Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HELP!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: HELP!!

Unread postby altasplace » December 18th, 2007, 10:35 am

It only allows me to click on "save as" and then when I click that it will ask me to save as text or html. I asked for text and it says for the security of my computer it has saved in the temporary internet files which I found out is in my virtual folder. If I save it in the html it just saves the kaspersky home page. If I try to copy any part of that scan page it will not allow me to copy anything. I have no idea what to do...
altasplace
Active Member
 
Posts: 12
Joined: December 8th, 2007, 4:26 pm
Advertisement
Register to Remove

Re: HELP!!

Unread postby 'KotaGuy » December 19th, 2007, 12:03 am

Ok... don't worry about it. :)

Are you still getting the warning from Mcafee?
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Re: HELP!!

Unread postby altasplace » December 19th, 2007, 12:48 am

Unfortunately, yes. This is how it reads in my quick cleaner for the cache cleaner: ?codedownloaderrorlog!name={da4f543c-c8a9-4e88-9a79-548cbb46f18f} (0 Bytes)
altasplace
Active Member
 
Posts: 12
Joined: December 8th, 2007, 4:26 pm

Re: HELP!!

Unread postby 'KotaGuy » December 19th, 2007, 9:56 am

Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  • Now click the Run Scan button on the toolbar.
  • The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Re: HELP!!

Unread postby altasplace » December 19th, 2007, 10:42 am

WinPFind3 logfile created on: 12/19/2007 9:12:50 AM
WinPFind3U by OldTimer - Version 1.0.44 Folder = C:\Users\michelle\Desktop\WinPFind3u\
Windows Vista (TM) Home Premium (Version = 6.0.6000)
Internet Explorer (Version = 7.0.6000.16575)

2.00 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 63.21% Memory free
4.00 Gb Paging File | 3.31 Gb Available in Paging File | 82.71% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.74 Gb Total Space | 73.61 Gb Free Space | 73.80% Space Free
Drive D: | 10.00 Gb Total Space | 5.42 Gb Free Space | 54.23% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: MICHELLE-LAPTOP
Current User Name: michelle
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ati2evxx.exe -> %System32%\Ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4163 | Size = 569344 bytes | Modified Date = 3/14/2007 5:53:10 PM | Attr = ]
ati2evxx.exe -> %System32%\Ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4163 | Size = 569344 bytes | Modified Date = 3/14/2007 5:53:10 PM | Attr = ]
bcmwltry.exe -> %System32%\BCMWLTRY.EXE -> Dell Inc. [Ver = 4.102.15.57 | Size = 1716224 bytes | Modified Date = 11/27/2006 5:55:48 PM | Attr = ]
dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> Avanquest Software [Ver = 1, 0, 0, 2 | Size = 50688 bytes | Modified Date = 11/3/2006 6:02:14 PM | Attr = ]
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.703.15317 | Size = 1862144 bytes | Modified Date = 6/4/2007 12:11:50 AM | Attr = ]
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.703.15317 | Size = 1862144 bytes | Modified Date = 6/4/2007 12:11:50 AM | Attr = ]
hwapi.exe -> %CommonProgramFiles%\McAfee\HackerWatch\HWAPI.exe -> McAfee, Inc. [Ver = 8.3.105.0 | Size = 540776 bytes | Modified Date = 2/13/2007 11:09:12 AM | Attr = ]
issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> Macrovision Corporation [Ver = 3, 20, 100, 1123 | Size = 81920 bytes | Modified Date = 10/3/2006 11:37:04 AM | Attr = ]
mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 566872 bytes | Modified Date = 1/5/2007 3:21:16 PM | Attr = ]
mcmscsvc.exe -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 361560 bytes | Modified Date = 1/5/2007 3:22:12 PM | Attr = ]
mcnasvc.exe -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 1,2,108,0 | Size = 2213416 bytes | Modified Date = 3/9/2007 3:36:10 AM | Attr = ]
mcods.exe -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> McAfee, Inc. [Ver = 11,2,121,0 | Size = 362064 bytes | Modified Date = 1/16/2007 5:03:36 PM | Attr = ]
mcpromgr.exe -> %ProgramFiles%\McAfee\MSC\mcpromgr.exe -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 493144 bytes | Modified Date = 1/5/2007 3:21:40 PM | Attr = ]
mcproxy.exe -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> McAfee, Inc. [Ver = 1,2,138,0 | Size = 353368 bytes | Modified Date = 4/12/2007 8:33:42 AM | Attr = ]
mcshield.exe -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> McAfee, Inc. [Ver = VSCORE.13.3.2.116.x86 | Size = 144960 bytes | Modified Date = 6/25/2007 9:56:42 AM | Attr = ]
mcsysmon.exe -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 11,2,131,0 | Size = 643664 bytes | Modified Date = 1/25/2007 5:01:58 PM | Attr = ]
mpfsrv.exe -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> McAfee, Inc. [Ver = 8.2.122.0 | Size = 841256 bytes | Modified Date = 6/19/2007 7:55:24 AM | Attr = ]
mps.exe -> %ProgramFiles%\McAfee\MPS\mps.exe -> McAfee, Inc. [Ver = 9.2.134.0 | Size = 906792 bytes | Modified Date = 4/18/2007 1:08:06 PM | Attr = ]
mpsevh.exe -> %ProgramFiles%\McAfee\MPS\mpsevh.exe -> McAfee, Inc. [Ver = 9.2.134.0 | Size = 304680 bytes | Modified Date = 4/18/2007 1:08:10 PM | Attr = ]
mskagent.exe -> %ProgramFiles%\McAfee\MSK\mskagent.exe -> McAfee Inc. [Ver = 8.2.125.0 | Size = 152144 bytes | Modified Date = 1/17/2007 3:30:24 PM | Attr = ]
msksrver.exe -> %ProgramFiles%\McAfee\MSK\msksrver.exe -> McAfee Inc. [Ver = 8.2.125.0 | Size = 29264 bytes | Modified Date = 1/17/2007 3:30:34 PM | Attr = ]
pcmservice.exe -> %ProgramFiles%\Dell\MediaDirect\PCMService.exe -> CyberLink Corp. [Ver = 4, 5, 0, 0 | Size = 184320 bytes | Modified Date = 10/13/2006 11:31:34 AM | Attr = ]
quickset.exe -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 8, 0, 11, 0 | Size = 1125088 bytes | Modified Date = 2/20/2007 1:01:12 PM | Attr = ]
redirsvc.exe -> %CommonProgramFiles%\McAfee\RedirSvc\RedirSvc.exe -> McAfee, Inc. [Ver = 1,3,109,0 | Size = 256096 bytes | Modified Date = 3/8/2007 2:42:42 PM | Attr = ]
roxwatch9.exe -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -> Sonic Solutions [Ver = 9.0.1.64 | Size = 159744 bytes | Modified Date = 11/5/2006 11:13:00 AM | Attr = ]
rpcnet.exe -> %System32%\rpcnet.exe -> Absolute Software Corp. [Ver = 8.0.847.0 | Size = 41584 bytes | Modified Date = 12/2/2006 1:37:00 AM | Attr = ]
saservice.exe -> %ProgramFiles%\SiteAdvisor\6253\SAService.exe -> [Ver = | Size = 345376 bytes | Modified Date = 12/17/2007 5:47:20 PM | Attr = ]
siteadv.exe -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.exe -> McAfee, Inc. [Ver = 2.4.0 | Size = 36904 bytes | Modified Date = 3/30/2007 10:42:50 AM | Attr = ]
stacsv.exe -> %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stacsv.exe -> SigmaTel, Inc. [Ver = 1.0.5343.1 nd544 cp1 | Size = 90112 bytes | Modified Date = 2/8/2007 12:11:00 AM | Attr = ]
sttray.exe -> %SystemRoot%\sttray.exe -> SigmaTel, Inc. [Ver = 1.0.5343.1 nd544 cp1 | Size = 303104 bytes | Modified Date = 2/8/2007 12:11:04 AM | Attr = ]
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 9.0.1.3 06Nov06 | Size = 815104 bytes | Modified Date = 11/17/2006 6:52:40 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.44.0 | Size = 371200 bytes | Modified Date = 11/21/2007 9:19:46 AM | Attr = ]
wltray.exe -> %System32%\WLTRAY.EXE -> Dell Inc. [Ver = 4.102.15.57 | Size = 1540096 bytes | Modified Date = 11/27/2006 5:56:02 PM | Attr = ]
wltrysvc.exe -> %System32%\WLTRYSVC.EXE -> [Ver = | Size = 24064 bytes | Modified Date = 11/27/2006 5:56:04 PM | Attr = ]
xaudio.exe -> %System32%\drivers\XAudio.exe -> Conexant Systems, Inc. [Ver = 1.00.00 | Size = 386560 bytes | Modified Date = 11/11/2006 6:10:40 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Ati External Event Utility) Ati External Event Utility [Win32_Own | Auto | Running] -> %System32%\Ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4163 | Size = 569344 bytes | Modified Date = 3/14/2007 5:53:10 PM | Attr = ]
(CertPropSvc) Certificate Propagation [Win32_Shared | Unknown | Running] -> -> File not found
(DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Unknown | Running] -> -> File not found
(DPS) Diagnostic Policy Service [Win32_Shared | Unknown | Running] -> -> File not found
(Emproxy) McAfee E-mail Proxy [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\McAfee\EmProxy\emproxy.exe -> McAfee, Inc. [Ver = 11,2,214,0 | Size = 341328 bytes | Modified Date = 10/5/2007 4:33:26 PM | Attr = ]
(GoogleDesktopManager) GoogleDesktopManager [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.703.15317 | Size = 1862144 bytes | Modified Date = 6/4/2007 12:11:50 AM | Attr = ]
(gpsvc) Group Policy Client [Win32_Shared | Unknown | Running] -> -> File not found
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 10/22/2004 3:24:18 AM | Attr = ]
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found
(McAfee HackerWatch Service) McAfee HackerWatch Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\HackerWatch\HWAPI.exe -> McAfee, Inc. [Ver = 8.3.105.0 | Size = 540776 bytes | Modified Date = 2/13/2007 11:09:12 AM | Attr = ]
(mcmispupdmgr) McAfee Update Manager [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\MSC\mcupdmgr.exe -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 689752 bytes | Modified Date = 1/5/2007 3:22:18 PM | Attr = ]
(mcmscsvc) McAfee Services [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 361560 bytes | Modified Date = 1/5/2007 3:22:12 PM | Attr = ]
(McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 1,2,108,0 | Size = 2213416 bytes | Modified Date = 3/9/2007 3:36:10 AM | Attr = ]
(McODS) McAfee Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> McAfee, Inc. [Ver = 11,2,121,0 | Size = 362064 bytes | Modified Date = 1/16/2007 5:03:36 PM | Attr = ]
(mcpromgr) McAfee Protection Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcpromgr.exe -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 493144 bytes | Modified Date = 1/5/2007 3:21:40 PM | Attr = ]
(McProxy) McAfee Proxy Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> McAfee, Inc. [Ver = 1,2,138,0 | Size = 353368 bytes | Modified Date = 4/12/2007 8:33:42 AM | Attr = ]
(McRedirector) McAfee Redirector Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\RedirSvc\RedirSvc.exe -> McAfee, Inc. [Ver = 1,3,109,0 | Size = 256096 bytes | Modified Date = 3/8/2007 2:42:42 PM | Attr = ]
(McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> -> File not found
(McSysmon) McAfee SystemGuards [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 11,2,131,0 | Size = 643664 bytes | Modified Date = 1/25/2007 5:01:58 PM | Attr = ]
(MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> McAfee, Inc. [Ver = 8.2.122.0 | Size = 841256 bytes | Modified Date = 6/19/2007 7:55:24 AM | Attr = ]
(MPS9) McAfee Privacy Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MPS\mps.exe -> McAfee, Inc. [Ver = 9.2.134.0 | Size = 906792 bytes | Modified Date = 4/18/2007 1:08:06 PM | Attr = ]
(MSDTC) Distributed Transaction Coordinator [Win32_Own | Unknown | Stopped] -> -> File not found
(MSK80Service) McAfee SpamKiller Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSK\msksrver.exe -> McAfee Inc. [Ver = 8.2.125.0 | Size = 29264 bytes | Modified Date = 1/17/2007 3:30:34 PM | Attr = ]
(RoxMediaDB9) RoxMediaDB9 [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -> Sonic Solutions [Ver = 9.0.1.64 | Size = 880640 bytes | Modified Date = 11/5/2006 11:15:12 AM | Attr = ]
(RoxWatch9) Roxio Hard Drive Watcher 9 [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -> Sonic Solutions [Ver = 9.0.1.64 | Size = 159744 bytes | Modified Date = 11/5/2006 11:13:00 AM | Attr = ]
(Rpcnet) Remote Procedure Call (RPC) Net [Win32_Own | Auto | Running] -> %System32%\rpcnet.exe -> Absolute Software Corp. [Ver = 8.0.847.0 | Size = 41584 bytes | Modified Date = 12/2/2006 1:37:00 AM | Attr = ]
(RpcSs) Remote Procedure Call (RPC) [Win32_Shared | Unknown | Running] -> -> File not found
(SCardSvr) Smart Card [Win32_Shared | Unknown | Stopped] -> -> File not found
(Schedule) Task Scheduler [Win32_Shared | Unknown | Running] -> -> File not found
(SCPolicySvc) Smart Card Removal Policy [Win32_Shared | Unknown | Stopped] -> -> File not found
(SiteAdvisor Service) SiteAdvisor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\SiteAdvisor\6253\SAService.exe -> [Ver = | Size = 345376 bytes | Modified Date = 12/17/2007 5:47:20 PM | Attr = ]
(STacSV) SigmaTel Audio Service [Win32_Own | Auto | Running] -> %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stacsv.exe -> SigmaTel, Inc. [Ver = 1.0.5343.1 nd544 cp1 | Size = 90112 bytes | Modified Date = 2/8/2007 12:11:00 AM | Attr = ]
(stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SureThing Shared\stllssvr.exe -> MicroVision Development, Inc. [Ver = 1.2.447 | Size = 73728 bytes | Modified Date = 9/14/2006 2:54:34 PM | Attr = ]
(TrustedInstaller) Windows Modules Installer [Win32_Own | Unknown | Running] -> -> File not found
(WdiServiceHost) Diagnostic Service Host [Win32_Shared | Unknown | Stopped] -> -> File not found
(WdiSystemHost) Diagnostic System Host [Win32_Shared | Unknown | Running] -> -> File not found
(wltrysvc) Dell Wireless WLAN Tray Service [Win32_Own | Auto | Running] -> %System32%\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe -> File not found
(XAudioService) XAudioService [Win32_Own | Auto | Running] -> %System32%\drivers\XAudio.exe -> Conexant Systems, Inc. [Ver = 1.00.00 | Size = 386560 bytes | Modified Date = 11/11/2006 6:10:40 PM | Attr = ]
(0013281198072966mcinstcleanup) McAfee Application Installer Cleanup (0013281198072966) [Win32_Own | Auto | Stopped] -> %SystemRoot%\TEMP\001328~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -> File not found

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
-> -> File not found
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 10/10/2007 6:51:56 PM | Attr = ]
ATICCC -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLIStart.exe -> [Ver = | Size = 90112 bytes | Modified Date = 7/11/2006 5:12:58 PM | Attr = ]
Broadcom Wireless Manager UI -> %System32%\WLTRAY.EXE -> Dell Inc. [Ver = 4.102.15.57 | Size = 1540096 bytes | Modified Date = 11/27/2006 5:56:02 PM | Attr = ]
ECenter -> %SystemDrive%\DELL\E-Center\EULALauncher.exe -> [Ver = 1.0.2489.24404 | Size = 17920 bytes | Modified Date = 3/16/2007 5:20:42 AM | Attr = ]
Google Desktop Search -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> Google [Ver = 5.1.703.15317 | Size = 1862144 bytes | Modified Date = 6/4/2007 12:11:50 AM | Attr = ]
ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> Macrovision Corporation [Ver = 3, 20, 100, 1123 | Size = 221184 bytes | Modified Date = 10/3/2006 11:35:42 AM | Attr = ]
ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> Macrovision Corporation [Ver = 3, 20, 100, 1123 | Size = 81920 bytes | Modified Date = 10/3/2006 11:37:04 AM | Attr = ]
mcagent_exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 566872 bytes | Modified Date = 1/5/2007 3:21:16 PM | Attr = ]
MskAgentexe -> %ProgramFiles%\McAfee\MSK\mskagent.exe -> McAfee Inc. [Ver = 8.2.125.0 | Size = 152144 bytes | Modified Date = 1/17/2007 3:30:24 PM | Attr = ]
PCMService -> %ProgramFiles%\Dell\MediaDirect\PCMService.exe -> CyberLink Corp. [Ver = 4, 5, 0, 0 | Size = 184320 bytes | Modified Date = 10/13/2006 11:31:34 AM | Attr = ]
SigmatelSysTrayApp -> %SystemRoot%\sttray.exe -> SigmaTel, Inc. [Ver = 1.0.5343.1 nd544 cp1 | Size = 303104 bytes | Modified Date = 2/8/2007 12:11:04 AM | Attr = ]
SiteAdvisor -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.exe -> McAfee, Inc. [Ver = 2.4.0 | Size = 36904 bytes | Modified Date = 3/30/2007 10:42:50 AM | Attr = ]
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 9.0.1.3 06Nov06 | Size = 815104 bytes | Modified Date = 11/17/2006 6:52:40 PM | Attr = ]
Windows Defender -> MSASCui.exe -> File not found
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Common Startup > -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup ->
%AllUsersAppData%\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> Avanquest Software [Ver = 1, 0, 0, 2 | Size = 50688 bytes | Modified Date = 11/3/2006 6:02:14 PM | Attr = ]
%AllUsersAppData%\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk -> %SystemRoot%\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe -> Macrovision Corporation [Ver = 12.0.58849 | Size = 45056 bytes | Modified Date = 6/3/2007 11:59:22 PM | Attr = R ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork3.dll -> Google [Ver = 5.1.703.15317 | Size = 143360 bytes | Modified Date = 6/4/2007 12:11:50 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 3 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableInstallerDetection -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableVirtualization -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ValidateAdminCodeSignatures -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\scforceoption -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\FilterAdministratorToken -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_TEXT -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_BITMAP -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_OEMTEXT -> 7 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIB -> 8 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_PALETTE -> 9 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_UNICODETEXT -> 13 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIBV5 -> 17 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
< HOSTS File > (216766 bytes) -> C:\Windows\System32\drivers\etc\Hosts ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Bar -> http://us.rd.yahoo.com/customize/ie/def ... earch.html ->
HKLM: Search Page -> http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com ->
HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKCU: Local Page -> C:\Windows\system32\blank.htm ->
HKCU: Search Bar -> http://us.rd.yahoo.com/customize/ie/def ... earch.html ->
HKCU: Search Page -> http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com ->
HKCU: Start Page -> http://www.yahoo.com/ ->
HKCU: ProxyEnable -> 1 ->
HKCU: ProxyOverride -> <local> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{089FD14D-132B-48FC-8861-0048AE113215} [HKLM] -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.dll [Reg Data - Value does not exist] -> [Ver = | Size = 927008 bytes | Modified Date = 12/4/2007 4:02:24 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.0.104 | Size = 501384 bytes | Modified Date = 6/3/2007 11:55:42 PM | Attr = ]
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> %ProgramFiles%\McAfee\VirusScan\scriptcl.dll [scriptproxy] -> McAfee, Inc. [Ver = VSCORE.13.3.2.116.x86 | Size = 67136 bytes | Modified Date = 6/25/2007 9:57:44 AM | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{0BF43445-2F28-4351-9252-17FE6E806AA0} [HKLM] -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.dll [McAfee SiteAdvisor] -> [Ver = | Size = 927008 bytes | Modified Date = 12/4/2007 4:02:24 PM | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0\bin\npjpi160.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.0.104 | Size = 132744 bytes | Modified Date = 6/3/2007 11:55:42 PM | Attr = ]
{2670000A-7350-4f3c-8081-5663EE0C6C49} -> Reg Data - Value does not exist [ButtonText: Send to OneNote] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel -> -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{2274E4A1-208D-4572-93D6-47FF5530B7F1} -> (Broadcom 440x 10/100 Integrated Controller) ->
{5FAF58CD-FA50-4064-A661-CD6F71A554C0} -> (Dell Wireless 1390 WLAN Mini-Card) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
about -> Reg Data - Key not found -> File not found
dvd -> Reg Data - Key not found -> File not found
ipp -> Reg Data - Key not found -> File not found
its -> Reg Data - Key not found -> File not found
mhtml -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
ms-its -> Reg Data - Key not found -> File not found
siteadvisor -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.dll -> [Ver = | Size = 927008 bytes | Modified Date = 12/4/2007 4:02:24 PM | Attr = ]
tv -> Reg Data - Key not found -> File not found
vbscript -> Reg Data - Key not found -> File not found


[Files/Folders - Created Within 30 days]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 12/15/2007 10:45:11 PM | Attr = ]
hosts.20071206-205701.backup -> %System32%\drivers\etc\hosts.20071206-205701.backup -> [Ver = | Size = 761 bytes | Created Date = 12/6/2007 8:57:01 PM | Attr = ]
Msft_User_WpdFs_01_00_00.Wdf -> %System32%\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 11/29/2007 9:23:10 PM | Attr = H ]

[Files/Folders - Modified Within 30 days]
MDT -> %SystemDrive%\MDT -> [Folder | Modified Date = 12/19/2007 9:00:40 AM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 12/15/2007 9:18:12 PM | Attr = R ]
ProgramData -> %AllUsersAppData% -> [Folder | Modified Date = 12/15/2007 9:18:12 PM | Attr = H ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 12/19/2007 9:11:36 AM | Attr = HS]
Windows -> %SystemRoot% -> [Folder | Modified Date = 12/15/2007 9:18:14 PM | Attr = ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 12/13/2007 3:13:36 AM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 67584 bytes | Modified Date = 12/19/2007 9:00:26 AM | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 12/17/2007 3:11:10 PM | Attr = S]
ehome -> %SystemRoot%\ehome -> [Folder | Modified Date = 11/22/2007 8:02:36 PM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 11/22/2007 8:01:24 PM | Attr = ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 12/8/2007 3:26:04 PM | Attr = HS]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 11/22/2007 8:10:00 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 12/19/2007 9:11:54 AM | Attr = ]
registration -> %SystemRoot%\registration -> [Folder | Modified Date = 12/19/2007 9:01:20 AM | Attr = ]
rescache -> %SystemRoot%\rescache -> [Folder | Modified Date = 12/13/2007 3:03:06 AM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 12/15/2007 9:18:12 PM | Attr = ]
System32 -> %System32% -> [Folder | Modified Date = 12/15/2007 10:45:12 PM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 12/6/2007 9:34:04 PM | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 12/19/2007 9:12:30 AM | Attr = ]
winsxs -> %SystemRoot%\winsxs -> [Folder | Modified Date = 12/13/2007 3:17:06 AM | Attr = ]
McQcTask.job -> %SystemRoot%\tasks\McQcTask.job -> [Ver = | Size = 362 bytes | Modified Date = 12/14/2007 2:15:32 AM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 12/19/2007 9:00:32 AM | Attr = H ]
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %System32%\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3584 bytes | Modified Date = 12/19/2007 9:00:38 AM | Attr = H ]
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %System32%\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3584 bytes | Modified Date = 12/19/2007 9:00:40 AM | Attr = H ]
catroot -> %System32%\catroot -> [Folder | Modified Date = 12/13/2007 3:17:06 AM | Attr = ]
catroot2 -> %System32%\catroot2 -> [Folder | Modified Date = 12/15/2007 9:17:24 PM | Attr = ]
Config.MPF -> %System32%\Config.MPF -> [Ver = | Size = 16414 bytes | Modified Date = 12/19/2007 9:04:18 AM | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 12/15/2007 9:18:14 PM | Attr = ]
en-US -> %System32%\en-US -> [Folder | Modified Date = 12/13/2007 3:02:56 AM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 341200 bytes | Modified Date = 12/8/2007 2:17:14 PM | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Modified Date = 12/15/2007 10:45:12 PM | Attr = ]
migration -> %System32%\migration -> [Folder | Modified Date = 12/13/2007 3:13:40 AM | Attr = ]
rpcnet.dll -> %System32%\rpcnet.dll -> Absolute Software Corp. [Ver = 8.0.847.0 | Size = 41584 bytes | Modified Date = 12/19/2007 9:01:26 AM | Attr = ]
rpcnetp.dll -> %System32%\rpcnetp.dll -> [Ver = | Size = 17408 bytes | Modified Date = 12/15/2007 10:27:00 PM | Attr = ]
rpcnetp.exe -> %System32%\rpcnetp.exe -> [Ver = | Size = 17408 bytes | Modified Date = 12/19/2007 9:01:30 AM | Attr = ]
Tasks -> %System32%\Tasks -> [Folder | Modified Date = 12/15/2007 9:15:36 PM | Attr = ]
umstartup.etl -> %System32%\umstartup.etl -> [Ver = | Size = 49152 bytes | Modified Date = 12/5/2007 10:10:42 PM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 11/22/2007 8:02:36 PM | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 12/6/2007 8:57:02 PM | Attr = ]
UMDF -> %System32%\drivers\UMDF -> [Folder | Modified Date = 11/29/2007 9:23:12 PM | Attr = ]
Msft_User_WpdFs_01_00_00.Wdf -> %System32%\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 11/29/2007 9:23:12 PM | Attr = H ]

[File String Scan - Non-Microsoft Only]
UPX! , UPX0 , -> %System32%\DIAGDLL64.DLL -> Absolute Software Corp. [Ver = 0, 0, 0, 0 | Size = 14848 bytes | Modified Date = 11/22/2006 6:33:02 PM | Attr = ]
UPX! , UPX0 , -> %System32%\identprv.dll -> Absolute Software Corporation [Ver = 8.0.860.0 | Size = 32256 bytes | Modified Date = 8/9/2007 6:43:18 PM | Attr = ]
Thawte Consulting , -> %System32%\pxwma.dll -> Sonic Solutions [Ver = 1, 0, 0, 3 | Size = 157352 bytes | Modified Date = 6/9/2006 11:54:34 AM | Attr = ]
UPX! , UPX0 , -> %System32%\wceprv.dll -> [Ver = | Size = 3584 bytes | Modified Date = 1/17/2002 4:52:00 PM | Attr = ]
abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts -> [Ver = | Size = 216766 bytes | Modified Date = 12/6/2007 8:57:02 PM | Attr = R ]

< End of report >
altasplace
Active Member
 
Posts: 12
Joined: December 8th, 2007, 4:26 pm

Re: HELP!!

Unread postby 'KotaGuy » December 20th, 2007, 9:40 am

That log looks goo too.

The error you are receiving happens when an ActiveX download fails. In this case the CLSID - {da4f543c-c8a9-4e88-9a79-548cbb46f18f} pertains to the Microsoft file ocget.dll. Nothing bad about it :)
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Re: HELP!!

Unread postby altasplace » December 20th, 2007, 2:59 pm

Good deal. Thank you alot for the comforting knowledge. That is all I needed. Thanks KotaGuy you have been awesome!
altasplace
Active Member
 
Posts: 12
Joined: December 8th, 2007, 4:26 pm

Re: HELP!!

Unread postby 'KotaGuy » December 23rd, 2007, 11:51 am

Good to hear! Glad I was able to help :)

Some tips for the future...

This is my normal post for when you are clear - which you now are - or seem to be.
Please advise of any problems you still have. If you think you're clean please give one more reply so that I can archive this topic.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
  • Remove dangerous tools - Because some tools we used can be dangerous if they're used in the wrong way we have to remove some of them. Please remove the following tools:

    WinPFind3

  • Disable and Enable System Restore - If you are using Windows ME or XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.
    Turn off System Restore.
    On the Desktop, right-click My Computer
    Click Properties
    Click the System Restore tab
    Check Turn off System Restore
    Click Apply, and then click OK

    Reboot.

    Turn on System Restore.
    On the Desktop, right-click My Computer
    Click Properties
    Click the System Restore tab
    Uncheck Turn off System Restore
    Click Apply, and then click OK
    NOTE: only do this ONCE, NOT on a regular basis!
  • Re hide your system files To do so, please follow the steps below:
    • Double-click My Computer.
    • Click the Tools menu, and then click Folder Options.
    • Click the View tab.
    • Put a check by "Hide file extensions for known file types."
    • Under the "Hidden files" folder, select "Do not show hidden files and folders."
    • Check "Hide protected operating system files."
    • Click Apply, and then click OK.
  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialise and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
      • When all these settings have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future. Here are some Anti Virus products which are free for personal use and most used:
    AntiVir
    Avast
    BitDefender
  • Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.
  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. If you use the Windows Firewall you might think that's sufficient but it only controls one way of the traffic (inbound/outbound not sure). Simply using a Firewall in its default configuration can lower your risk greatly. Here are some firewalls which are free for personal use and most used:
    Comodo
    Kerio
    ZoneAlarm
  • Visit Microsoft's Update Site Frequently - It is important that you visit http://update.microsoft.com/ regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.
    This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here:
    Instructions for - Spybot S & D and Ad-aware
  • Install Ad-Aware - Install and download Ad-Aware. You should also scan your computer with the program on a regular basis just as you would an anti virus software in conjunction with Spybot. A tutorial on installing & using this product can be found here:
    Instructions for - Spybot S & D and Ad-aware
  • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A article on anti-malware products with links for this program and others can be found here:
    Computer Safety on line - Anti-Malware
  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

Surf Safe :)
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Re: HELP!!

Unread postby NonSuch » December 23rd, 2007, 10:34 pm

Glad we could be of assistance.

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27299
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 38 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware