Solved: Frequent Event System Errors

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

archp2007

Thread Starter
Joined
Oct 30, 2007
Messages
107
Hello,
I am getting frequent system related errors in my Event Viewer. Typically those are related to system crashes. Here are four for starters. It is almost impossible to avoid some crashes on a daily basis. I find the M$ help over my head. Where to start??? Thanks in advance for any suggestions.

Event Type: Error
Event Source: SMTPSVC
Event Category: None
Event ID: 116
Date: 4/5/2008
Time: 9:59:08 PM
User: N/A
Computer: HOME-D309DBCB8C
Description:
The service metabase path '/LM/SMTPSVC/' could not be opened. The data is the error code.
For additional information specific to this message please visit the Microsoft Online Support site located at: http://www.microsoft.com/contentredirect.asp.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 03

-------------------------------------------------------------------------------------------------
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 4/5/2008
Time: 8:26:15 PM
User: N/A
Computer: HOME-D309DBCB8C
Description:
The Simple Mail Transfer Protocol (SMTP) service terminated with the following error:
The system cannot find the path specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----------------------------------------------------------------------------------------------
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 4/5/2008
Time: 8:26:15 PM
User: N/A
Computer: HOME-D309DBCB8C
Description:
The World Wide Web Publishing service terminated with the following error:
The system cannot find the path specified.

-----------------------------------------------------------------------------------------------
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 4/5/2008
Time: 8:26:15 PM
User: N/A
Computer: HOME-D309DBCB8C
Description:
The ProtexisLicensing service failed to start due to the following error:
Access is denied.

For m
 
Joined
May 15, 2006
Messages
11,849
Hello,
I am getting frequent system related errors in my Event Viewer. Typically those are related to system crashes. Here are four for starters that happened within the past several hours generally while I was using Azureus and PeerGuardian2, but it is almost impossible to avoid some crashes with any software. I find the M$ help over my head. Where to start??? Thanks in advance for any suggestions.
Using and asking for help on P2P networking is against the rules here at TSG. Please read the TSG rules

Tech Support Guy Site Rules
http://www.techguy.org/rules.html
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
120,017
I see you edited your post to remove the reference to P2P but since I don't think these errors are necessarily specific to P2P, I'll leave this open.

Do you have IIS installed?
 

archp2007

Thread Starter
Joined
Oct 30, 2007
Messages
107
Thanks. Upon reading another similar post I uninstalled the IIS service and then reinstalled it thinking that the reinstall might help. There was a problem on the reinstall in that two or three encrypted files could not be written in an encrypted format so I had to choose the option to write as unencrypted in order to get the reinstall to finish. Meanwhile today I continue to have the same errors as well as problems loading Kaspersky drivers. Here are some of the other errors that I am getting:

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 4/5/2008
Time: 8:26:15 PM
User: N/A
Computer: HOME-D309DBCB8C
Description:
The FolderProtectService service failed to start due to the following error:
Access is denied.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 4/7/2008
Time: 2:37:16 AM
User: N/A
Computer: HOME-D309DBCB8C
Description:
The ProtexisLicensing service failed to start due to the following error:
Access is denied.

I don't know if any of these errors are repetitive or not. I wish the Microsoft recommendations were more useful.
 

archp2007

Thread Starter
Joined
Oct 30, 2007
Messages
107
I am wondering if the utility I am currently using known as Hide Folders XP has been found to cause problems. I earlier had to uninstall a similar security program (can't recall the exact name) by a differerent vendor because it caused similar problems. Luckily that time the offending driver was identified.
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
120,017
Let's take a look at what you have running on your system.

Click here to download HJTsetup.exe.
  • Save HJTsetup.exe to your desktop.
  • Double click on the HJTsetup.exe icon on your desktop.
  • By default it will install to C:\Program Files\Hijack This.
  • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
  • Put a check by Create a desktop icon then click Next again.
  • Continue to follow the rest of the prompts from there.
  • At the final dialogue box click Finish and it will launch Hijack This.
  • Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
  • Click Save to save the log file and then the log will open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.


Also, open HijackThis and click on "Config" and then on the "Misc Tools" button. If you're viewing HijackThis from the Main Menu then click on "Open the Misc Tools Section". Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here please.
 

archp2007

Thread Starter
Joined
Oct 30, 2007
Messages
107
Thank you very much for offering the help. Here is the log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:59 PM, on 4/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hide Folders XP 2\hfxp.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: (no name) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [Kaspersy Anti-Hacker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [hfxp] "C:\Program Files\Hide Folders XP 2\hfxp.exe" /s
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download linked FLV with GetFLV - C:\Program Files\GetFLV\iemenu\DownloadLinkFLV.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FolderProtectService - Unknown owner - C:\Program Files\Spotmau WinCares 2007\FolderProtectService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - Unknown owner - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 8782 bytes

I've got a ton of applications installed. I'm retired and that's about all I do!


2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acoustica CD/DVD Label Maker
Acronis*Disk Director Suite
Acronis*True*Image*Home
Active SMART
Active WebCam
Adobe Dreamweaver CS3
Adobe Reader 8.1.2
Adobe Shockwave Player
Aliant Internet Help & Support
Allok Video to FLV Converter 4.7.1202
Amadis Video Converter Suite V3.5.3
Apex Video Converter Super 6.39
Apple Mobile Device Support
ArcSoft PhotoImpression 4
ASUSUpdate
AusLogics BoostSpeed
AusLogics Disk Defrag
AusLogics Emergency Recovery
AusLogics Visual Styler
Automatic Windows Internet Washer
Azureus Vuze
Beyond TV DVD Burning Foundation
Brain Trainer
Camera Driver
Camtasia Studio 5
Canon MP Navigator 3.0
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PhotoPrint EX
CCleaner (remove only)
CD-LabelPrint
Chinese Traditional Fonts Support For Adobe Reader 8
Dcads Games Collection
Direct Show Ogg Vorbis Filter (remove only)
DivX Content Uploader
DivX Web Player
DriverGuide DriverScan
DriverGuide Toolkit
DSL Speed V3.6
Easy CD and DVD Cover Creator 4.0
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 3.2.0623
FlvRecorder
Futuremark Measurement Services Client
Game Elements SGE2910BD/37 Wireless PC Control Pad
GenuTax
GetFLV Pro 4.0
Google Earth Pro
Google SketchUp 6
Google SketchUp 6
GTA San Andreas
Hallmark Card Studio 2008 Deluxe
Hide Folders XP 2.9.2 for Windows XP/Vista
HijackThis 2.0.2
HotDog Professional 7
HotDog Professional 7
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Ipswitch WS_FTP Professional 2007
iTunes
Joost (tm) Beta 1.0.3
Kaspersky Anti-Hacker
Kaspersky Anti-Virus 7.0
Kaspersky Anti-Virus 7.0
KeepV Flash Converter
K-Lite Codec Pack 3.7.0 Full
Launchy 1.0
Lion King
LiveUpdate 3.2 (Symantec Corporation)
Logitech Desktop Messenger
Logitech ImageStudio
MagicDisc 2.6.85
MARS MR97310 VGA
Mavis Beacon Teaches Typing Deluxe 17
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel 2007
Microsoft Office Outlook 2007
Microsoft Office Outlook 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Silverlight
Microsoft Web Publishing Wizard 1.52
Mozilla Firefox (2.0.0.12)
NewsLeecher v3.8 Final
NHL® 08
NVIDIA Drivers
ODF Add-in for Microsoft Word
OfficeRecovery
OpenOffice.org 2.3
PE Builder 3.1.10a
PowerQuest PartitionMagic 8.0
PrintFolder 1.3
Privacy Eraser Pro
Pro Evolution Soccer 6
QuickTax 2007
QuickTime
RapidTyping 1.2.0.4
RealArcade
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
RegCure 1.5.0.0
Registry Clean Expert
Replay Media Catcher
Riva FLV Encoder 2.0
Roxio Drag-to-Disc
Sandboxie 3.24
ScanSoft OmniPage 16
SCRABBLE® Interactive 2007 EDITION Uninstall
Sea War The Battles 2
Security Update for Outlook 2007 (KB946983)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939373)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB942830)
Security Update for Windows XP (KB942831)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
Shareaza
Shockwave
SMPlayer 0.5.62
SopCast 2.0.4
SoundMAX
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
System Requirements Lab
Ten Thumbs 4.7
The Panorama Factory V4 m32 Edition
The Print Shop 20
Tiger Woods PGA TOUR 08
Total Uninstall 4.6.2
Tracks Eraser Pro v7.0
TV Software 1.5.0
TVAnts 1.0
TypingMaster Pro
Ulead iPhoto Plus 4.0
Update for Outlook 2007 Junk Email Filter (kb947945)
Update for Windows XP (KB894391)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946501-v2)
User Profile Hive Cleanup Service
Visual Studio 2005 Redist Package
vTuner Plus
WatchTV++ 1.2 EN
Webshots Desktop
Webshots!
Wheel Of Fortune
Wheel of Fortune Deluxe (remove only)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Presentation Foundation
Windows Vista Upgrade Advisor
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinPcap 4.0
WinRAR archiver
XnView 1.93.4
XviD MPEG-4 Codec
Yahoo! Toolbar
Your Uninstaller! 2008 Version 6.0
ZimCore 1.1.1


Thanks again!
 

archp2007

Thread Starter
Joined
Oct 30, 2007
Messages
107
Hello again. My Kaspersky found a virus overnight that it was unable to remove - something called Heur.invader. I tried to do a straight system restore but all the restore points were gone!! I decided to do a system state restore froom a backup done with M$ guided registry backup. This worked but Kaspessky is still driving me nuts with warnings that everything (programs, drivers, etc.) having been changed and suspicious activity, and not letting me uninstall certain programs. I had to turn off proactive defense within Kaspersky to be able to use the computer. I tried to uninstall Kaspersky but it won't let me do that either. I do have a complete disk image on a second drive from a week ago, but I'm hesitant to try restoring that because I do have some work to do and my computer is still usable.
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
120,017
Can you post the last Kaspersky log please?

Also, since doing the backup restore, please post a new uninstall list.
 

archp2007

Thread Starter
Joined
Oct 30, 2007
Messages
107
Thank you for your patience. Sorry for the pages and pages of repeated lines that I had to delete because the report was too long. Avast virus report to follow.

4/9/2008 2:59:07 AM Process C:\Program Files\Internet Explorer\iexplore.exe (PID: 0): attempt to perform suspicious actions was blocked.
4/9/2008 3:02:32 AM Process C:\WINDOWS\system32\dwwin.exe (PID: 0): attempt to perform suspicious actions was blocked.
4/9/2008 3:02:32 AM Process (PID 2988) tried to access Kaspersky Anti-Virus process (PID 888), but the action has been blocked by the Self-Defense component. No action on your part is required.
4/9/2008 6:56:40 AM Process C:\Program Files\Internet Explorer\iexplore.exe (PID: 2172): attempt to load new or modified module was blocked.
4/9/2008 6:56:40 AM Process C:\Program Files\Internet Explorer\iexplore.exe (PID: 2172): attempt to load new or modified module was blocked.
4/9/2008 6:56:40 AM Process C:\Program Files\Internet Explorer\iexplore.exe (PID: 2172): attempt to load new or modified module was blocked.
4/9/2008 6:56:46 AM Some protection components are disabled. You are advised to enable them.
4/9/2008 7:38:19 AM Protection of your computer is not running. You are advised to resume protection.


Reports
-------
Component Status Start Finish Size
--------- ------ ----- ------ ----
Mail Anti-Virus running 4/9/2008 9:58:44 AM 0 bytes
File Anti-Virus disabled 4/9/2008 9:58:44 AM 4/9/2008 11:23:26 AM 0 bytes
Web Anti-Virus running 4/9/2008 9:58:44 AM 0 bytes


Quarantine
----------
Status Object Size Added
------ ------ ---- -----


Backup
------
Status Object Size
------ ------ ----
Infected: virus EICAR-Test-File C:\DOCUME~1\ARCHPA~1\LOCALS~1\Temp\Av-test.txt 72 bytes
------------------------------------------------------------------------------------------------------

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acoustica CD/DVD Label Maker
Acronis*Disk Director Suite
Acronis*True*Image*Home
Active SMART
Active WebCam
Adobe Dreamweaver CS3
Adobe Reader 8.1.2
Adobe Shockwave Player
Aliant Internet Help & Support
Allok Video to FLV Converter 4.7.1202
Amadis Video Converter Suite V3.5.3
Apex Video Converter Super 6.39
Apple Mobile Device Support
ArcSoft PhotoImpression 4
ASUSUpdate
AusLogics BoostSpeed
AusLogics Disk Defrag
AusLogics Emergency Recovery
AusLogics Visual Styler
Automatic Windows Internet Washer
Azureus Vuze
Beyond TV DVD Burning Foundation
Brain Trainer
Camera Driver
Camtasia Studio 5
Canon MP Navigator 3.0
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PhotoPrint EX
CCleaner (remove only)
CD-LabelPrint
Chinese Traditional Fonts Support For Adobe Reader 8
Dcads Games Collection
Direct Show Ogg Vorbis Filter (remove only)
DivX Content Uploader
DivX Web Player
DriverGuide DriverScan
DriverGuide Toolkit
DSL Speed V3.6
Easy CD and DVD Cover Creator 4.0
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 3.2.0623
FlvRecorder
Futuremark Measurement Services Client
Game Elements SGE2910BD/37 Wireless PC Control Pad
GenuTax
GetFLV Pro 4.0
Google Earth Pro
Google SketchUp 6
Google SketchUp 6
GTA San Andreas
Hallmark Card Studio 2008 Deluxe
Hide Folders XP 2.9.2 for Windows XP/Vista
HijackThis 2.0.2
HotDog Professional 7
HotDog Professional 7
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Ipswitch WS_FTP Professional 2007
iTunes
Joost (tm) Beta 1.0.3
Kaspersky Anti-Virus 7.0
Kaspersky Anti-Virus 7.0
KeepV Flash Converter
K-Lite Codec Pack 3.7.0 Full
Launchy 1.0
Lion King
LiveUpdate 3.2 (Symantec Corporation)
Logitech Desktop Messenger
Logitech ImageStudio
MagicDisc 2.6.85
MARS MR97310 VGA
Mavis Beacon Teaches Typing Deluxe 17
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel 2007
Microsoft Office Outlook 2007
Microsoft Office Outlook 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Silverlight
Microsoft Web Publishing Wizard 1.52
Mozilla Firefox (2.0.0.12)
NewsLeecher v3.8 Final
NHL® 08
NVIDIA Drivers
ODF Add-in for Microsoft Word
OfficeRecovery
OpenOffice.org 2.3
PE Builder 3.1.10a
PowerQuest PartitionMagic 8.0
PrintFolder 1.3
Privacy Eraser Pro
Pro Evolution Soccer 6
QuickTax 2007
QuickTime
RapidTyping 1.2.0.4
RealArcade
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
RegCure 1.5.0.0
Registry Clean Expert
Replay Media Catcher
Riva FLV Encoder 2.0
Roxio Drag-to-Disc
Sandboxie 3.24
ScanSoft OmniPage 16
SCRABBLE® Interactive 2007 EDITION Uninstall
Sea War The Battles 2
Security Update for Outlook 2007 (KB946983)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939373)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942830)
Security Update for Windows XP (KB942831)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Shareaza
Shockwave
SMPlayer 0.5.62
SopCast 2.0.4
SoundMAX
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
System Requirements Lab
Ten Thumbs 4.7
The Panorama Factory V4 m32 Edition
The Print Shop 20
Tiger Woods PGA TOUR 08
Total Uninstall 4.6.2
Tracks Eraser Pro v7.0
TV Software 1.5.0
TVAnts 1.0
TypingMaster Pro
Ulead iPhoto Plus 4.0
Update for Outlook 2007 Junk Email Filter (kb947945)
Update for Windows XP (KB894391)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946501-v2)
User Profile Hive Cleanup Service
Visual Studio 2005 Redist Package
vTuner Plus
WatchTV++ 1.2 EN
Webshots Desktop
Webshots!
Wheel Of Fortune
Wheel of Fortune Deluxe (remove only)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Presentation Foundation
Windows Vista Upgrade Advisor
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinPcap 4.0
WinRAR archiver
XnView 1.93.4
XviD MPEG-4 Codec
Yahoo! Toolbar
Your Uninstaller! 2008 Version 6.0
ZimCore 1.1.1


I also have a report from Avast which I think deleted the virus and will append as soon as I reboot (on another active partition)
 

archp2007

Thread Starter
Joined
Oct 30, 2007
Messages
107
Sorry the Avast did not record any log. I don't know if that was because it was a boot scan (pre-boot) or because the Avast is a demo version. In any case I was given an option soon after the scanner started to scan the affected partition to take some action against the virus. I chose delete. It was unnecessary because I should and could have done a scan on the offending executable which I might have know was highly likely to have been infected before running it. Thanks again for your patience.
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
120,017
I would remove the following and any other registry cleaners as they often cause more harm than good.

RegCure 1.5.0.0
Registry Clean Expert



Please visit Combofix Guide & Instructions for instructions for downloading and running ComboFix:

Post the log from ComboFix when you've accomplished that along with a new HijackThis log.

Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

Combofix also prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished.
 

archp2007

Thread Starter
Joined
Oct 30, 2007
Messages
107
Hi again,

I ran combofix just a day before I started this thread but will repeat now. Does it cause a batch file to run a del index.dat upon shutdown? I have had that happening ever since.
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
120,017
I'm not sure what would be running that batch but please remove the version of ComboFix you have and download the latest version then run the scan and post the log.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top