Bitfinder Information bar not visible

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by crabbypatty, Jan 30, 2006.

  1. crabbypatty

    crabbypatty Private E-2

    I am in the process of running through the spyware, malware removal process.I have dial up and am trying to run the Bitfinder in regular mode but I am because the information bar is not visible so I can't enable Active X. I have XP and service pack 2. Any advice? I already tried the Bitfinder help page with no luck. Any ideas?
    Thanks!
     
    crabbypatty, Jan 30, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Just skip BitDefender for now and continue with the rest of the READ & RUN ME.
     
    chaslang, Jan 30, 2006
    #2
  3. crabbypatty

    crabbypatty Private E-2

    Hijack this log

    Okay, thank you for the advice. I was not able to run panda or bitdefender because no information bar ever came up.

    I also ran the Vundofix.exe program but after I click Scan for Vundo the window disappeared and never came back. Was I supposed to run Vundo while the computer was in safe mode?

    The main problem I am having is that Winfixer windows keep popping up all over the place. I think my husband may have done something because he kept asking me if maybe he should just say "Yes" and the windows would leave him alone! I don't think anyone ever clicked yes, but I have a couple of kids that are on the computer a lot too.

    I now have different user accounts set up for the rest of the family don't let them log on to the administrator account.

    I am attaching the hijack this log. Let me know if I did anything that you think needs to be fixed.
     

    Attached Files:

    crabbypatty, Jan 31, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Hijack this log

    First run HJT and put check on each of the below lines, then exit ALL browsers and then click Fix checked:

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://202.67.220.227/trafc-2/rfe.php?nid=ls&cmp=mygeek_17&q=download&uid=D83827B668D111DA837C000B6AC2AAE3&guid=fc93c619+867579143B064091ADBB3CD3F270ECE0&lid=C:\My%20Downloads
    O18 - Protocol: bw+0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {D2752CAD-9C63-425C-8396-B3FC93AFB1D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    Now Exit HJT.

    Please download (delete whatever version you have first - it was updated) VundoFix.exe to your desktop.
    • Double-click VundoFix.exe to run it.
    • Put a check next to Run VundoFix as a task.
    • You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
    • When VundoFix re-opens, click the Scan for Vundo button.
    • Once it's done scanning, click the Remove Vundo button.
    • You will receive a prompt asking if you want to remove the files, click YES
    • Once you click yes, your desktop will go blank as it starts removing Vundo.
    • When completed, it will prompt that it will shutdown your computer, click OK.
    • Turn your computer back on.
    • Please attach the log from VundoFix (C:\vundofix.txt) also attach a new HijackThis log.
     
    chaslang, Jan 31, 2006
    #4
  5. crabbypatty

    crabbypatty Private E-2

    Did it!

    I fixed all of the items in the hijack this log.( I hope! there were 79 of them! Is that an unusually large number?) and then I was able to run the Panda Active scan and am including the log. I tried Bitfinder again but the Winfixer screen took over that window and I was unable to get it to work. I also tried deleting and reinstalling VundoFix. It becomes unresponsive after I click "run as task". Do you have any more instructions? Thank you so much for your help.
     

    Attached Files:

    crabbypatty, Jan 31, 2006
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Did it!

    Try running the VundoFix procedure in safe mode. If that does not work, then follow the steps in the below link and attach the Spy Sweeper log.

    Running Spy Sweeper...
     
    chaslang, Feb 1, 2006
    #6
  7. crabbypatty

    crabbypatty Private E-2

    The Vundofix still was unresponsive even in safe mode. I followed the rest of the directions.What do you think?
    Thanks,
    Joni
     
    crabbypatty, Feb 1, 2006
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Then were is the spysweeper.txt log that is requested.

    You should also attach a new HJT log if SpySweeper was run.
     
    chaslang, Feb 1, 2006
    #8
  9. crabbypatty

    crabbypatty Private E-2

    Sorry about that. Here they are:

    I was having trouble getting them to upload. I hope they are there now.
     

    Attached Files:

    crabbypatty, Feb 1, 2006
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Sorry about that. Here they are:

    You should shut down ALL applications and windows (especially browsers) also exit MS Antispyware and run SpySweeper again. It ran out of memory a few times while running. Do not try to do anything else while it is scanning. It will run faster that way and also it should not run out of memory.

    How much RAM is in your PC?
     
    chaslang, Feb 1, 2006
    #10
  11. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Sorry about that. Here they are:

    After running SpySweeper (and attaching the new log) continue with below.

    Make sure viewing of hidden files is enabled (per the tutorial).

    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    R3 - Default URLSearchHook is missing
    O2 - BHO: ATLDistrib Object - {7A1A109F-58B3-414B-9829-5F4D9BE5FEDE} - C:\WINDOWS\system32\awvvt.dll (file missing)
    O20 - Winlogon Notify: awvvt - C:\WINDOWS\system32\awvvt.dll (file missing)
    O20 - Winlogon Notify: awvvu - C:\WINDOWS\system32\awvvu.dll (file missing)

    After clicking Fix, exit HJT.
    Boot into safe mode and use Windows Explorer to delete (they are probably already gone):
    C:\WINDOWS\system32\awvvt.dll
    C:\WINDOWS\system32\awvvu.dll

    Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.
    Now run Ccleaner (installed while running the READ ME FIRST).

    Now reboot in normal mode and post a new HJT log.

    Make sure you tell me how things are working now!

    Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.
     
    chaslang, Feb 1, 2006
    #11
  12. crabbypatty

    crabbypatty Private E-2

    Reran Spysweeper and HJT

    I just read your new message and will now follow the rest of your instructions. I'll get back to you as soon as I'm finished.

    I have 256 MB RAM.
     

    Attached Files:

    crabbypatty, Feb 1, 2006
    #12
  13. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Reran Spysweeper and HJT

    The third bullet item in the Spy Sweeper link I gave to you said:

    You did not update to the latest definitions. You are approximately 50 versions out of date. They are over 600+ right now.
     
    chaslang, Feb 1, 2006
    #13
  14. crabbypatty

    crabbypatty Private E-2

    Did it!

    I noticed in the c:\windows\Prefetch that there were some files named Rundll.exe which I have been having trouble with on start up. There was always a message displaying saying it couldn't load. Was that causing some of my problems?
    Thank you,
    Joni
     

    Attached Files:

    crabbypatty, Feb 1, 2006
    #14
  15. crabbypatty

    crabbypatty Private E-2

    Never mind...

    I did update them....I wonder what happened? I will try it again now.
    Thanks
     
    crabbypatty, Feb 1, 2006
    #15
  16. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Reran Spysweeper and HJT

    Hmmmmm? Your previous log from Spy Sweeper had the correct version! How did you wind up with an old version now?
     
    chaslang, Feb 1, 2006
    #16
  17. crabbypatty

    crabbypatty Private E-2

    Updated Spysweeper

    This is what happened. I had created a new user account to be the administrator so I could change our family user account to remove the the administrator account. The first time I ran spysweeper was from Administrator. Then I got tired of switching back and forth between user accounts so I made our family account an administrator account again. Then when I tried to run Spysweeper again I couldn't find it and I had to download it again but forgot to update it. Okay, that was ditzi!

    Question: When you create a new user account does that mean that user can't use any other programs on the computer? I don't get it.

    Anyway, when I get all of this fixed I'm going to remove the administrator account from our family user.

    I hope I did it right this time!
     

    Attached Files:

    crabbypatty, Feb 1, 2006
    #17
  18. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Updated Spysweeper

    Depends on the application. Some will be loaded for all accounts on the PC by default and some will not and cannot be loaded that way. Some applications ask you while installing if it should be accessible by all user accounts. If you say no, then it is only available to the single account where it is installed. I thought at one time Spy Sweeper was loaded for all user accounts. I don't remember now.

    Sometimes you can just drag and drop a link (a shortcut) to the executable program into the other user accounts and it will work. And sometimes, due to licensing issues, it will not.
     
    chaslang, Feb 1, 2006
    #18
  19. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Updated Spysweeper

    Your logs are clean. If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

    After that, you should work thru the below link:

    How to Protect yourself from malware!
     
    chaslang, Feb 1, 2006
    #19
  20. crabbypatty

    crabbypatty Private E-2

    Thank you!

    Thanks so much for your help. I haven't seen the Winfixer yet this afternoon so hopefully it's fixed now. :)

    I read the post on Malware prevention and find that I do most of those things. I run Microsoft Antispyware, AVG, ZoneAlarm, and I run AdAware about once a week but one more question:
    I am just about to get DSL and wonder if I have to do anything differently. Is it possible to keep the computers spyware free with DSL?

    Thanks again
     
    crabbypatty, Feb 1, 2006
    #20
  21. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Thank you!

    DSL is just a method of providing you bandwidth to your home. It does not add any inherent protection for you. In fact depending on how you were connecting before (was it dial-up) it could allow you to get infected even faster since the connection speed is faster. In reality, there is no perfect solution except not using a PC which is obviously not a viable option. The steps in the How to protect thread are a good set of steps. Education of the end user is just as important as all the protection software that you can install. No matter how much protection you install, the un-educated user can still turn your PC in to a collection of malware.
     
    chaslang, Feb 1, 2006
    #21

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds