Solve : question about quarantined files/programs?

1.	Solve : question about quarantined files/programs?
Answer» Quote from: evilfantasy on January 22, 2009, 06:51:24 PM thanks. will reply tomorrow!Okay... bringing you up to date. I followed the prior steps and found disabled everything including teatimer. only question.. i disabled AviraAntivirus, teatimer S&D, and diabled my firewall. Malewarebytes and SuperAntispy had no options to disable realtime etc.. Well SAspy did but since i have the free version it dosent allow me to enable it for realtime... So thats all i could find to disable while running ComboFix. Also my internet connection dropped during the ComboFix run and it prompted me to reconnect. I did so and it completed. Just throwing that out there. below are my logs from ComboFix. ComboFix 09-01-21.04 - Gary Hamlett 2009-01-23 8:52:30.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.588 [GMT -5:00] Running from: c:\documents and settings\Gary Hamlett\Desktop\ComboFix.exe AV: Avira AntiVir PersonalEdition On-access scanning disabled (Updated) * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-12-23 to 2009-01-23 ))))))))))))))))))))))))))))))) . 2009-01-22 09:01 . 2009-01-22 09:03d--------c:\program files\Trend Micro 2009-01-21 23:38 . 2009-01-21 23:38d--------c:\program files\Malwarebytes' Anti-Malware 2009-01-21 23:38 . 2009-01-21 23:38d--------c:\documents and settings\Gary Hamlett\Application Data\Malwarebytes 2009-01-21 23:38 . 2009-01-21 23:38d--------c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-21 23:38 . 2009-01-14 16:1138,496--a------c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-21 23:38 . 2009-01-14 16:1115,504--a------c:\windows\system32\drivers\mbam.sys 2009-01-21 17:51 . 2009-01-21 17:51d--------c:\program files\SUPERAntiSpyware 2009-01-21 17:51 . 2009-01-21 17:51d--------c:\documents and settings\Gary Hamlett\Application Data\SUPERAntiSpyware.com 2009-01-21 17:51 . 2009-01-21 17:51d--------c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2009-01-21 17:50 . 2009-01-21 17:50d--------c:\program files\Common Files\Wise Installation Wizard 2009-01-21 17:30 . 2009-01-21 17:30d--------c:\program files\CCleaner 2009-01-21 16:44 . 2009-01-21 16:44d--------c:\program files\Avira 2009-01-21 16:44 . 2009-01-21 16:44d--------c:\documents and settings\All Users\Application Data\Avira 2009-01-19 13:01 . 2009-01-19 13:00410,984--a------c:\windows\system32\deploytk.dll 2009-01-18 22:49 . 2009-01-22 10:45d--------c:\documents and settings\Gary Hamlett\Application Data\HPAppData 2009-01-13 20:00 . 2009-01-13 20:00d--------c:\documents and settings\Gary Hamlett\Application Data\HP 2009-01-10 21:20 . 2009-01-10 21:20d--------c:\documents and settings\All Users\Application Data\HP Product Assistant 2009-01-10 21:19 . 2009-01-10 21:19d--------c:\program files\Hewlett-Packard 2009-01-10 21:19 . 2009-01-10 21:19d--------c:\program files\Common Files\HP 2009-01-10 21:19 . 2009-01-10 21:19d--------c:\program files\Common Files\Hewlett-Packard 2009-01-10 21:19 . 2009-01-10 21:20d--------c:\documents and settings\All Users\Application Data\HP 2009-01-10 21:18 . 2009-01-10 21:18d--------c:\windows\yellowtail 2009-01-10 21:18 . 2009-01-10 21:18d----c---c:\windows\system32\DRVSTORE 2009-01-10 21:18 . 2007-11-06 21:041,373,528-ra------c:\windows\hpzshl01.exe 2009-01-10 21:18 . 2007-11-06 21:151,140,056-ra------c:\windows\hpzmsi01.exe 2009-01-10 21:18 . 2008-01-07 09:1010,563-ra------c:\windows\hpwscr19.dat 2009-01-10 21:17 . 2009-01-10 21:20d--------c:\program files\HP 2009-01-10 21:17 . 2008-04-13 14:4725,856--a------c:\windows\system32\drivers\usbprint.sys 2009-01-10 21:17 . 2008-04-13 14:4725,856--a------c:\windows\system32\dllcache\usbprint.sys 2009-01-10 21:14 . 2009-01-10 21:54176,379--a------c:\windows\hpwins19.dat 2009-01-10 21:14 . 2008-01-07 09:08997-ra------c:\windows\hpwmdl19.dat 2009-01-01 00:27 . 2007-10-17 15:351,299,520--a------c:\windows\system32\drivers\WMP110.sys 2009-01-01 00:27 . 2007-10-29 23:34405,583--a------c:\windows\system32\jswscsup.dll 2009-01-01 00:27 . 2003-10-13 00:3094,208--a------c:\windows\system32\GTW32N50.dll 2009-01-01 00:27 . 2007-08-28 21:4657,344--a------c:\windows\system32\jswscimd.sys 2009-01-01 00:27 . 2007-08-28 21:4657,344--a------c:\windows\system32\drivers\jswscimd.sys 2009-01-01 00:27 . 2003-09-25 08:2831,930--a------c:\windows\system32\GTNDIS3.VXD 2009-01-01 00:27 . 2007-09-21 12:0927,298--a------c:\windows\system32\jswscimdp.cat 2009-01-01 00:27 . 2007-09-21 12:0926,869--a------c:\windows\system32\jswscimd.cat 2009-01-01 00:27 . 2009-01-01 00:2721,035--a------c:\windows\system32\drivers\AegisP.sys 2009-01-01 00:27 . 2003-09-25 07:1515,872--a------c:\windows\system32\GTNDIS5.sys 2009-01-01 00:27 . 2007-08-28 21:455,529--a------c:\windows\system32\jswscimdp.inf 2009-01-01 00:27 . 2007-08-28 21:452,231--a------c:\windows\system32\jswscimd.inf 2009-01-01 00:26 . 2009-01-01 00:26d--------c:\program files\Linksys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-23 13:12---------d-----wc:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-21 21:32---------d-----wc:\program files\Dell 2009-01-21 21:29---------d-----wc:\documents and settings\All Users\Application Data\Viewpoint 2009-01-21 21:03---------d-----wc:\documents and settings\All Users\Application Data\McAfee.com 2009-01-21 19:41---------d-----wc:\documents and settings\All Users\Application Data\Kodak 2009-01-19 18:00---------d-----wc:\program files\Java 2009-01-19 17:30---------d-----wc:\program files\Yahoo! 2009-01-19 17:28---------d-----wc:\program files\Kodak 2009-01-19 17:25---------d-----wc:\program files\Common Files\Corel 2009-01-19 17:12---------d-----wc:\program files\AdvancedEnhancer 2009-01-01 05:26---------d--h--wc:\program files\InstallShield Installation Information 2009-01-01 04:30---------d-----wc:\program files\Common Files\Adobe 2008-12-14 08:08---------d-----wc:\program files\Spybot - Search & Destroy 2008-12-13 06:403,593,216----a-wc:\windows\system32\dllcache\mshtml.dll 2008-12-11 10:57333,952----a-wc:\windows\system32\drivers\srv.sys 2008-12-11 10:57333,952------wc:\windows\system32\dllcache\srv.sys 2008-12-01 15:244,184--sha-wc:\windows\system32\KGyGaAvL.sys 2008-10-24 11:21455,296------wc:\windows\system32\dllcache\mrxsmb.sys 2008-10-23 12:36286,720----a-wc:\windows\system32\gdi32.dll 2008-10-23 12:36286,720------wc:\windows\system32\dllcache\gdi32.dll 2006-11-09 20:45251----a-wc:\program files\wt3d.ini 2008-08-30 11:3388--SH--rc:\windows\system32\F35501B0EF.sys 2008-08-31 01:1632,768--sha-wc:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008083020080831\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232] "Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-06-07 4670968] "MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-02-01 8699904] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920] "NapsterShell"="c:\program files\Napster\napster.exe" [2008-05-09 323216] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-12-06 282624] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-19 136600] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "WMP110"="c:\program files\Linksys\WMP110\WMP110.exe" [2008-02-27 962560] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896] "MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 1121280] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 c:\windows\stsystra.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-02-01 8699904] c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecuteREG_MULTI_SZ autocheck autochk \0sprecovr \SystemRoot\sprecovr.txt [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"= R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024] R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [2009-01-01 57344] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408] R3 WMP110;Linksys WMP110 RangePlus Wireless PCI Adapter Service;c:\windows\system32\drivers\WMP110.sys [2009-01-01 1299520] R4 GTWPSService;GTWPSSRV;c:\program files\Linksys\WMP110\gtwpssrv.exe [2009-01-01 34816] R4 WLSng Service;WLSng Service;c:\program files\Linksys\WMP110\WLSngS.exe [2009-01-01 233472] S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Linksys\WMP110\jswpsapi.exe [2009-01-01 352338] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmtREG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}] \Shell\AutoRun\command - E:\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6e3929e-40ed-11dc-8707-001372233781}] \Shell\AutoRun\command - e:\jdsecure\Windows\JDSecure20.exe . . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uStart Page = hxxp://www.wildblue.net mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/http://www.yahoo.com IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm Trusted Zone: partypoker.com\www Trusted Zone: musicmatch.com\online FF - ProfilePath - c:\documents and settings\Gary Hamlett\Application Data\Mozilla\Firefox\Profiles\yd6w8dcv.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://www.wildblue.net/ FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npstrlnk.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\defaults\pref\wildblue.js - pref("network.proxy.type", 2); . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-23 08:53:56 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1024) c:\program files\SUPERAntiSpyware\SASWINLO.dll . Completion time: 2009-01-23 8:56:22 ComboFix-quarantined-files.txt 2009-01-23 13:56:10 Pre-Run: 217,746,849,792 bytes free Post-Run: 217,732,108,288 bytes free 186--- E O F ---2009-01-18 08:02:13 Go to Start > Run and type notepad.exe then click OK Copy and paste the below into Notepad and save as fixme.reg to Your Desktop Code: [Select]REGEDIT4 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}] Locate fixme.reg on your Desktop and double-click it. Answer Yes when prompted to merge with the Registry. Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it did not work. Delete the fixme.reg from the Desktop. ---------- How is the computer running now?Quote from: evilfantasy on January 23, 2009, 09:46:44 AM Go to Start > Run and type notepad.exe then click OK Copy and paste the below into Notepad and save as fixme.reg to Your Desktop Code: [Select]REGEDIT4 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}] Locate fixme.reg on your Desktop and double-click it. Answer Yes when prompted to merge with the Registry. Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it did not work. Delete the fixme.reg from the Desktop. ---------- How is the computer running now? okay. completed that. will see how everything is running from now on and keep you posted. thanks so far. hopefully this helpsMight as well do some cleanup steps now. Click START then RUN Now type Combofix /u in the runbox Make sure there's a space between Combofix and /u Then hit Enter. . . The above procedure will: Delete: ComboFix and its associated files and folders. VundoFix backups, if present The C:\Deckard folder, if present The C:_OtMoveIt folder, if present Reset the clock settings. Hide file extensions, if required. Hide System/Hidden files, if required. Set a new, clean Restore Point. . ---------- Use the Secunia Software Inspector to check for out of date software. Click Start Now Check the box next to Enable thorough system inspection. Click Start Allow the scan to finish and scroll down to see if any updates are needed. Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- Here are some great FREE tools to help you keep from getting infected again. These tools use little or no resources so won't slow down your PC. Concerned about Browser Security? Consider using Mozilla Firefox. With more than 15,000 improvements, Firefox 3 is faster, safer and smarter than EVER before. For Internet Explorer 7 users there is IE7Pro. IE7Pro is a must have add-on for Internet Explorer, which includes a lot of features and tweaks to make your IE friendlier, more useful, more secure** and customizable. To prevent unknown applications from being installed on your computer install WinPatrol 2008 * Using Winpatrol to protect your computer from malicious software I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.Quote from: evilfantasy on January 23, 2009, 03:49:14 PM Might as well do some cleanup steps now. Click START then RUN Now type Combofix /u in the runbox Make sure there's a space between Combofix and /u Then hit Enter. . . The above procedure will: Delete: ComboFix and its associated files and folders. VundoFix backups, if present The C:\Deckard folder, if present The C:_OtMoveIt folder, if present Reset the clock settings. Hide file extensions, if required. Hide System/Hidden files, if required. Set a new, clean Restore Point. . ---------- Use the Secunia Software Inspector to check for out of date software. Click Start Now Check the box next to Enable thorough system inspection. Click Start Allow the scan to finish and scroll down to see if any updates are needed. Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- Here are some great FREE tools to help you keep from getting infected again. These tools use little or no resources so won't slow down your PC. Concerned about Browser Security? Consider using Mozilla Firefox. With more than 15,000 improvements, Firefox 3 is faster, safer and smarter than ever before. For Internet Explorer 7 users there is IE7Pro. IE7Pro is a must have add-on for Internet Explorer, which includes a lot of features and tweaks to make your IE friendlier, more useful, more secure and customizable. To prevent unknown applications from being installed on your computer install WinPatrol 2008 * Using Winpatrol to protect your computer from malicious software I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth. okay. i will run these in the morning. Also any particular way i should have my malwarebyte, SuperAntivirusBlock, and ANTIVIRUS should be set up. I made the changes to preferences as suggested when i downloaded them. My antivirus is enabled as my firewall is too.. just wondering. Also how often should I run them all and how often should i update them. just looking for the correct actions to take once i'm back to normal.. thanks for all the help. edit* i overlooked you link to keeping safe while on internet...! checking it out now!I usually switch up running either SAS or MBAM. You shouldn't need to do anything to them, just run one or the other every few weeks. Okay i've run the Secunia scan on my system. it keeps bringing up updates that i need. for example Adobe 4x was detected and needs updating.. while i've updated to Adobe 8x and got a check beside that one it keeps SAYING i need to update the 4x. the same thing with Macromedia flash player.. here is a cut and past of the screen below [attachment deleted by admin]Do this to remove all unstable older versions of Flash. Download the Flash Player Uninstaller and save it to your desktop. Run the uninstaller program and then reboot your computer to complete the uninstall. Download and install the latest version of Flash PlayerQuote from: evilfantasy on January 27, 2009, 11:17:09 AM Do this to remove all unstable older versions of Flash. Download the Flash Player Uninstaller and save it to your desktop. Run the uninstaller program and then reboot your computer to complete the uninstall. Download and install the latest version of Flash Player I uninstalled and then downloaded the new version. the adobe flash player is updated but i still get issues with Macromedia flash player. I downloaded that new patch only to see its a adobe file... i dont understand it. see attachment for what i'm looking at. I guess I just dont understand the Secunia web site. Its doing the same thing with Adobe Reader. It keeps bringing up that I need newer versions. Versions that i have. Should I be uninstalling before I download new versions. Update. I removed Adobe Reader. Scanned Secunia and that program didnt come up with errors (or come up at all). Now i'm attempting to upload Adobe Reader again.Update 2 I fixed Adobe Reader. I also downloaded the Macromedia flash player patch and ran it from desktop. After rescanning with Secunia it still shows up as error seen in previous attachments. I cannot figure out how to uninstall it as it does not show up on my ADD/REMOVE tabs. Thoughts. >> [attachment deleted by admin]That is pointing to files in your i386 folder which is you Windows Installation Files. I wouldn't worry about it.Quote from: evilfantasy on January 28, 2009, 10:27:45 AM That is pointing to files in your i386 folder which is you Windows Installation Files. I wouldn't worry about it. okay. yeah i looked in the folders after not able to find it on add/remove in the control panel. everything else seems to be okay now. had issues with my java but i removed an old version (i think) and uploaded the new version again. so far so good. thanks for all of the help.

Answer»

Quote from: evilfantasy on January 22, 2009, 06:51:24 PM

thanks. will reply tomorrow!Okay... bringing you up to date. I followed the prior steps and found disabled everything including teatimer.

only question.. i disabled AviraAntivirus, teatimer S&D, and diabled my firewall. Malewarebytes and SuperAntispy had no options to disable realtime etc.. Well SAspy did but since i have the free version it dosent allow me to enable it for realtime... So thats all i could find to disable while running ComboFix. Also my internet connection dropped during the ComboFix run and it prompted me to reconnect. I did so and it completed. Just throwing that out there.

below are my logs from ComboFix. ComboFix 09-01-21.04 - Gary Hamlett 2009-01-23 8:52:30.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.588 [GMT -5:00]
Running from: c:\documents and settings\Gary Hamlett\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-12-23 to 2009-01-23 )))))))))))))))))))))))))))))))
.

2009-01-22 09:01 . 2009-01-22 09:03d--------c:\program files\Trend Micro
2009-01-21 23:38 . 2009-01-21 23:38d--------c:\program files\Malwarebytes' Anti-Malware
2009-01-21 23:38 . 2009-01-21 23:38d--------c:\documents and settings\Gary Hamlett\Application Data\Malwarebytes
2009-01-21 23:38 . 2009-01-21 23:38d--------c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-21 23:38 . 2009-01-14 16:1138,496--a------c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-21 23:38 . 2009-01-14 16:1115,504--a------c:\windows\system32\drivers\mbam.sys
2009-01-21 17:51 . 2009-01-21 17:51d--------c:\program files\SUPERAntiSpyware
2009-01-21 17:51 . 2009-01-21 17:51d--------c:\documents and settings\Gary Hamlett\Application Data\SUPERAntiSpyware.com
2009-01-21 17:51 . 2009-01-21 17:51d--------c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-01-21 17:50 . 2009-01-21 17:50d--------c:\program files\Common Files\Wise Installation Wizard
2009-01-21 17:30 . 2009-01-21 17:30d--------c:\program files\CCleaner
2009-01-21 16:44 . 2009-01-21 16:44d--------c:\program files\Avira
2009-01-21 16:44 . 2009-01-21 16:44d--------c:\documents and settings\All Users\Application Data\Avira
2009-01-19 13:01 . 2009-01-19 13:00410,984--a------c:\windows\system32\deploytk.dll
2009-01-18 22:49 . 2009-01-22 10:45d--------c:\documents and settings\Gary Hamlett\Application Data\HPAppData
2009-01-13 20:00 . 2009-01-13 20:00d--------c:\documents and settings\Gary Hamlett\Application Data\HP
2009-01-10 21:20 . 2009-01-10 21:20d--------c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-01-10 21:19 . 2009-01-10 21:19d--------c:\program files\Hewlett-Packard
2009-01-10 21:19 . 2009-01-10 21:19d--------c:\program files\Common Files\HP
2009-01-10 21:19 . 2009-01-10 21:19d--------c:\program files\Common Files\Hewlett-Packard
2009-01-10 21:19 . 2009-01-10 21:20d--------c:\documents and settings\All Users\Application Data\HP
2009-01-10 21:18 . 2009-01-10 21:18d--------c:\windows\yellowtail
2009-01-10 21:18 . 2009-01-10 21:18d----c---c:\windows\system32\DRVSTORE
2009-01-10 21:18 . 2007-11-06 21:041,373,528-ra------c:\windows\hpzshl01.exe
2009-01-10 21:18 . 2007-11-06 21:151,140,056-ra------c:\windows\hpzmsi01.exe
2009-01-10 21:18 . 2008-01-07 09:1010,563-ra------c:\windows\hpwscr19.dat
2009-01-10 21:17 . 2009-01-10 21:20d--------c:\program files\HP
2009-01-10 21:17 . 2008-04-13 14:4725,856--a------c:\windows\system32\drivers\usbprint.sys
2009-01-10 21:17 . 2008-04-13 14:4725,856--a------c:\windows\system32\dllcache\usbprint.sys
2009-01-10 21:14 . 2009-01-10 21:54176,379--a------c:\windows\hpwins19.dat
2009-01-10 21:14 . 2008-01-07 09:08997-ra------c:\windows\hpwmdl19.dat
2009-01-01 00:27 . 2007-10-17 15:351,299,520--a------c:\windows\system32\drivers\WMP110.sys
2009-01-01 00:27 . 2007-10-29 23:34405,583--a------c:\windows\system32\jswscsup.dll
2009-01-01 00:27 . 2003-10-13 00:3094,208--a------c:\windows\system32\GTW32N50.dll
2009-01-01 00:27 . 2007-08-28 21:4657,344--a------c:\windows\system32\jswscimd.sys
2009-01-01 00:27 . 2007-08-28 21:4657,344--a------c:\windows\system32\drivers\jswscimd.sys
2009-01-01 00:27 . 2003-09-25 08:2831,930--a------c:\windows\system32\GTNDIS3.VXD
2009-01-01 00:27 . 2007-09-21 12:0927,298--a------c:\windows\system32\jswscimdp.cat
2009-01-01 00:27 . 2007-09-21 12:0926,869--a------c:\windows\system32\jswscimd.cat
2009-01-01 00:27 . 2009-01-01 00:2721,035--a------c:\windows\system32\drivers\AegisP.sys
2009-01-01 00:27 . 2003-09-25 07:1515,872--a------c:\windows\system32\GTNDIS5.sys
2009-01-01 00:27 . 2007-08-28 21:455,529--a------c:\windows\system32\jswscimdp.inf
2009-01-01 00:27 . 2007-08-28 21:452,231--a------c:\windows\system32\jswscimd.inf
2009-01-01 00:26 . 2009-01-01 00:26d--------c:\program files\Linksys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-23 13:12---------d-----wc:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-21 21:32---------d-----wc:\program files\Dell
2009-01-21 21:29---------d-----wc:\documents and settings\All Users\Application Data\Viewpoint
2009-01-21 21:03---------d-----wc:\documents and settings\All Users\Application Data\McAfee.com
2009-01-21 19:41---------d-----wc:\documents and settings\All Users\Application Data\Kodak
2009-01-19 18:00---------d-----wc:\program files\Java
2009-01-19 17:30---------d-----wc:\program files\Yahoo!
2009-01-19 17:28---------d-----wc:\program files\Kodak
2009-01-19 17:25---------d-----wc:\program files\Common Files\Corel
2009-01-19 17:12---------d-----wc:\program files\AdvancedEnhancer
2009-01-01 05:26---------d--h--wc:\program files\InstallShield Installation Information
2009-01-01 04:30---------d-----wc:\program files\Common Files\Adobe
2008-12-14 08:08---------d-----wc:\program files\Spybot - Search & Destroy
2008-12-13 06:403,593,216----a-wc:\windows\system32\dllcache\mshtml.dll
2008-12-11 10:57333,952----a-wc:\windows\system32\drivers\srv.sys
2008-12-11 10:57333,952------wc:\windows\system32\dllcache\srv.sys
2008-12-01 15:244,184--sha-wc:\windows\system32\KGyGaAvL.sys
2008-10-24 11:21455,296------wc:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 12:36286,720----a-wc:\windows\system32\gdi32.dll
2008-10-23 12:36286,720------wc:\windows\system32\dllcache\gdi32.dll
2006-11-09 20:45251----a-wc:\program files\wt3d.ini
2008-08-30 11:3388--SH--rc:\windows\system32\F35501B0EF.sys
2008-08-31 01:1632,768--sha-wc:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008083020080831\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-06-07 4670968]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-02-01 8699904]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"NapsterShell"="c:\program files\Napster\napster.exe" [2008-05-09 323216]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-12-06 282624]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-19 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"WMP110"="c:\program files\Linksys\WMP110\WMP110.exe" [2008-02-27 962560]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 1121280]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 c:\windows\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-02-01 8699904]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecuteREG_MULTI_SZ autocheck autochk *\0sprecovr \SystemRoot\sprecovr.txt

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [2009-01-01 57344]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
R3 WMP110;Linksys WMP110 RangePlus Wireless PCI Adapter Service;c:\windows\system32\drivers\WMP110.sys [2009-01-01 1299520]
R4 GTWPSService;GTWPSSRV;c:\program files\Linksys\WMP110\gtwpssrv.exe [2009-01-01 34816]
R4 WLSng Service;WLSng Service;c:\program files\Linksys\WMP110\WLSngS.exe [2009-01-01 233472]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Linksys\WMP110\jswpsapi.exe [2009-01-01 352338]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmtREG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6e3929e-40ed-11dc-8707-001372233781}]
\Shell\AutoRun\command - e:\jdsecure\Windows\JDSecure20.exe
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://www.wildblue.net
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
Trusted Zone: partypoker.com\www
Trusted Zone: musicmatch.com\online
FF - ProfilePath - c:\documents and settings\Gary Hamlett\Application Data\Mozilla\Firefox\Profiles\yd6w8dcv.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.wildblue.net/
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npstrlnk.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\wildblue.js - pref("network.proxy.type", 2);
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-23 08:53:56
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1024)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-01-23 8:56:22
ComboFix-quarantined-files.txt 2009-01-23 13:56:10

Pre-Run: 217,746,849,792 bytes free
Post-Run: 217,732,108,288 bytes free

186--- E O F ---2009-01-18 08:02:13
Go to Start > Run and type notepad.exe then click OK

Copy and paste the below into Notepad and save as fixme.reg to Your Desktop

Code: [Select]REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
Locate fixme.reg on your Desktop and double-click it. Answer Yes when prompted to merge with the Registry.

Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it did not work.

Delete the fixme.reg from the Desktop.

----------

How is the computer running now?Quote from: evilfantasy on January 23, 2009, 09:46:44 AM

Go to Start > Run and type notepad.exe then click OK

Copy and paste the below into Notepad and save as fixme.reg to Your Desktop

Code: [Select]REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
Locate fixme.reg on your Desktop and double-click it. Answer Yes when prompted to merge with the Registry.

Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it did not work.

Delete the fixme.reg from the Desktop.

----------

How is the computer running now?

okay. completed that. will see how everything is running from now on and keep you posted. thanks so far. hopefully this helpsMight as well do some cleanup steps now.

Click START then RUN
Now type Combofix /u in the runbox
Make sure there's a space between Combofix and /u
Then hit Enter.

.
.
The above procedure will:

Delete:
ComboFix and its associated files and folders.
VundoFix backups, if present
The C:\Deckard folder, if present
The C:_OtMoveIt folder, if present

Reset the clock settings.
Hide file extensions, if required.
Hide System/Hidden files, if required.
Set a new, clean Restore Point.

.
----------

Use the Secunia Software Inspector to check for out of date software.

Click Start Now
Check the box next to Enable thorough system inspection.
Click Start
Allow the scan to finish and scroll down to see if any updates are needed.
Update anything listed.

.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

Here are some great FREE tools to help you keep from getting infected again. These tools use little or no resources so won't slow down your PC.

Concerned about Browser Security? Consider using Mozilla Firefox. With more than 15,000 improvements, Firefox 3 is faster, safer and smarter than EVER before.

For Internet Explorer 7 users there is IE7Pro. IE7Pro is a must have add-on for Internet Explorer, which includes a lot of features and tweaks to make your IE friendlier, more useful, more secure and customizable.

To prevent unknown applications from being installed on your computer install WinPatrol 2008
* Using Winpatrol to protect your computer from malicious software

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.Quote from: evilfantasy on January 23, 2009, 03:49:14 PM

Might as well do some cleanup steps now.

Click START then RUN
Now type Combofix /u in the runbox
Make sure there's a space between Combofix and /u
Then hit Enter.
.
.
The above procedure will:
Delete:
ComboFix and its associated files and folders.
VundoFix backups, if present
The C:\Deckard folder, if present
The C:_OtMoveIt folder, if present
Reset the clock settings.
Hide file extensions, if required.
Hide System/Hidden files, if required.
Set a new, clean Restore Point.
.
----------

Use the Secunia Software Inspector to check for out of date software.
Click Start Now
Check the box next to Enable thorough system inspection.
Click Start
Allow the scan to finish and scroll down to see if any updates are needed.
Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

Here are some great FREE tools to help you keep from getting infected again. These tools use little or no resources so won't slow down your PC.

Concerned about Browser Security? Consider using Mozilla Firefox. With more than 15,000 improvements, Firefox 3 is faster, safer and smarter than ever before.

For Internet Explorer 7 users there is IE7Pro. IE7Pro is a must have add-on for Internet Explorer, which includes a lot of features and tweaks to make your IE friendlier, more useful, more secure and customizable.

To prevent unknown applications from being installed on your computer install WinPatrol 2008
* Using Winpatrol to protect your computer from malicious software

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.

okay. i will run these in the morning. Also any particular way i should have my malwarebyte, SuperAntivirusBlock, and ANTIVIRUS should be set up. I made the changes to preferences as suggested when i downloaded them. My antivirus is enabled as my firewall is too.. just wondering. Also how often should I run them all and how often should i update them.

just looking for the correct actions to take once i'm back to normal.. thanks for all the help.
**edit*** i overlooked you link to keeping safe while on internet...! checking it out now!I usually switch up running either SAS or MBAM. You shouldn't need to do anything to them, just run one or the other every few weeks.

Okay i've run the Secunia scan on my system. it keeps bringing up updates that i need. for example Adobe 4x was detected and needs updating.. while i've updated to Adobe 8x and got a check beside that one it keeps SAYING i need to update the 4x. the same thing with Macromedia flash player.. here is a cut and past of the screen below

[attachment deleted by admin]Do this to remove all unstable older versions of Flash.

Download the Flash Player Uninstaller and save it to your desktop.

Run the uninstaller program and then reboot your computer to complete the uninstall.

Download and install the latest version of Flash PlayerQuote from: evilfantasy on January 27, 2009, 11:17:09 AM

Do this to remove all unstable older versions of Flash.

Download the Flash Player Uninstaller and save it to your desktop.

Run the uninstaller program and then reboot your computer to complete the uninstall.

Download and install the latest version of Flash Player

I uninstalled and then downloaded the new version. the adobe flash player is updated but i still get issues with Macromedia flash player. I downloaded that new patch only to see its a adobe file... i dont understand it. see attachment for what i'm looking at.

I guess I just dont understand the Secunia web site. Its doing the same thing with Adobe Reader. It keeps bringing up that I need newer versions. Versions that i have. Should I be uninstalling before I download new versions.

Update. I removed Adobe Reader. Scanned Secunia and that program didnt come up with errors (or come up at all). Now i'm attempting to upload Adobe Reader again.Update 2 I fixed Adobe Reader.

I also downloaded the Macromedia flash player patch and ran it from desktop. After rescanning with Secunia it still shows up as error seen in previous attachments. I cannot figure out how to uninstall it as it does not show up on my ADD/REMOVE tabs. Thoughts. >>

[attachment deleted by admin]That is pointing to files in your i386 folder which is you Windows Installation Files. I wouldn't worry about it.Quote from: evilfantasy on January 28, 2009, 10:27:45 AM

That is pointing to files in your i386 folder which is you Windows Installation Files. I wouldn't worry about it.

okay. yeah i looked in the folders after not able to find it on add/remove in the control panel. everything else seems to be okay now. had issues with my java but i removed an old version (i think) and uploaded the new version again. so far so good. thanks for all of the help.

Solve : question about quarantined files/programs?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment