Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Temp Files


  • Please log in to reply
19 replies to this topic

#1 isabellarose

isabellarose

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 29 June 2008 - 04:53 PM

These files are located at C:\Documents and Settings\Owner\Local Settings\Temp

Some of them have their size listed as 0, however, there are many files/folders that actually do have something in them. Is it o.k. for me to just delete all of those files or can that cause me problems down the line? I always delete my internet temp files, but I am not familiar with the location for these files.

My computer is still going through issues of running really slow at times and the screens freeze up.

Thank you.

Edited by garmanma, 30 June 2008 - 08:02 AM.
moved-OP has WinXP


BC AdBot (Login to Remove)

 


#2 Keithuk

Keithuk

  • Members
  • 960 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:31 AM

Posted 30 June 2008 - 06:46 AM

Welcome to BT Isabel.

These files are located at C:\Documents and Settings\Owner\Local Settings\Temp

Some of them have their size listed as 0, however, there are many files/folders that actually do have something in them. Is it o.k. for me to just delete all of those files or can that cause me problems down the line? I always delete my internet temp files, but I am not familiar with the location for these files.

It appears that you've posted in the wrong forum.

Anyway you can delete all files and folders in your C:\Documents and Settings\Owner\Local Settings\Temp folder, nothing important will be lost.

I would suggest a great free tool to do this for you but I'm not allowed to say what it is as its against BT policies. :thumbsup:

Keith

Windows ME (spare computer)
Windows XP 2002 Professional SP3 (desktop computer)
Windows 7 Professional SP1 32bit (laptop computer)

Windows 8 64bit spare drive for laptop computer


#3 isabellarose

isabellarose
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 30 June 2008 - 12:32 PM

Thank you!

I finally found your reply. I hope to become more proficient in knowing how to use the forums sometime soon.

I just got an error that said "Dr. Watson Postmortem Debugger". I've had this PC for 4 years and never had any trouble with it until the last few weeks. This is driving me crazy!

isabellarose

Edited by isabellarose, 30 June 2008 - 12:33 PM.


#4 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:08:31 PM

Posted 30 June 2008 - 03:38 PM

Does the error say anything else?
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 isabellarose

isabellarose
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 30 June 2008 - 10:29 PM

I only wrote down the DrWatson Postmortem Debugger part. I know now that I should have written down the rest.

#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,553 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:31 PM

Posted 01 July 2008 - 08:04 AM

What about possibly pertinent errors in Event Viewer?

How To Use Event Viewer - http://www.bleepingcomputer.com/forums/t/40108/how-to-use-event-viewer/

I'd forget about the temp files...and concentrate on why the system is freezing up or otherwise exhibiting problems.

My first step would be to do a thorough series of scans for malware situations on the system...before moving on to other possible reasons.

Louis

Edited by hamluis, 01 July 2008 - 08:05 AM.


#7 isabellarose

isabellarose
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 01 July 2008 - 10:56 AM

I have been running different malware programs everyday for the past week and before that I was running SpySweepr & Norton everyday. Now I am running: Malwarebytes' AntiMalware, Webroot SpySweeper, SuperAntiSpyware Free Edition and Norton AntiVirus. Last week Malwarebytes' found several items which appear to be gone, but I'm not so sure there aren't more items that these programs aren't finding or maybe the previous malware items corrupted my system?

I will take a look at the Event Viewer. I don't think I will understand what it finds, but I can take a look and see what is there.

Thank you,
isabellarose

#8 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:08:31 PM

Posted 01 July 2008 - 11:40 AM

Post back with info about the errors that you find - we'll lend a hand with analyzing them.

It's possible that malware has gotten onto your system and has corrupted your current protection (and may corrupt any newly installed protection). I'd try a couple of these free, online scanners to see if anything has slipped by your protection:
(Be advised that some of these scanners will pickup things in "quarantine" from other anti-virus programs - so review the results carefully)

http://housecall.trendmicro.com
http://www.pandasecurity.com/homeusers/solutions/activescan/
http://www.kaspersky.com/virusscanner Scan Only - no removal
http://www.bitdefender.com/scan8/ie.html
http://support.f-secure.com/enu/home/ols.shtml
http://us.mcafee.com/root/mfs/default.asp
http://onlinescan.avast.com/
http://ca.com/us/securityadvisor/virusinfo/scan.aspx
http://www.eset.com/onlinescan/

<links compiled on 02/14/2008>
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#9 isabellarose

isabellarose
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 01 July 2008 - 04:14 PM

Hi,

Here are some of the Error and Warning listings in my Event Viewer. These are from the Application area. I have a lot more of them listed under Applications. I have also included one from the Security area and several from the System area.

I hope this is information that will help.


Event Type: Error
Event Source: ESENT
Event Category: General
Event ID: 490
Date: 6/29/2008
Time: 8:48:01 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
svchost (1540) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



Event Type: Error
Event Source: ESENT
Event Category: Logging/Recovery
Event ID: 439
Date: 6/29/2008
Time: 8:48:51 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Catalog Database (1540) Unable to write a shadowed header for file C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb. Error -1032.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



Event Type: Error
Event Source: ESENT
Event Category: Database Corruption
Event ID: 473
Date: 6/29/2008
Time: 8:50:36 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Catalog Database (1540) Database C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb was partially detached. Error -1032 encountered updating database headers.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type: Error
Event Source: Application Hang
Event Category: (101)
Event ID: 1002
Date: 6/29/2008
Time: 9:13:56 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Hanging application firefox.exe, version 1.8.20080.40413, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 66 69 72 65 66 6f firefo
0018: 78 2e 65 78 65 20 31 2e x.exe 1.
0020: 38 2e 32 30 30 38 30 2e 8.20080.
0028: 34 30 34 31 33 20 69 6e 40413 in
0030: 20 68 75 6e 67 61 70 70 hungapp
0038: 20 30 2e 30 2e 30 2e 30 0.0.0.0
0040: 20 61 74 20 6f 66 66 73 at offs
0048: 65 74 20 30 30 30 30 30 et 00000
0050: 30 30 30 000



Event Type: Error
Event Source: Application Hang
Event Category: (101)
Event ID: 1002
Date: 6/29/2008
Time: 9:13:56 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Hanging application firefox.exe, version 1.8.20080.40413, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 66 69 72 65 66 6f firefo
0018: 78 2e 65 78 65 20 31 2e x.exe 1.
0020: 38 2e 32 30 30 38 30 2e 8.20080.
0028: 34 30 34 31 33 20 69 6e 40413 in
0030: 20 68 75 6e 67 61 70 70 hungapp
0038: 20 30 2e 30 2e 30 2e 30 0.0.0.0
0040: 20 61 74 20 6f 66 66 73 at offs
0048: 65 74 20 30 30 30 30 30 et 00000
0050: 30 30 30 000



Event Type: Error
Event Source: Application Hang
Event Category: None
Event ID: 1001
Date: 6/29/2008
Time: 9:14:28 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Fault bucket 713234062.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket:
0008: 37 31 33 32 33 34 30 36 71323406
0010: 32 0d 0a 2..



Event Type: Error
Event Source: Application Hang
Event Category: None
Event ID: 1001
Date: 6/29/2008
Time: 9:15:05 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Fault bucket 713234062.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket:
0008: 37 31 33 32 33 34 30 36 71323406
0010: 32 0d 0a 2..



Event Type: Warning
Event Source: Userenv
Event Category: None
Event ID: 1524
Date: 6/30/2008
Time: 11:23:58 AM
User: YOUR-4105E587B6\Owner
Computer: YOUR-4105E587B6
Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.



For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



Event Type: Warning
Event Source: Userenv
Event Category: None
Event ID: 1517
Date: 6/30/2008
Time: 11:24:16 AM
User: NT AUTHORITY\SYSTEM
Computer: YOUR-4105E587B6
Description:
Windows saved user YOUR-4105E587B6\Owner registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



Event Type: Error
Event Source: ESENT
Event Category: General
Event ID: 490
Date: 6/30/2008
Time: 9:06:29 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
svchost (1536) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type: Error
Event Source: ESENT
Event Category: Logging/Recovery
Event ID: 439
Date: 6/30/2008
Time: 9:07:11 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Catalog Database (1536) Unable to write a shadowed header for file C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb. Error -1032.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



Event Type: Error
Event Source: ESENT
Event Category: Database Corruption
Event ID: 473
Date: 6/30/2008
Time: 9:07:23 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Catalog Database (1536) Database C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb was partially detached. Error -1032 encountered updating database headers.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


SECURITY

Event Type: Failure Audit
Event Source: Security
Event Category: Policy Change
Event ID: 615
Date: 7/1/2008
Time: 10:57:55 AM
User: NT AUTHORITY\NETWORK SERVICE
Computer: YOUR-4105E587B6
Description:
IPSec Services: IPSec Services failed to get the complete list of network interfaces on the machine. This can be a potential security hazard to the machine since some of the network interfaces may not get the protection as desired by the applied IPSec filters. Please run IPSec monitor snap-in to further diagnose the problem.



For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


SYSTEM


Event Type: Warning
Event Source: Dhcp
Event Category: None
Event ID: 1003
Date: 6/30/2008
Time: 5:40:10 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00C09F866DBE. The following error occurred:
The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c7 04 00 00 ...



Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 6/28/2008
Time: 12:04:22 PM
User: YOUR-4105E587B6\Owner
Computer: YOUR-4105E587B6
Description:
The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 6/27/2008
Time: 10:09:39 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type: Warning
Event Source: Dhcp
Event Category: None
Event ID: 1003
Date: 6/26/2008
Time: 1:37:58 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00C09F866DBE. The following error occurred:
The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c7 04 00 00 ...




Event Type: Error
Event Source: sr
Event Category: None
Event ID: 1
Date: 6/26/2008
Time: 11:11:26 PM
User: N/A
Computer: YOUR-4105E587B6
Description:
The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SrtETmp' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 06 00 00 00 04 00 4e 00 ......N.
0008: 00 00 00 00 01 00 00 c0 .......
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........



Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 6/25/2008
Time: 3:34:57 PM
User: YOUR-4105E587B6\Owner
Computer: YOUR-4105E587B6
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service netman with arguments "" in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

#10 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:08:31 PM

Posted 01 July 2008 - 04:24 PM

With the large number of errors referring to catdb (and looking at this link: http://discussions.virtualdr.com/archive/i...p/t-177138.html ) along with the recent problems with the system slowing down - I'd have to suspect that this is a malware infection.

I'd recommend that you try a few of the online scans that I mentioned above.

The Application errors that you posted seem the most significant.
The Security error is something to be concerned about - but I'd keep an eye on it to see if repeats. If it does, then there's additional support for suspecting a malware infection.
The System errors seem rather benign - but they also bear watching to see if they repeat themselves.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#11 isabellarose

isabellarose
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 01 July 2008 - 10:54 PM

Thank you again for your help.

I just tried to run Panda Active Scan and after I registered, it keeps giving me an error message and telling me it can't run the scan and to try again later.

Also, when I first tried to use the program and it was going through its setup, I received a message from my computer saying: "Windows Virtual Memory Minimum is too Low. Your system is low on VM. Windows is increasing the size of your VM paging file. During this process memory requests for some applications may be denied. For more info see Help."

I have been receiving this message for several weeks now, almost all the time when either my Spy Sweeper or Norton AntiVirus start to run their scheduled scans.

Also, my PC is supposed to have 512 MB of RAM but only has 480 MB - is that normal?

I ran McAfee earlier and it didn't find anything, but I didn't run it from Safe Mode. Does that matter and if so, how can I run it from Safe Mode when I can only do it from the internet? For some reason I thought I'm not supposed to access the internet while in Safe Mode.

I've always prided myself on being so careful. I thought I had all the right malware programs running that should have protected my PC. I am overwhelmed and not sure what is the right thing to do.

I posted some other information about my PC in my first topic about "Something's Wrong? I'm still concerned about dual appearances of some programs. Maybe that is the least of my worries right now, but I'm wondering if these extra appearances were put there my the malware.

All of your time & help is very much appreciated.

isabellarose

Edited by isabellarose, 02 July 2008 - 09:23 AM.


#12 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:08:31 PM

Posted 02 July 2008 - 04:56 PM

It's likely that you system has 32 mB of memory reserved for your video card - so the 480 mB would be right. FWIW - I'd suggest that you upgrade your memory to at least 1 gB for good performance with Windows XP.

Anyhow, I'm going to move this topic over to the Am I Infected forum where you can get some more help on ensure that your system is clean.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#13 isabellarose

isabellarose
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 02 July 2008 - 08:50 PM

I was able to scan with F-Secure and it didn't find anything, but it skipped 9 files. Is it normal to skip files? Here is the scanning report:

F-Secure Online Scanner 3.3.1 - Scanning Report - Wednesday, July 0... file:l//C:IDOCUME~l/OwnerILOCALS~1rremp/OnlineScanner/01s_ ... ----

Scanning Report

Wednesday, July 02, 2008 12:44:38 - 14:33: 11

Computer name: YOUR-4105E587B6

Scanning type: Scan system for malware, rootkits Target: C:\

Result: 0 malware found

Statistics

Scanned:

Files: 47754

System: 4624

Not scanned: 9

Actions:

Disinfected: 0

Renamed: 0

Deleted: 0

None: 0

Submitted: 0

Files not scanned:

C:\HIBERFIL.SYS

C:\PAGEFILE.5YS

C: \ WINDOWS\SYSTEM32\CON FIG\DEFAU LT

C:\WINDOWS\SYSTEM32\CONFIG\SAM

C: \ WINDOWS\SYSTEM32\CON FIG\SECU RITY

C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM

C: \ WINDOWS\SOFTWAREDISTRIBUTION\EVENTCACHE\{EDFCE02B-F15A-41C8-8637 -78E7 A37

C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCRST.DLL

Options

Scanning engines:

F-Secure USS: 2.30.0

F-Secure Hydra: 2.8.8110, 2008-07-02

F-SecureAVP: 7.0.171,2008-07-02

F-Secure Pegasus: 1.20.0, 2008-04-14

F-Secure Blacklight: 1..0.68

10f2

7/2120082:47 PM

#14 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,068 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:31 PM

Posted 02 July 2008 - 09:05 PM

"Object is locked skipped" or "Access Denied" notations in a scan are normal. Some files are locked by the operating system or running programs during use for protection, so scanners cannot access them. When the scanner finds such a file, it makes a note and then just skips to the next one. These skipped detections are normally not malware related nor are they infected.

Perform an Online Virus Scan like BitDefender.
(These require Internet Explorer to work. Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component. If given the option, choose "Quarantine" instead of delete.)
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#15 isabellarose

isabellarose
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 03 July 2008 - 10:46 AM

Thank you. I ran BitDefender and it found one virus. Here is the report:


BitDefender Online Scanner


Scan report generated at: Wed, Jul 02, 2008 - 23:32:36


Scan path: C:\;D:\;E:\;






Statistics

Time 02:01:22

Files 392424

Folders 9890

Boot Sectors 3

Archives 39263

Packed Files 22916


Results

Identified Viruses

1


Infected Files

1


Suspect Files

0


Warnings

0


Disinfected

0


Deleted Files

1


Engines Info


Virus Definitions 1322984


Engine build

AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins

16


Archive plugins

42


Unpack plugins

7

E-mail plugins

6

System plugins

5


Scan Settings

First Action

Disinfect


Second Action

Delete



Heuristics

Yes


Enable Warnings


Yes

Scanned Extensions*;


Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes

Scanned File Status

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{445BA929-0754-421E-B2F9-D5F440A69141}\Microsoft\Outlook Express\Karen.dbx=>(message 2): A loving Birthday wish from Sergio


Infected with: Generic.Peed.Eml.A1478D74

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{445BA929-0754-421E-B2F9-D5F440A69141}\Microsoft\Outlook Express\Karen.dbx=>(message 2): A loving Birthday wish from Sergio


Disinfection failed

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{445BA929-0754-421E-B2F9-D5F440A69141}\Microsoft\Outlook Express\Karen.dbx=>(message 2): A loving Birthday wish from Sergio


Deleted

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{445BA929-0754-421E-B2F9-D5F440A69141}\Microsoft\Outlook Express\Karen.dbx


Updated



I'm wondering why the other programs haven't found this since I've been running several different programs over the past week and a half (besides my normal Spy Sweeper & Norton). When I ran MalwareBytes on June 23 or 24th it found 7 instances of malware, but hasn't found anything since. None of the other programs found anything at all.

Therefore, how do I know if my computer is completely clean now?

Also, I received the "Windows Virtual Memory Minimum is Too Low" message again the morning when my Spy Sweeper was running. This began happening about 2 or 3 weeks ago.

Thanks,
isabellarose

Edited by isabellarose, 03 July 2008 - 10:48 AM.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users