Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Had antivirus2009, now IE, disc defrag, sys restore not working


  • This topic is locked This topic is locked
18 replies to this topic

#1 NASCARLANCE

NASCARLANCE

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B'HAM AL.
  • Local time:01:19 AM

Posted 22 January 2009 - 01:22 AM

HP Pavilion dv8210us (laptop)
Windows XP sp3, Internet Explorer 7, McAfee Security Suite

I got attacked by the Antivirus2009 infection. I lost the use of Internet Explorer, Disc Defrag, and System Restore that is what I know of, I could have more programs that are not working. I have an old version of Netscape that I am using to browse the internet with, but I have had some problems with it being buggy.
I have ran Malewarebytes' Antimalware, CC Cleaner, Ad-Aware and have scanned my system with McAfee.
Here are a couple of examples of what my PC is doing:
~When I click on my IE desktop shortcut the hourglass pops up and the hard drive activity light comes on for a couple of seconds and then nothing happens.
~When I try to use Disc Defragmenter I get the message "Disk Defragmenter could not start"
~When I click on Windows Update nothing happens.
~When trying to restore my system to a previous date, I can get to the screen where you click to do the restore, but when I click the button to start the restore it just sits there. It's not frozen, it is just that nothing happens.
~Uploading and down loading has been hit and miss. Sometimes it works, sometimes not.

I can not get the Attach.txt file to upload. I've recompressed it a couple of times but can't get it to upload. I have no choice but to post it below, I'm sorry if this is inappropriate. I'm lucky to be able to get on the internet and want to make it as easy as possible for someone to help me..

Thanks to everyone in advance.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-01-07.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 5/3/2006 10:47:29 PM
System Uptime: 1/21/2009 11:30:03 AM (8 hours ago)

Motherboard: Hewlett-Packard | | 309B
Processor: AMD Turion™ 64 Mobile Technology ML-32 | U23 | 1790/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 66 GiB total, 42.486 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.43 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 802.11b/g WLAN
Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&0&10A4
Manufacturer: Broadcom
Name: Broadcom 802.11b/g WLAN
PNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&0&10A4
Service: BCM43XX

==== System Restore Points ===================

RP909: 11/6/2008 3:41:48 AM - System Checkpoint
RP910: 11/6/2008 7:39:01 PM - Software Distribution Service 3.0
RP911: 11/7/2008 2:07:58 PM - Software Distribution Service 3.0
RP912: 11/8/2008 2:27:45 PM - System Checkpoint
RP913: 11/9/2008 3:21:11 PM - System Checkpoint
RP914: 11/10/2008 4:30:39 PM - System Checkpoint
RP915: 11/11/2008 10:42:34 PM - System Checkpoint
RP916: 11/12/2008 3:00:23 AM - Software Distribution Service 3.0
RP917: 11/12/2008 3:10:34 AM - Software Distribution Service 3.0
RP918: 11/13/2008 5:40:39 AM - System Checkpoint
RP919: 11/14/2008 3:00:37 AM - Software Distribution Service 3.0
RP920: 11/15/2008 4:43:49 AM - System Checkpoint
RP921: 11/16/2008 7:03:19 AM - System Checkpoint
RP922: 11/17/2008 7:19:04 AM - System Checkpoint
RP923: 11/18/2008 7:24:41 AM - System Checkpoint
RP924: 11/19/2008 3:00:40 AM - Software Distribution Service 3.0
RP925: 11/20/2008 12:14:05 AM - Installed LightScribe Template Designs - Art Pack 1.
RP926: 11/21/2008 1:27:32 AM - System Checkpoint
RP927: 11/21/2008 3:00:55 AM - Software Distribution Service 3.0
RP928: 11/22/2008 5:00:10 AM - System Checkpoint
RP929: 11/23/2008 6:17:28 AM - System Checkpoint
RP930: 11/24/2008 6:26:45 AM - System Checkpoint
RP931: 11/24/2008 3:44:33 PM - Installed LightScribe Template Designs - Special Occasion Pack 1.
RP932: 11/24/2008 3:45:25 PM - Installed LightScribe Template Designs - Celebration Pack 1.
RP933: 11/24/2008 3:48:09 PM - Installed LightScribe Template Designs - Sports Pack 1.
RP934: 11/24/2008 4:13:50 PM - Software Distribution Service 3.0
RP935: 11/24/2008 5:52:31 PM - Installed LightScribe Template Designs - Travel Pack 1.
RP936: 11/24/2008 5:53:14 PM - Installed LightScribe Template Designs - Architecture Pack 1.
RP937: 11/24/2008 5:53:43 PM - Installed LightScribe Template Designs - Kids Korner Pack 1.
RP938: 11/24/2008 5:54:11 PM - Installed LightScribe Template Designs - Hobby Pack 1.
RP939: 11/24/2008 5:55:44 PM - Installed LightScribe Template Designs - Floral Pack 1.
RP940: 11/24/2008 5:56:38 PM - Installed LightScribe Template Designs - Food-n-Family Pack 1.
RP941: 11/24/2008 5:57:05 PM - Installed LightScribe Template Designs - 9 to 5 Pack 1.
RP942: 11/24/2008 5:58:13 PM - Installed LightScribe Template Designs - Animal Pack 1.
RP943: 11/24/2008 5:58:51 PM - Installed LightScribe Template Designs - Nature Pack 1.
RP944: 11/24/2008 5:59:53 PM - Installed LightScribe Template Designs - Urban Pack 1.
RP945: 11/24/2008 6:00:29 PM - Installed LightScribe Template Designs - Music Pack 1.
RP946: 11/24/2008 6:02:13 PM - Installed LightScribe Template Designs - Street Style Pack 1.
RP947: 11/24/2008 6:02:46 PM - Installed LightScribe Template Designs - Mythology Pack 1.
RP948: 11/24/2008 6:04:34 PM - Installed LightScribe Template Designs - Bonus Pack 1.
RP949: 11/24/2008 6:05:06 PM - Installed LightScribe Template Designs - Fantasy Pack 1.
RP950: 11/24/2008 6:06:12 PM - Installed LightScribe Template Designs - Grab Bag Pack 1.
RP951: 11/24/2008 6:07:11 PM - Installed LightScribe Template Designs - Holiday Pack 1.
RP952: 11/24/2008 6:08:13 PM - Installed LightScribe Template Designs - Tattoo Pack 1.
RP953: 11/25/2008 8:27:40 PM - System Checkpoint
RP954: 11/26/2008 9:26:32 PM - System Checkpoint
RP955: 11/27/2008 3:37:59 PM - Software Distribution Service 3.0
RP956: 11/28/2008 8:13:08 PM - System Checkpoint
RP957: 11/29/2008 9:22:12 PM - System Checkpoint
RP958: 11/30/2008 9:53:42 PM - System Checkpoint
RP959: 12/1/2008 10:19:37 PM - System Checkpoint
RP960: 12/2/2008 3:01:05 AM - Software Distribution Service 3.0
RP961: 12/3/2008 5:06:03 AM - System Checkpoint
RP962: 12/4/2008 6:33:59 AM - System Checkpoint
RP963: 12/4/2008 5:13:37 PM - Software Distribution Service 3.0
RP964: 12/5/2008 6:13:50 PM - System Checkpoint
RP965: 12/6/2008 6:10:00 AM - Software Distribution Service 3.0
RP966: 12/6/2008 6:13:42 AM - Software Distribution Service 3.0
RP967: 12/7/2008 6:26:58 AM - System Checkpoint
RP968: 12/8/2008 7:22:04 AM - System Checkpoint
RP969: 12/8/2008 10:37:25 PM - Software Distribution Service 3.0
RP970: 12/9/2008 11:45:36 PM - System Checkpoint
RP971: 12/10/2008 3:00:19 AM - Software Distribution Service 3.0
RP972: 12/11/2008 3:13:58 AM - System Checkpoint
RP973: 12/12/2008 3:00:20 AM - Software Distribution Service 3.0
RP974: 12/13/2008 3:00:26 AM - Software Distribution Service 3.0
RP975: 12/14/2008 3:07:29 AM - System Checkpoint
RP976: 12/15/2008 5:51:54 AM - System Checkpoint
RP977: 12/16/2008 3:00:56 AM - Software Distribution Service 3.0
RP978: 12/17/2008 3:06:04 AM - System Checkpoint
RP979: 12/18/2008 3:00:16 AM - Software Distribution Service 3.0
RP980: 12/18/2008 3:45:07 PM - Software Distribution Service 3.0
RP981: 12/19/2008 9:54:31 PM - System Checkpoint
RP982: 12/21/2008 12:14:01 AM - System Checkpoint
RP983: 12/22/2008 5:35:26 AM - System Checkpoint
RP984: 12/22/2008 6:43:29 PM - Software Distribution Service 3.0
RP985: 12/24/2008 12:35:16 AM - System Checkpoint
RP986: 12/25/2008 1:20:56 AM - System Checkpoint
RP987: 12/25/2008 4:05:00 PM - Software Distribution Service 3.0
RP988: 12/26/2008 4:54:25 PM - System Checkpoint
RP989: 12/27/2008 5:54:25 PM - System Checkpoint
RP990: 12/28/2008 6:25:41 PM - System Checkpoint
RP991: 12/29/2008 7:53:00 PM - System Checkpoint
RP992: 12/30/2008 12:26:36 AM - Software Distribution Service 3.0
RP993: 12/30/2008 8:02:16 AM - Installed Garmin WebUpdater
RP994: 12/31/2008 8:40:06 AM - System Checkpoint
RP995: 1/1/2009 9:41:12 AM - System Checkpoint
RP996: 1/1/2009 10:31:52 PM - Software Distribution Service 3.0
RP997: 1/3/2009 12:55:16 AM - System Checkpoint
RP998: 1/4/2009 5:40:50 AM - System Checkpoint
RP999: 1/5/2009 7:45:33 AM - System Checkpoint
RP1000: 1/6/2009 2:13:42 AM - Software Distribution Service 3.0
RP1001: 1/7/2009 4:34:31 AM - System Checkpoint
RP1002: 1/8/2009 6:21:38 AM - System Checkpoint
RP1003: 1/8/2009 12:50:41 PM - Software Distribution Service 3.0
RP1004: 1/9/2009 1:23:48 PM - System Checkpoint
RP1005: 1/10/2009 1:26:59 PM - System Checkpoint
RP1006: 1/11/2009 2:35:49 PM - System Checkpoint
RP1007: 1/12/2009 3:02:29 PM - System Checkpoint
RP1008: 1/12/2009 5:52:25 PM - Software Distribution Service 3.0
RP1009: 1/13/2009 6:02:28 PM - System Checkpoint
RP1010: 1/14/2009 3:00:17 AM - Software Distribution Service 3.0
RP1011: 1/15/2009 5:14:47 AM - System Checkpoint
RP1012: 1/16/2009 3:00:56 AM - Software Distribution Service 3.0
RP1013: 1/17/2009 3:27:50 AM - System Checkpoint
RP1014: 1/18/2009 6:26:49 AM - System Checkpoint
RP1015: 1/19/2009 7:14:45 AM - System Checkpoint
RP1016: 1/19/2009 2:02:15 PM - Software Distribution Service 3.0
RP1017: 1/21/2009 10:38:23 AM - Windows Defender Checkpoint

==== Installed Programs ======================


32 Bit HP CIO Components Installer
7-Zip 4.42
ACECAD DigiMemo Manager
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.9
Adobe Shockwave Player 11
AI RoboForm (All Users)
AIO_Scan
Amazon MP3 Downloader 1.0.3
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
Avanquest update
BufferChm
C8100
C8100_doccd
C8100_Help
CCleaner (remove only)
CDDRV_Installer
Charter Solution Controls Installation
Conexant AC-Link Audio
Copy
CopySafe Plugin
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
Creative Jukebox Driver
CueTour
Customer Experience Enhancement
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DocProc
DocProcQFolder
eSupportQFolder
Fax
FullDPAppQFolder
Gadwin PrintScreen
Garmin Communicator Plugin
Garmin WebUpdater
Google Earth
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Customer Participation Program 9.0
HP Help and Support
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 2100 series
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Photosmart Premier Software 6.0
HP Product Detection
hp psc 2100 series
HP QuickPlay 2.0
HP Rhapsody
HP Smart Web Printing
HP Solution Center 9.0
HP Update
HP User Guides--System Recovery
HP User Guides 0026
HP Wireless Assistant 2.00 C1
HPNetworkAssistant
HPProductAssistant
HpSdpAppCoreApp
HPSSupply
ieSpell
InstantShareDevices
iTunes
J2SE Runtime Environment 5.0 Update 6
Java™ 6 Update 3
Java™ SE Runtime Environment 6 Update 1
KhalInstallWrapper
KJClipper 1.20
LightScribe 1.4.142.1
LightScribe Template Designs - 9 to 5 Pack 1
LightScribe Template Designs - Animal Pack 1
LightScribe Template Designs - Architecture Pack 1
LightScribe Template Designs - Art Pack 1
LightScribe Template Designs - Bonus Pack 1
LightScribe Template Designs - Celebration Pack 1
LightScribe Template Designs - Fantasy Pack 1
LightScribe Template Designs - Floral Pack 1
LightScribe Template Designs - Food-n-Family Pack 1
LightScribe Template Designs - Grab Bag Pack 1
LightScribe Template Designs - Hobby Pack 1
LightScribe Template Designs - Holiday Pack 1
LightScribe Template Designs - Kids Korner Pack 1
LightScribe Template Designs - Music Pack 1
LightScribe Template Designs - Mythology Pack 1
LightScribe Template Designs - Nature Pack 1
LightScribe Template Designs - Special Occasion Pack 1
LightScribe Template Designs - Sports Pack 1
LightScribe Template Designs - Street Style Pack 1
LightScribe Template Designs - Tattoo Pack 1
LightScribe Template Designs - Travel Pack 1
LightScribe Template Designs - Urban Pack 1
Logitech MouseWare 9.79.1
Logitech SetPoint
Malwarebytes' Anti-Malware
MarketResearch
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2006
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Motorola Driver Installation 3.5.0
Motorola Phone Tools
Motorola Software Update
Move Networks Media Player for Internet Explorer
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
muvee autoProducer 4.5
MyScript Notes for ACECAD
Netscape Browser (remove only)
Office 2003 Trial Assistant
OptionalContentQFolder
Paint.NET v3.07
PanoStandAlone
Photo Viewer 2.24
PhotoGallery
Picasa 2
Pop-Up Stopper Free Edition
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_min
PSSWCORE
Quick Launch Buttons 5.20 F2
Quicken 2006
QuickTime
RandMap
RealPlayer
REALTEK Gigabit and Fast Ethernet NIC Driver
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
RoxioShim
Scan
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
SkinsHP1
Soft Data Fax Modem with SmartCP
SolutionCenter
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic MyDVD Plus
Sonic Update Manager
Sonic_PrimoSDK
Status
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Toolbox
TourSetup
TrayApp
TVUPlayer 2.3.7.1
Unload
UnloadSupport
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VideoToolkit01
WebFldrs XP
WebIQ Client Software
WebReg
Windows Defender
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinPatrol 2007 Restore/Remove First
WinPatrol 2007 Step 2
Wootalyzer!
XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger
Yahoo! Photos Easy Upload Tool 1v7
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

1/20/2009 4:19:17 AM, error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
1/20/2009 5:18:52 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
1/20/2009 7:34:05 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
1/20/2009 7:34:42 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AliIde IntelIde ViaIde

==== End Of File ===========================

Attach.txt file Attach.txt file Attach.txt file Attach.txt file Attach.txt file Attach.txt file

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-01-07.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 5/3/2006 10:47:29 PM
System Uptime: 1/21/2009 11:30:03 AM (8 hours ago)

Motherboard: Hewlett-Packard | | 309B
Processor: AMD Turion™ 64 Mobile Technology ML-32 | U23 | 1790/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 66 GiB total, 42.486 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.43 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 802.11b/g WLAN
Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&0&10A4
Manufacturer: Broadcom
Name: Broadcom 802.11b/g WLAN
PNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&0&10A4
Service: BCM43XX

==== System Restore Points ===================

RP909: 11/6/2008 3:41:48 AM - System Checkpoint
RP910: 11/6/2008 7:39:01 PM - Software Distribution Service 3.0
RP911: 11/7/2008 2:07:58 PM - Software Distribution Service 3.0
RP912: 11/8/2008 2:27:45 PM - System Checkpoint
RP913: 11/9/2008 3:21:11 PM - System Checkpoint
RP914: 11/10/2008 4:30:39 PM - System Checkpoint
RP915: 11/11/2008 10:42:34 PM - System Checkpoint
RP916: 11/12/2008 3:00:23 AM - Software Distribution Service 3.0
RP917: 11/12/2008 3:10:34 AM - Software Distribution Service 3.0
RP918: 11/13/2008 5:40:39 AM - System Checkpoint
RP919: 11/14/2008 3:00:37 AM - Software Distribution Service 3.0
RP920: 11/15/2008 4:43:49 AM - System Checkpoint
RP921: 11/16/2008 7:03:19 AM - System Checkpoint
RP922: 11/17/2008 7:19:04 AM - System Checkpoint
RP923: 11/18/2008 7:24:41 AM - System Checkpoint
RP924: 11/19/2008 3:00:40 AM - Software Distribution Service 3.0
RP925: 11/20/2008 12:14:05 AM - Installed LightScribe Template Designs - Art Pack 1.
RP926: 11/21/2008 1:27:32 AM - System Checkpoint
RP927: 11/21/2008 3:00:55 AM - Software Distribution Service 3.0
RP928: 11/22/2008 5:00:10 AM - System Checkpoint
RP929: 11/23/2008 6:17:28 AM - System Checkpoint
RP930: 11/24/2008 6:26:45 AM - System Checkpoint
RP931: 11/24/2008 3:44:33 PM - Installed LightScribe Template Designs - Special Occasion Pack 1.
RP932: 11/24/2008 3:45:25 PM - Installed LightScribe Template Designs - Celebration Pack 1.
RP933: 11/24/2008 3:48:09 PM - Installed LightScribe Template Designs - Sports Pack 1.
RP934: 11/24/2008 4:13:50 PM - Software Distribution Service 3.0
RP935: 11/24/2008 5:52:31 PM - Installed LightScribe Template Designs - Travel Pack 1.
RP936: 11/24/2008 5:53:14 PM - Installed LightScribe Template Designs - Architecture Pack 1.
RP937: 11/24/2008 5:53:43 PM - Installed LightScribe Template Designs - Kids Korner Pack 1.
RP938: 11/24/2008 5:54:11 PM - Installed LightScribe Template Designs - Hobby Pack 1.
RP939: 11/24/2008 5:55:44 PM - Installed LightScribe Template Designs - Floral Pack 1.
RP940: 11/24/2008 5:56:38 PM - Installed LightScribe Template Designs - Food-n-Family Pack 1.
RP941: 11/24/2008 5:57:05 PM - Installed LightScribe Template Designs - 9 to 5 Pack 1.
RP942: 11/24/2008 5:58:13 PM - Installed LightScribe Template Designs - Animal Pack 1.
RP943: 11/24/2008 5:58:51 PM - Installed LightScribe Template Designs - Nature Pack 1.
RP944: 11/24/2008 5:59:53 PM - Installed LightScribe Template Designs - Urban Pack 1.
RP945: 11/24/2008 6:00:29 PM - Installed LightScribe Template Designs - Music Pack 1.
RP946: 11/24/2008 6:02:13 PM - Installed LightScribe Template Designs - Street Style Pack 1.
RP947: 11/24/2008 6:02:46 PM - Installed LightScribe Template Designs - Mythology Pack 1.
RP948: 11/24/2008 6:04:34 PM - Installed LightScribe Template Designs - Bonus Pack 1.
RP949: 11/24/2008 6:05:06 PM - Installed LightScribe Template Designs - Fantasy Pack 1.
RP950: 11/24/2008 6:06:12 PM - Installed LightScribe Template Designs - Grab Bag Pack 1.
RP951: 11/24/2008 6:07:11 PM - Installed LightScribe Template Designs - Holiday Pack 1.
RP952: 11/24/2008 6:08:13 PM - Installed LightScribe Template Designs - Tattoo Pack 1.
RP953: 11/25/2008 8:27:40 PM - System Checkpoint
RP954: 11/26/2008 9:26:32 PM - System Checkpoint
RP955: 11/27/2008 3:37:59 PM - Software Distribution Service 3.0
RP956: 11/28/2008 8:13:08 PM - System Checkpoint
RP957: 11/29/2008 9:22:12 PM - System Checkpoint
RP958: 11/30/2008 9:53:42 PM - System Checkpoint
RP959: 12/1/2008 10:19:37 PM - System Checkpoint
RP960: 12/2/2008 3:01:05 AM - Software Distribution Service 3.0
RP961: 12/3/2008 5:06:03 AM - System Checkpoint
RP962: 12/4/2008 6:33:59 AM - System Checkpoint
RP963: 12/4/2008 5:13:37 PM - Software Distribution Service 3.0
RP964: 12/5/2008 6:13:50 PM - System Checkpoint
RP965: 12/6/2008 6:10:00 AM - Software Distribution Service 3.0
RP966: 12/6/2008 6:13:42 AM - Software Distribution Service 3.0
RP967: 12/7/2008 6:26:58 AM - System Checkpoint
RP968: 12/8/2008 7:22:04 AM - System Checkpoint
RP969: 12/8/2008 10:37:25 PM - Software Distribution Service 3.0
RP970: 12/9/2008 11:45:36 PM - System Checkpoint
RP971: 12/10/2008 3:00:19 AM - Software Distribution Service 3.0
RP972: 12/11/2008 3:13:58 AM - System Checkpoint
RP973: 12/12/2008 3:00:20 AM - Software Distribution Service 3.0
RP974: 12/13/2008 3:00:26 AM - Software Distribution Service 3.0
RP975: 12/14/2008 3:07:29 AM - System Checkpoint
RP976: 12/15/2008 5:51:54 AM - System Checkpoint
RP977: 12/16/2008 3:00:56 AM - Software Distribution Service 3.0
RP978: 12/17/2008 3:06:04 AM - System Checkpoint
RP979: 12/18/2008 3:00:16 AM - Software Distribution Service 3.0
RP980: 12/18/2008 3:45:07 PM - Software Distribution Service 3.0
RP981: 12/19/2008 9:54:31 PM - System Checkpoint
RP982: 12/21/2008 12:14:01 AM - System Checkpoint
RP983: 12/22/2008 5:35:26 AM - System Checkpoint
RP984: 12/22/2008 6:43:29 PM - Software Distribution Service 3.0
RP985: 12/24/2008 12:35:16 AM - System Checkpoint
RP986: 12/25/2008 1:20:56 AM - System Checkpoint
RP987: 12/25/2008 4:05:00 PM - Software Distribution Service 3.0
RP988: 12/26/2008 4:54:25 PM - System Checkpoint
RP989: 12/27/2008 5:54:25 PM - System Checkpoint
RP990: 12/28/2008 6:25:41 PM - System Checkpoint
RP991: 12/29/2008 7:53:00 PM - System Checkpoint
RP992: 12/30/2008 12:26:36 AM - Software Distribution Service 3.0
RP993: 12/30/2008 8:02:16 AM - Installed Garmin WebUpdater
RP994: 12/31/2008 8:40:06 AM - System Checkpoint
RP995: 1/1/2009 9:41:12 AM - System Checkpoint
RP996: 1/1/2009 10:31:52 PM - Software Distribution Service 3.0
RP997: 1/3/2009 12:55:16 AM - System Checkpoint
RP998: 1/4/2009 5:40:50 AM - System Checkpoint
RP999: 1/5/2009 7:45:33 AM - System Checkpoint
RP1000: 1/6/2009 2:13:42 AM - Software Distribution Service 3.0
RP1001: 1/7/2009 4:34:31 AM - System Checkpoint
RP1002: 1/8/2009 6:21:38 AM - System Checkpoint
RP1003: 1/8/2009 12:50:41 PM - Software Distribution Service 3.0
RP1004: 1/9/2009 1:23:48 PM - System Checkpoint
RP1005: 1/10/2009 1:26:59 PM - System Checkpoint
RP1006: 1/11/2009 2:35:49 PM - System Checkpoint
RP1007: 1/12/2009 3:02:29 PM - System Checkpoint
RP1008: 1/12/2009 5:52:25 PM - Software Distribution Service 3.0
RP1009: 1/13/2009 6:02:28 PM - System Checkpoint
RP1010: 1/14/2009 3:00:17 AM - Software Distribution Service 3.0
RP1011: 1/15/2009 5:14:47 AM - System Checkpoint
RP1012: 1/16/2009 3:00:56 AM - Software Distribution Service 3.0
RP1013: 1/17/2009 3:27:50 AM - System Checkpoint
RP1014: 1/18/2009 6:26:49 AM - System Checkpoint
RP1015: 1/19/2009 7:14:45 AM - System Checkpoint
RP1016: 1/19/2009 2:02:15 PM - Software Distribution Service 3.0
RP1017: 1/21/2009 10:38:23 AM - Windows Defender Checkpoint

==== Installed Programs ======================


32 Bit HP CIO Components Installer
7-Zip 4.42
ACECAD DigiMemo Manager
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.9
Adobe Shockwave Player 11
AI RoboForm (All Users)
AIO_Scan
Amazon MP3 Downloader 1.0.3
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
Avanquest update
BufferChm
C8100
C8100_doccd
C8100_Help
CCleaner (remove only)
CDDRV_Installer
Charter Solution Controls Installation
Conexant AC-Link Audio
Copy
CopySafe Plugin
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
Creative Jukebox Driver
CueTour
Customer Experience Enhancement
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DocProc
DocProcQFolder
eSupportQFolder
Fax
FullDPAppQFolder
Gadwin PrintScreen
Garmin Communicator Plugin
Garmin WebUpdater
Google Earth
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Customer Participation Program 9.0
HP Help and Support
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 2100 series
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Photosmart Premier Software 6.0
HP Product Detection
hp psc 2100 series
HP QuickPlay 2.0
HP Rhapsody
HP Smart Web Printing
HP Solution Center 9.0
HP Update
HP User Guides--System Recovery
HP User Guides 0026
HP Wireless Assistant 2.00 C1
HPNetworkAssistant
HPProductAssistant
HpSdpAppCoreApp
HPSSupply
ieSpell
InstantShareDevices
iTunes
J2SE Runtime Environment 5.0 Update 6
Java™ 6 Update 3
Java™ SE Runtime Environment 6 Update 1
KhalInstallWrapper
KJClipper 1.20
LightScribe 1.4.142.1
LightScribe Template Designs - 9 to 5 Pack 1
LightScribe Template Designs - Animal Pack 1
LightScribe Template Designs - Architecture Pack 1
LightScribe Template Designs - Art Pack 1
LightScribe Template Designs - Bonus Pack 1
LightScribe Template Designs - Celebration Pack 1
LightScribe Template Designs - Fantasy Pack 1
LightScribe Template Designs - Floral Pack 1
LightScribe Template Designs - Food-n-Family Pack 1
LightScribe Template Designs - Grab Bag Pack 1
LightScribe Template Designs - Hobby Pack 1
LightScribe Template Designs - Holiday Pack 1
LightScribe Template Designs - Kids Korner Pack 1
LightScribe Template Designs - Music Pack 1
LightScribe Template Designs - Mythology Pack 1
LightScribe Template Designs - Nature Pack 1
LightScribe Template Designs - Special Occasion Pack 1
LightScribe Template Designs - Sports Pack 1
LightScribe Template Designs - Street Style Pack 1
LightScribe Template Designs - Tattoo Pack 1
LightScribe Template Designs - Travel Pack 1
LightScribe Template Designs - Urban Pack 1
Logitech MouseWare 9.79.1
Logitech SetPoint
Malwarebytes' Anti-Malware
MarketResearch
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2006
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Motorola Driver Installation 3.5.0
Motorola Phone Tools
Motorola Software Update
Move Networks Media Player for Internet Explorer
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
muvee autoProducer 4.5
MyScript Notes for ACECAD
Netscape Browser (remove only)
Office 2003 Trial Assistant
OptionalContentQFolder
Paint.NET v3.07
PanoStandAlone
Photo Viewer 2.24
PhotoGallery
Picasa 2
Pop-Up Stopper Free Edition
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_min
PSSWCORE
Quick Launch Buttons 5.20 F2
Quicken 2006
QuickTime
RandMap
RealPlayer
REALTEK Gigabit and Fast Ethernet NIC Driver
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
RoxioShim
Scan
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
SkinsHP1
Soft Data Fax Modem with SmartCP
SolutionCenter
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic MyDVD Plus
Sonic Update Manager
Sonic_PrimoSDK
Status
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Toolbox
TourSetup
TrayApp
TVUPlayer 2.3.7.1
Unload
UnloadSupport
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VideoToolkit01
WebFldrs XP
WebIQ Client Software
WebReg
Windows Defender
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinPatrol 2007 Restore/Remove First
WinPatrol 2007 Step 2
Wootalyzer!
XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger
Yahoo! Photos Easy Upload Tool 1v7
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

1/20/2009 4:19:17 AM, error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
1/20/2009 5:18:52 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
1/20/2009 7:34:05 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
1/20/2009 7:34:42 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AliIde IntelIde ViaIde

==== End Of File ===========================



Thanks to anyone who can help or tries to help.
Lance

BC AdBot (Login to Remove)

 


#2 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:19 AM

Posted 01 February 2009 - 12:59 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.
Also please explain your problem as fully as possible. Each little detail will help in getting your system cleaned up and functional again.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scans:

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.



* Download DDS by sUBs from one of the following links. Save it to your desktop.
DDS.com
DDS.scr
DDS.pif

* Double click on the DDS icon, allow it to run.
* A small box will open, with an explaination about the tool. No input is needed, the scan is running.
* Notepad will open with the results, click no to the Optional_Scan
* Follow the instructions that pop up for posting the results.
* Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

After your response, someone will be with you soon.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#3 NASCARLANCE

NASCARLANCE
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B'HAM AL.
  • Local time:01:19 AM

Posted 02 February 2009 - 03:14 AM

Since my first post I have ran, SUPERAntiSpyware, Ad-Aware and CCleaner a couple of times each. I have regained IE7 and some of the other non-functioning programs. I would still appreciate it if you could make sure my machine is 100% clean and I am open to suggestions to help me to keep it that way.
This is what I am currently using:
McAfee Security Center
AdAware
CCleaner
MBAM
SUPERAntiSpyware
Win-Patrol

Thanks for your help.


Malwarebytes' Anti-Malware 1.33
Database version: 1693
Windows 5.1.2600 Service Pack 3

2/2/2009 1:21:43 AM
mbam-log-2009-02-02 (01-21-43).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 135888
Time elapsed: 48 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


DDS (Ver_09-01-07.01) - NTFSx86
Run by Lance at 1:25:22.82 on Mon 02/02/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1256 [GMT -6:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: Norton Internet Worm Protection *disabled*
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Lance\Desktop\dds.com

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
uStart Page = hxxp://www.google.com/ig?hl=en&source=iglk
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: NoExplorer - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [PopUpStopperFreeEdition] "c:\progra~1\panicw~1\pop-up~1\PSFree.exe"
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [eabconfg.cpl] c:\program files\hpq\quick launch buttons\EabServr.exe /Start
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - c:\program files\siber systems\ai roboform\RoboFormComOptions.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
TCP: {E41ED1EE-6B9E-409C-B985-9A817CA10622} = 208.67.222.222,208.67.220.220
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-2-25 207656]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-12-22 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-22 55024]
R3 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-8-22 231424]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2008-2-25 605512]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-2-25 79240]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-2-25 35240]
R3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-2-25 34152]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-2-25 40488]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-12-22 7408]
R4 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-2-25 358736]
R4 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2008-2-25 144704]
R4 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 DigimHID;DigimHID;c:\windows\system32\drivers\DigimHID.sys [2008-3-5 5120]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2007-6-28 18176]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2007-6-28 7680]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2008-5-14 23680]
S4 0321401213876485mcinstcleanup;McAfee Application Installer Cleanup (0321401213876485);c:\windows\temp\032140~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\032140~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]

============== File Associations ===============

regfile=regedit.exe "%1" %*
scrfile="%1" %*

=============== Created Last 30 ================

2009-01-26 01:27 552 a------- c:\windows\system32\d3d8caps.dat
2009-01-25 22:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-01-25 22:46 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-01-25 22:46 <DIR> --d----- c:\docume~1\lance\applic~1\SUPERAntiSpyware.com
2009-01-21 12:39 <DIR> --d----- c:\windows\pss

==================== Find3M ====================

2009-01-21 10:47 84,039 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-14 16:11 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 16:11 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-13 00:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-12-11 04:57 333,952 a------- c:\windows\system32\drivers\srv.sys
2008-12-11 04:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-11-26 20:39 100,416 a------- c:\docume~1\lance\applic~1\GDIPFONTCACHEV1.DAT
2007-06-26 02:05 24,192 a------- c:\documents and settings\lance\usbsermptxp.sys
2007-06-26 02:05 22,768 a------- c:\documents and settings\lance\usbsermpt.sys
2007-07-23 00:41 22 a--sh--- c:\windows\sminst\HPCD.sys
2007-07-10 19:41 80 ---shr-- c:\windows\system32\E4F8F6CC9D.dll
2008-08-25 08:10 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082520080826\index.dat

============= FINISH: 1:26:00.67 ===============

Attached Files



#4 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:19 AM

Posted 02 February 2009 - 11:29 AM

Since my first post I have ran, SUPERAntiSpyware, Ad-Aware and CCleaner a couple of times each. I have regained IE7 and some of the other non-functioning programs. I would still appreciate it if you could make sure my machine is 100% clean and I am open to suggestions to help me to keep it that way.

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: Norton Internet Worm Protection *disabled*
FW: McAfee Personal Firewall *enabled*


Outstanding! But before we go further I do have a few questions. What programs are still non functioning? Or having other problems? And what are the problems you are having now?

The other question is are you running both McAfee and Norton? Or did you uninstall Norton, and not all of it got removed?
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#5 NASCARLANCE

NASCARLANCE
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B'HAM AL.
  • Local time:01:19 AM

Posted 03 February 2009 - 12:06 AM

Norton was uninstalled, I guess some of it got left behind.
As far as I know all of my programs are currently functioning correctly.
My system seems to be running stable now. The only bug that my machine still has is that when I shut down IE it sometimes takes it between 30 and 60 seconds to close. It is the only program that is taking that long to shut down.

Thanks for your help,
Lance

#6 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:19 AM

Posted 03 February 2009 - 12:37 AM

OK, first I would go to this Norton page, and download the removal tool for the version that you had installed and get rid of it.

As for the IE problem,

1. In Internet Explorer 7, click the Tools menu, and then click Internet Options.
2. On the Advanced tab, click Reset.
3. In the Reset Internet Explorer Settings dialog box, click Reset.
4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.

The Reset Internet Explorer Settings feature restores the following items to their default settings:

* Home pages
* Search scopes
* Browsing history
* Form data
* Passwords
* Appearance settings
* Toolbars
* ActiveX controls

Additionally, the Reset Internet Explorer Settings feature disables all add-ins. However, it does not remove the add-ins.



Also Please follow these steps to remove older version Java components and update.

Updating Java:
Download the latest version of Java Runtime Environment (JRE) 6.0.
Scroll down to where it says "Java SE Runtime Environment (JRE) 6 Update 12".
Click the "Download" button to the right.
UNCHECK the option to install Google Toolbar if you don't want it .
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u12-windows-i586-p.exe to install the newest version.
[*]Note: By default a box may be checked to install a toolbar - if you do not want to install it, then be sure to opt-out by unchecking that box.

Also uninstall Adobe Acrobat 7 and install Version 9
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#7 NASCARLANCE

NASCARLANCE
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B'HAM AL.
  • Local time:01:19 AM

Posted 04 February 2009 - 04:51 AM

OK, I got rid of the Norton hanger-ons.
I reset my IE back to default settings.
Then it was out with the old Java and in with the new Java.
Then I done the same with Adobe.
IE7 now closes as fast as it should and I ran DDS to make sure the Norton junk was completely gone. :thumbup2:


Is there anything else that I need to do to get my PC completely clean?
My McAfee expires in a month and I was thinking of going with a freeware AV and FW, Do you have any suggestions?
Thanks for your help,
Lance

Edited by NASCARLANCE, 04 February 2009 - 04:52 AM.


#8 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:19 AM

Posted 04 February 2009 - 09:00 AM

I have been using AVG for a long time, started with the free version, and still recommend it. As for a firewall, I am partial to ZoneAlarm.

Now there are something's you need to do to fully clean your system and keep it secure.

[*]Please download OTCleanIt from one of the following mirrors and save it to your desktop:[*]Double click the Posted Image icon.
[*] Click the large "Cleanup" button.
[*] A list of tool components used in the Cleanup of malware will be downloaded.
[*] Click Yes to begin the Cleanup process and remove these components, including this application.
[*] You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.
[*] Make sure you have an Internet Connection.
[*] If you have a firewall that throws out a message that OTMI3 is attempting to contact the Internet that it should be allowed.
[*]You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.
[/list]
Cleaning out Temporary Files etc. There are several different products that you can use for this. You can go thru the Internet Options in the windows Control Panel. There are several programs that also do the job better than windows does it, in my opinion. There is System Security Suite, EasyCleaner, Ccleaner. Also sometimes other program sometimes do it as well as what you originally got it for like ZoneAlarm Security Suite. Just make sure to keep them updated and use them regularly.

Disable and Enable System Restore.
If you are using Windows Vista or XP, then I recommend you turn off System restore, and then turn it back on so that you will not be able to restore your problems to a clean computer.

Here are some good tutorials for that.
Windows Vista Restore Guide
or
Windows XP System Restore Guide
Reboot
Re-enable system restore with instructions from tutorial above

Create a System Restore Point
Go to all programs, then to accessories, then to system tools, then to system restore. Check the box for create restore point (not select a restore point), then click next and follow the instructions.

Make your Internet Explorer more secure - This can be done by following these simple instructions: (unless you are using ZoneAlarm Security Suite or something similar, then you would secure the browser thru the firewall).

From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Also see the following: Internet Explorer Privacy & Security Settings
Working with Internet Explorer 6 Security

Use a different browser other than IE (most exploits are pointed towards IE). One of them is
Firefox.
It is also worth trying Thunderbird for controlling spam in your e-mail.


Always use an UPDATED anti-virus program Make sure you update this at least weekly, if not more often. This is one thing that may Ave you more than anything else.

Run malware scanners. Three free ones are Spybot Search and Destroy, and AdAware and Malwarebytes' Anti-Malware


Always use a firewall.
Any firewall is better than none, and you should pick a firewall that you will use, as even the best firewall is worthless if you turn it off.

Learn how to use your firewall Only programs that need it should have access to the net. But these are specific to the firewall you use, so you will need to learn how. Several firewalls have support forums here. My page will help you with ZoneAlarm if that is what you choose.


Never run two Antivirus programs or two Firewalls at the same time. They can interfere with each other and cause problems. Some people swear that more protection is provided, but the reverse is true. They tend to argue amongst themselves and end up leaving holes. Now I have more than 1 AV installed on my computer, and I keep them up to date. I only run one at a time, but each program has weakness's, so I keep a backup in case my computer starts acting up.


MOST IMPORTANT : Windows and IE, and whatever other software that you have that connects to the net, needs to be kept updated. The reason is, these programs connect to the net, and if there is an internal security problem, you have already told your firewall to allow the communication, and thus you will have allowed a hole. UPDATES are important. I suggest that you make sure that Windows Updates and the updates for your antivirus and antimalware programs are set for automatic updates.

Don't ever use P2P or filesharing software Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.

Before using any malware detection / removal software Check with Rogue/Suspect Spyware List and Rogue Applications List That way you will know if the program you are looking at is on the up and up. If you want to know how it stacks up against other programs check out SpywareWarrior

We have a good guide here at Spyware Hammer on how to prevent Malware in the Future. You might want to peruse this and follow the recommendations in there.
PLEASE READ IT AND FOLLOW THE RECOMMENDATIONS TO PROTECT YOURSELF.

Let us know if you have any more problems, either new or old.
Have a good time surfing the net, but stay safe.
If you have no more problems, let me know and I will mark this as resolved. Or if you have more questions, ask away, that is why I am here.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#9 NASCARLANCE

NASCARLANCE
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B'HAM AL.
  • Local time:01:19 AM

Posted 09 February 2009 - 06:04 AM

I had a birthday party for my 7 year old to deal with over the weekend. Please don't close this post yet. I will start the new set of instructions today.
Thanks,
Lance

#10 NASCARLANCE

NASCARLANCE
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B'HAM AL.
  • Local time:01:19 AM

Posted 09 February 2009 - 06:08 PM

I went thru all of the suggestions in your last post today. Before Making a restore point, I decided to run all of the AV, spyware and malware programs to make sure nothing had gotten past McAfee in the past week of browsing.
I ran AdAware first and look at what it found:

Infections Found
Family Id~~~~~~~Name~~~~~~~~~~~Category~~~~~TAI
1245~~~~~~Win32.Worm.Brontok~~~~~~Worm~~~~~~10
[543146] File: C:\Program Files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll

This is the first "worm" that I have ever had on any of my PCs. How does something like this get past McAfee? What do these worms do? What can I do to keep from getting another "worm"? Will some of the stuff that I did today keep me from getting another "worm"?

I ran all of my AV, spyware and malware programs a couple of times and then made the restore point.

#11 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:19 AM

Posted 09 February 2009 - 07:19 PM

Did you delete the file? Its possible that it is a false positive. If you still have the file Send that file to VirSCAN and have it checked out. Open the webpage and up at the top use the browse button to go to
FILENAME then click upload. Then just wait for a bit. Depending on the load it may take a bit. But you will get a popup and it will show you the progress first in the queue, then in the scan. Once it is done, the popup will disappear and you will be taken to a page with the results. Scroll down to the bottom of the page and there is a copy to clipboard button. Click that and then come back here and start a response, and paste in the results.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#12 NASCARLANCE

NASCARLANCE
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B'HAM AL.
  • Local time:01:19 AM

Posted 11 February 2009 - 02:17 AM

I've tried everything to find that file, but I guess AdAware got completely rid of it. AdAware had never found it before, BUT I had just ran an update prior to running that scan.

Edited by NASCARLANCE, 11 February 2009 - 02:17 AM.


#13 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:19 AM

Posted 11 February 2009 - 10:52 PM

I think you ended up with a false positive. They are more common than they want to admit. If you do a scan right after an update, and it finds a problem in a file you have had a while, then chances are it is a fluke. The only way to tell for sure is to scan it at someplace like VirSCAN. I think you are all set. Do you have any other problems or concerns?
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#14 NASCARLANCE

NASCARLANCE
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B'HAM AL.
  • Local time:01:19 AM

Posted 12 February 2009 - 09:17 PM

I've only got one more question.
Will my deleting of the file from the InstallShield folder affect my computer in any way? Or is it one of those things that will prompt me to re-download it the next time that I need to use that program?


I really appreciate this websight for all that it does for us and especially you for your personal help with my computer problem.
Thanks alot,
Lance

Edited by NASCARLANCE, 12 February 2009 - 09:38 PM.


#15 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:19 AM

Posted 12 February 2009 - 10:51 PM

From what I have found out if you delete that folder, then if you go to uninstall something that use installshield to install with, then you will have problems uninstalling it. I think it is one of those folders best left alone.

Any more concerns?

And you are welcome! I had a lot of help when I first got on the internet, back in the day. :thumbup2: Least I can do is help others that are in the same place I was.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users