Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot open antivirus or microsoft sites [Solved]


  • This topic is locked This topic is locked

#16
ridgback

ridgback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
I think my son has been on some dodgy sites looking at that log, someones in trouble when they get home.
  • 0

Advertisements


#17
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts

someones in trouble when they get home.

Oops.

Visiting some sites just invites nalware and can completely ruin a PC so I think that message needs to be got through to him.

Can you run aswMBR again and let me know how the computer is.

Thanks

Satchfan
  • 0

#18
ridgback

ridgback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Report from rerunof aswMBR

swMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-04 12:12:27
-----------------------------
12:12:27.900 OS Version: Windows 6.0.6000
12:12:27.900 Number of processors: 2 586 0xF0D
12:12:27.908 ComputerName: MARTIN-PC UserName:
12:12:29.843 Initialize success
12:12:40.962 The log file has been saved successfully to "C:\Users\Administration\Desktop\aswMBR.txt1.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-04 16:05:23
-----------------------------
16:05:23.523 OS Version: Windows 6.0.6000
16:05:23.523 Number of processors: 2 586 0xF0D
16:05:23.525 ComputerName: MARTIN-PC UserName:
16:05:28.191 Initialize success
16:05:35.763 AVAST engine defs: 12050301
16:05:45.021 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:05:45.023 Disk 0 Vendor: FUJITSU_MHZ2320BH_G2 00000009 Size: 305245MB BusType: 3
16:05:45.039 Disk 0 MBR read successfully
16:05:45.041 Disk 0 MBR scan
16:05:45.044 Disk 0 unknown MBR code
16:05:45.054 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
16:05:45.071 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 147548 MB offset 20973568
16:05:45.092 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 147455 MB offset 323151872
16:05:45.113 Disk 0 scanning sectors +625139712
16:05:45.187 Disk 0 scanning C:\Windows\system32\drivers
16:05:57.542 Service scanning
16:06:28.731 Modules scanning
16:06:56.632 Disk 0 trace - called modules:
16:06:57.012 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys
16:06:57.017 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8c06cad8]
16:06:57.022 3 ntoskrnl.exe[894a81bf] -> nt!IofCallDriver -> [0x8bfef870]
16:06:57.026 5 acpi.sys[8047532a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8c003bb0]
16:06:58.921 AVAST engine scan C:\Windows
16:07:06.492 AVAST engine scan C:\Windows\system32
16:10:48.674 AVAST engine scan C:\Windows\system32\drivers
16:11:24.636 AVAST engine scan C:\Users\Administration
16:23:52.783 AVAST engine scan C:\ProgramData
16:26:29.422 Scan finished successfully
16:26:52.527 Disk 0 MBR has been saved successfully to "C:\Users\Administration\Desktop\MBR.dat"
16:26:52.531 The log file has been saved successfully to "C:\Users\Administration\Desktop\aswMBR.txt1.txt"
  • 0

#19
ridgback

ridgback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hoping things are sorted, can open all the anti virus sites and microsoft as well. My boy has been advised accordingly, seems he's been doing what 16 year olds do and usually has deleted cookies so I have been in the dark.
  • 0

#20
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts

My boy has been advised accordingly, seems he's been doing what 16 year olds do

As you say, you can't blame him for doing things that come naturally to a 16 year old, but I hope he's now aware that there are baddies out there targetting these young men.

We'll get an online scan done to be sure all is now OK before cleaning up.


Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Hold down Control and click on the following link to open ESET OnlineScan in a new window.

ESET OnlineScan


1. Click the Eset online Scanner button.
2. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on esetinstaller.exe to download the ESET Smart Installer. Save it to your desktop.
• Double click on the Eset installer icon on your desktop.

3. Check Yes, I accept the Terms of Use
4. Click the Start button.
5. Accept any security warnings from your browser.
6. Check Scan archives
7. Push the Start button.
8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
9. When the scan completes, push List of found threats
10. Push Export to Text file and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Note - when ESET doesn't find any threats, no report will be created.
11. Push the back button.
12. Push Finish
If a log has been produced post it in your next reply.

=========================================

Run Security Check

Download Security Check by screen317 from here or here.
  • save it to your Desktop
  • double click SecurityCheck.exe and follow the onscreen instructions inside of the black box
  • a Notepad document should open automatically called checkup.txt; please post the contents of that document.
Satchfan
  • 0

#21
ridgback

ridgback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
ESETS Log

C:\Users\Martin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\1dd6a40c-61a87ba2 multiple threats deleted - quarantined
C:\Users\Martin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\1eff1eb1-1cb62492 probably a variant of Win32/Agent.DYXWUMY trojan deleted - quarantined
C:\_OTL\MovedFiles\05042012_101220\C_Program Files\Mozilla Firefox\plugins\NPMyWebS.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\_OTL\MovedFiles\05042012_101220\C_Users\Administration\0.9703573354489202.exe a variant of Win32/Kryptik.AEXL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\05042012_101220\C_Users\Administration\AppData\Local\ssmlxdsf\byexidcv.exe a variant of Win32/Kryptik.AEXL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\05042012_101220\C_Users\Administration\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\byexidcv.exe a variant of Win32/Kryptik.AEXL trojan cleaned by deleting - quarantined
  • 0

#22
ridgback

ridgback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Security Check log

Results of screen317's Security Check version 0.99.32
Windows Vista x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG 2012
AVG PC Tuneup
AVG 2012
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

AVG PC Tuneup
Java™ 6 Update 15
Java version out of date!
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSASCui.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgnsx.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
Windows Defender MSASCui.exe
``````````End of Log````````````
  • 0

#23
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
Hi Rich

Well done, your computer appears to be clean but with some vulnerabilities.

Now that you’re free from malware, as long as your computer seems to be running well, please follow these simple steps to tidy up you computer and decrease the likelihood of getting infected again:

Uninstall OTL

  • double-click OTL.exe
  • click the CleanUp! button.
  • select Yes when the Begin cleanup Process? prompt appears.
  • if you are prompted to reboot during the cleanup, select Yes.
  • the tool will delete itself once it finishes, if not delete it by yourself.
NOTE: If you receive a warning from your firewall or other security programs regarding OTL attempting to contact the internet, please allow it to do so.

===================================================

Create a Restore Point

  • click Start, right-click Computer, and then Properties.
  • in the left pane, click System protection. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  • click the System Protection tab, and then click Create.
  • in the System Protection dialog box, type a description, and then click Create.
Remove old restore points

  • click the Start button and in the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup.
  • if prompted, select the drive that you want to clean up, and then click OK.
  • in the Disk Cleanup for (drive letter) dialog box, click Clean up system files. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  • if prompted, select the drive that you want to clean up, and then click OK.
  • click the More Options tab, under System Restore and Shadow Copies, click Clean up.
  • in the Disk Cleanup dialog box, click Delete.
  • click Delete Files, and then click OK.
===================================================

Windows is out of date.

You are currently running Windows Vista without any support from Microsoft. The latest service pack is Service Pack 2 which you must have or your computer is severely vulnerable to infection. Download service pack 2 here and install it.


Then:

Go here to download Internet Explorer 9.

Then:

Set your computer to automatically check for Windows updates

Click here for information on how to obtain the latest Windows updates.

===================================================

Update installed programs

The version of Java you have is old and therefore vulnerable to infections.

  • from the Start menu, select Control Panel.
  • in Large or Small icon view, click Programs and Features. If you're using Category view, under "Programs", click Uninstall a program.
  • look for all versions of Java or Java Runtime Environment, and click Uninstall. Alternatively, right-click the program and select Uninstall.
Install Version 6 Update 31, from here

NEXT

Visit ADOBE and download the latest version of Acrobat Reader (version X)
Having the latest updates ensures there are no security vulnerabilities in your system.

===================================================

Registry cleaners

I see you have DriverCure and SpeedMaxPc installed. The use of registry cleaners is not recommended.. The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in causing more problems than it fixes.

One of the malware experts, miekiemoes, has an excellent writeup here
Another excellent article by Bill Castner is located here

===================================================

Update and run Malwarebytes. This really is an excellent program that you should update and run on a regular basis, probably weekly.

===================================================

I also recommend that you read the following:

How to prevent malware by miekiemoes


Finally, if your computer has no more problems and you are happy to close this, please let me know.

Safe computing

Satchfan
  • 0

#24
ridgback

ridgback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Will do as your last post says. Can I uninstall the Registry Cleaners or disable them? If so, how do I do it? Will let you know when I've installed all the updates.

Thank you so much for your help so far, you have been excellent.
  • 0

#25
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
Hi Rich

Thank you so much for your help so far

You're welcome

Apologies – they are not installed, just present on the computer.

You can just delete them from the following locations:

C:\Users\Administration\AppData\Roaming\DriverCure
C:\Users\Administration\AppData\Roaming\SpeedMaxPc
C:\Program Files\Common Files\SpeedMaxPc
C:\ProgramData\SpeedMaxPc
C:\Windows\tasks\SpeedMaxPc Update3.job


Let me know if you have any problems.
  • 0

Advertisements


#26
ridgback

ridgback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Just an update, couldn't download SP2 I need to do SP1 first. Downloaded it but then wouldn't install, used the troubleshooter and deleted down load history and now downloading SP1 to try again.
  • 0

#27
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
:thumbsup:
  • 0

#28
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP