Kaspersky Scan Results, what next?

Lets just do another.

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  • Extended (if available otherwise Standard)
  • Scan Options:
  • Scan Archives
    Scan Mail Bases
• Click OK
• Now under select a target to scan:
  • Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button:
• Save the file to your desktop.

Post the Kaspersky log.

 

New Scan

OK Dave, here's the new scan.... just an update: Internet Explorer still will not allow me to shut down or restart computer without clicking on " end now"




Saturday, September 22, 2007 8:35:29 AM
Operating System: Microsoft Windows XP Home Edition, (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 22/09/2007
Kaspersky Anti-Virus database records: 422098


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 29055
Number of viruses found 0
Number of infected objects 0
Number of suspicious objects 0
Duration of the scan process 00:31:16

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Denise Buzzelli\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Denise Buzzelli\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Denise Buzzelli\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Denise Buzzelli\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Denise Buzzelli\Local Settings\History\History.IE5\MSHist012007092220070923\index.dat Object is locked skipped

C:\Documents and Settings\Denise Buzzelli\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Denise Buzzelli\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Denise Buzzelli\NTUSER.DAT.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\System Volume Information\_restore{9B3A9E55-0B5E-4984-8035-0717AC161956}\RP235\change.log Object is locked skipped

C:\WINDOWS\Debug\oakley.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

 

One more thing...

Regarding WIndows Update... I will do whatever you suggest... but the reason I never went with the updates is because it appeared that something in the service pack update conflicted entirely with my Zone Alarm, everything got really slow and I couldn't get through to any websites, when I unistalled the updates everything went back to normal....so I never re-installed them.

IN YOUR OPINION: what is the best anti virus software to use with Zone Alarm?

Any other suggestions?

 

AVG plays well with Zone Alarm.

You need those updates. If after fully updating, Zone Alarm still conflicts, uninstall it then re-install it after a reboot.

 

Let's try registering Internet Explorer's DLL files. Go to Start->Run and type in the following command then click OK. Make sure to leave a space between regsvr32 and the filename.

regsvr32 Urlmon.dll

When you receive the "DllRegisterServer in urlmon.dll succeeded" message, click OK.
Then do each of the following, one at a time.

regsvr32 Shell32.dll
regsvr32 Oleaut32.dll
regsvr32 Actxprxy.dll
regsvr32 Mshtml.dll
regsvr32 Shdocvw.dll

Reboot.

Any change in IE?

 

Good grief

Dave, goodmorning.

I did not do the actions in your last post as of yet.

I ran all updates as you reccomended....

I needed to use Mocrosoft WORD this morning.

I typed a document, printed it out, and then Word kicked me out.. when I tried to get back in, it "recovered" the document that I was working on, but when I clicked on the recovered document on the left, I recieved a new pop up box with this message:

Mocrosft visual C++ Runtime Library

Runtime Error
Program C:/Program Fles/Microsoft Office/Office10/WINWORD.EXE

Abnormal program termination.
OK

When I click on OK, the entire program shuts down.
This happens every time I try to get into WORD.

I am assuming this has something to do with the updates because I was not having this problem prior to running them, ( I used WORD last night PRIOR to running the Updates)

What now?? Help!!???!?!?

Thanks so much, Denise

 

Good morning Denise

With Word closed, do a search for a file named normal.dot
You will probably find it in C:\Documents and Settings\your~username\Application Data\Microsoft\Templates

Delete it.

Try Word again.

*Note - while this will often resolve many issues with Word, you might also lose some saved preferences. Reset your preferences as desired and they will be saved for the next use.

 

Hello Dave, Just got back...
Ran instructions for WORD and also for Explorer. They both seem to be resolved. ( You're the man)

However, After running all of the updates and Service packs from Windows, my computer is running like a snail. When I move from screen to screen, a white "shadow" of the former screen is left and blanks out portions of the new screen for about 25 seconds.

AND

Now I am getting a NEW Dialog box when I try to log out for Zl client.exe. Telling me that the program is not responding and asking if I want to "end now" or cancel. If I wait, it does eventually end itself and the computer shotsdown.. I'm just wondering if this is somthing I did with all of our work here..... and if I should be seeing it everytime I log out.. ( I tried three shutdowns and it appears every time.)

SO, my issues are:
slow slow slow computer
zl client dialog box.

I sure hope we're almost done

Thanks again,.D

 

Dave, one more thing... just for the heck of it I tried disabling tea timer again because I noticed in task manager it was running like crazy and eating up my cpu usage.... I started getting a green light on my task bar that looked like it was completely filling up. AFTER disabling it... my computer seemed to go back to normal as far as speed. Do you think maybe Spybot doesn't work well with Zone Alarm? .... just wondering what your thoughts are on that.

thanks D

 

something new..

Dave,,,, hello...
Windows updates ran again this morning.
Now I can't access the internet, (I am on my husband's laptop) can't get mail, and can't even open Zone alarm to view it. Something is definetly conflicting, I went into Windows Security ( just got that through an update) and disabled it's firewall since I have Zone Alarm. But that did not make a difference.

Also, it takes 7-9 inutes for my desktop items to appear ( the photo is there but not the icons. )

Just another FYI.. thanks

 

Hi Denise,

Definitely something conflicting. Can you re-install Zone Alarm if you were to uninstall it? I've had that shutdown error with ZA in the past, and it could well be blocking internet access. Were it me, I would see if things work properly without Zone Alarm and Spybot. If so, reinstall Zone alarm and see how things go. If working properly, after a couple of days, try Spybot again.

If uninstalling/reinstalling Zone Alarm doesn't resolve the connection issue and the ZA shutdown error, we can start removing updates one at a time to figure out which ones are causing conflict.

 

I checked for Zone Alarm updates, and actually did a CLEAN INSTALL to Zone Alarm internet Security (not just ZApro) so that I would have Virus protection also. Tried unistalling Spybot and still have major issues with Zone Alarm alone. Then I unistalled Windows SP2, and the computer is now completely back to normal.

I remember this happening in the past which is the reason I stopped taking the windows upgrades. I know I need them.... but is it really necessary to have the Service Pack two (Windows security) if I already have Zone alarm?
Can I just continue to install the regular upgrades that don't include sp2?

And at this point, do you think I should re-install spybot?

Thanks again,
D

ps. is there a way I can pay you something for your work???

 

SP2 is probably the most important of them all. I'm going to fish around for some info on ZA and the conflict with SP2. You're using ZA Pro, correct?

Spybot is a good app, and if you can get it to behave, then yes, I recommend reinstalling.

I have a noahdfear @ msn paypal if you feel inclined. Otherwise, donations to the forum are appreciated as well. In fact, once you become a contributing member, you will no longer see the ads on this site, as well as a few other benefits. TIA

 

Denise, are you sure that the conflict with SP2 is with ZA? It could be conflicting with another program, or outdated drivers, or even an outdated BIOS. Could be DEP that is installed with SP2 too. Did it run right on SP2 without ZA?

 

The version of ZA I have is:
ZA Security Suite VErsion 7.0.408.000
Tru Vector Security engine version 7.0.408.000
Driver Version 7.0.408.000
Anti Virus Engine Version3, DAT file version
Antispyware engine version 5.0.176.0, DAT file version 01.200709.2425
Anti Spam Version 5.0.6.8903

When I have some more time, I will uninstall ZA completely and re-install SP2, then get back to you. My major issue is that I work from home and without my computer functioning I lose $$$ every day. So I am hesitant to try this all again, but I DO understand the importance of it all.

Thanks again, you're a gem.

 

Sounds like a good plan, Denise.

If it's OK with you, I'd like to mark this topic resolved now, because I feel the issues are beyond infection, which has been fully cleaned now. I think it would be best to post the issues with SP2 in the XP forum, where it will get attention from others that have quite a lot of experience and ideas in that area as well.

As mentioned before, see if you can rule out ZA as a culprit. ZA has long been compatible with SP2, and I think there's a good possibility the problem lies elsewhere. You should also check for driver updates to you hardware, such as video, sound, ethernet, etc. Startup programs should be disabled to see if one of them is conflicting too. I would also recommend trying with DEP disabled. I've included a link below to a page dealing specifically with problems with SP2. There is information there regarding DEP too.

http://winhlp.com/WxSP2.htm

Oh, if you haven't done so already, it probably wouldn't be a bad idea to run disk cleanup and defrag.

 

WIdnows XP / SP thread

Hi Dave, I can't find where the new thread begins for this issue.. can you direct me?

I would like to try re-installing SP2 now...

.... should I first uninstall ZA?


Thanks again for all of your help.

God Bless

Denise

 

some last questions:

1. I don't really know how to check for driver updates.
2. How do I disabe startup programs?
3. I read through the link you sent and the section on DEP... it sounds really involved and confusing. I am afraid I will mess something up. Is there an easier way to disable this?

Sorry.. I just don't know enough about this to feel confident!

Thanks Da ve

 

Hi Denise,

We'll just continue working from here for now. Go ahead and install SP2 first. If the system again begins to crawl, first check the Control Panel>Windows Firewall and make sure it is disabled (Windows Firewall and Zone Alarm should not both be running). If no change, uninstall Zone Alarm and reboot. Check to make sure the Windows Firewall is now enabled. If the system is still lagging without Zone Alarm, re-install it (it should disable the Windows firewall automatically upon installation), then post back to let me know. We'll take it from that point.


Since updating hardware drivers is generally a good idea, download SIW, saving it to a location of your choice that's handy. It's a standalone tool (means it just runs when you start it .... no installation required) that can run from anywhere and you can keep for future use.

The first step in updating drivers is in identifying your hardware. Run SIW and right click on the Hardware heading in the left pane then Export the info to a text file. Email that text file to me here please. Put RE: smitRem in the subject line.

 

RE:smitRem

I emailed you as instructed.

I also uninstalled ZA, re-installed SP2, and then re-installed ZA. Strangly enough.. the computer is running almost normally, but start up is still really slow, it takes almost 5 minutes before my icon names look normal and before I can open anything. Once I am up an running though.. they seem OK.. There is another update the computer is prompting me for.. I will run that tonight and see if that makes a diff.
I will wait to hear from you.

Thanks again
D.