Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

MalWare Microsoft Essentials fake error

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: MalWare Microsoft Essentials fake error

Unread postby Dakeyras » October 8th, 2011, 9:19 am

Hi. :)

I figured out why Flash Disinfector wouldn't work. I had security settings to very high and it was cancelling the download.
I see, if referring to specific settings with Internet Explorer, that would explain it. Speaking of which I have noticed a problem with a update for Internet Explorer v8, we can actually work around that when I give the all clear and will provide a direct download link.

I did both Flash Disinfector and Panda USB Vacc. One question, the Panda had an NTFS (?) option and I had my external hard drive plugged in via USB cable. Now, since I didn't select the NTFS option, it wouldn't scan my external hard drive. What is the best way to scan this device?
Actually no need to use both as somewhat defeats the object, so merely uninstall Panda USB Vaccine, then re-run Flash Disinfector per my prior instructions.

Is this your external hard-drive and or a internal one?
Drive E: | 246.71 Mb Total Space | 246.71 Mb Free Space | 100.00% Space Free | Partition Type: FAT
Either way it is using a outdated file system, namely FAT(File Allocation Table)...so it would be prudent to convert it to NTFS(New Technology File System) which would improve both overall performance of the drive and actually make maintenance on the aforementioned drive a tad more efficient also. This explains how:-

How to Convert FAT Disks to NTFS

No need to do this just yet though but rather leave it until I give the all clear

Ok. I can access MWR site easier now.
Good.

Random Access Memory Advice:

511.33 Mb Total Physical Memory | 158.05 Mb Available Physical Memory | 30.91% Memory free
Though Microsoft claims XP will run with a mere 128 MB installed in my opinion a minimum of 1 GB is far better.

If you wish to upgrade the installed memory, Crucial have a small scanner(CrucialScan.exe)which is perfectly safe to download and run. Which will advise if your system can support any upgraded memory modules.

Next:

Please move the executable for OTL to the Desktop...it is currently residing here:-

C:\Documents and Settings\Monica\My Documents\Downloads\OTL.exe

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please go here and download ERUNT.
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double-click on erunt-setup.exe to Install ERUNT by following the prompts.
  • Use the default install settings but say no to the portion that asks you to add ERUNT to the Start-Up folder.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup. Note: the default location is C:\WINDOWS\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.

Note: If it is necessary to restore the registry, open the backup folder and start ERDNT.exe

Custom OTL Script:

  • Double-click OTL.exe to start the program.
  • Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Code: Select all
:OTL
SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - File not found (No name found) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
O4 - HKU\S-1-5-21-1644491937-1935655697-854245398-1002..\Run: [Sonic RecordNow!] File not found
[2011/10/06 20:04:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011/10/04 06:45:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/10/04 06:44:15 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/10/03 19:07:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

:Files 
ipconfig /flushdns /c 
%systemroot%\prefetch\*.* 

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgemc.exe"=-
"C:\Program Files\AVG\AVG8\avgnsx.exe"=-
"C:\Program Files\AVG\AVG8\avgupd.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =dword:0000001

:Commands
[Purity]
[ResetHosts]
[EmptyFlash]
[EmptyTemp]
[CreateRestorePoint]
[Reboot]
  • Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
  • Then click the red Run Fix button.
  • Let the program run unhindered.
  • If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.

Note: The logfile can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

Malwarebytes Anti-Malware:

  • Launch the application, Check for Updates >> Perform quick scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • OTL Log from the Custom Script.
  • Malwarebytes Anti-Malware Log.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Advertisement
Register to Remove

Re: MalWare Microsoft Essentials fake error

Unread postby t-risk7 » October 8th, 2011, 3:33 pm

Afternoon. I uninstalled Panda. I think that might be my jump drive.

When I download OTL, do I run it and then highlight the codex? Or where do I find this at?
t-risk7
Regular Member
 
Posts: 118
Joined: July 7th, 2010, 12:27 pm

Re: MalWare Microsoft Essentials fake error

Unread postby t-risk7 » October 8th, 2011, 6:55 pm

I ran OTL, then scan fix. After scan, report showed all 'Error:unable to interpret." Am going ahead with Malware bytes.
t-risk7
Regular Member
 
Posts: 118
Joined: July 7th, 2010, 12:27 pm

Re: MalWare Microsoft Essentials fake error

Unread postby t-risk7 » October 8th, 2011, 8:39 pm

Good evening. My computer seems to be running a lot faster and smoother. I am not having the problems I was.
Here is the OTL log: (if I did it right)
Error: Unable to interpret <OTL logfile created on: 10/8/2011 6:38:15 PM - Run 2> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Monica\Desktop> in the current context!
Error: Unable to interpret <Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 7.0.5730.13)> in the current context!
Error: Unable to interpret <Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <511.33 Mb Total Physical Memory | 141.46 Mb Available Physical Memory | 27.66% Memory free> in the current context!
Error: Unable to interpret <1.22 Gb Paging File | 0.87 Gb Available in Paging File | 70.90% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): C:\pagefile.sys 768 1536 [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files> in the current context!
Error: Unable to interpret <Drive C: | 37.25 Gb Total Space | 25.19 Gb Free Space | 67.61% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive E: | 189.92 Gb Total Space | 167.84 Gb Free Space | 88.37% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive F: | 246.71 Mb Total Space | 246.70 Mb Free Space | 100.00% Space Free | Partition Type: FAT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: BLUEDELL | User Name: Monica | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - C:\Documents and Settings\Monica\Desktop\OTL.exe (OldTimer Tools)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)> in the current context!
Error: Unable to interpret <PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files\Brother\BrUtilities\BrLogAPI.dll ()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV - (HidServ) -- File not found> in the current context!
Error: Unable to interpret <SRV - (AppMgmt) -- File not found> in the current context!
Error: Unable to interpret <SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)> in the current context!
Error: Unable to interpret <SRV - (QBVSS) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)> in the current context!
Error: Unable to interpret <SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (BrYNSvc) -- C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)> in the current context!
Error: Unable to interpret <SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV - (MpKslbb2df8ce) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{070663EF-524A-4F7A-A21C-00491095D51D}\MpKslbb2df8ce.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (STAC97) Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.)> in the current context!
Error: Unable to interpret <DRV - (BCMModem) -- C:\WINDOWS\system32\drivers\BCMSM.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)> in the current context!
Error: Unable to interpret <DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV - (OMCI) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/03 16:30:43 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/04 06:44:15 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2009/04/11 18:53:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Monica\Application Data\Mozilla\Extensions> in the current context!
Error: Unable to interpret <[2011/10/03 16:31:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Monica\Application Data\Mozilla\Firefox\Profiles\m4wk9ksw.default\extensions> in the current context!
Error: Unable to interpret <[2011/10/08 04:54:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions> in the current context!
Error: Unable to interpret <() (No name found) -- C:\DOCUMENTS AND SETTINGS\MONICA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M4WK9KSW.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI> in the current context!
Error: Unable to interpret <[2011/10/03 20:03:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION> in the current context!
Error: Unable to interpret <[2011/09/29 02:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll> in the current context!
Error: Unable to interpret <[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll> in the current context!
Error: Unable to interpret <[2011/09/28 20:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2003/07/16 16:29:34 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 localhost> in the current context!
Error: Unable to interpret <O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [Sonic RecordNow!] File not found> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1> in the current context!
Error: Unable to interpret <O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]> in the current context!
Error: Unable to interpret <O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 9490254216 (WUWebControl Class)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68FF5E6A-1BF5-405E-888D-0C160D163365}: DhcpNameServer = 209.18.47.61 209.18.47.62> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp> in the current context!
Error: Unable to interpret <O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2009/04/11 16:43:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2011/10/08 04:41:20 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2011/10/08 04:41:21 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2011/10/08 04:41:22 | 000,000,000 | RHSD | M] - F:\AUTORUN_.INF -- [ FAT ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2011/10/08 04:51:52 | 000,000,016 | -H-- | M] () - F:\AUTORUN.INF -- [ FAT ]> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011/10/08 15:29:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT> in the current context!
Error: Unable to interpret <[2011/10/08 15:28:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT> in the current context!
Error: Unable to interpret <[2011/10/08 15:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT> in the current context!
Error: Unable to interpret <[2011/10/08 04:55:47 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Monica\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2011/10/08 04:41:20 | 000,000,000 | RHSD | C] -- C:\autorun.inf> in the current context!
Error: Unable to interpret <[2011/10/07 00:41:28 | 000,000,000 | ---D | C] -- C:\bd_logs> in the current context!
Error: Unable to interpret <[2011/10/06 20:04:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun> in the current context!
Error: Unable to interpret <[2011/10/06 05:02:51 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys> in the current context!
Error: Unable to interpret <[2011/10/04 21:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Intuit> in the current context!
Error: Unable to interpret <[2011/10/04 06:45:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun> in the current context!
Error: Unable to interpret <[2011/10/04 06:44:15 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll> in the current context!
Error: Unable to interpret <[2011/10/03 22:20:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\Local Settings\Application Data\Scansoft> in the current context!
Error: Unable to interpret <[2011/10/03 19:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\My Documents\Downloads> in the current context!
Error: Unable to interpret <[2011/10/03 19:07:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel> in the current context!
Error: Unable to interpret <[2011/10/03 18:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother> in the current context!
Error: Unable to interpret <[2011/10/03 18:41:18 | 000,061,440 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\brprtink.dll> in the current context!
Error: Unable to interpret <[2011/10/03 18:40:53 | 001,535,488 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia09c.dll> in the current context!
Error: Unable to interpret <[2011/10/03 18:40:53 | 000,055,808 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUsi09c.dll> in the current context!
Error: Unable to interpret <[2011/10/03 18:40:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE> in the current context!
Error: Unable to interpret <[2011/10/03 18:40:15 | 000,000,000 | ---D | C] -- C:\Program Files\Browny02> in the current context!
Error: Unable to interpret <[2011/10/03 18:39:08 | 000,126,976 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrfxD05b.dll> in the current context!
Error: Unable to interpret <[2011/10/03 18:38:04 | 000,217,088 | ---- | C] (brother) -- C:\WINDOWS\System32\NSSearch.dll> in the current context!
Error: Unable to interpret <[2011/10/03 18:38:04 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2L.dll> in the current context!
Error: Unable to interpret <[2011/10/03 18:38:03 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2.dll> in the current context!
Error: Unable to interpret <[2011/10/03 18:38:03 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2S.dll> in the current context!
Error: Unable to interpret <[2011/10/03 18:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Brother> in the current context!
Error: Unable to interpret <[2011/10/03 18:37:54 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BroSNMP.dll> in the current context!
Error: Unable to interpret <[2011/10/03 18:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\Application Data\InstallShield> in the current context!
Error: Unable to interpret <[2011/10/03 18:33:20 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance> in the current context!
Error: Unable to interpret <[2011/10/03 18:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield> in the current context!
Error: Unable to interpret <[2011/10/03 18:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ScanSoft PaperPort 11> in the current context!
Error: Unable to interpret <[2011/10/03 18:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared> in the current context!
Error: Unable to interpret <[2011/10/03 18:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft> in the current context!
Error: Unable to interpret <[2011/10/03 18:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft> in the current context!
Error: Unable to interpret <[2011/10/03 18:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother> in the current context!
Error: Unable to interpret <[2011/10/03 18:13:55 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys> in the current context!
Error: Unable to interpret <[2011/10/03 18:13:46 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys> in the current context!
Error: Unable to interpret <[2011/10/03 17:38:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\Local Settings\Application Data\Identities> in the current context!
Error: Unable to interpret <[2011/10/03 16:25:19 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl> in the current context!
Error: Unable to interpret <[2011/10/03 07:25:18 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll> in the current context!
Error: Unable to interpret <[2011/10/03 07:25:18 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui> in the current context!
Error: Unable to interpret <[2011/10/03 07:17:55 | 014,045,800 | ---- | C] (Mozilla) -- C:\Documents and Settings\Monica\Desktop\Firefox Setup 7.0.1.exe> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\My Documents\Tad's Resume> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\My Documents\Roofing Estimates and Material Lists> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\My Documents\Monica's Resume> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\My Documents\GArageGymEquipment> in the current context!
Error: Unable to interpret <[2011/10/02 16:41:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Monica\Desktop\My Documents> in the current context!
Error: Unable to interpret <[2011/10/02 16:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\Application Data\OpenOffice.org> in the current context!
Error: Unable to interpret <[2011/10/02 16:37:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\Desktop\Roofing Estimates and Material Lists> in the current context!
Error: Unable to interpret <[2011/10/02 16:03:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\Application Data\Macromedia> in the current context!
Error: Unable to interpret <[2011/10/02 16:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\Application Data\Adobe> in the current context!
Error: Unable to interpret <[2011/10/02 15:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\Local Settings\Application Data\Intuit> in the current context!
Error: Unable to interpret <[2011/10/02 15:52:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Monica\Start Menu\Programs\Administrative Tools> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickBooks> in the current context!
Error: Unable to interpret <[2011/10/02 15:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nuance> in the current context!
Error: Unable to interpret <[2011/10/02 15:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Intuit> in the current context!
Error: Unable to interpret <[2011/10/02 15:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit> in the current context!
Error: Unable to interpret <[2011/10/02 15:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Intuit> in the current context!
Error: Unable to interpret <[2011/10/02 15:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit> in the current context!
Error: Unable to interpret <[2011/10/02 15:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11> in the current context!
Error: Unable to interpret <[2011/10/02 15:31:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES> in the current context!
Error: Unable to interpret <[2011/10/02 15:27:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer> in the current context!
Error: Unable to interpret <[2011/10/02 15:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild> in the current context!
Error: Unable to interpret <[2011/10/02 15:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies> in the current context!
Error: Unable to interpret <[2011/10/02 15:25:00 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll> in the current context!
Error: Unable to interpret <[2011/10/02 15:25:00 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll> in the current context!
Error: Unable to interpret <[2011/10/02 15:24:59 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe> in the current context!
Error: Unable to interpret <[2011/10/02 15:24:59 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll> in the current context!
Error: Unable to interpret <[2011/10/02 15:24:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll> in the current context!
Error: Unable to interpret <[2011/10/02 15:24:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll> in the current context!
Error: Unable to interpret <[2011/10/02 15:22:20 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly> in the current context!
Error: Unable to interpret <[2011/10/02 15:21:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET> in the current context!
Error: Unable to interpret <[2011/10/02 15:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0> in the current context!
Error: Unable to interpret <[2011/10/02 15:00:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Intuit> in the current context!
Error: Unable to interpret <[2011/10/02 14:28:59 | 000,000,000 | ---D | C] -- C:\mbam.com> in the current context!
Error: Unable to interpret <[2011/10/02 14:01:55 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys> in the current context!
Error: Unable to interpret <[2011/10/02 13:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Monica\Application Data\Malwarebytes> in the current context!
Error: Unable to interpret <[2011/10/02 13:58:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2011/10/02 13:58:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes> in the current context!
Error: Unable to interpret <[2011/10/02 13:58:47 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys> in the current context!
Error: Unable to interpret <[2011/10/02 13:58:46 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2011/10/02 13:54:33 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Monica\Desktop\mbam-setup-1.51.2.1300.exe> in the current context!
Error: Unable to interpret <[2011/10/02 09:40:34 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll> in the current context!
Error: Unable to interpret <[2011/10/02 09:38:15 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll> in the current context!
Error: Unable to interpret <[2011/10/02 09:37:39 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe> in the current context!
Error: Unable to interpret <[2011/10/02 09:36:05 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll> in the current context!
Error: Unable to interpret <[2011/10/02 09:35:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll> in the current context!
Error: Unable to interpret <[2011/10/02 09:35:39 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll> in the current context!
Error: Unable to interpret <[2011/10/02 09:32:27 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys> in the current context!
Error: Unable to interpret <[2011/10/02 09:31:08 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys> in the current context!
Error: Unable to interpret <[2011/10/02 09:20:16 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys> in the current context!
Error: Unable to interpret <[2011/10/02 09:08:32 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe> in the current context!
Error: Unable to interpret <[2011/10/02 09:03:11 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys> in the current context!
Error: Unable to interpret <[2011/10/02 08:58:36 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe> in the current context!
Error: Unable to interpret <[2011/10/02 08:56:22 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe> in the current context!
Error: Unable to interpret <[2011/10/02 08:56:00 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll> in the current context!
Error: Unable to interpret <[2011/10/02 08:50:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution> in the current context!
Error: Unable to interpret <[2011/10/02 08:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client> in the current context!
Error: Unable to interpret <[2011/10/02 08:42:36 | 008,068,864 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Monica\Desktop\mseinstall.exe> in the current context!
Error: Unable to interpret <[2011/09/09 05:12:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll> in the current context!
Error: Unable to interpret <[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context!
Error: Unable to interpret <[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011/10/08 15:39:45 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job> in the current context!
Error: Unable to interpret <[2011/10/08 15:34:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat> in the current context!
Error: Unable to interpret <[2011/10/08 15:28:38 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Monica\Desktop\NTREGOPT.lnk> in the current context!
Error: Unable to interpret <[2011/10/08 15:28:38 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Monica\Desktop\ERUNT.lnk> in the current context!
Error: Unable to interpret <[2011/10/08 15:26:37 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Monica\Desktop\Shortcut to OTL.lnk> in the current context!
Error: Unable to interpret <[2011/10/08 04:55:53 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Monica\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2011/10/06 22:43:27 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys> in the current context!
Error: Unable to interpret <[2011/10/04 13:45:19 | 000,000,090 | ---- | M] () -- C:\WINDOWS\QBChanUtil_Trigger.ini> in the current context!
Error: Unable to interpret <[2011/10/04 07:37:46 | 000,472,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2011/10/04 07:37:46 | 000,079,080 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat> in the current context!
Error: Unable to interpret <[2011/10/04 07:29:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK> in the current context!
Error: Unable to interpret <[2011/10/03 22:18:58 | 000,127,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT> in the current context!
Error: Unable to interpret <[2011/10/03 18:42:51 | 000,001,781 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Brother Creative Center.lnk> in the current context!
Error: Unable to interpret <[2011/10/03 18:42:22 | 000,000,242 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini> in the current context!
Error: Unable to interpret <[2011/10/03 18:42:22 | 000,000,093 | ---- | M] () -- C:\WINDOWS\brpcfx.ini> in the current context!
Error: Unable to interpret <[2011/10/03 18:41:45 | 000,000,050 | ---- | M] () -- C:\WINDOWS\System32\BRIDF10A.DAT> in the current context!
Error: Unable to interpret <[2011/10/03 18:41:38 | 000,000,419 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI> in the current context!
Error: Unable to interpret <[2011/10/03 16:30:47 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Monica\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk> in the current context!
Error: Unable to interpret <[2011/10/03 16:30:47 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk> in the current context!
Error: Unable to interpret <[2011/10/03 16:25:19 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl> in the current context!
Error: Unable to interpret <[2011/10/03 07:18:37 | 014,045,800 | ---- | M] (Mozilla) -- C:\Documents and Settings\Monica\Desktop\Firefox Setup 7.0.1.exe> in the current context!
Error: Unable to interpret <[2011/10/02 16:38:23 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\Monica\Desktop\Calculator.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickBooks Pro 2011.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,706 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Process Credit Cards & eChecks in QuickBooks.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,546 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Checks & More for QuickBooks.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Support for QuickBooks.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,474 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Payroll for QuickBooks.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,378 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Get More Customers with Intuit.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 14:30:58 | 000,000,407 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 13:54:52 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Monica\Desktop\mbam-setup-1.51.2.1300.exe> in the current context!
Error: Unable to interpret <[2011/10/02 08:55:17 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif> in the current context!
Error: Unable to interpret <[2011/10/02 08:48:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl> in the current context!
Error: Unable to interpret <[2011/10/02 08:42:49 | 008,068,864 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Monica\Desktop\mseinstall.exe> in the current context!
Error: Unable to interpret <[2011/09/09 05:12:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll> in the current context!
Error: Unable to interpret <[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context!
Error: Unable to interpret <[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011/10/08 15:28:38 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Monica\Desktop\NTREGOPT.lnk> in the current context!
Error: Unable to interpret <[2011/10/08 15:28:38 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Monica\Desktop\ERUNT.lnk> in the current context!
Error: Unable to interpret <[2011/10/08 15:26:37 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Monica\Desktop\Shortcut to OTL.lnk> in the current context!
Error: Unable to interpret <[2011/10/03 22:17:32 | 000,258,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat> in the current context!
Error: Unable to interpret <[2011/10/03 18:42:51 | 000,001,781 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Brother Creative Center.lnk> in the current context!
Error: Unable to interpret <[2011/10/03 18:42:22 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini> in the current context!
Error: Unable to interpret <[2011/10/03 18:42:21 | 000,000,242 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini> in the current context!
Error: Unable to interpret <[2011/10/03 18:41:45 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10A.DAT> in the current context!
Error: Unable to interpret <[2011/10/03 18:41:37 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI> in the current context!
Error: Unable to interpret <[2011/10/03 18:39:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat> in the current context!
Error: Unable to interpret <[2011/10/03 18:32:23 | 000,031,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini> in the current context!
Error: Unable to interpret <[2011/10/03 16:30:47 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk> in the current context!
Error: Unable to interpret <[2011/10/03 16:30:46 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:09 | 001,676,676 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 018.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:08 | 001,584,681 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 016.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:08 | 001,538,807 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 017.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:07 | 001,715,774 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 014.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:07 | 001,534,090 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 015.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:06 | 001,580,819 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 013.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:05 | 001,704,142 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 012.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:04 | 001,801,755 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 009.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:04 | 001,732,180 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 010.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:04 | 001,522,894 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 011.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:03 | 003,021,279 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 008.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:03 | 002,957,425 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 005.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:03 | 002,946,281 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 006.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:03 | 002,944,098 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 007.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:02 | 002,989,532 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 004.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:02 | 002,943,639 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 003.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:00 | 003,055,302 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 001.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:26:00 | 003,008,340 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 002.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:59 | 000,108,934 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\2852808_display.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:59 | 000,096,250 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\2852829_display.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:59 | 000,057,942 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\2852757_display.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:20 | 000,696,342 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\doggie.JPG> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:19 | 001,524,114 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 024.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:18 | 001,617,795 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 022.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:18 | 001,610,138 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 023.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:18 | 001,609,217 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 021.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:18 | 001,528,848 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 020.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 17:25:17 | 001,738,742 | ---- | C] () -- C:\Documents and Settings\Monica\My Documents\august2011 019.jpg> in the current context!
Error: Unable to interpret <[2011/10/02 16:38:12 | 000,001,486 | ---- | C] () -- C:\Documents and Settings\Monica\Desktop\Calculator.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,836 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickBooks Pro 2011.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,706 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Process Credit Cards & eChecks in QuickBooks.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,546 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Checks & More for QuickBooks.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Support for QuickBooks.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,474 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Payroll for QuickBooks.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:48:53 | 000,001,378 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Get More Customers with Intuit.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 15:31:13 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini> in the current context!
Error: Unable to interpret <[2011/10/02 13:59:01 | 000,000,407 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk> in the current context!
Error: Unable to interpret <[2011/10/02 08:56:33 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job> in the current context!
Error: Unable to interpret <[2011/10/02 08:55:17 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif> in the current context!
Error: Unable to interpret <[2011/10/02 08:50:14 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk> in the current context!
Error: Unable to interpret <[2009/04/11 21:54:39 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll> in the current context!
Error: Unable to interpret <[2009/04/11 20:56:03 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe> in the current context!
Error: Unable to interpret <[2009/04/11 18:53:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat> in the current context!
Error: Unable to interpret <[2009/04/11 18:35:37 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini> in the current context!
Error: Unable to interpret <[2009/04/11 17:24:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat> in the current context!
Error: Unable to interpret <[2009/04/11 16:39:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat> in the current context!
Error: Unable to interpret <[2009/04/11 12:22:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI> in the current context!
Error: Unable to interpret <[2009/04/11 12:21:16 | 000,127,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT> in the current context!
Error: Unable to interpret <[2006/12/31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat> in the current context!
Error: Unable to interpret <[2003/08/14 02:54:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini> in the current context!
Error: Unable to interpret <[2003/07/16 16:54:55 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat> in the current context!
Error: Unable to interpret <[2003/07/16 16:54:54 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin> in the current context!
Error: Unable to interpret <[2003/07/16 16:41:25 | 000,472,400 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2003/07/16 16:41:25 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat> in the current context!
Error: Unable to interpret <[2003/07/16 16:41:23 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat> in the current context!
Error: Unable to interpret <[2003/07/16 16:41:21 | 000,079,080 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat> in the current context!
Error: Unable to interpret <[2003/07/16 16:39:07 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat> in the current context!
Error: Unable to interpret <[2003/07/16 16:33:50 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat> in the current context!
Error: Unable to interpret <[2003/07/16 16:33:39 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin> in the current context!
Error: Unable to interpret <[2003/07/16 16:27:41 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat> in the current context!
Error: Unable to interpret <[2003/07/16 16:26:37 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin> in the current context!
Error: Unable to interpret << End of report >> in the current context!

OTL by OldTimer - Version 3.2.29.1 log created on 10082011_185244
Or this was the results of the fix scan maybe.
t-risk7
Regular Member
 
Posts: 118
Joined: July 7th, 2010, 12:27 pm

Re: MalWare Microsoft Essentials fake error

Unread postby t-risk7 » October 8th, 2011, 8:39 pm

Here is the MalwareBytes log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7904

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

10/8/2011 8:20:38 PM
mbam-log-2011-10-08 (20-20-37).txt

Scan type: Quick scan
Objects scanned: 155858
Time elapsed: 6 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Thanks for all you are doing. I appreciate it.
Is it okay for me to use my email and stuff on this computer yet, or should I wait?
t-risk7
Regular Member
 
Posts: 118
Joined: July 7th, 2010, 12:27 pm

Re: MalWare Microsoft Essentials fake error

Unread postby Dakeyras » October 9th, 2011, 9:11 am

Hi. :)

I see there were some problems with running the custom OTL script, so we will merely run it again in a different manner...

Is it okay for me to use my email and stuff on this computer yet, or should I wait?
Best to wait for now until I give the all clear, thank you.

Thanks for all you are doing. I appreciate it.
You're welcome!

Next:

Download and save the attached Fix.txt to your Desktop, just double-click on it.

Custom OTL Script:

  • Double-click OTL.exe to start the program.
  • Now click on Run Fix, when prompted with:-

No fix has been provided!

Click Ok to load from file or Cancel to cancel

  • Click on Ok >> navigate to Fix.txt on the desktop >> click on it to highlight >> then click on Open.
  • Return to OTL, then click the red Run Fix button again.
  • Let the program run unhindered.
  • If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.

Note: The logfile can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go here to run the scan...Click on Scan Now
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • OTL Log from the Custom Script.
  • Eset Log.
You do not have the required permissions to view the files attached to this post.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: MalWare Microsoft Essentials fake error

Unread postby t-risk7 » October 9th, 2011, 9:39 pm

When I try to run the Fix-it in OTL it says file cannot be opened. Same if i find it in c: drive. What should I do?
t-risk7
Regular Member
 
Posts: 118
Joined: July 7th, 2010, 12:27 pm

Re: MalWare Microsoft Essentials fake error

Unread postby Dakeyras » October 10th, 2011, 10:09 am

Hi. :)

OK no problem we will merely use a different methodology again as nothing particularly malicious in the Custom OTL script targeted for removal.

Though on a different note, time of this post the Fix.txt attachment has been download eight times! Why anyone bar yourself should download it is beyond me as the fix is specific to your machine only and the exact same fix from post sixteen. Anyway lets proceed as follows shall we...

Custom Batch File:

  • Open Notepad.
  • Copy and Paste everything from the Code Box below into Notepad: <-- Start >> Run... type in notepad and select OK
Code: Select all
@Echo off
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
sc stop HidServ
sc delete HidServ
sc stop AppMgmt
sc delete AppMgmt
attrib -h -r -s C:\WINDOWS\SxsCaPendDel
del C:\WINDOWS\SxsCaPendDel
del %0
  • Go to File >> Save As
  • Save File name as "Dakeyras.bat" <-- Make sure to include the quotes.
  • Change Save as Type to All Files and save the file to your Desktop.
  • It should look like this: Image

Now double click on the desktop Dakeyras.bat to run the batch file. It will self-delete when completed.

Reset SP3 Firewall:

Click on Start >> Run... and cut/paste in the following and click on OK
Code: Select all
firewall.cpl
Click on the Advanced tab >> Restore Defaults >> At the prompt click on Yes >> OK

Now click on the General tab >> select On(recommended) >> OK.

TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

Next:

Let myself know when completed the above and we will go from there, thank you.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: MalWare Microsoft Essentials fake error

Unread postby t-risk7 » October 10th, 2011, 10:48 pm

Good evening. I have completed the batch file, firewall reset, and the TFC. When, you had me save file type in batch file, it brought up the rest of the items on desktop.
This may be why I couldn't open fix it. I couldn't find it as I did not know about file type option. But when I tried on c:/, it said it was empty and the date on it was for the 8th from an earlier OTC log.

I hope I am not making more work for us because I'm computer duh.
I wonder if I could run fix it now. Will wait for your feedback. Thanks.
t-risk7
Regular Member
 
Posts: 118
Joined: July 7th, 2010, 12:27 pm

Re: MalWare Microsoft Essentials fake error

Unread postby t-risk7 » October 10th, 2011, 10:57 pm

Though on a different note, time of this post the Fix.txt attachment has been download eight times! Why anyone bar yourself should download it is beyond me as the fix is specific to your machine only and the exact same fix from post sixteen. Anyway lets proceed as follows shall we..


This is because I am computer duh and didn't remember to just go back to the download box. I downloaded it a bunch.

Also, as I reviewed some of the previous posts you made, I realized where I messed up. I didn't realize I was supposed to download the 'code box' you posted. I was hunting on my computer for it. The one right before I was supposed to run fix it. This is like the third time my lack of overall knowledge has delayed us and made more work for you.
I want to apologize and thank you again for your patience and time. Maybe this will make it easier now that I've realized this. Thanks.
t-risk7
Regular Member
 
Posts: 118
Joined: July 7th, 2010, 12:27 pm

Re: MalWare Microsoft Essentials fake error

Unread postby Dakeyras » October 11th, 2011, 11:38 am

Hi. :)

I have completed the batch file, firewall reset, and the TFC.
Good.

I hope I am not making more work for us because I'm computer duh.
I wonder if I could run fix it now. Will wait for your feedback. Thanks.
Not at all and no need to run any specific fix prior now as my last post(set of instructions covered that)...

As for what else you mentioned/posted do not be to hard on yourself and as far as I am concerned no harm done and to reiterate my time is not being wasted assisting your good self plus you are most welcome!

Lets proceed as follows shall we...

New Java Installation:

  • Click here to visit Java's website.
  • Scroll down to Java SE 7. Click on Download JRE.
  • Check (tick) Java SE Runtime Environment 7 License Agreement box.
  • Click on jre-7-windows-i586.exe link next to Windows x86 Offline to download it and save this to a convenient location.
  • Double-click on on jre-7-windows-i586.exe to install Java.

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go here to run the scan...Click on Scan Now
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

When completed the above, please post back the following in the order asked for:
  • How is your computer performing now, any further symptoms and or problems encountered?
  • Eset Log.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: MalWare Microsoft Essentials fake error

Unread postby t-risk7 » October 12th, 2011, 7:11 am

Good morning. Computer seems to be running great. No problems, but I haven't used it for a lot of things either.

Here is the Eset Log:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=4b367b3692ae59439c8e701415f0dd47
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-10-10 01:00:49
# local_time=2011-10-10 09:00:49 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5891 16776869 42 88 0 14181355 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=5968
# found=0
# cleaned=0
# scan_time=1567
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=4b367b3692ae59439c8e701415f0dd47
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-10-10 02:25:39
# local_time=2011-10-10 10:25:39 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5891 16776869 42 88 0 14183168 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=37547
# found=0
# cleaned=0
# scan_time=4843
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=4b367b3692ae59439c8e701415f0dd47
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-10-12 01:37:08
# local_time=2011-10-11 09:37:09 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5891 16776869 42 87 0 14309673 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=38221
# found=0
# cleaned=0
# scan_time=5028

Thanks again.
t-risk7
Regular Member
 
Posts: 118
Joined: July 7th, 2010, 12:27 pm

Re: MalWare Microsoft Essentials fake error

Unread postby Dakeyras » October 12th, 2011, 7:48 am

Hi. :)

Computer seems to be running great. No problems, but I haven't used it for a lot of things either.
Good and should be fine to use it as normal now...

Next:

Congratulations this computer now appears to be malware free!

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well. Plus bare in mind my prior advice about upgrading the presently installed RAM(Random Access Memory).

Help! My computer is slow!

Also so is this:

What to do if your Computer is running slowly

Reset SR Points/Clean up with OTL:

  • Double-click OTL to start the program.
  • Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Code: Select all
:Commands
[ClearAllRestorePoints]
  • Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
  • Then click the red Run Fix button.
  • Let the program run unhindered. When finsihed click on OK and close the log that appears.
  • Note: I do not need to review the log produced.
  • Now close all other programs apart from OTL as this step will require a reboot.
  • On the OTL main screen, depress the CleanUp button.
  • Say Yes to the prompt and then allow the program to reboot your computer.

The above process should clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan once at least once per week.

Other installed security software:

Your presently installed security application, Microsoft Security Essentials automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Erunt:

Emergency Recovery Utility NT, I advice you keep this installed as a means to keep a complete backup of your registry and restore it when needed.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

Keep your system updated:

Microsoft releases patches for Windows and other products regularly:


Update to Internet Expoler v8:

IE7 has been superseded by IE8, I strongly advise you download and install the new browser from here. This will increase overall security whist browsing online.

Be careful when opening attachments and downloading files:

Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.

Hosts File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:


Only use one of the above!

Install WinPatrol:

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

Next:

This is a very helpful/useful set of advice from Microsoft: Microsoft Online Safety.

Any questions? Feel free to ask, if not stay safe!
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: MalWare Microsoft Essentials fake error

Unread postby t-risk7 » October 12th, 2011, 3:33 pm

Thanks, everything is working great.
I did have trouble figuring out how to install the hosts file.
On another note, what could hackers do with my phone number?
I've heard some people say not much, others have said it depends.
I have a smart phone, but not an iphone or droid.
Thanks
t-risk7
Regular Member
 
Posts: 118
Joined: July 7th, 2010, 12:27 pm

Re: MalWare Microsoft Essentials fake error

Unread postby Dakeyras » October 13th, 2011, 5:01 am

Hi. :)

Thanks, everything is working great.
Good and you're welcome!

I did have trouble figuring out how to install the hosts file.
Is it installed now? if you require assistance with regard to this just let me know.

On another note, what could hackers do with my phone number?
I've heard some people say not much, others have said it depends.
I have a smart phone, but not an iphone or droid.
Not really my sphere of expertise I'm afraid as primarily I only provide Anti-Malware support for home use only computers...anyway as far as I am aware not a lot can be done with a actual Mobile(Cell) Phone Number per se. If you are really concerned merely contact your vendor(the company you subscribe to for the phone service) and ask if they can allocate a new number but that may involve purchasing a new SIM(subscriber identity module) card depending on the actual Phone make/modal...

Also depending on what exact make/modal of Phone you have you may be able to download to it some security related applications, such as a Anti-Virus for example. This may be of assistance:-

Smartphone security

Or you could join and ask at either of the below forums:-

Cell Phones

Smartphone Virus / Mobile Malware
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 380 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware