Related:
- Cant find script file c:\windows\winsys64.vbs
- Can not find script file C:\windows\run.vbs ✓ - Forum - Windows 10
- Cannot find script file c windows system32 maintenance.vbs ✓ - Forum - Viruses/Security
- Can not find script file c:/windows/system/ - Forum - Windows
- Can not find script file c windows system32 maintenance.vbs - Forum - Viruses/Security
- Cannot find script file c/users/user/appdata/roaming windows 10 ✓ - Forum - Windows 7
7 replies
djsmurf
- Posts
- 98
- Registration date
- Friday January 9, 2009
- Status
- Member
- Last seen
- April 30, 2011
If you search this site you can find a few post similar to your problem.
https://ccm.net/forum/affich-39165-c-windows-sowar-vbs-problem
that is an example.
The file may be part of a virus called VBS.Zodgila, or VBS.Runauto (there are loads of different ones) which when executed attempts to write that file to your hard drive and puts in registry keys. Im assuming that it either wrote the registry key incorrectly or misplaced the file the key was referring to.
What anti virus program are you running and have you been able to update it and run a current scan?
I ask because it is best to be sure the cause of the problem has been removed before we fix the reg. problem.
Do you have any registry editing experience? There are a few ways to fix the error but as I said want to make sure the cause is removed first then we can repair the registry.
https://ccm.net/forum/affich-39165-c-windows-sowar-vbs-problem
that is an example.
The file may be part of a virus called VBS.Zodgila, or VBS.Runauto (there are loads of different ones) which when executed attempts to write that file to your hard drive and puts in registry keys. Im assuming that it either wrote the registry key incorrectly or misplaced the file the key was referring to.
What anti virus program are you running and have you been able to update it and run a current scan?
I ask because it is best to be sure the cause of the problem has been removed before we fix the reg. problem.
Do you have any registry editing experience? There are a few ways to fix the error but as I said want to make sure the cause is removed first then we can repair the registry.
ximxim
hi! have same problem.
I'm using Avast as my antivirus and yes, I've run scans multiple times, but it found nothing (virus, worms etc).
thanks!
I'm using Avast as my antivirus and yes, I've run scans multiple times, but it found nothing (virus, worms etc).
thanks!
Blocked Profile
ximxim,
when youre on your PC I advise you download the following and run a scan:
https://www.malwarebytes.com/
once youve scanned and remove infections with this, go to google and type ESET online scanner. install this and again, run a full system scan.
next, type into google trend house micro online scanner and do the same with this.
when youre on your PC I advise you download the following and run a scan:
https://www.malwarebytes.com/
once youve scanned and remove infections with this, go to google and type ESET online scanner. install this and again, run a full system scan.
next, type into google trend house micro online scanner and do the same with this.
ximxim
hi! thanks for the reply.
I've done them all, but the problem still there.
I forgot to tell you, around 6 months ago my antivirus found a virus (it said Wins32 or something, maybe), so I just delete them but as soon as I delete it, the warning message kept pop up over and over again, it kept telling me that it found a virus. Until I got my laptop restarted then it's gone. Please help me solve this problem. Thank you!
I've done them all, but the problem still there.
I forgot to tell you, around 6 months ago my antivirus found a virus (it said Wins32 or something, maybe), so I just delete them but as soon as I delete it, the warning message kept pop up over and over again, it kept telling me that it found a virus. Until I got my laptop restarted then it's gone. Please help me solve this problem. Thank you!
Ambucias
- Posts
- 47398
- Registration date
- Monday February 1, 2010
- Status
- Moderator
- Last seen
- November 27, 2020
Greetings XimXim
The solution provided by Kieferchild is always a good and recommended first step to remove a virus. If Malwarebyte can't remove it, a larger system analysis must be performed.
To help you, I must make a diagnostic and to do so, I require a log.
Open this link and download ZHPDiag :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Register the file on your Desktop.
Double click on ZHPDiag.exe and follow the instructions.
the tool created two icons ZHPDiag and ZHPFix (we will use ZHPFix at the next step).
Double click on the short cut ZHPDiag on your Destktop.
Click on the Magnifying glass and run the analysys.
Wait for the tool to finished (maybe a long time)
Close ZHPDiag.
To transmit the report, click on this link :
https://authentification.site
Click on Parcourir and search the directory where you installed ZHPDiag (usually C:\Program Files\ZHPDiag).
Select the file ZHPDiag.txt.
Click on "upload »
Copy the url and post it here
The solution provided by Kieferchild is always a good and recommended first step to remove a virus. If Malwarebyte can't remove it, a larger system analysis must be performed.
To help you, I must make a diagnostic and to do so, I require a log.
Open this link and download ZHPDiag :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Register the file on your Desktop.
Double click on ZHPDiag.exe and follow the instructions.
the tool created two icons ZHPDiag and ZHPFix (we will use ZHPFix at the next step).
Double click on the short cut ZHPDiag on your Destktop.
Click on the Magnifying glass and run the analysys.
Wait for the tool to finished (maybe a long time)
Close ZHPDiag.
To transmit the report, click on this link :
https://authentification.site
Click on Parcourir and search the directory where you installed ZHPDiag (usually C:\Program Files\ZHPDiag).
Select the file ZHPDiag.txt.
Click on "upload »
Copy the url and post it here
jonejan
I think spyware is not the right term becasuse software is installed with user's knowledge and permission and can be removed easily using uninstall program from the control panel. It's not malicious. It is just a program that gathers some information about user's browsing habits. It is a genuine piece of software.
Ambucias
- Posts
- 47398
- Registration date
- Monday February 1, 2010
- Status
- Moderator
- Last seen
- November 27, 2020
Dear Ximxim
Your system is indeed badly infected.
The infection came from Bittorent, BitComet and IMesh
After analysys, I have found
1. Baidu spyware,
2. Pop Cap Adware,
3. Relevant Knowledge Spyware,
4. Rogue Trojan Horse
5. USB viral infection.
Yes your system is in a extremely sad state.
To answer your question, not only will these viruses slowdown your machine but it is vulnerable to intrusions. If you let them prosper, your system will blank out!
Also, I found:
a) 19 useless processes
b) 13 useless toolbars or Browser helper objects
Can you tell me about this software:
Dachshund Software-- C:\WINDOWS\Integrator.exe
And what about Freeze.com
Another very important question do you use any removal USB devices? If you do, do not use them, they are probably infected and will recontaminate your system and may contaminate others.
No antivirus is perfect and in this instance, Avast was incapable of the detecting and removing all of those viruses, but I insist, you Ximxim have let them in through your torrent downloads.
Lets deal with the main infections first.
After you applied my medicinal compound, please run another ZHP log for me to look at.
I shall prescribe to you a very powerfull antidote that is able to kill and send any virus to the glue factory. It is of very last resort and should not be abused of, as matter of a fact, once you have used it, I suggest you delete it from your system.
To keep your system safe, you must follow the instructions hereunder to the letter:
First step, boot your system in safe mode with networking
1. Download Combofix to your desktop.
http://www.combofix.org/download.php
2.Close all open Windows including this one.
Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix.
3. Double click on the ComboFix icon.
Windows is issuing this prompt because ComboFix does not have a digital signature. This is perfectly normal and safe and you can click on the Run button to continue.
4. Accept the disclaimer and the recovery
5.You should now press the Yes button to continue. If at any time during the Recovery Console installation you receive a message stating that it failed to install, please allow ComboFix to continue with the scan of your computer.
ComboFix will disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings.
If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
During the process, please do not mouse click nor must you tap on the keyboard. Let the tool run.
Once you are done, report to me on how your system is behaving and send the ZHP log.
Good luck
Ambucias
Your system is indeed badly infected.
The infection came from Bittorent, BitComet and IMesh
After analysys, I have found
1. Baidu spyware,
2. Pop Cap Adware,
3. Relevant Knowledge Spyware,
4. Rogue Trojan Horse
5. USB viral infection.
Yes your system is in a extremely sad state.
To answer your question, not only will these viruses slowdown your machine but it is vulnerable to intrusions. If you let them prosper, your system will blank out!
Also, I found:
a) 19 useless processes
b) 13 useless toolbars or Browser helper objects
Can you tell me about this software:
Dachshund Software-- C:\WINDOWS\Integrator.exe
And what about Freeze.com
Another very important question do you use any removal USB devices? If you do, do not use them, they are probably infected and will recontaminate your system and may contaminate others.
No antivirus is perfect and in this instance, Avast was incapable of the detecting and removing all of those viruses, but I insist, you Ximxim have let them in through your torrent downloads.
Lets deal with the main infections first.
After you applied my medicinal compound, please run another ZHP log for me to look at.
I shall prescribe to you a very powerfull antidote that is able to kill and send any virus to the glue factory. It is of very last resort and should not be abused of, as matter of a fact, once you have used it, I suggest you delete it from your system.
To keep your system safe, you must follow the instructions hereunder to the letter:
First step, boot your system in safe mode with networking
1. Download Combofix to your desktop.
http://www.combofix.org/download.php
2.Close all open Windows including this one.
Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix.
3. Double click on the ComboFix icon.
Windows is issuing this prompt because ComboFix does not have a digital signature. This is perfectly normal and safe and you can click on the Run button to continue.
4. Accept the disclaimer and the recovery
5.You should now press the Yes button to continue. If at any time during the Recovery Console installation you receive a message stating that it failed to install, please allow ComboFix to continue with the scan of your computer.
ComboFix will disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings.
If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
During the process, please do not mouse click nor must you tap on the keyboard. Let the tool run.
Once you are done, report to me on how your system is behaving and send the ZHP log.
Good luck
Ambucias
ximxim
Dachshund Software-- C:\WINDOWS\Integrator.exe This program I got it from a forum and people there said that this program will speed up my computer and fix any crashed programs.
About Freeze.com, I have no idea what that is nor where that came from.
And about removal USB, I have it once, but I already uninstalled it long ago. I don't know if the program still exist in my laptop. >.<
It's not I don't trust you, but I am no expert for this program thing, so I kinda scared if I mess up. So, should I ask someone who is an expert for this thing to do it for me or common person can do it alone? Are all my programs going to be gone after I do this?
Thank you
About Freeze.com, I have no idea what that is nor where that came from.
And about removal USB, I have it once, but I already uninstalled it long ago. I don't know if the program still exist in my laptop. >.<
It's not I don't trust you, but I am no expert for this program thing, so I kinda scared if I mess up. So, should I ask someone who is an expert for this thing to do it for me or common person can do it alone? Are all my programs going to be gone after I do this?
Thank you
Ambucias
- Posts
- 47398
- Registration date
- Monday February 1, 2010
- Status
- Moderator
- Last seen
- November 27, 2020
Ximxim
By removable usb devices, I mean things like pendrives, flashdrives or external disk which you plug in your computer.
The Dachshund software which you downloaded contains a virus.
You can very well desinfect your system yourself as long as you carry out my instructons to the letter.
To get into safemode with networking, since you have Windows XP professional, reboot (restart) your machine and as soon as it begins keep tapping F8. You will come to a screen giving you several options. Using the arrow key, select safemode with networking and press enter. After that continue on with disabling Avast, I think that if click right on the Avast icon, you will get the option of disabling it.
Then carry on with my instructions above, print them if needed.
Good luck
By removable usb devices, I mean things like pendrives, flashdrives or external disk which you plug in your computer.
The Dachshund software which you downloaded contains a virus.
You can very well desinfect your system yourself as long as you carry out my instructons to the letter.
To get into safemode with networking, since you have Windows XP professional, reboot (restart) your machine and as soon as it begins keep tapping F8. You will come to a screen giving you several options. Using the arrow key, select safemode with networking and press enter. After that continue on with disabling Avast, I think that if click right on the Avast icon, you will get the option of disabling it.
Then carry on with my instructions above, print them if needed.
Good luck
Ambucias
- Posts
- 47398
- Registration date
- Monday February 1, 2010
- Status
- Moderator
- Last seen
- November 27, 2020
You will be able to use it, but not now.
After we put your system back into shape, I will give you instructions to remove the viruses from your external disk and we will vaccinate it against future infections.
Now please proceed.
I must sign out now and will return in 8 to 9 hours from now.
I hope by then you have sent me the new ZHP Diag log.
Have fun and catch you later
After we put your system back into shape, I will give you instructions to remove the viruses from your external disk and we will vaccinate it against future infections.
Now please proceed.
I must sign out now and will return in 8 to 9 hours from now.
I hope by then you have sent me the new ZHP Diag log.
Have fun and catch you later
ximxim
I have no idea which file I should sent, so I just upload 3 of them.
http://www.speedyshare.com/files/27753251/log.txt
http://www.speedyshare.com/files/27753252/Add-Remove_Programs.txt
http://www.speedyshare.com/files/27753253/ComboFix-quarantined-files.txt
and I run the ZHP Diag:
http://www.speedyshare.com/files/27753838/ZHPDiag.txt
After the ComboFix finish its work and reboot my computer, the error message has gone!
My laptop seems fine and working properly.
Thank you very much!
http://www.speedyshare.com/files/27753251/log.txt
http://www.speedyshare.com/files/27753252/Add-Remove_Programs.txt
http://www.speedyshare.com/files/27753253/ComboFix-quarantined-files.txt
and I run the ZHP Diag:
http://www.speedyshare.com/files/27753838/ZHPDiag.txt
After the ComboFix finish its work and reboot my computer, the error message has gone!
My laptop seems fine and working properly.
Thank you very much!
Ambucias
- Posts
- 47398
- Registration date
- Monday February 1, 2010
- Status
- Moderator
- Last seen
- November 27, 2020
Ximxim,
The latest log you have sent me shows the very same infections.
Do me a favor,
1. delete the present copy of the ZHP diag you have.
2. Download a brand new copy and run it and post a new log.
I would like to make sure your system is really clean before we go on and clean your removal drive.
Regards
The latest log you have sent me shows the very same infections.
Do me a favor,
1. delete the present copy of the ZHP diag you have.
2. Download a brand new copy and run it and post a new log.
I would like to make sure your system is really clean before we go on and clean your removal drive.
Regards
Ambucias
- Posts
- 47398
- Registration date
- Monday February 1, 2010
- Status
- Moderator
- Last seen
- November 27, 2020
Ximxim
So you were on vacation. How boring!
I was unable to check because zhp produced the same log as the infected one.
So you were on vacation. How boring!
I was unable to check because zhp produced the same log as the infected one.
Subscribe To Our Newsletter!
