1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Frequent Event System Errors

Discussion in 'Virus & Other Malware Removal' started by archp2007, Apr 7, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. archp2007

    archp2007 Thread Starter

    Joined:
    Oct 30, 2007
    Messages:
    107
    Hello,
    I am getting frequent system related errors in my Event Viewer. Typically those are related to system crashes. Here are four for starters. It is almost impossible to avoid some crashes on a daily basis. I find the M$ help over my head. Where to start??? Thanks in advance for any suggestions.

    Event Type: Error
    Event Source: SMTPSVC
    Event Category: None
    Event ID: 116
    Date: 4/5/2008
    Time: 9:59:08 PM
    User: N/A
    Computer: HOME-D309DBCB8C
    Description:
    The service metabase path '/LM/SMTPSVC/' could not be opened. The data is the error code.
    For additional information specific to this message please visit the Microsoft Online Support site located at: http://www.microsoft.com/contentredirect.asp.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 03

    -------------------------------------------------------------------------------------------------
    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7023
    Date: 4/5/2008
    Time: 8:26:15 PM
    User: N/A
    Computer: HOME-D309DBCB8C
    Description:
    The Simple Mail Transfer Protocol (SMTP) service terminated with the following error:
    The system cannot find the path specified.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    ----------------------------------------------------------------------------------------------
    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7023
    Date: 4/5/2008
    Time: 8:26:15 PM
    User: N/A
    Computer: HOME-D309DBCB8C
    Description:
    The World Wide Web Publishing service terminated with the following error:
    The system cannot find the path specified.

    -----------------------------------------------------------------------------------------------
    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7000
    Date: 4/5/2008
    Time: 8:26:15 PM
    User: N/A
    Computer: HOME-D309DBCB8C
    Description:
    The ProtexisLicensing service failed to start due to the following error:
    Access is denied.

    For m
     
  2. ozrom1e

    ozrom1e

    Joined:
    May 15, 2006
    Messages:
    11,849
    Using and asking for help on P2P networking is against the rules here at TSG. Please read the TSG rules

    Tech Support Guy Site Rules
    http://www.techguy.org/rules.html
     
  3. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,372
    First Name:
    Karen
    I see you edited your post to remove the reference to P2P but since I don't think these errors are necessarily specific to P2P, I'll leave this open.

    Do you have IIS installed?
     
  4. archp2007

    archp2007 Thread Starter

    Joined:
    Oct 30, 2007
    Messages:
    107
    Thanks. Upon reading another similar post I uninstalled the IIS service and then reinstalled it thinking that the reinstall might help. There was a problem on the reinstall in that two or three encrypted files could not be written in an encrypted format so I had to choose the option to write as unencrypted in order to get the reinstall to finish. Meanwhile today I continue to have the same errors as well as problems loading Kaspersky drivers. Here are some of the other errors that I am getting:

    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7000
    Date: 4/5/2008
    Time: 8:26:15 PM
    User: N/A
    Computer: HOME-D309DBCB8C
    Description:
    The FolderProtectService service failed to start due to the following error:
    Access is denied.

    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7000
    Date: 4/7/2008
    Time: 2:37:16 AM
    User: N/A
    Computer: HOME-D309DBCB8C
    Description:
    The ProtexisLicensing service failed to start due to the following error:
    Access is denied.

    I don't know if any of these errors are repetitive or not. I wish the Microsoft recommendations were more useful.
     
  5. archp2007

    archp2007 Thread Starter

    Joined:
    Oct 30, 2007
    Messages:
    107
    I am wondering if the utility I am currently using known as Hide Folders XP has been found to cause problems. I earlier had to uninstall a similar security program (can't recall the exact name) by a differerent vendor because it caused similar problems. Luckily that time the offending driver was identified.
     
  6. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,372
    First Name:
    Karen
    Let's take a look at what you have running on your system.

    Click here to download HJTsetup.exe.
    • Save HJTsetup.exe to your desktop.
    • Double click on the HJTsetup.exe icon on your desktop.
    • By default it will install to C:\Program Files\Hijack This.
    • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    • Put a check by Create a desktop icon then click Next again.
    • Continue to follow the rest of the prompts from there.
    • At the final dialogue box click Finish and it will launch Hijack This.
    • Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
    • Click Save to save the log file and then the log will open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.


    Also, open HijackThis and click on "Config" and then on the "Misc Tools" button. If you're viewing HijackThis from the Main Menu then click on "Open the Misc Tools Section". Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here please.
     
  7. archp2007

    archp2007 Thread Starter

    Joined:
    Oct 30, 2007
    Messages:
    107
    Thank you very much for offering the help. Here is the log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:36:59 PM, on 4/8/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Hide Folders XP 2\hfxp.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Sandboxie\SbieSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    C:\Program Files\UPHClean\uphclean.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;localhost
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O3 - Toolbar: (no name) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - (no file)
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
    O4 - HKLM\..\Run: [Kaspersy Anti-Hacker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe"
    O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [hfxp] "C:\Program Files\Hide Folders XP 2\hfxp.exe" /s
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Download linked FLV with GetFLV - C:\Program Files\GetFLV\iemenu\DownloadLinkFLV.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: (no name) - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe (file missing)
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FolderProtectService - Unknown owner - C:\Program Files\Spotmau WinCares 2007\FolderProtectService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: nTune Service (nTuneService) - Unknown owner - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
    O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

    --
    End of file - 8782 bytes

    I've got a ton of applications installed. I'm retired and that's about all I do!

    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    Acoustica CD/DVD Label Maker
    Acronis*Disk Director Suite
    Acronis*True*Image*Home
    Active SMART
    Active WebCam
    Adobe Dreamweaver CS3
    Adobe Reader 8.1.2
    Adobe Shockwave Player
    Aliant Internet Help & Support
    Allok Video to FLV Converter 4.7.1202
    Amadis Video Converter Suite V3.5.3
    Apex Video Converter Super 6.39
    Apple Mobile Device Support
    ArcSoft PhotoImpression 4
    ASUSUpdate
    AusLogics BoostSpeed
    AusLogics Disk Defrag
    AusLogics Emergency Recovery
    AusLogics Visual Styler
    Automatic Windows Internet Washer
    Azureus Vuze
    Beyond TV DVD Burning Foundation
    Brain Trainer
    Camera Driver
    Camtasia Studio 5
    Canon MP Navigator 3.0
    Canon Utilities Easy-PhotoPrint
    Canon Utilities Easy-PhotoPrint EX
    CCleaner (remove only)
    CD-LabelPrint
    Chinese Traditional Fonts Support For Adobe Reader 8
    Dcads Games Collection
    Direct Show Ogg Vorbis Filter (remove only)
    DivX Content Uploader
    DivX Web Player
    DriverGuide DriverScan
    DriverGuide Toolkit
    DSL Speed V3.6
    Easy CD and DVD Cover Creator 4.0
    FLV to AVI MPEG WMV 3GP MP4 iPod Converter 3.2.0623
    FlvRecorder
    Futuremark Measurement Services Client
    Game Elements SGE2910BD/37 Wireless PC Control Pad
    GenuTax
    GetFLV Pro 4.0
    Google Earth Pro
    Google SketchUp 6
    Google SketchUp 6
    GTA San Andreas
    Hallmark Card Studio 2008 Deluxe
    Hide Folders XP 2.9.2 for Windows XP/Vista
    HijackThis 2.0.2
    HotDog Professional 7
    HotDog Professional 7
    Hotfix for Microsoft .NET Framework 3.0 (KB932471)
    Hotfix for Windows XP (KB896344)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Ipswitch WS_FTP Professional 2007
    iTunes
    Joost (tm) Beta 1.0.3
    Kaspersky Anti-Hacker
    Kaspersky Anti-Virus 7.0
    Kaspersky Anti-Virus 7.0
    KeepV Flash Converter
    K-Lite Codec Pack 3.7.0 Full
    Launchy 1.0
    Lion King
    LiveUpdate 3.2 (Symantec Corporation)
    Logitech Desktop Messenger
    Logitech ImageStudio
    MagicDisc 2.6.85
    MARS MR97310 VGA
    Mavis Beacon Teaches Typing Deluxe 17
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft .NET Framework 3.0 Service Pack 1
    Microsoft .NET Framework 3.5
    Microsoft .NET Framework 3.5
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Excel 2007
    Microsoft Office Outlook 2007
    Microsoft Office Outlook 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Silverlight
    Microsoft Web Publishing Wizard 1.52
    Mozilla Firefox (2.0.0.12)
    NewsLeecher v3.8 Final
    NHL® 08
    NVIDIA Drivers
    ODF Add-in for Microsoft Word
    OfficeRecovery
    OpenOffice.org 2.3
    PE Builder 3.1.10a
    PowerQuest PartitionMagic 8.0
    PrintFolder 1.3
    Privacy Eraser Pro
    Pro Evolution Soccer 6
    QuickTax 2007
    QuickTime
    RapidTyping 1.2.0.4
    RealArcade
    RealPlayer
    REALTEK GbE & FE Ethernet PCI-E NIC Driver
    RegCure 1.5.0.0
    Registry Clean Expert
    Replay Media Catcher
    Riva FLV Encoder 2.0
    Roxio Drag-to-Disc
    Sandboxie 3.24
    ScanSoft OmniPage 16
    SCRABBLE® Interactive 2007 EDITION Uninstall
    Sea War The Battles 2
    Security Update for Outlook 2007 (KB946983)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937894)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB939373)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB942830)
    Security Update for Windows XP (KB942831)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944533)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB946026)
    Shareaza
    Shockwave
    SMPlayer 0.5.62
    SopCast 2.0.4
    SoundMAX
    Spybot - Search & Destroy
    Spybot - Search & Destroy 1.5.2.20
    System Requirements Lab
    Ten Thumbs 4.7
    The Panorama Factory V4 m32 Edition
    The Print Shop 20
    Tiger Woods PGA TOUR 08
    Total Uninstall 4.6.2
    Tracks Eraser Pro v7.0
    TV Software 1.5.0
    TVAnts 1.0
    TypingMaster Pro
    Ulead iPhoto Plus 4.0
    Update for Outlook 2007 Junk Email Filter (kb947945)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB908531)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920342)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB925720)
    Update for Windows XP (KB925876)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB942840)
    Update for Windows XP (KB946501-v2)
    User Profile Hive Cleanup Service
    Visual Studio 2005 Redist Package
    vTuner Plus
    WatchTV++ 1.2 EN
    Webshots Desktop
    Webshots!
    Wheel Of Fortune
    Wheel of Fortune Deluxe (remove only)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Format SDK Hotfix - KB891122
    Windows Media Player 11
    Windows Presentation Foundation
    Windows Vista Upgrade Advisor
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    WinPcap 4.0
    WinRAR archiver
    XnView 1.93.4
    XviD MPEG-4 Codec
    Yahoo! Toolbar
    Your Uninstaller! 2008 Version 6.0
    ZimCore 1.1.1


    Thanks again!
     
  8. archp2007

    archp2007 Thread Starter

    Joined:
    Oct 30, 2007
    Messages:
    107
    Hello again. My Kaspersky found a virus overnight that it was unable to remove - something called Heur.invader. I tried to do a straight system restore but all the restore points were gone!! I decided to do a system state restore froom a backup done with M$ guided registry backup. This worked but Kaspessky is still driving me nuts with warnings that everything (programs, drivers, etc.) having been changed and suspicious activity, and not letting me uninstall certain programs. I had to turn off proactive defense within Kaspersky to be able to use the computer. I tried to uninstall Kaspersky but it won't let me do that either. I do have a complete disk image on a second drive from a week ago, but I'm hesitant to try restoring that because I do have some work to do and my computer is still usable.
     
  9. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,372
    First Name:
    Karen
    Can you post the last Kaspersky log please?

    Also, since doing the backup restore, please post a new uninstall list.
     
  10. archp2007

    archp2007 Thread Starter

    Joined:
    Oct 30, 2007
    Messages:
    107
    Thank you for your patience. Sorry for the pages and pages of repeated lines that I had to delete because the report was too long. Avast virus report to follow.

    4/9/2008 2:59:07 AM Process C:\Program Files\Internet Explorer\iexplore.exe (PID: 0): attempt to perform suspicious actions was blocked.
    4/9/2008 3:02:32 AM Process C:\WINDOWS\system32\dwwin.exe (PID: 0): attempt to perform suspicious actions was blocked.
    4/9/2008 3:02:32 AM Process (PID 2988) tried to access Kaspersky Anti-Virus process (PID 888), but the action has been blocked by the Self-Defense component. No action on your part is required.
    4/9/2008 6:56:40 AM Process C:\Program Files\Internet Explorer\iexplore.exe (PID: 2172): attempt to load new or modified module was blocked.
    4/9/2008 6:56:40 AM Process C:\Program Files\Internet Explorer\iexplore.exe (PID: 2172): attempt to load new or modified module was blocked.
    4/9/2008 6:56:40 AM Process C:\Program Files\Internet Explorer\iexplore.exe (PID: 2172): attempt to load new or modified module was blocked.
    4/9/2008 6:56:46 AM Some protection components are disabled. You are advised to enable them.
    4/9/2008 7:38:19 AM Protection of your computer is not running. You are advised to resume protection.


    Reports
    -------
    Component Status Start Finish Size
    --------- ------ ----- ------ ----
    Mail Anti-Virus running 4/9/2008 9:58:44 AM 0 bytes
    File Anti-Virus disabled 4/9/2008 9:58:44 AM 4/9/2008 11:23:26 AM 0 bytes
    Web Anti-Virus running 4/9/2008 9:58:44 AM 0 bytes


    Quarantine
    ----------
    Status Object Size Added
    ------ ------ ---- -----


    Backup
    ------
    Status Object Size
    ------ ------ ----
    Infected: virus EICAR-Test-File C:\DOCUME~1\ARCHPA~1\LOCALS~1\Temp\Av-test.txt 72 bytes
    ------------------------------------------------------------------------------------------------------

    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    Acoustica CD/DVD Label Maker
    Acronis*Disk Director Suite
    Acronis*True*Image*Home
    Active SMART
    Active WebCam
    Adobe Dreamweaver CS3
    Adobe Reader 8.1.2
    Adobe Shockwave Player
    Aliant Internet Help & Support
    Allok Video to FLV Converter 4.7.1202
    Amadis Video Converter Suite V3.5.3
    Apex Video Converter Super 6.39
    Apple Mobile Device Support
    ArcSoft PhotoImpression 4
    ASUSUpdate
    AusLogics BoostSpeed
    AusLogics Disk Defrag
    AusLogics Emergency Recovery
    AusLogics Visual Styler
    Automatic Windows Internet Washer
    Azureus Vuze
    Beyond TV DVD Burning Foundation
    Brain Trainer
    Camera Driver
    Camtasia Studio 5
    Canon MP Navigator 3.0
    Canon Utilities Easy-PhotoPrint
    Canon Utilities Easy-PhotoPrint EX
    CCleaner (remove only)
    CD-LabelPrint
    Chinese Traditional Fonts Support For Adobe Reader 8
    Dcads Games Collection
    Direct Show Ogg Vorbis Filter (remove only)
    DivX Content Uploader
    DivX Web Player
    DriverGuide DriverScan
    DriverGuide Toolkit
    DSL Speed V3.6
    Easy CD and DVD Cover Creator 4.0
    FLV to AVI MPEG WMV 3GP MP4 iPod Converter 3.2.0623
    FlvRecorder
    Futuremark Measurement Services Client
    Game Elements SGE2910BD/37 Wireless PC Control Pad
    GenuTax
    GetFLV Pro 4.0
    Google Earth Pro
    Google SketchUp 6
    Google SketchUp 6
    GTA San Andreas
    Hallmark Card Studio 2008 Deluxe
    Hide Folders XP 2.9.2 for Windows XP/Vista
    HijackThis 2.0.2
    HotDog Professional 7
    HotDog Professional 7
    Hotfix for Microsoft .NET Framework 3.0 (KB932471)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows XP (KB896344)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Ipswitch WS_FTP Professional 2007
    iTunes
    Joost (tm) Beta 1.0.3
    Kaspersky Anti-Virus 7.0
    Kaspersky Anti-Virus 7.0
    KeepV Flash Converter
    K-Lite Codec Pack 3.7.0 Full
    Launchy 1.0
    Lion King
    LiveUpdate 3.2 (Symantec Corporation)
    Logitech Desktop Messenger
    Logitech ImageStudio
    MagicDisc 2.6.85
    MARS MR97310 VGA
    Mavis Beacon Teaches Typing Deluxe 17
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft .NET Framework 3.0 Service Pack 1
    Microsoft .NET Framework 3.5
    Microsoft .NET Framework 3.5
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Excel 2007
    Microsoft Office Outlook 2007
    Microsoft Office Outlook 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Silverlight
    Microsoft Web Publishing Wizard 1.52
    Mozilla Firefox (2.0.0.12)
    NewsLeecher v3.8 Final
    NHL® 08
    NVIDIA Drivers
    ODF Add-in for Microsoft Word
    OfficeRecovery
    OpenOffice.org 2.3
    PE Builder 3.1.10a
    PowerQuest PartitionMagic 8.0
    PrintFolder 1.3
    Privacy Eraser Pro
    Pro Evolution Soccer 6
    QuickTax 2007
    QuickTime
    RapidTyping 1.2.0.4
    RealArcade
    RealPlayer
    REALTEK GbE & FE Ethernet PCI-E NIC Driver
    RegCure 1.5.0.0
    Registry Clean Expert
    Replay Media Catcher
    Riva FLV Encoder 2.0
    Roxio Drag-to-Disc
    Sandboxie 3.24
    ScanSoft OmniPage 16
    SCRABBLE® Interactive 2007 EDITION Uninstall
    Sea War The Battles 2
    Security Update for Outlook 2007 (KB946983)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937894)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB939373)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB942830)
    Security Update for Windows XP (KB942831)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944533)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB945553)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    Shareaza
    Shockwave
    SMPlayer 0.5.62
    SopCast 2.0.4
    SoundMAX
    Spybot - Search & Destroy
    Spybot - Search & Destroy 1.5.2.20
    System Requirements Lab
    Ten Thumbs 4.7
    The Panorama Factory V4 m32 Edition
    The Print Shop 20
    Tiger Woods PGA TOUR 08
    Total Uninstall 4.6.2
    Tracks Eraser Pro v7.0
    TV Software 1.5.0
    TVAnts 1.0
    TypingMaster Pro
    Ulead iPhoto Plus 4.0
    Update for Outlook 2007 Junk Email Filter (kb947945)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB908531)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920342)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB925720)
    Update for Windows XP (KB925876)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB942840)
    Update for Windows XP (KB946501-v2)
    User Profile Hive Cleanup Service
    Visual Studio 2005 Redist Package
    vTuner Plus
    WatchTV++ 1.2 EN
    Webshots Desktop
    Webshots!
    Wheel Of Fortune
    Wheel of Fortune Deluxe (remove only)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Format SDK Hotfix - KB891122
    Windows Media Player 11
    Windows Presentation Foundation
    Windows Vista Upgrade Advisor
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    WinPcap 4.0
    WinRAR archiver
    XnView 1.93.4
    XviD MPEG-4 Codec
    Yahoo! Toolbar
    Your Uninstaller! 2008 Version 6.0
    ZimCore 1.1.1


    I also have a report from Avast which I think deleted the virus and will append as soon as I reboot (on another active partition)
     
  11. archp2007

    archp2007 Thread Starter

    Joined:
    Oct 30, 2007
    Messages:
    107
    Sorry the Avast did not record any log. I don't know if that was because it was a boot scan (pre-boot) or because the Avast is a demo version. In any case I was given an option soon after the scanner started to scan the affected partition to take some action against the virus. I chose delete. It was unnecessary because I should and could have done a scan on the offending executable which I might have know was highly likely to have been infected before running it. Thanks again for your patience.
     
  12. archp2007

    archp2007 Thread Starter

    Joined:
    Oct 30, 2007
    Messages:
    107
    I could add that the event system errors were going on long before this.
     
  13. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,372
    First Name:
    Karen
    I would remove the following and any other registry cleaners as they often cause more harm than good.

    RegCure 1.5.0.0
    Registry Clean Expert



    Please visit Combofix Guide & Instructions for instructions for downloading and running ComboFix:

    Post the log from ComboFix when you've accomplished that along with a new HijackThis log.

    Important notes regarding ComboFix:

    ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

    Combofix also prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished.
     
  14. archp2007

    archp2007 Thread Starter

    Joined:
    Oct 30, 2007
    Messages:
    107
    Hi again,

    I ran combofix just a day before I started this thread but will repeat now. Does it cause a batch file to run a del index.dat upon shutdown? I have had that happening ever since.
     
  15. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,372
    First Name:
    Karen
    I'm not sure what would be running that batch but please remove the version of ComboFix you have and download the latest version then run the scan and post the log.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/701214

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice