Purity scan detected on my PC

NOD32 quarantined a restore point infested with purity scan. Am i now safe or could it be lurking on my system still? I'm sure I've seen apps specific to rooting out purity scan , if anyone can point me in the direction of a current and effective one of these I would really appreciate it.

 

I didn't even get past what was in the READ & RUN ME FIRST Before Asking for Support sticky. Infact I didn't even get past step 0 of that. When I tried to do:

MSConfig Startup Mode
Please go to Start > Run > type msconfig and click OK!
Select the General tab and select Normal Startup.

I got a popup telling me windows can't find msconfig.

(I've already tried the scannow thing and it didn't ask for the disc to be installed to fix broken files.)

All in all a bit weird to say the least

 

I have XP Pro

 

In the bit about Spybot it says :

Make sure you leave the SDhelper ( IE bad download blocker) checked to install (this is the default).

Where is this in Spybot?

Also, when I immunised, Spysweeper popped up an alert that something called the babe.something.bz wanted to be activated or something, I said no as I thought it looked dubious.

Expect more fun at each and every step to follow I expect.

Is there a quicker and easier fix to all this that will help in the short term because I swear my system is slowly falling apart around me as I work my way through this long process.

 

Ok, heres the first 3 files.

 

And the last 2.

I 'think' I've done it all correctly. It was rather complicated.

I've done everything up to (not including) step 8. I don't do that yet do I?

CCleaner I already had and have had for a while so I really don't know what the default settings should be.

When I immunised I got that odd message I mentioned before.

While Bitdefender and panda scans were being done I got a couple of virus alerts from Nod32, as follows (the 2nd was virtually identical apart from the specific temp file so I haven't included it):

Time Module Object Name Threat Action User Information
18/11/2006 23:01:17 AMON file C:\DOCUME~1\Jay\LOCALS~1\Temp\tmp0000355f\tmp00045d96 probably unknown NewHeur_PE virus quarantined - deleted NEWPC\Jay Event occurred on a new file created by the application: C:\Program Files\Internet Explorer\iexplore.exe. The file was moved to quarantine. You may close this window.

No other incidents other than those as I recall. Pandascan did see spyware and a hijack issue but these are yet to be resolved.

 

Ok, all updated except Spywareguard which I removed.

Do I need to go through that process again and attach the new files or did the last ones tell you all you needed to know?

Do I need to do anything to allow that process I blocked when I ran Immunise?

Not sure if it's relevant but several instances of the tenga.gen virus were identified (and dealt with) in the early stages of running through that checklist and in the last few days.

My mouse keeps 'sticking' which would indicate there is still something wrong. Either it's a legitamate process that is causing the system to freeze or a sign of malware. Any ideas?

I also still can't install the app I need to setup my Adobe postscript printer properly I get the message:

The Win 16 Subsystem was unable to enter Protected Mode, DOSX.EXE must be in your AUTOEXEC.NT and present in your PATH.

I would hazard a guess that DOSX.EXE should be in my AUTOEXEC.NT and the fact it isn't is a good sign that things aren't all as they should be.

 

I've immunised a couple of times at least since the upgrade but that alert hasn't happened again so that process is still being blocked. Hope I haven't messed anything up there.

I saw somewhere else that there are some issues relating to the tenga.gen virus and NOD32 anti virus. There seems to be some link between the two and from what I could make out I have to uninstall NOD32 and play around with some settings or something. Any ideas what all that's about?

Well it isn't my mouse sticking as it's an optical mouse. Spysweeper could well have been the problem. When I was gaming I found myself stuck in a run action every now and then and had to mash my keys and mouse buttons to stop my character running off a cliff. I have uninstalled Spysweeper, which is somewhat annoying as I have just paid for it. I'm also now vulnerable arent I as I no longer have Spywareguard either? I do still have Spybot and Spyware Blaster so maybe I'll be ok. NOD32 also has anti spyware features too anyway I believe

dosx.exe is in the Windows 32 folder but I thought that issue might still be relevant here as the cause was possibly malware based. It's possible that my file system is slightly messed up and Windows needs a repair as certain key files such as helpctre.exe and msconfig were also not as they should be. I'll take that up in the relevant forum.

 

The last instance of tenga.gen was when I ran through the checklist process the first time and as far as I can tell it isn't there now.However when I ran through that process the second time and got to the Bitdefender and Panda scan step I had 3 virus alerts that NOD32 claimed to have dealt with (they weren't tenga.gen by the way). But my gut feeling was something still wasn't quite right. I did a web search for tenga.gen to see if I could learn any more about it and found this:

http://www.wilderssecurity.com/showthread.php?t=131080

and an alleged fix here http://www.wilderssecurity.com/showthread.php?p=748782#post748782
needless to say, all a bit over my head I'm afraid.

As for Spysweeper, no I don't think that was the problem as I'm still getting frequent lock ups of my mouse. Ironically, Teatimer has never been a (noticeable) issue. As Spysweeper clearly isn't the cause I'm wondering whether I might as well reinstall it, considering I actually paid for it.

Thanks for the tips with the other issue, I'll try that and start a thread in the right forum for trying to tackle that issue.

 

The alerts NOD32 had while running Bitdefender were all pretty much the same as this one:

Time Module Object Name Threat Action User Information
18/11/2006 23:01:17 AMON file C:\DOCUME~1\Jay\LOCALS~1\Temp\tmp0000355f\tmp00045d96 probably unknown NewHeur_PE virus quarantined - deleted NEWPC\Jay Event occurred on a new file created by the application: C:\Program Files\Internet Explorer\iexplore.exe. The file was moved to quarantine. You may close this window.

however I wasn't aware scans can cause antivirus software to make false readings and it probably was what caused these alerts

I don't have Teatimer running now but I was using it up until the step by step process I just did advised me to disable it. To be honest I'm tempted to start it up again as it was protecting me and didn't seem to be using too much of my system resources. Certainly less than Spysweeper anyway. But bottom line, I'm a bit lost now realy as to what my best option is teatimer, Spysweeper or reinstall SPyware Guard. All 3 is maybe overdoing it?

It's version 5.2 of Spysweeper by the way, which should be the latest one.

 

It didn't occur to me to disable NOD32 when I did the Bitdefender scan but no harm done I guess. ! Well at least that proves I'm clean.

I didn't have the antivirus part of Spysweeper active. I'll see if I can get version 5 running again and I'll make sure I'm not running conflicting spyware apps.

Definitely resolved a few issues tho so thanks for the help.

And as a bonus I also managed to get my Postscript printer working which is a huge load off my mind.