[CompCav]

Quote

Can we scan these folders?

Sure give me a list of them.

Quote

I also have issues with my admin user account always logging into a TEMP profile.. and odd consequences after making a new profile.. userinit configuring changes after logging back into my profile after it had already been established.. for several days.

These are Operating system issues and I will refer you to our forum for Windows 7 after we are sure you are clean!

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on:

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
  
• When prompted allow Add-On/Active X to install.
  
• Make sure that the option Scan archives is checked.
  
• Now click on Advanced Settings and select the following:
  
  • Scan for potentially unwanted applications
    
  • Scan for potentially unsafe applications
    
  • Enable Anti-Stealth Technology
  
  
• Now click on:
  
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  
• When completed the Online Scan will begin automatically. The scan may take several hours.
  
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  
• When completed select Uninstall application on close, make sure you copy the logfile first!
  
• Now click on:
  
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  
• Copy and paste that log as a reply to this topic.

[SweetHeart161]

I do not want to go online until my issue is resolved...

[CompCav]

Have you gone online to update windows?

[SweetHeart161]

8/21/2009, 7:22:52 PM

Memory scanning started...

No virus body found in memory.

Memory scanning finished (4.0s).

----------

Files scanning started...

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log... file could not be scanned!

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb... file could not be scanned!

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb... file could not be scanned!

C:\ProgramData\Norton\00000082\0000011a\00000585\cltLMS1.dat... file could not be scanned!

C:\ProgramData\Norton\00000082\0000011a\00000585\cltLMS2.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\CmnClnt\EMPxyOpt.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\CmnClnt\SBSDKEng.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\CmnClnt\ccGEvt\Global\LM2.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\CmnClnt\ccGLog\ccGenericLog.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\CmnClnt\ccJobMgr\JobMgr.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\CmnClnt\ccSetMgr\4f1a397b-7e5a-4df8-b1e1-3d725429a42c.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\CmnClnt\ccSetMgr\Volatile.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Connections\connectn.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\diStRptr\diStRptr.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Framework\O2Reg.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Framework\oxygen.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Logs\bash.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Logs\ClientIDS.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Logs\SMode.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Logs\SymNetDrv.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\NCO\IDD2.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\NPC\InstOpts.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\NPC\Settings.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\NPC\Support.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Product\asDynam.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Product\CAVDNode.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Product\cltDynam.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Product\Layout.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Product\OEM.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Product\ProdExcl.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Product\Sampler.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Product\set-priv.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Product\User.dat... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\QBackup\index.qbs... file could not be scanned!

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\SRTSP\SrtspSet.dat... file could not be scanned!

C:\System Volume Information\Syscache.hve... file could not be scanned!

C:\System Volume Information\Syscache.hve.LOG1... file could not be scanned!

C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}... file could not be scanned!

C:\System Volume Information\{4f87dd23-8e19-11de-8587-e89a8f852c61}{3808876b-c176-4e48-b7ae-04046e6cc752}... file could not be scanned!

C:\System Volume Information\{c72a0424-8e68-11de-bfb0-e89a8f852c61}{3808876b-c176-4e48-b7ae-04046e6cc752}... file could not be scanned!

C:\Users\))(())(())(())(())((\ntuser.dat.LOG1... file could not be scanned!

C:\Users\))(())(())(())(())((\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1... file could not be scanned!

C:\Users\))())())(()(()((\ntuser.dat.LOG1... file could not be scanned!

C:\Users\))())())(()(()((\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1... file could not be scanned!

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1... file could not be scanned!

C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat... file could not be scanned!

C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat... file could not be scanned!

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1... file could not be scanned!

C:\Windows\System32\catroot2\edb.log... file could not be scanned!

C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb... file could not be scanned!

C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb... file could not be scanned!

C:\Windows\System32\config\DEFAULT.LOG1... file could not be scanned!

C:\Windows\System32\config\SAM.LOG1... file could not be scanned!

C:\Windows\System32\config\SECURITY.LOG1... file could not be scanned!

C:\Windows\System32\config\SOFTWARE.LOG1... file could not be scanned!

C:\Windows\System32\config\SYSTEM.LOG1... file could not be scanned!

C:\Windows\System32\config\RegBack\DEFAULT... file could not be scanned!

C:\Windows\System32\config\RegBack\SAM... file could not be scanned!

C:\Windows\System32\config\RegBack\SECURITY... file could not be scanned!

C:\Windows\System32\config\RegBack\SOFTWARE... file could not be scanned!

C:\Windows\System32\config\RegBack\SYSTEM... file could not be scanned!

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\phr_s3_2.bik... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\phr_s3_3.bik... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\phr_s4_2.bik... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\phr_s5_1.bik... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\phr_s5_3.bik... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\phr_t2_2.bik... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\phr_t4_1.bik... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\phr_t4_2.bik... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\phr_th_2.bik... file could not be scanned!

F:\usb\TempPrograms\SteamApps\downloading\3700\Sounds\Music\suspens1.bik... file could not be scanned!

G:\Drive F\1.programs usb\CCE\Data\CCE\Logs\CCE_20090821_200130.tmp... file could not be scanned!

[CompCav]

I have consulted with some of our resident experts and we recommend you set a normal user name without special characters as admin and see if some of the issues you are noticing are eliminated.

Regards,

CompCav

[SweetHeart161]

I have a normal account already, and a separate admin account or are you saying convert my user account to admin and see if it changes?

[CompCav]

At this point there is no evidence of malware in the logs you have shared with me.

You may want to deal with the OS issues in our Windows 7 forum here.


regards,

CompCav

[SweetHeart161]

Can I come back after I connect to the internet and go from there??

[CompCav]

What have you not completed?

[SweetHeart161]

You said u would help me with the matter of not having usb drives names? Scanning the unable to scan folders..

[CompCav]

That assumed all of the steps I had given you were completed and appropriate steps that required updating online were done. Your machine needs to be updated before trying corrections that may be fixed simply by installing the updates.

[SweetHeart161]

If I had commercial spyware on my pc..? How would I find it?

[CompCav]

By following the all the steps completely that I have been giving you since my first post in response to your request for help.

[SweetHeart161]

You don't use combofix? What is MTL.exe?

[SweetHeart161]

Well the thing is it everything seemed o.k until I connected to the Internet.. so give me a few hours let me reformat and connect to the internet and see how things are... from there..? Is that cool..?
I really appreciate all the help.. Thank you..!