Author Topic: Unable to use javascript on the web? (Read 1924 times)

Tony1004 · « **on:** April 08, 2006, 09:00:20 PM »

Help!
I think i mistakely delete the .dll of it.
I can't recover it with simply re-install
Just unable to be used!
The installation file is download from www.java.com

guestolo · « **Reply #1 on:** April 08, 2006, 09:34:40 PM »

What .dll are you talking about?
Can you explain a little clearer please what exactly your problems are

Tony1004 · « **Reply #2 on:** April 09, 2006, 02:24:31 AM »

I mean i can't use the javascript on the website.
Even after reinstall the Java

guestolo · « **Reply #3 on:** April 09, 2006, 11:29:41 AM »

Quote

What .dll are you talking about?

Tony1004 · « **Reply #4 on:** April 10, 2006, 04:06:12 AM »

I mean the .dll java is using
It is called ssv.dll
I reinstall but still cannot use the java code on web

guestolo · « **Reply #5 on:** April 10, 2006, 07:28:31 PM »

Can you give me a link to the website you are having troubles with Java too please

Also, to see if it will help or not
From my signature below, download and save too a permanent folder of it's own onto your harddrive
Hijackthis 1.99.1
Open Hijackthis.exe

Do a "SCAN and Save a Log file"
A log will open in Notepad
Copy and paste the WHOLE contents of the log here... Don't try and fix anything yet----It is all important

Also, this will help me see what versions of Java you have
After you have closed Hijackthis
Reopen it and then click on "Misc tools section"
Then click the "Uninstall manager"
Click the SAVE LIST... button
Save the list too desktop then copy and paste the whole contents back here please

Tony1004 · « **Reply #6 on:** April 11, 2006, 03:12:45 AM »

[quote name=\'guestolo\' post=\'105697\' date=\'Apr 10 2006, 06:28 PM\']Can you give me a link to the website you are having troubles with Java too please

Also, to see if it will help or not
From my signature below, download and save too a permanent folder of it's own onto your harddrive
Hijackthis 1.99.1
Open Hijackthis.exe

Do a "SCAN and Save a Log file"
A log will open in Notepad
Copy and paste the WHOLE contents of the log here... Don't try and fix anything yet----It is all important

Also, this will help me see what versions of Java you have
After you have closed Hijackthis
Reopen it and then click on "Misc tools section"
Then click the "Uninstall manager"
Click the SAVE LIST... button
Save the list too desktop then copy and paste the whole contents back here please[/quote]
Like panda's
I mean the free online scanning website
Logfile of HijackThis v1.99.1
Scan saved at 16:19:24, on 11/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Documents and Settings\Tony\My Documents\hijackthis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: bg - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - (no file)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\cnshook.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-hk\msntb.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\Roland\LOCALS~1\Temp\RarSFX0\HNETPO~1.DLL,Start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\Roland\LOCALS~1\Temp\RarSFX0\HNETPO~1.DLL,Start
O8 - Extra context menu item: 使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java 主控台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O11 - Options group: [!CNS] 網絡實名
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: DVD-RAM_Service - Matsu[censored]a Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: SDAgent Service (SDAgentService) - Unknown owner - C:\Program Files\Common Files\smartde\sde.exe (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

guestolo · « **Reply #7 on:** April 11, 2006, 09:13:53 AM »

Quote

Like panda's
I mean the free online scanning website

Panda's uses activex controls too run it's scan

I'm just on my way to work, your log needs some cleaning
But can I still see the following I asked for

Open Hijackthis.exe

Quote

click on "Misc tools section"
Then click the "Uninstall manager"
Click the SAVE LIST... button
Save the list too desktop then copy and paste the whole contents back here please

Tony1004 · « **Reply #8 on:** April 12, 2006, 03:18:12 AM »

I am a chinese,so i will add some explantation of chinese.!!!
ACDSee 6.0 Standard Full
Ad-Aware SE Professional
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 5.0
Adobe Reader 6.0.1 - Chinese Traditional
Age of Empires III
AsusUpdate
AVG Free Edition
BHA B's Recorder GOLD BASIC 7.10
BitComet 0.60
CursorXP
DC1125
DVD-RAM驅動程式<--------------A DVD driver
Easy Audio Cutter V1.0
EDIY GBALink V5.60
EPSON Printer Software
FlashGet(JetCar)
GM56USB Voice Modem
HijackThis 1.99.1
IRD Software for IR56B Chinese Version 3.4
J2SE Runtime Environment 5.0 Update 6
jv16 PowerTools 1.4.1
K-Lite Codec Pack 2.32 Full
LG PhoneManager
LG SyncManager
LG USB Modem driver
LingvoSoft Talking Dictionary (English<->Chinese Traditional) for Pocket PC
Logitech iTouch Software
Logitech MouseWare 9.79.1
Macromedia Dreamweaver 4
Macromedia Extension Manager
Macromedia Flash Player 8
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Chinese (Traditional) Lang. Pack
Microsoft ActiveSync 3.8
Microsoft AppLocale
Microsoft Office XP Chinese (Simplified) User Interface Pack
Microsoft Office XP English User Interface Pack
Microsoft Office XP Media Content
Microsoft Office XP Professional with FrontPage
Microsoft Visual Basic 6.0 專業版 (繁體中文)<---------Visual Basic
Microsoft Web 發佈精靈 1.53<---------same as above
Microsoft Windows Application Compatibility Database
MSN Messenger 7.5
MSN 工具列
Nero - Burning Rom
NOD32防毒系統<---------NOD32 Trial going to be uninstalled
NVIDIA Drivers
NvMixer
PaperPort
PerfectDisk
PowerDVD
QuickTime Alternative 1.35
Real Alternative 1.27
Registry Compactor 1.1
Registry Medic 3.0 (Build 807)
Rise Of Legends Demo
Spybot - Search & Destroy 1.4
SuperPass2 V2.0
Uninstall Tool
Unlocker 1.7.9
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Connect
Windows Media Format Runtime
Windows Media Player 10
WinRAR 壓縮工具<--------WinRAR
ZoneAlarm
網絡實名<---------Cnsmin3721
遠端桌面連線<----------connection manager
線上遊戲領航員 v2.2.0.0<---------Online game
櫻花輸入法<---------Japanese input software
魔力寶貝Ver 4.0<-----------Online game
魔力寶貝Ver 4.0 遊戲資料片<-----------Onlinegame

Tony1004 · « **Reply #9 on:** April 12, 2006, 08:08:10 PM »

[quote name=\'guestolo\' post=\'105889\' date=\'Apr 11 2006, 08:13 AM\']Panda's uses activex controls too run it's scan

I'm just on my way to work, your log needs some cleaning
But can I still see the following I asked for

Open Hijackthis.exe[/quote]
No i mean panda's top left or right conrner
it has a buttom called scan
The buttom use javascript so that i can't even go into the scanning page

guestolo · « **Reply #10 on:** April 12, 2006, 08:30:50 PM »

Sorry for the delay
Can you do the following please

Since you are going to uninstall the Trial version of Nod32
Can you do it now please
Having more than one Active av running in the background, can cause conflicts and decrease system performance
Reboot if prompted

Back in Windows

Download and install Windows CleanUp! 4.5.1
==Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):

* Empty Recycle Bins
* Delete Cookies
* Delete Prefetch files
* Cleanup! All Users

Click OK
Press the CleanUp! button to start the program.
When it's done click Close
Decline to log off or restart the computer

Do a "System scan only" with Hijackthis and put a check next to these entries:

R3 - Default URLSearchHook is missing

O2 - BHO: bg - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - (no file)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\cnshook.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-hk\msntb.dll (file missing)

O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32

O4 - HKLM\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\Roland\LOCALS~1\Temp\RarSFX0\HNETPO~1.DLL,Start
O4 - HKCU\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\Roland\LOCALS~1\Temp\RarSFX0\HNETPO~1.DLL,Start

After you have ticked the above entry, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer

Back in Windows
==Download and then Install
Ewido anti-malware 3.5

When installing, under "Additional Options" Uncheck
"Install background guard" and "Install scan via context menu".

From the main ewido screen, click on Update in the left menu, then click the Start update button.
After the update finishes (the status bar at the bottom will display "Update successful")

If for some reason the Updater won't work can you manually download the
Updates from this link after you have Ewido installed
http://www.ewido.net/en/download/updates/

==In Ewido Anti-Malware
Click on the Scanner button on the left menu
Select Complete System Scan
*If Ewido finds something it will prompt you with "Infected Object found"
Ensure the following are Selected
*1. Perform Action = Remove
*2. Create Encrypted Backup in Quarantine (Recommended)
*3. Perform action with all infections
Then click OK
When Ewido has finished it's scan click the "Save Report" button
Save the report to desktop
Exit Ewido
Note: when Ewido is running it's scan, don't open any other windows, let it run uninterrupted please

Reboot one last time
Access Internet Options via Control Panel
Under the Programs tab "Reset Web Settings"

Come back here and post a fresh hijackthis log and the whole log from Ewido's

EDIT>>I forgot about this entry in your hijackthis log
O23 - Service: SDAgent Service (SDAgentService) - Unknown owner - C:\Program Files\Common Files\smartde\sde.exe (file missing)

If your unsure what it's related too, can you do the following please
Go to START>>>RUN>>>type in services.msc
Hit OK
In the next window, look on the right hand side for this service
name---- SDAgent Service

Double click on it--- STOP the service--If running
In the drop down menu, change the startup type to Disabled
The file may still be around
Go to either of these links
http://virusscan.jotti.org/
or
http://www.virustotal.com/flash/index_en.html

Use the browse button and navigate to this file on your hard disk
C:\Program Files\Common Files\smartde\sde.exe<--this file

Right click on the file and choose Select
Then use the Submit button
Let it finish scanning
Could you post back the results of the scan back here please

Tony1004 · « **Reply #11 on:** April 12, 2006, 11:18:17 PM »

No sde.exe!
I've delete it about 1 mouth ago!
Also Ewido cannot output the log!

Logfile of HijackThis v1.99.1
Scan saved at 12:17:55, on 13/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tony\My Documents\hijackthis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\cnshook.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\Roland\LOCALS~1\Temp\RarSFX0\HNETPO~1.DLL,Start
O4 - HKLM\..\Run: [supdate2.dll] RUNDLL32.EXE C:\WINDOWS\system32\supdate2.dll,Run
O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe
O4 - HKLM\..\RunOnce: [supdate2.dll] REGSVR32.EXE /s C:\WINDOWS\system32\supdate2.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\Roland\LOCALS~1\Temp\RarSFX0\HNETPO~1.DLL,Start
O8 - Extra context menu item: 使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java 主控台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O11 - Options group: [!CNS] 網絡實名
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: DVD-RAM_Service - Matsu[censored]a Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

guestolo · « **Reply #12 on:** April 12, 2006, 11:48:05 PM »

I missed this in your uninstall list when you posted it

This entry
網絡實名<---------Cnsmin3721

It looks as if it's related too Chinese keywords

It's something you don't want on your computer and giving you problems
Take a look at this link please
http://www3.ca.com/securityadvisor/pest/pe...px?id=453072511

Can you try uninstall it from Add/Remove programs and reboot your computer and posting back a fresh hijackthis log
Before trying to uninstall the program, can you do the following
Create a new restore point
Go to START>>Programs>>Accessories>>System Tools>>System restore
Click Create a new restore point
Name it and click Create
Then try and uninstall>>>>Reboot the computer
Could you also let me know if there are any other files in this folder
C:\Program Files\Common Files\smartde

and this one too, take note of the exact spelling
C:\Program Files\Common Files\UPDAT <-this folder
anything you recognize

Also, you said this

Quote

Also Ewido cannot output the log!

Why wouldn't it? Did you try and save the report?
Did the scan finish?

We'll get the rest of this, but let me know the above info
also try and remove the entry in add/remove programs related to Chinese keywords please

Tony1004 · « **Reply #13 on:** April 13, 2006, 12:41:48 AM »

[quote name=\'guestolo\' post=\'106573\' date=\'Apr 12 2006, 10:48 PM\']I missed this in your uninstall list when you posted it

This entry
網絡實名<---------Cnsmin3721

It looks as if it's related too Chinese keywords

It's something you don't want on your computer and giving you problems
Take a look at this link please
http://www3.ca.com/securityadvisor/pest/pe...px?id=453072511

Can you try uninstall it from Add/Remove programs and reboot your computer and posting back a fresh hijackthis log
Before trying to uninstall the program, can you do the following
Create a new restore point
Go to START>>Programs>>Accessories>>System Tools>>System restore
Click Create a new restore point
Name it and click Create
Then try and uninstall>>>>Reboot the computer
Could you also let me know if there are any other files in this folder
C:\Program Files\Common Files\smartde

and this one too, take note of the exact spelling
C:\Program Files\Common Files\UPDAT <-this folder
anything you recognize

Also, you said this

Why wouldn't it? Did you try and save the report?
Did the scan finish?

We'll get the rest of this, but let me know the above info
also try and remove the entry in add/remove programs related to Chinese keywords please[/quote]
C:\Program Files\Common Files\smartde<------------no i've delete it once 1 month before
C:\Program Files\Common Files\UPDAT <-------------I got this, delete or not
Because i am using traditional chinese
Ewido is a simplified chinese version<------------don't know why
So it cannot output the text on notepad

Quote

This entry
網絡實名<---------Cnsmin3721

It looks as if it's related too Chinese keywords

Yes it is called 3721
Another name is Cnsmin
Also how can it help to recover Java?

guestolo · « **Reply #14 on:** April 13, 2006, 11:18:37 PM »

Any progress?
Or should we continue without uninstalling Chinese keywords?

Tony1004 · « **Reply #15 on:** April 14, 2006, 08:41:14 AM »

[quote name=\'guestolo\' post=\'106981\' date=\'Apr 13 2006, 10:18 PM\']Any progress?
Or should we continue without uninstalling Chinese keywords?[/quote]
Yes we should continue, cause some of it are useful to me.
Also, i need to use java
Can you help me recover it first
It's urgent
It's about logon buttom of it
Help

guestolo · « **Reply #16 on:** April 14, 2006, 07:07:43 PM »

Sorry for the delay
Go to either of these links
http://virusscan.jotti.org/
or
http://www.virustotal.com/flash/index_en.html

Use the browse button and navigate to this file on your hard disk
C:\Program Files\Common Files\UPDAT\Update.exe <--this file

Right click on the file and choose Select
Then use the Submit button
Let it finish scanning
Could you post back the results of the scan back here please
Can you do the same for this file please
C:\WINDOWS\system32\supdate2.dll

Are there any other files in the UPDAT folder?

Tony1004 · « **Reply #17 on:** April 14, 2006, 09:29:19 PM »

File:      update.exe
Status:
INFECTED/MALWARE
MD5    26c3f5b0f50b223f57648ce6e5d60357
Packers detected:
-
Scanner results
AntiVir
Found Trojan/Dldr.QQHelpe.q.1
ArcaVir
Found nothing
Avast
Found Win32:Trojano-3160
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found DLOADER.Trojan (probable variant)
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found Trojan-Downloader.Win32.QQHelper.eq
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

C:\WINDOWS\system32\supdate2.dll<--------NO this file

guestolo · « **Reply #18 on:** April 14, 2006, 09:34:04 PM »

Quote

Are there any other files in the UPDAT folder?

Also, what do you mean by this, you can't find the file?

Quote

C:\WINDOWS\system32\supdate2.dll<--------NO this file

Tony1004 · « **Reply #19 on:** April 15, 2006, 12:26:17 AM »

[quote name=\'guestolo\' post=\'107312\' date=\'Apr 14 2006, 08:34 PM\']Also, what do you mean by this, you can't find the file?[/quote]
There is a update.dat in UPDAT
Also i mean i can't find the supdae2.dll
Even the hidden document is unchecked

News:

Author Topic: Unable to use javascript on the web? (Read 1924 times)