running Ewido Anti-Malware and attach the requested Ewido log.


After running Ewido, download the latest version of ShowNew (same link as in the READ ME) and then attach a new log from it.

 

Okay first let's get you version of Sun Java updated. Install this:Sun Java Runtime Environment

Now run Windows Explorer and look for the below folder and delete it if found:
C:\WINNT\BDE

Now also locate and delete the below files.
C:\Program Files\Internet Explorer\hoxynaga.html
C:\Program Files\NetMeeting\kybeqi.html

Now empty your Recycle Bin

Now Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now open Control Panel and select Add/Remove Programs and uninstall the below:
J2SE Runtime Environment 5.0 Update 6 <--- this is the old version
KaZaA Media Desktop

 

One more thing I forgot to mention! Run Pocket Killbox and on the top menu click File, Cleanup, Delete all Backups.


Now tell me what problems remain on your PC. If you are still getting popups, describe what is in the popups and give any URLs if they appear.

 

You had a load of different malware problems! Where they came from only you and the other people using the PC can say. Using Kazaa or anything like it is a major cause of problems like this.

Try using the below to remove Kazaaa:

Your Uninstaller! 2006


If you are not having any other malware problems, you should work thru the below link:


How to Protect yourself from malware!

 

You don't have MS Java. You have Sun Java already. See message number 34 where I told you you need to update to the current version.

You will still have IE on your PC and you will need it for various websites especially Microsoft. Thus you need to make sure IE is configured to be safer. FireFox will be usable most of the time but not always. You will typically get a message from a website if they do not like the browser you are using. Rule of thumb......if you have a problem accessing of downloading etc from a website, quickly try IE to see if it works. There are all kinds of plugins that can be installed to use with FireFox. That is however a topic for the Software Forum.

 

You're welcome. I'm happy to hear things are still working well! Surf safely!