Requesting these files be examined

Hello,
I received a nice computer when my dad passed. I didn't expect to find any problems, and it appeared to be running ok. I uninstalled his old (expired) virus protection, updated FireFox, Java, Adobe, loaded Flash player, and auto update from MS all loaded OK. I attempted to disable AutoRun, (KB967715) but GPEDIT.MSC did not show "System" edits, as described. Instead I tried MS FIX IT 50471, so I can scan and use a flash drive. IT has been used with a currently infected laptop. This one is much faster than my old computer, so I do not know if I have transferred a virus to this new-to-me PC running XP Pro. I loaded Malwarebytes Anti-Malware Premium, did a threat scan, and only found 2 PUPs previously.

In ran msinfo32.exe, and the video driver was listed as not loaded. I examined history, and a HUGE number of items were listed as changed, as of today. I do not know if this was due to updates, or any of the above efforts and programs.

When running CCleaner, I noticed ASP.NET user (which I thought was something of his old software, and changed the password in an attempt to log on, and clean it. Not sure if that caused any problems.

In running MGtools, I got a error different from those listed, stating Processdll.exe Common Lanugage Runtime Debugging Services, with Process id ox4fo (1264) and Thread id as ox840 (2688).

Some scans were questionable, so I will include them here. Let me know if I need to re-run the MGtools, and or edit the registry regarding the one fix listed for 16 bit MS-DOS subsystem error. I did reload Net framework.

I will look at the suggestions as to what other AV software might be required beyond the Malwarebytes A-M Premium.

Many thanks for all the support over many years here!!
Jerry

 

The problems I have with the laptop, (which is clearly infected), to the point of only being able to run it in Safe Mode, with internet access, I repeatedly had hangs, and task manager showing svchost.exe PID 1416 (and a few other IDs), which if terminated allowed it to proceed. A google search listed it as a virus. So my concern with this computer, and having used the flash drive between the two, is that the problems may have been transferred, or others generated. And the scans in my first post, may well relate to that virus, if any are found. I will attempt to resolve those problems (on the lap top) once I get this current machine in good health with proper AV as needed. And would be open to suggestions for programs beyond the Malwarebytes Anti-Malware Premium as you recommend.

And I will be seeking advise as to how to properly disable autorun with whatever is needed to hopefully prevent that problem again. Open to any suggestions there as well.

Again.. MANY THANKS!

 

Kestral,
I appreciate you looking at them for me, VERY MUCH! Basically all I've done with this, is to get it on line, do many updates... added more AV last night and a good firewall. And I initially only wanted to ask some related questions, but did see some issues of concern. I figured I should go ahead and do the scans just to be safe. I'll hope it was a easy(ier?) job, with no problems found. And now I can go forward with this one, and look at the laptop. I'm certain it has issues, but I'm very happy with the current configuration here. So I may try loading the same programs if I.. ah.. you.. we? can get it clean. I do usually try to be careful. And I can't afford the good stuff. Will hope to upgrade this one before too long to Win 7. A few other questions have already been answered in the Software forum, so I proceed with their advise, and ask more if needed there.

Major Geeks has been a real blessing, and I am very appreciative of all the help, some 6 years now! Thanks again, and have a great day!!
Jerry

 

Not sure what just happened..
Had Firefox open, a couple tabs opened to suggested links given to me from here regarding how to find CD keys, google maps and mail.. but disk activity took off, processor idle went down to 50% or less, which should have been 98% or so typically. I assumed at first it was a virus scan. But it continued, so I tried looking at Task Manager, and Firefox was up to over 500,000K of space and climbing, and plugin container.exe PID 2768 was using over 25% processor time. Then a MS message pops up that PluginContainer had crashed.. and sent off a report. The firewall showed over a half hour of activity from 66.150.223.117:32950 and :32958.. and then from 64.74.133.83:38134, 5 and 38140. Are those update sites?

I just let it run! At this point, I see this thing to be in test mode, with nothing serious loaded on it.. but it hung up the system to where Task Manager wouldn't come up for what must have been over a minute.. and I couldn't close tabs or anything else. Pretty weird! Any ideas.. other than a good book or movie?
Many thanks!!

 

Quick questions.. I have to work on a car today, but thought I would post for the answers when I get back to finishing this cleaning.

On my infected laptop, I have all my recent Firefox bookmarks, passwords, etc. My plan would be to delete the history, thin out the bookmarks to more recent and needed. But if I sign into a account and transfer this stuff over to this new computer.. is there any risk associated.. in a virus/mal-ware way?

I plan to load a new defrag program, as this has some obscure O&O defrag program. IOBit sounds highly recommended. And other suggestions for what works best, and is free?

TIA!! Jerry