Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Continuously get error messages on webpages.


  • Please log in to reply
10 replies to this topic

#1 tom5625

tom5625

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 19 June 2010 - 11:35 AM

Hello, I don't know if I have a virus issue or if I have something turned off / set wrong on my computer. My interenet explorer has been encountering problems/errors and going down but then it will bring it back up quite more often lately. Thought I might have a small virus or something so thought i should download an anti-malware program and run it. However, i have tried to download both Malwarebytes and SuperAntiSpyware and both want to know what program I want to use to download them. It says my computer can't encode them..... I have never had this issue with any of my other computers so I'm naturally wondering if I have a virus that is blocking this procedure or if something is turned off.

BC AdBot (Login to Remove)

 


#2 tom5625

tom5625
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 24 June 2010 - 04:34 PM

I attempted to follow preperation guide. However, again when I reached the point to download and run DDS, I get a box asking to choose the program I want to run this with .... microsoft picture manager, microsoft office word........

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:14 AM

Posted 25 June 2010 - 09:33 PM

Hello, Go here to Doug KNox's Windows® XP File Association Fixes
Run 9th down on left... EXE File Association Fix ... the EXE not EML one.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.
Before you save it rename it to say zztoy.exe

alternate download link 1

alternate download link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Next run ATF and SAS: If you cannot access Safe Mode,run in normal ,but let me know.

Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

From your regular user account..
Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..
DO NOT run yet.
Open SUPER from icon and install and Update it
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining
.
Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.

Now reboot into Safe Mode: How to enter safe mode(XP)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.

If you use Firefox or Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program
.

NOW Scan with SUPER
Open from the desktop icon or the program Files list
On the left, make sure you check C:\Fixed Drive.
Perform a Complete scan. After scan,Verify they are all checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.


Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 tom5625

tom5625
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 26 June 2010 - 09:58 AM

Hello Boopme,

-I really appreciate your help. I was worried not being able to download .exe programs, had never seen that before. One thing I should let you know is that I currently am with out a firewall / anti-virus. I recently deleted and uninstalled, because I thought maybe it was contributing to my computer issues. I know I need to put one back on but for the time being do you reccomend any free ones that I can download while your helping me sort out my issues?


1. Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4242

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/26/2010 12:43:55 AM
mbam-log-2010-06-26 (00-43-55).txt

Scan type: Quick scan
Objects scanned: 149432
Time elapsed: 23 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 19
Registry Values Infected: 3
Registry Data Items Infected: 4
Folders Infected: 25
Files Infected: 82

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\Program Files\Shared\lib.dll (Trojan.BHO) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ab3dfa03-f743-4302-81dd-c370bffeca23} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e550dc77-ef3b-474f-b59c-b3e2aa1fa6a5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{e550dc77-ef3b-474f-b59c-b3e2aa1fa6a5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e550dc77-ef3b-474f-b59c-b3e2aa1fa6a5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{afd4ad01-58c1-47db-a404-fbe00a6c5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{afd4ad01-58c1-47db-a404-fbe00a6c5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{afd4ad01-58c1-47db-a404-fbe00a6c5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{afd4ad01-58c1-47db-a404-fbe00a6c5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware343 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\starware343 (Adware.Starware) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\Tom Brake\Local Settings\Application Data\vma.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\All Users\Application Data\Starware343 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Dating (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Free_Credit_Score (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Map_It (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Ringtones (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Weather (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware343 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware343\bin (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware343\icons (Adware.Starware) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Starware343\bin\Starware343.dll (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Shared\lib.dll (Trojan.BHO) -> Delete on reboot.
C:\Documents and Settings\Tom Brake\Local Settings\Temp\0.04391250539436464.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\702_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\702_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\Dating0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\Free_Credit_Score0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\Reference.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\ReferenceHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\referencehotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\referencexp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\Ringtones0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\Weather.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\WeatherHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\weatherhotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\buttons\weatherxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\clear.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\cloudy.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\foggy.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\haze.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\mcloud.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\nclear.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\ncloudy.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\nmcloud.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\npcloud.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\nrain.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\pcloud.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\rain.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\images\walert.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware343\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Dating\DatingOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Dating\DatingOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Free_Credit_Score\Free_Credit_ScoreOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Free_Credit_Score\Free_Credit_ScoreOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Map_It\Map_ItOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Map_It\Map_ItOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Ringtones\RingtonesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Ringtones\RingtonesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Weather\AlertArchive.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Brake\Application Data\Starware343\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware343\Starware343Config.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware343\Starware343Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware343\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Shared\lib.sig (Adware.Deepdive) -> Quarantined and deleted successfully.



2. SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/26/2010 at 05:08 AM

Application Version : 4.39.1002

Core Rules Database Version : 5121
Trace Rules Database Version: 2933

Scan type : Complete Scan
Total Scan Time : 03:16:11

Memory items scanned : 271
Memory threats detected : 1
Registry items scanned : 6592
Registry threats detected : 1
File items scanned : 67654
File threats detected : 41

System.BrokenFileAssociation
HKCR\.exe

Trojan.Dropper/Win-NV
C:\WINDOWS\MSVIDEO.DLL
C:\WINDOWS\MSVIDEO.DLL

Adware.Flash Tracking Cookie
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\TRAFFIC.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\CACHE.SPECIFICMEDIA.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\CDN2.INVITEMEDIA.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\MEDIA1.BREAK.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\MSNBCMEDIA.MSN.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\OBJECTS.TREMORMEDIA.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\POLLTRACKER.TALKINGPOINTSMEMO.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\INTERCLICK.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\UDN.SPECIFICCLICK.NET
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\CONTENT.YIELDMANAGER.EDGESUITE.NET
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\ADS1.MSN.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\S0.2MDN.NET
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\SECURE-US.IMRWORLDWIDE.COM
C:\Documents and Settings\Tom Brake\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\46JVR3XM\ODDCAST.COM

Adware.Tracking Cookie
ads1.msn.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
cache.specificmedia.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
cdn2.invitemedia.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
cdn4.specificclick.net [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
content.yieldmanager.edgesuite.net [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
core.insightexpressai.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
interclick.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
ll.media.abc.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
m1.2mdn.net [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
macromedia.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
media.jambocast.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
media.monster.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
media1.break.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
msnbcmedia.msn.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
objects.tremormedia.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
oddcast.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
polltracker.talkingpointsmemo.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
s0.2mdn.net [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
secure-us.imrworldwide.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
traffic.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
udn.specificclick.net [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
videos.mediaite.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
www.blogsmithmedia.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
www.discountmugs.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]
www.soundclick.com [ C:\Documents and Settings\Tom Brake\Application Data\Macromedia\Flash Player\#SharedObjects\46JVR3XM ]

Adware.Starware
C:\DOCUMENTS AND SETTINGS\TOM BRAKE\MY DOCUMENTS\MY RECEIVED FILES\BRAKE\MAPS.EXE

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:14 AM

Posted 26 June 2010 - 11:54 AM

Hello, this looks a lot better.

Turn on the XP firewall.
Click Start, click Run, type Firewall.cpl, and then click OK.
On the General tab, click On (recommended).
Click OK.


Install and scan with Antivir Free antivirus.
Post that log, Let me know how it is running
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 tom5625

tom5625
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 26 June 2010 - 06:47 PM

Avira AntiVir Personal
Report file date: Saturday, June 26, 2010 19:39

Scanning for 2270810 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : Tom Brake
Computer name : TOMBRAKECOMP

Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/1/2010 17:37:38
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 17:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 23:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 00:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 22:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 21:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 16:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 23:36:59
VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 23:37:27
VBASE007.VDF : 7.10.7.219 2048 Bytes 6/2/2010 23:37:28
VBASE008.VDF : 7.10.7.220 2048 Bytes 6/2/2010 23:37:28
VBASE009.VDF : 7.10.7.221 2048 Bytes 6/2/2010 23:37:28
VBASE010.VDF : 7.10.7.222 2048 Bytes 6/2/2010 23:37:28
VBASE011.VDF : 7.10.7.223 2048 Bytes 6/2/2010 23:37:28
VBASE012.VDF : 7.10.7.224 2048 Bytes 6/2/2010 23:37:29
VBASE013.VDF : 7.10.8.37 270336 Bytes 6/10/2010 23:37:32
VBASE014.VDF : 7.10.8.69 138752 Bytes 6/14/2010 23:37:34
VBASE015.VDF : 7.10.8.102 130560 Bytes 6/16/2010 23:37:36
VBASE016.VDF : 7.10.8.135 152064 Bytes 6/21/2010 23:37:38
VBASE017.VDF : 7.10.8.163 432128 Bytes 6/23/2010 23:37:44
VBASE018.VDF : 7.10.8.164 2048 Bytes 6/23/2010 23:37:44
VBASE019.VDF : 7.10.8.165 2048 Bytes 6/23/2010 23:37:44
VBASE020.VDF : 7.10.8.166 2048 Bytes 6/23/2010 23:37:44
VBASE021.VDF : 7.10.8.167 2048 Bytes 6/23/2010 23:37:45
VBASE022.VDF : 7.10.8.168 2048 Bytes 6/23/2010 23:37:45
VBASE023.VDF : 7.10.8.169 2048 Bytes 6/23/2010 23:37:45
VBASE024.VDF : 7.10.8.170 2048 Bytes 6/23/2010 23:37:45
VBASE025.VDF : 7.10.8.171 2048 Bytes 6/23/2010 23:37:46
VBASE026.VDF : 7.10.8.172 2048 Bytes 6/23/2010 23:37:46
VBASE027.VDF : 7.10.8.173 2048 Bytes 6/23/2010 23:37:46
VBASE028.VDF : 7.10.8.174 2048 Bytes 6/23/2010 23:37:46
VBASE029.VDF : 7.10.8.175 2048 Bytes 6/23/2010 23:37:47
VBASE030.VDF : 7.10.8.176 2048 Bytes 6/23/2010 23:37:47
VBASE031.VDF : 7.10.8.190 129024 Bytes 6/25/2010 23:37:49
Engineversion : 8.2.4.2
AEVDF.DLL : 8.1.2.0 106868 Bytes 6/26/2010 23:38:29
AESCRIPT.DLL : 8.1.3.33 1356155 Bytes 6/26/2010 23:38:28
AESCN.DLL : 8.1.6.1 127347 Bytes 6/26/2010 23:38:23
AESBX.DLL : 8.1.3.1 254324 Bytes 6/26/2010 23:38:31
AERDL.DLL : 8.1.4.6 541043 Bytes 6/26/2010 23:38:22
AEPACK.DLL : 8.2.2.5 430453 Bytes 6/26/2010 23:38:19
AEOFFICE.DLL : 8.1.1.0 201081 Bytes 6/26/2010 23:38:16
AEHEUR.DLL : 8.1.1.38 2724214 Bytes 6/26/2010 23:38:14
AEHELP.DLL : 8.1.11.6 242038 Bytes 6/26/2010 23:38:00
AEGEN.DLL : 8.1.3.12 377204 Bytes 6/26/2010 23:37:58
AEEMU.DLL : 8.1.2.0 393588 Bytes 6/26/2010 23:37:55
AECORE.DLL : 8.1.15.3 192886 Bytes 6/26/2010 23:37:54
AEBB.DLL : 8.1.1.0 53618 Bytes 6/26/2010 23:37:52
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 17:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 17:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 21:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 4/1/2010 17:35:46
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/1/2010 17:39:51
AVARKT.DLL : 10.0.0.14 227176 Bytes 4/1/2010 17:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 14:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 17:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 20:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 19:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 18:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/9/2010 19:14:29

Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Saturday, June 26, 2010 19:39

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '1' Module(s) have been scanned
Scan process 'RAMASST.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'point32.exe' - '1' Module(s) have been scanned
Scan process 'type32.exe' - '1' Module(s) have been scanned
Scan process 'iprntctl.exe' - '1' Module(s) have been scanned
Scan process 'pdfsaver.exe' - '1' Module(s) have been scanned
Scan process 'VPTray.exe' - '1' Module(s) have been scanned
Scan process 'ccApp.exe' - '1' Module(s) have been scanned
Scan process 'pdfsty.exe' - '1' Module(s) have been scanned
Scan process 'NWTRAY.EXE' - '1' Module(s) have been scanned
Scan process 'dpmw32.exe' - '1' Module(s) have been scanned
Scan process 'NDSTray.exe' - '1' Module(s) have been scanned
Scan process 'Ltmoh.exe' - '1' Module(s) have been scanned
Scan process 'TPSBattM.exe' - '1' Module(s) have been scanned
Scan process 'SMax4PNP.exe' - '1' Module(s) have been scanned
Scan process 'TMEEJME.EXE' - '1' Module(s) have been scanned
Scan process 'TMERzCtl.EXE' - '1' Module(s) have been scanned
Scan process 'TPSMain.exe' - '1' Module(s) have been scanned
Scan process 'SmoothView.exe' - '1' Module(s) have been scanned
Scan process 'TosHKCW.exe' - '1' Module(s) have been scanned
Scan process 'TFNF5.exe' - '1' Module(s) have been scanned
Scan process 'thpsrv.exe' - '1' Module(s) have been scanned
Scan process 'TFncKy.exe' - '1' Module(s) have been scanned
Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
Scan process 'TouchED.Exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process '00THotkey.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'Tmesrv31.exe' - '1' Module(s) have been scanned
Scan process 'ThpSrv.exe' - '1' Module(s) have been scanned
Scan process 'Rtvscan.exe' - '1' Module(s) have been scanned
Scan process 'swupdtmr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'DVDRAMSV.exe' - '1' Module(s) have been scanned
Scan process 'DefWatch.exe' - '1' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ccEvtMgr.exe' - '1' Module(s) have been scanned
Scan process 'ccSetMgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ACS.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '1750' files ).



End of the scan: Saturday, June 26, 2010 19:41
Used time: 01:10 Minute(s)

The scan has been done completely.

0 Scanned directories
2268 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2268 Files not concerned
5 Archives were scanned
0 Warnings
0 Notes




- Seems to be running much better. However, I still have a box pop up every now and then saying internet explorer encountered an error and it shuts down. It will come back up to where it left off usually a few seconds later. It was doing this every few minutes now i'm only seeing it happen every now and then...... so it's working much better.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:14 AM

Posted 26 June 2010 - 10:36 PM

Perhaps there are a few corrupt files from the malwares. We can check the system files with SFC.

Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista users..The command needs to be run from an elevated Command Prompt.
Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the XP CD when asked.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 tom5625

tom5625
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 27 June 2010 - 11:22 AM

Boopme,

Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

I am not understanding what to do here. I do not have my XP disc handy- it's in storage. So from following the directions:


1. Locate your Windows XP installation CD. If you don't have one, you'll need to locate a directory on your system that's named"i386" (without the quotes). This directory may be on a hidden partition on your hard drive.

I run "i386" and up pops so many, many, many files. Not sure what I am looking for. I am yet to run the SFC scan because I have no clue what i would do from there. I tried reading through the forum thread on it but I'm not following what the "i386" is or how I'm to use it or its contents.

Any extra help / direction on this would be most appreciated.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:14 AM

Posted 27 June 2010 - 08:20 PM

OK, after looking I think it's better for you to reset IE8.
Reset Internet Explorer 8 settings

Note this section. Internet Explorer settings that are affected by a reset
in case you want to write down things you added.

When ready scroll to here
Click on Show all

automatically is probably the better option.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 tom5625

tom5625
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 28 June 2010 - 10:27 AM

OK done (reset Internet Explorer 8 settings).

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:14 AM

Posted 28 June 2010 - 04:01 PM

So all is good??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users