Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Sugar_fl

Pages: [1] 2 3 ... 6
1
Not updating again :thud:

2
Corrine,
I checked & UPDATES is turned on. I have tried to update MSE manually & it always failed. Right now it is still up to date.. at least that is what is showing.

Now if it would just run a little faster.. strange thing is the games I play most mahjong
& Yukon solitaire seem to run fine. Everything else runs like a slow snail.

3
That is the way I have mine set.. just a different time..
 MSE is up to date now..go figure.
The link U gave me said "Sorry, but we can not find the page you requested."
Dar

4
Well that didn't last  long..MSE is not updating now.. get the same message as before.
I hate that MSE is not working again but wasn't surprised.
My computer is now VERY slow..I can type a sentence & it take forever to put the words on.. It is very slow on things like scrolling down a page.. the hour glass keeps coming on. Going to a site is very slow.. Other words everything it does is now slow.
I don't know if there is a connection.
Dar

5
Corrine,
The site looked so real.. Are U saying I am OK & my other updates will work Auto?
I don't know how often MSE update but haven't seen any since. My other virus detectors seemed to have updated several times a day.
I can just hope everything is OK..
Dar

6
Corrine,
I'm really not sure now what I did .. shortly after getting the pop up & following the directions there I read this in GW..
http://ths.gardenweb.com/forums/load/comphelp/msg0113324228049.html?15
I read where the poster in GW was told to do a Malwarebytes scan.. I did & it was clean..I'll do another one tomorrow.
I don't know what damage I have done. I felt Good that MSE was updated but now after reading the other post I'm not so sure.



7
Corrine,
I got so frustrated with things that that just wasn't working I just quit trying..
Anyway to make a long story short today this screen popped on..

( (Thank you for your interest in obtaining updates from our site.

To use this site, you must be running Microsoft Internet Explorer 5 or later.

To upgrade to the latest version of the browser, go to the Internet Explorer Downloads website.
                                   (I used this option)
If you prefer to use a different web browser, you can obtain updates from the Microsoft Download Center or you can stay up to date with the latest critical and security updates by using Automatic Updates. To turn on Automatic Updates:

   1. Click Start, and then click Control Panel.
   2. Depending on which Control Panel view you use, Classic or Category, do one of the following:
          * Click System, and then click the Automatic Updates tab.
          * Click Performance and Maintenance, click System, and then click the Automatic Updates tab.
   3. Click the option that you want. Make sure Automatic Updates is not turned off.))

Right now it is up to date.. It did that once before so I don't know how long it will work. I also don't know if I messed up other updates..  I don't know how to find out.
Things seem to be running a little slower. I know I am gonna have to think about getting a new computer soon. I hate to spend the money but this one I believe has other problems so fixing it would just be a waste.
I just hope for now that the updates ALL stay working..
Thanks,
Dar


8
That didn't work.. I still get
[img width= height=]http://pic20.picturetrail.com/VOL69/469379/16093129/394559785.jpg[/img]
Dar

9
I downloaded & tried to install windowsupdateagent30-x86.exe but it failed with error
ox80070002
Dar

10
Corrine,
This is the message I get.
[img width= height=]http://pic20.picturetrail.com/VOL69/469379/16093129/394559785.jpg[/img]

11
Here I go again..I checked to see if MSE was updating & I got the same error message as before. I don't understand what is going on with this computer. I guess we start over..I'm tempted to take MSE out & upload Avast again but it wouldn't update either.
 :sos:
Dar

12
Corrine,
I got ComboFix out but what do I do with the other things we put on the desktop?
I went in IE to try & use an online scanner the other day & today my mail went into IE when I opened it. I looked in FireFox & it was no longer default so I fixed that. I now have an IE icon & a IE short cut on my desk top.. which should I remove?
Thanks Corrine for the help..
Dar

13
Corrine,
Real time protection is ON
Virus & spyware definitions are up to date. 
Dar

14
 :Yahoo:
Everything is now updated..

NEXT!
Dar

15
ComboFix 11-01-08.05 - baad 01/09/2011  21:22:05.4.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.958.445 [GMT -6:00]
Running from: c:\documents and settings\baad\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\baad\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: Online Armor Firewall *Disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.

(((((((((((((((((((((((((   Files Created from 2010-12-10 to 2011-01-10  )))))))))))))))))))))))))))))))
.

2011-01-09 18:45 . 2010-11-16 18:01   6273872   ----a-w-   c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8BDED811-9CF1-4704-A139-C8C5AECD0A49}\mpengine.dll
2011-01-08 00:15 . 2011-01-08 00:16   --------   d-----w-   c:\program files\trend micro
2011-01-07 23:10 . 2011-01-07 23:10   --------   d-----w-   c:\program files\ERUNT
2011-01-04 04:46 . 2010-10-19 16:41   222080   ------w-   c:\windows\system32\MpSigStub.exe
2011-01-04 04:42 . 2011-01-04 04:45   --------   d-----w-   C:\e7c980b6f30d6f4daadf3e04f44cf6ac
2011-01-04 04:31 . 2011-01-04 04:33   --------   d-----w-   c:\program files\Microsoft Security Client
2011-01-03 17:17 . 2011-01-03 17:17   --------   d-----w-   c:\windows\system32\wbem\Repository
2010-12-13 04:17 . 2001-03-13 15:51   1066176   ----a-w-   c:\windows\system32\MSCOMCTL.OCX
2010-12-13 03:16 . 2010-12-13 03:16   --------   d-----w-   c:\windows\system32\mscomctl

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-31 20:06 . 2010-07-03 23:08   38848   ----a-w-   c:\windows\avastSS.scr
2010-12-21 00:09 . 2008-12-22 04:06   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-21 00:08 . 2008-12-22 04:06   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-11-22 20:58 . 2010-11-22 20:58   2560   ----a-w-   c:\windows\_MSRSTRT.EXE
2010-11-13 00:53 . 2010-04-25 00:20   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2010-11-12 22:34 . 2010-11-14 21:37   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2010-10-27 01:52 . 2010-11-12 02:19   38856   ----a-w-   c:\windows\system32\drivers\oahlp32.sys
2010-10-27 01:52 . 2010-11-12 02:19   25000   ----a-w-   c:\windows\system32\drivers\OAmon.sys
2010-10-27 01:52 . 2010-11-12 02:19   29272   ----a-w-   c:\windows\system32\drivers\OAnet.sys
2010-10-27 01:52 . 2010-11-12 02:19   202064   ----a-w-   c:\windows\system32\drivers\OADriver.sys
2010-10-25 03:25 . 2010-10-25 03:25   165264   ----a-w-   c:\windows\system32\drivers\MpFilter.sys
1998-04-24 19:58 . 2007-09-25 04:34   18200064   ----a-w-   c:\program files\PD2.dll
1998-04-24 19:55 . 2007-09-25 04:34   411136   ----a-w-   c:\program files\PD1.dll
1998-04-07 23:35 . 2007-09-25 04:34   4647424   ----a-w-   c:\program files\PDINTROS.DLL
1998-04-06 19:52 . 2007-09-25 04:34   6109   ----a-w-   c:\program files\PBE.REG
1998-02-23 23:51 . 2007-09-25 04:34   1884672   ----a-w-   c:\program files\patterns.dll
1996-10-30 16:35 . 2007-09-25 04:34   32768   ----a-w-   c:\program files\plugin.dll
1996-07-03 21:07 . 2007-09-25 04:34   18432   ----a-w-   c:\program files\psut9532.dll
1996-07-03 21:07 . 2007-09-25 04:34   50176   ----a-w-   c:\program files\csdtrn32.dll
1996-06-13 23:30 . 2007-09-25 04:34   16080   ----a-w-   c:\program files\pbe.fon
1996-05-10 20:38 . 2007-09-25 04:34   47104   ----a-w-   c:\program files\Picn1013.dll
1996-05-10 20:36 . 2007-09-25 04:34   59904   ----a-w-   c:\program files\Picn1113.dll
1996-05-10 20:30 . 2007-09-25 04:34   21504   ----a-w-   c:\program files\Picn13.dll
.

(((((((((((((((((((((((((((((   SnapShot@2011-01-09_17.51.07   )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-09 20:12 . 2011-01-09 20:12   16384              c:\windows\temp\Perflib_Perfdata_734.dat
+ 2011-01-09 20:11 . 2010-11-13 00:53   157472              c:\windows\system32\javaws.exe
+ 2011-01-09 20:11 . 2010-11-13 00:53   145184              c:\windows\system32\javaw.exe
- 2010-11-14 21:37 . 2010-11-14 21:33   145184              c:\windows\system32\javaw.exe
+ 2011-01-09 20:11 . 2010-11-13 00:53   145184              c:\windows\system32\java.exe
- 2010-11-14 21:37 . 2010-11-14 21:33   145184              c:\windows\system32\java.exe
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WeatherWatcher"="c:\old-data\Program Files\Weather Watcher\ww.exe" [2007-08-14 1036288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SBAutoUpdate"="c:\program files\SpywareBlaster\sbautoupdate.exe" [2010-08-31 938744]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-10-31 393216]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-11-15 7307264]
"@OnlineArmor GUI"="c:\program files\Online Armor\oaui.exe" [2010-10-27 2345000]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

c:\documents and settings\baad\Start Menu\Programs\Startup\
AccuWeatherDesktop.lnk - c:\program files\AccuWeather\Desktop\AccuWeatherDesktop.exe [N/A]
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-6-24 803176]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\ONLINE~2\oaevent.dll" [2010-10-27 353992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-09 15:47   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^baad^Start Menu^Programs^Startup^Secunia PSI.lnk]
path=c:\documents and settings\baad\Start Menu\Programs\Startup\Secunia PSI.lnk
backup=c:\windows\pss\Secunia PSI.lnkStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57083:TCP"= 57083:TCP:Pando P2P TCP Listening Port
"57083:UDP"= 57083:UDP:Pando P2P UDP Listening Port

R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [11/11/2010 8:19 PM 202064]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [11/11/2010 8:19 PM 38856]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [11/11/2010 8:19 PM 25000]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [11/11/2010 8:19 PM 29272]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [9/3/2008 1:07 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [9/3/2008 1:07 PM 67656]
R2 OAcat;Online Armor Helper Service;c:\program files\Online Armor\oacat.exe [11/11/2010 8:17 PM 380784]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/15/2010 3:28 PM 136176]
S2 SvcOnlineArmor;Online Armor;c:\program files\Online Armor\oasrv.exe [11/11/2010 8:17 PM 3652696]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [6/17/2009 6:20 AM 12648]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [9/3/2008 1:07 PM 12872]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - JAVAQUICKSTARTERSERVICE
*Deregistered* - uphcleanhlp
.
Contents of the 'Scheduled Tasks' folder

2011-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 21:27]

2011-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 21:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
FF - ProfilePath - c:\documents and settings\baad\Application Data\Mozilla\Firefox\Profiles\vlgsum7l.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - Ext: United States English Dictionary: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Xmarks: foxmarks@kei.com - %profile%\extensions\foxmarks@kei.com
FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: Weather Watcher Live: weatherwatcherlive@singerscreations.com - %profile%\extensions\weatherwatcherlive@singerscreations.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
 
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-09 21:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(564)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(3320)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2011-01-09  21:48:17
ComboFix-quarantined-files.txt  2011-01-10 03:48
ComboFix2.txt  2011-01-09 18:07
ComboFix3.txt  2008-12-06 01:59

Pre-Run: 21,245,009,920 bytes free
Post-Run: 21,212,336,128 bytes free

- - End Of File - - 81D02E5A05ECFF6B8FDAE4EBA9498DBE

Pages: [1] 2 3 ... 6