InterviewSolution
Saved Bookmarks
InterviewSolution
This section includes InterviewSolutions, each offering curated multiple-choice questions to sharpen your knowledge and support exam preparation. Choose a topic below to get started.
| 4801. |
Solve : PLEASE HELP!!! Google redirect and no firewall? |
|
Answer» Quote I really appreciate your time and effort in helping me out.You're welcome. My pleasure. Ok. That sounds good. If there are no other issues, it's time for some clean-up. You can uninstall HJT but keep SAS and MBAM. Up-date them and run them on a regular basis. To uninstall ComboFix
Download OTC by OldTimer and save it to your desktop. 1. Double-click OTC to run it. 2. Click the CleanUp! button. 3. Select Yes when the "Begin cleanup Process?" prompt appears. 4. If you are prompted to Reboot during the cleanup, select Yes 5. OTC should delete itself once it finishes, if not delete it yourself. ============================================= Clean out your temporary internet files and temp files. Download TFC by OldTimer to your desktop. Double-click TFC.exe to run it. Note: If you are running on Vista, right-click on the file and choose Run As Administrator TFC will close all programs when run, so make sure you have saved all your work before you begin. * Click the Start button to begin the cleaning process. * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. * Please let TFC run uninterrupted until it is finished. Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning. ======================================= Use the Secunia Software Inspector to check for out of date software. •Click Start Now •Check the box next to Enable thorough system inspection. •Click Start •Allow the scan to finish and scroll down to see if any updates are needed. •Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- I suggest USING WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's EASY and it's free. SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ Check out Keeping Yourself Safe On The Web for tips and free tools to HELP keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing! |
|
| 4802. |
Solve : Trojan appears to have left, cleanup advice? |
|
Answer» Hello, |
|
| 4803. |
Solve : Computer turns itself off? |
|
Answer» Please help! Computer turned itself off unexpectedly and now turns itself off almost immediatly after I turn it on. What can I do?I think that you should GO to this link and TRY to eliminate all the PHYSICAL REASONS why it turns itself off. |
|
| 4804. |
Solve : Temporary internet files load to flash drive? |
|
Answer» This one has me stumped. Every time I plug in a flash drive, the windows temporary internet files folder COPIES itself to the flash drive (about a 30 second DELAY). I can delete the contents, but not the folder itself (I GET the message: "...cannot delete folder, folder in use..."). |
|
| 4805. |
Solve : windows security alert? |
|
Answer» I attempted both Jotti and also the other one but both of them said that the file was empty.Ok. Uninstall that program (Router) and then run the ESET SCAN.
(Note: Make sure there's a space between the WORD ComboFix and the forward-slash.)
Download OTC by OldTimer and save it to your desktop. 1. Double-click OTC to run it. 2. Click the CleanUp! button. 3. Select Yes when the "Begin cleanup Process?" prompt appears. 4. If you are prompted to Reboot during the cleanup, select Yes 5. OTC should delete itself once it finishes, if not delete it yourself. =================================== Clean out your temporary internet files and temp files. Download TFC by OldTimer to your desktop. Double-click TFC.exe to run it. Note: If you are running on Vista, right-click on the file and choose Run As Administrator TFC will close all programs when run, so make sure you have saved all your work before you begin. * Click the Start button to begin the CLEANING process. * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. * Please let TFC run uninterrupted until it is finished. Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning. ===================================== Use the Secunia Software Inspector to check for out of date software. •Click Start Now •Check the box next to Enable thorough system inspection. •Click Start •Allow the scan to finish and scroll down to see if any updates are needed. •Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your BROWSER. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing! |
|
| 4806. |
Solve : jotti log and link? |
|
Answer» 10-05-11 Found nothing |
|
| 4807. |
Solve : malware removal? |
|
Answer» c:\programdata\WildTangent\My HP Game Console\UI\htdocs2\Common\product\blockbreakerdeluxe\mini_50.gif R0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840] R4 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe S0 ssfs0bbc;ssfs0bbc;c:\windows\system32\DRIVERS\ssfs0bbc.sys [2009-11-06 29808] S2 LinksysUpdater;Linksys Updater;c:\program files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-04-18 204800] S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [2010-02-01 1201640] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-09 43040] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonationREG_MULTI_SZ FontCache [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 17:14451872----a-w-c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder 2009-11-22 c:\windows\Tasks\HPCeeScheduleForOwner.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-04-20 18:34] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-02 18:11 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(3640) c:\program files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\windows\system32\java.exe c:\program files\Webroot\WebrootSecurity\SpySweeper.exe c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe . ************************************************************************** . Completion time: 2010-05-02 18:22:31 - machine was rebooted ComboFix-quarantined-files.txt 2010-05-02 22:22 ComboFix2.txt 2010-04-28 06:40 ComboFix3.txt 2010-02-28 05:11 ComboFix4.txt 2010-02-01 23:31 Pre-Run: 206,644,531,200 bytes free Post-Run: 206,595,858,432 bytes free - - End Of File - - E1538117E6F3778038DE13C50F693CE9 and last but not least the rootrepeal log: ROOTREPEAL (c) AD, 2007-2009 ================================================== Scan Start Time:2010/05/02 21:06 Program Version:Version 1.3.5.0 Windows Version:Windows Vista SP2 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\Windows\System32\Drivers\dump_atapi.sys Address: 0x8FC35000Size: 32768File Visible: NoSigned: - Status: - Name: dump_dumpata.sys Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys Address: 0x8FC2A000Size: 45056File Visible: NoSigned: - Status: - Name: rootrepeal.sys Image Path: C:\Windows\system32\drivers\rootrepeal.sys Address: 0x9E913000Size: 49152File Visible: NoSigned: - Status: - Hidden/Locked Files ------------------- Path: C:\hiberfil.sys Status: Locked to the Windows API! Path: C:\System Volume Information\{08e78712-eb55-11de-a6b3-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{0e98d340-edc8-11de-a33b-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{605a68d4-e46c-11de-9cef-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{70f3ae11-5637-11df-b39f-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{79f9bf91-e501-11de-9f1f-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{81ee7fe6-5345-11df-8c8f-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{86d53806-1394-11df-b4b4-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{b05c7163-53be-11df-bcbe-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{c4cf39d4-52ea-11df-b41d-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{464a9292-e5f2-11de-a863-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{49015f01-e8fa-11de-9f35-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{d0a11795-534f-11df-8f9a-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{d0a11799-534f-11df-8f9a-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{d0a117a6-534f-11df-8f9a-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{fcd839fa-0f63-11df-a2e8-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{3f177910-e10e-11de-92eb-001f16e0ed5b}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: c:\programdata\pure networks\log\logfile.nmsrvc_exe.txt Status: Allocation size mismatch (API: 32768, Raw: 16384) Path: C:\Windows\System32\wbem\PRINTF~1.MOF Status: Locked to the Windows API! Path: C:\Windows\System32\XPSViewer\XPSVIE~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_abac38a907ee8801.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c0566bec5b24.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_54c11df268b7c6d9.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_516e2e610f48bda6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a620671dde41.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8dd7dea5d5a7a18a.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053e8c6967ba9d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddfc6cd11929a02.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_a6e4a7980e9b18a2.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.16767_none_48e0ac03ef0db56a\PORTAB~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.16767_none_48e0ac03ef0db56a\PORTAB~2.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.16767_none_48e0ac03ef0db56a\PORTAB~3.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.20941_none_4979e8d10820826f\PORTAB~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.20941_none_4979e8d10820826f\PORTAB~2.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.20941_none_4979e8d10820826f\PORTAB~3.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.18160_none_4abfe8a3ec3a94fa\PORTAB~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.18160_none_4abfe8a3ec3a94fa\PORTAB~2.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.18160_none_4abfe8a3ec3a94fa\PORTAB~3.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6000.16708_en-us_b9851a92245b1b73\TRACKI~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6000.20864_en-us_b9c9d6ad3dacfd87\TRACKI~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6001.18096_en-us_bb08077221cc7808\TRACKI~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6001.22208_en-us_bbf4f6033a9f4c2e\TRACKI~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_en-us_bd4ece0e1eaaafd1\TRACKI~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6000.16720_none_a54ef540d05f91fc\ASPNET~1.UNI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6000.20883_none_8e870be4ea01d6ef\ASPNET~1.UNI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6001.18111_none_a529d9f6d0b19e9d\ASPNET~1.UNI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6001.22230_none_8e5e4a92ea5717b0\ASPNET~1.UNI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6000.16720_none_04c87b54ba4ac535\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6000.20883_none_ee0091f8d3ed0a28\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6001.18111_none_04a3600aba9cd1d6\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6001.22230_none_edd7d0a6d4424ae9\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\APPCON~1.RES Status: Locked to the Windows API!Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\APPSET~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\CREATE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\DEBUGA~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\DEFINE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\EDITAP~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\MANAGE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\SMTPSE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\APPCON~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\APPSET~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\CREATE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\DEBUGA~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\DEFINE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\EDITAP~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\MANAGE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\SMTPSE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\APPCON~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\APPSET~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\CREATE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\DEBUGA~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\DEFINE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\EDITAP~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\MANAGE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\SMTPSE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\APPCON~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\APPSET~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\CREATE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\DEBUGA~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\DEFINE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\EDITAP~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\MANAGE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\SMTPSE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\CREATE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\DEFINE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\MANAGE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\CREATE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\DEFINE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\MANAGE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\CREATE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\DEFINE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\MANAGE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.22230_none_3804510a8394f0bd\CREATE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.22230_none_3804510a8394f0bd\DEFINE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.22230_none_3804510a8394f0bd\MANAGE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~2.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~3.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~4.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBB00~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-uninstallsqlstate_sql_b03f5f7f11d50a3a_6.0.6000.16720_none_a2f69a4627a6df36\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-uninstallsqlstate_sql_b03f5f7f11d50a3a_6.0.6000.20883_none_8c2eb0ea41492429\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-uninstallsqlstate_sql_b03f5f7f11d50a3a_6.0.6001.18111_none_a2d17efc27f8ebd7\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-uninstallsqlstate_sql_b03f5f7f11d50a3a_6.0.6001.22230_none_8c05ef98419e64ea\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-vbc_exe_config_b03f5f7f11d50a3a_6.0.6000.16720_none_32a2a55c0f70152b\VBCEXE~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-vbc_exe_config_b03f5f7f11d50a3a_6.0.6000.20883_none_1bdabc0029125a1e\VBCEXE~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-webhightrust_config_b03f5f7f11d50a3a_6.0.6000.16720_none_a05f40e791345747\WEB_HI~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-webhightrust_config_b03f5f7f11d50a3a_6.0.6000.20883_none_8997578baad69c3a\WEB_HI~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-webhightrust_config_b03f5f7f11d50a3a_6.0.6001.18111_none_a03a259d918663e8\WEB_HI~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-webhightrust_config_b03f5f7f11d50a3a_6.0.6001.22230_none_896e9639ab2bdcfb\WEB_HI~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.16386_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRoles.config Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wpf-winfxlist_31bf3856ad364e35_6.0.6001.18096_none_408185d4f04ca856\WINFXL~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~2.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~3.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~4.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBB00~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_defwsdlhlpgen_b03f5f7f11d50a3a_6.0.6000.16720_none_38b929534b68462d\DEFAUL~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_defwsdlhlpgen_b03f5f7f11d50a3a_6.0.6000.20883_none_21f13ff7650a8b20\DEFAUL~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_defwsdlhlpgen_b03f5f7f11d50a3a_6.0.6001.18111_none_38940e094bba52ce\DEFAUL~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_defwsdlhlpgen_b03f5f7f11d50a3a_6.0.6001.22230_none_21c87ea5655fcbe1\DEFAUL~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-vbc_exe_config_b03f5f7f11d50a3a_6.0.6001.22230_none_1bb1faae29679adf\VBCEXE~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.16720_none_e000b84a44323b9f\WEBADM~2.MAS Status: Locked to the Windows API!Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.16720_none_e000b84a44323b9f\WEBADM~3.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.16720_none_e000b84a44323b9f\WE5915~1.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.16720_none_e000b84a44323b9f\WEBE69~1.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.20883_none_c938ceee5dd48092\WEBADM~2.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.20883_none_c938ceee5dd48092\WEBADM~3.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.20883_none_c938ceee5dd48092\WE5915~1.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.20883_none_c938ceee5dd48092\WEBE69~1.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.18111_none_dfdb9d0044844840\WEBADM~2.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.18111_none_dfdb9d0044844840\WEBADM~3.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.18111_none_dfdb9d0044844840\WE5915~1.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.18111_none_dfdb9d0044844840\WEBE69~1.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.22230_none_c9100d9c5e29c153\WEBADM~2.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.22230_none_c9100d9c5e29c153\WEBADM~3.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.22230_none_c9100d9c5e29c153\WE5915~1.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.22230_none_c9100d9c5e29c153\WEBE69~1.MAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_code_b03f5f7f11d50a3a_6.0.6000.16720_none_7cdc4e91b93964e9\APPLIC~1.CS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_code_b03f5f7f11d50a3a_6.0.6000.20883_none_66146535d2dba9dc\APPLIC~1.CS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_code_b03f5f7f11d50a3a_6.0.6001.18111_none_7cb73347b98b718a\APPLIC~1.CS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_code_b03f5f7f11d50a3a_6.0.6001.22230_none_65eba3e3d330ea9d\APPLIC~1.CS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~2.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~3.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~4.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBB00~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~2.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~3.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~4.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBB00~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6000.16720_none_7c654fdc62654993\ASPNET~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6000.20883_none_659d66807c078e86\ASPNET~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6001.18111_none_7c40349262b75634\ASPNET~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6001.22230_none_6574a52e7c5ccf47\ASPNET~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6000.16720_none_48d018cce81ec9cb\INSTAL~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6000.16720_none_48d018cce81ec9cb\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6000.20883_none_32082f7101c10ebe\INSTAL~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6000.20883_none_32082f7101c10ebe\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6001.18111_none_48aafd82e870d66c\INSTAL~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6001.18111_none_48aafd82e870d66c\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6001.22230_none_31df6e1f02164f7f\INSTAL~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6001.22230_none_31df6e1f02164f7f\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_pg_persnlization_sql_b03f5f7f11d50a3a_6.0.6000.16720_none_b898612ecd927be5\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_pg_persnlization_sql_b03f5f7f11d50a3a_6.0.6000.20883_none_a1d077d2e734c0d8\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_pg_persnlization_sql_b03f5f7f11d50a3a_6.0.6001.18111_none_b87345e4cde48886\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_pg_persnlization_sql_b03f5f7f11d50a3a_6.0.6001.22230_none_a1a7b680e78a0199\UNINST~1.SQL Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallpersistsql_b03f5f7f11d50a3a_6.0.6000.16720_none_de8fef9cea4fec7Processes ------------------- Path: System PID: 4Status: Locked to the Windows API! Path: C:\Windows\System32\audiodg.exe PID: 1272Status: Locked to the Windows API! SSDT ------------------- #: 018Function Name: NtAllocateVirtualMemory Status: HOOKED by "" at address 0x853bdb70 #: 072Function Name: NtCreateProcess Status: Hooked by "" at address 0x853b3660 #: 073Function Name: NtCreateProcessEx Status: Hooked by "" at address 0x85d4b5a8 #: 078Function Name: NtCreateThread Status: Hooked by "" at address 0x853bde40 #: 255Function Name: NtQueueApcThread Status: Hooked by "" at address 0x853bdbe8 #: 261Function Name: NtReadVirtualMemory Status: Hooked by "" at address 0x853bda80 #: 289Function Name: NtSetContextThread Status: Hooked by "" at address 0x853bdcd8 #: 305Function Name: NtSetInformationProcess Status: Hooked by "" at address 0x853bdf30 #: 306Function Name: NtSetInformationThread Status: Hooked by "" at address 0x853bdd50 #: 330Function Name: NtSuspendProcess Status: Hooked by "" at address 0x853bdeb8 #: 331Function Name: NtSuspendThread Status: Hooked by "" at address 0x853bdc60 #: 334Function Name: NtTerminateProcess Status: Hooked by "" at address 0x853bdfa8 #: 335Function Name: NtTerminateThread Status: Hooked by "" at address 0x853bddc8 #: 358Function Name: NtWriteVirtualMemory Status: Hooked by "" at address 0x853bdaf8 #: 382Function Name: NtCreateThreadEx Status: Hooked by "" at address 0x853bd990 #: 383Function Name: NtCreateUserProcess Status: Hooked by "" at address 0x853bda08 Shadow SSDT ------------------- #: 317Function Name: NtUserAttachThreadInput Status: Hooked by "" at address 0x86c52c00 #: 397Function Name: NtUserGetAsyncKeyState Status: Hooked by "" at address 0x88a8bc90 #: 428Function Name: NtUserGetKeyboardState Status: Hooked by "" at address 0x88a8bd80 #: 430Function Name: NtUserGetKeyState Status: Hooked by "" at address 0x88a8bd08 #: 479Function Name: NtUserMessageCall Status: Hooked by "" at address 0x88ad19c8 #: 497Function Name: NtUserPostMessage Status: Hooked by "" at address 0x86c52cf0 #: 498Function Name: NtUserPostThreadMessage Status: Hooked by "" at address 0x86c52c78 #: 573Function Name: NtUserSetWindowsHookEx Status: Hooked by "" at address 0x88ad1ae8 #: 576Function Name: NtUserSetWinEventHook Status: Hooked by "" at address 0x86c52d68 ==EOF== thanks!!I'd like us to scan your machine with ESET OnlineScan •Hold down Control and click on the FOLLOWING link to open ESET OnlineScan in a new window. ESET OnlineScan •Click the button. •For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
•Click the button. •Accept any security warnings from your browser. •Check •Push the Start button. •ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. •When the scan completes, push •Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. •Push the button. •Push A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt sorry it's taken so long to get back with you. i haven't had a chance to work on this for her in a while. next time i get ahold of that laptop i'll get back with you! should be pretty soon. again, thanks for helping out!ok. finally got to it tonight... here is the log. C:\ProgramData\Spybot - Search & Destroy\Recovery\WinAgentwu.zipWin32/Bagle.gen.zip wormcleaned by deleting - quarantined C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\43120580-3e16d5d4a variant of Java/TrojanDownloader.Agent.NAN trojandeleted - quarantined C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\7adbb65d-63473818a variant of Java/TrojanDownloader.Agent.NAN trojandeleted - quarantined That looks goods. One more scan, please. Download Security Check by screen317 from one of the following links and save it to your desktop. Link 1 Link 2 * Unzip SecurityCheck.zip and a folder named Security Check should appear. * Open the Security Check folder and double-click Security Check.bat * Follow the on-screen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt * Post the contents of that document in your next reply. Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.Results of screen317's Security Check version 0.99.4 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 7 Out of date! `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! ESET Online Scanner v3 Norton Internet Security Webroot AntiVirus with Spy Sweeper WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 Java(TM) 6 Update 19 Java(TM) 6 Update 3 Java(TM) 6 Update 7 Out of date Java installed! Adobe Flash Player 10.0.45.2 Adobe Reader 9 Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSASCui.exe Spybot Teatimer.exe is disabled! ESET ESET Online Scanner OnlineCmdLineScanner.exe Windows Defender MSASCui.exe ```````````````````````````````` DNS Vulnerability Check: GREAT! (Not vulnerable to DNS cache poisoning) ``````````End of Log```````````` I am concerned that you're running two Anti-Virus programs on your computer; Norton Internet Security and Webroot AntiVirus with Spy Sweeper. If both of these are running AV programs then that is a no-no and one will have to be disabled or uninstalled. Update Your Java (JRE) Old versions of Java have vulnerabilities that malware can use to infect your system. First Verify your Java Version If there are any other version(s) installed then update now. Get the new version (if needed) If your version is out of date install the newest version of the Sun Java Runtime Environment. Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update. Be sure to close ALL open web browsers before starting the installation. Remove any old versions 1. Download JavaRa and unzip the file to your Desktop. 2. Open JavaRA.exe and choose Remove Older Versions 3. Once complete exit JavaRA. 4. Run CCleaner. Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer. ======================================== Download CCleaner Slim and save it to your Desktop - Alternate download link When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe Follow the prompts to install the program. * Double-click the CCleaner shortcut on the desktop to start the program. * Click on the Options block on the left, then choose Cookies. * Under Cookies to Delete, highlight any cookies you would like to retain permanently * Click the right arrow > to move them to the Cookies to Keep window. * Go into Options > Advanced uncheck Only delete files in Windows Temp folders older than 48 hours * Click Cleaner on the left then Run Cleaner on the right to run the program. * Important: Make sure that ALL browser windows are closed before selecting Run Cleaner Caution: Only use the Registry feature if you are very familiar with the registry. Always back up your registry before making any changes.[/I] Exit CCleaner after it has completed it's process. ========================================= Please download the newest version of Adobe Acrobat Reader from Adobe.com Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable. Go to the Control Panel and enter Add or Remove Programs. Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them. Once old versions are gone, please install the newest version. ======================================== Please let me know when this is all done. that's really weird... I know the webroot is actively running. But I can't find anything to do with norton on this computer... so I wonder why it's picking that up? I did a search for "norton" and it brought up no results.Ok. Thanks. Please run this tool and that should get rid of all traces of Norton. Download the Norton Removal Tool (SymNRT) to your desktop. Once downloaded please close ALL open browsers, also save any work because this may require a restart. * Go to your desktop and double click on the 'Norton_Removal_Tool' and then click Setup. * Once open Click Next * Accept the license agreement and click Next * Type in the letters/numbers that you see into the text box then click Next. * Then click Next and the tool will start running. * Once finished restart the PC. * Delete the 'Norton_Removal_Tool' from your desktop. Did you get all the other stuff finished. How's your computer running?ok. i used the norton removal tool, along with everything else you told me to do. here is the new log from the security check... Results of screen317's Security Check version 0.99.4 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! ESET Online Scanner v3 Webroot AntiVirus with Spy Sweeper WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 CCleaner Java(TM) 6 Update 20 Adobe Flash Player 10.0.45.2 Adobe Reader 9.3 ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSASCui.exe Spybot Teatimer.exe is disabled! Windows Defender MSASCui.exe ```````````````````````````````` DNS Vulnerability Check: GREAT! (Not vulnerable to DNS cache poisoning) ``````````End of Log```````````` Everything seems to be running fine as far as I can tell... Well, that all looks good. It's time for some clean-up. * Click START then RUN - Vista users press the Windows Key and the R keys for the Run box. * Now type commy /uninstall in the runbox * Make sure there's a space between commy and /Uninstall * Then hit Enter * The above procedure will: * Delete the following: * ComboFix and its associated files and folders. * Reset the clock settings. * Hide file extensions, if required. * Hide System/Hidden files, if required. * SET a new, clean Restore Point. ================================ Download OTC by OldTimer and save it to your desktop. 1. Double-click OTC to run it. 2. Click the CleanUp! button. 3. Select Yes when the "Begin cleanup Process?" prompt appears. 4. If you are prompted to Reboot during the cleanup, select Yes 5. OTC should delete itself once it finishes, if not delete it yourself. ================================== Clean out your temporary internet files and temp files. Download TFC by OldTimer to your desktop. Double-click TFC.exe to run it. Note: If you are running on Vista, right-click on the file and choose Run As Administrator TFC will close all programs when run, so make sure you have saved all your work before you begin. * Click the Start button to begin the cleaning process. * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. * Please let TFC run uninterrupted until it is finished. Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning. ====================================== Use the Secunia Software Inspector to check for out of date software. •Click Start Now •Check the box next to Enable thorough system inspection. •Click Start •Allow the scan to finish and scroll down to see if any updates are needed. •Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing! |
|
| 4808. |
Solve : windows vista with bad virus antispyware soft? |
|
Answer» HI all & thanks in advance! i've seen several post on this culprit (antispyware soft) using XP i have vista. i cannot go to any website. cant run SYSTEM RESTORE. nothing works. i cant download highjackthis or any program. i am using a small laptop to write this. (acer 10.1 netbook) is there anything i can do except reload whole puter? in desperate need. To clarify, when i open IE up and try to visit a website, It says "Application cannot be executed. The file.exe has been infected." THEN a tab (in IE) OPENS and goes to a website that trying to sell an Anti-Virus Software? i try & go to task master & it starts then dissapears with a warning of virus. then once i leave it alone for a min or 2 it opens ie with an ad for porn or a lil blue pill. |
|
| 4809. |
Solve : Trying to use "Google Earth" causes my computer tofreeze up.? |
|
Answer» I'm not even sure that this is the right place to talk about this. I don't know if it is software, internet explorer, hardware, malware or what but every time I try to use Google Earth my MACHINE just freezes up. No response to mouse or keyboard. I have un-installed and re-installed GE at least three times.....no luck I went throught the same procedure on my laptop and it worked out just fine. I have scanned with SuperAntispyware and Malewarebyte with no luck. NOt too long ago I was able to use Google Earth satisfactorily.... Anybody have any ideas here?? Thanks for looking, JIMHave you tried reinstalling Google Earth?Dude , You're Of ma Kind - A Freakin And JOKING Have you tried reinstalling Google Earth?...Yes I have with the same results. Thanks for looking, JIMMost LIKELY u dont have enough RAM. Google Earth does that to my cpu as well so just wait for LIKE 4 hrs max if possible. If not, u are stuffed.Quote from: ksmic on May 20, 2010, 05:37:13 AM Most likely u dont have enough RAM. Google Earth does that to my cpu as well so just wait for like 4 hrs max if possible. If not, u are stuffed. Could be, However, if my memory serves correctly, I used to be able to use Google Earth on this same machine. It has 1 Gbyte of ram. My laptop, which has 2 Gbytes, handles Google Earth quite well.. I only have to wait about 10 minutes before I get the ERROR message so you are probably right, Thank you, JIM |
|
| 4810. |
Solve : Very new, and I need some help!? |
|
Answer» HI! Okay, so I am very bad with COMPUTERS, but I have a laptop. And all the time it says that I am using 99-100% of my processor.. Well, I checked it now, and now it says I only use like from 8-50%.. Which is good? Yesterday, I took a fullscan test with avast Free AntiVirus, and it detected 1 harmful file, which I assume is a virus. It was called "smain.htm" - and I put it in the viruschest, and I restarted my laptop, so avast could do some stuff.. Now- do I have to do anything else after that? Because I feel my laptop shouldn't be messing up as bad as it is, it goes REALLY slow sometimes.. (forexample if I am on Skype, and are doing something on chrome at the same time.. Is that NORMAL?), and hangs up alot. I have a packard bell easynote tr85 notebook... http://www.techgadgets.in/images/packard-bell-easynote-tr85-notebook.jpg <- that is a picture of it I would appreciate help.. Okay Bye- have a nice day!! Please go to this link and follow the directions and post the required LOGS. Please post your logs in this link. |
|
| 4811. |
Solve : ntldr is missing..? |
|
Answer» 1. INSERT the WINDOWS XP bootable CD into the computer. |
|
| 4812. |
Solve : super-smart browser-hijackers n viruses? |
|
Answer» lately i've been EXPERIENCING browser hijackers that make my computer go kapoot. |
|
| 4813. |
Solve : make viruses? |
|
Answer» First I do not believe in CHRIST. So I thank you if you delete words. In order to continue to speakOK let me put it a way you will understand. You get what you deserve, so jog on.Quote from: baby on May 21, 2010, 01:36:16 PM First I do not believe in Christ. So I thank you if you delete words. In order to continue to speak I don't ave to delete anything to make the rest of my remarks relevant. Wjould it have made any difference to you if had USED this quote? Quote Dalai Lama:"Every RELIGION emphasizes human improvement, love, respect for others, sharing other people's suffering. On these lines every religion had more or less the same viewpoint and the same goal."This material I provided can lead you to the answer to your question. You are never going to be able to write your own virus because you do not know how to learn. Don't just reject some information because you find a small part of it OFFENSIVE to you. You ASSUME that my post was a put down. Not so. It really is a key to a Pandora box you can open if you want to. I am not interfering with you right to choice. I am showing you what your choices are and where they can lead you.In short, we will not help you make a computer virus. Good bye. |
|
| 4814. |
Solve : Cant install anti-virius program? |
|
Answer» after DOWNLOADING the anti-virius PROGRAM, i try to run the install program...but it's asking me "OPEN with".... any suggestions? inadittion this same problems HAPPENS to any program i try to install....Plus when i try to open any programs in my start menu it says "application not found"Please stay in the other thread - do not start a separate thread for the same PROBLEM. |
|
| 4815. |
Solve : ccApp.exe and Norton? |
|
Answer» Hi |
|
| 4816. |
Solve : Please help! Im useless!? |
|
Answer» Thanked: 0 OS: Unknown Experience: Beginner Please help! Im useless « on: Today at 08:46:29 AM » -------------------------------------------------------------------------------- Hi, I dont even know if Im posting this in the correct section, but Im having problems with my laptop, its been working fine, but Ive just COME to switch it on and windows xp fires up, I get the little start up noise, then it says shutting down straight away, and I get the closing noise. this just keeps happening over and over again. I also tried PRESSING F8 on the Dell start up screen and sending it BACK to the last good startup (or WHATEVER you call it) But still nothing. Can ANYONE help? Please do not post the same question more than once. |
|
| 4817. |
Solve : au.exe? |
|
Answer» anyone know if the above is WORM /virus/trojon/bug /ETC comodo firewall spat it out when i was deleting tech tracker a CNET wasted space |
|
| 4818. |
Solve : challenge? |
| Answer» VOID. Me. | |
| 4819. |
Solve : ezula virus? |
|
Answer» i have windows vista BASIC,avg and spy bot...PICKED up the ezula virus TODAY..how can i safley get rid of it ? |
|
| 4820. |
Solve : Can someone look at my logs please?? |
|
Answer» To enable the viewing of HIDDEN and protected system files in Windows Vista please follow these steps: •If you get a prompt to buy the full version just exit out of the window. The scanner will still work without buying the full versionwhen the prompt comes I exited but the computer would stale on EPM mode and the only option would be to download the free trial version which when cliked it would not work. I tried also to run it without the EPM to not avail. There is a warning window for Virus warning and file locations for the quarantine info and the log but when I go there there is no Quarantine file ext as on warning window and the notepad log file named Cureit is empty. Please advice. Thank you a million SuperDave Ok Delete Dr Web CureIt from your desktop and try this one. Also, don't forget to run MRT. Download Dr.Web CureIt to the desktop: DrWebCureit
o Now, go to Settings >> Change Settings o Go to Actions tab >> under Objects section, change the settings to below Infected objects - Cure Incurable objects - Report Suspicious objects - Report o Don't change any other settings
I tried to get DrWeb Cureit through your link but I have the exact same problem than before. I ran the MRT and it came with no infected files when I looked at the detailed report. Am I fine and save you think? Again and again I want to Thank you for all your help and your patience with me. Quote Am I fine and save you think? I would say that your computer is as clean as our scans can make it. Let's do some clean-up * Click START then RUN - Vista users press the Windows Key and the R keys for the Run box. * Now type Combofix /uninstall in the runbox * Make sure there's a space between Combofix and /Uninstall * Then hit Enter * The above procedure will: * Delete the following: * ComboFix and its associated files and folders. * Reset the clock settings. * Hide file extensions, if required. * Hide System/Hidden files, if required. * Set a new, clean Restore Point. =============================== Download OTC by OldTimer and save it to your desktop. 1. Double-click OTC to run it. 2. Click the CleanUp! button. 3. Select Yes when the "Begin cleanup Process?" prompt appears. 4. If you are prompted to Reboot during the cleanup, select Yes 5. OTC should delete itself once it finishes, if not delete it yourself. ================================= Clean out your temporary internet files and temp files. Download TFC by OldTimer to your desktop. Double-click TFC.exe to run it. Note: If you are running on Vista, right-click on the file and choose Run As Administrator TFC will close all programs when run, so make sure you have saved all your work before you begin. * Click the Start button to begin the CLEANING process. * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. * Please let TFC run uninterrupted until it is finished. Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning. ==================================== Looking over your log it seems you don't have any evidence of a third party firewall. Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors. Remember only install ONE firewall 1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one) 2) Online Armor 3) Agnitum Outpost 4) PC Tools Firewall Plus If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time. ===================================== Use the Secunia Software Inspector to check for out of date software. •Click Start Now •Check the box next to Enable thorough system inspection. •Click Start •Allow the scan to finish and scroll down to see if any updates are needed. •Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the LATEST Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing! |
|
| 4821. |
Solve : msls51.dll error help required? |
|
Answer» Hi I have a HP laptop with Windows XP INSTALLED. I have McAfee installed along with Malware bytes on the SYSTEM. Recently malwarebytes had found a few trojan and malicious software which were quarantined (this list also included the msls51.dll file which was quarantined). Yesterday after a RESTART I encountered a few error messages: Hi I have a HP laptop with Windows XP installed. I have McAfee installed along with Malware bytes on the system. Recently malwarebytes had found a few trojan and malicious software which were quarantined (this list also included the msls51.dll file which was quarantined). Yesterday after a restart I encountered a few error messages: Hi I have included the Malware bytes Log along with HijackThis log. I can't get Superantispyware to install and run in normal mode. Will try again in safe mode. I cant get Combofi also to run in either safe mode or normal mode. any help from anyone would be appreciated.Quote from: imgreat on May 28, 2010, 06:39:47 PM Hi I have a HP laptop with Windows XP installed. I have McAfee installed along with Malware bytes on the system. Recently malwarebytes had found a few trojan and malicious software which were quarantined (this list also included the msls51.dll file which was quarantined). Yesterday after a restart I encountered a few error messages: [recovering disk space - old attachment deleted by admin] |
|
| 4822. |
Solve : Transfering documents from pc w/ viruses to new pc? |
|
Answer» My old pc has viruses on it and it costs WAY too much to fix so I am buying a new one. However, I want some of the documents saved on my old pc transfered to my new pc. How can i go about this without transfering a VIRUS? Install AV on you new computer. |
|
| 4823. |
Solve : BEWARE OF 94.23.4.164? |
|
Answer» This is a very HOSTILE site. 94.23.4.164 94.23.4.164 server LOCATION: Roubaix in France 94.23.4.164 ISP: OVH Systems DON"T GO there. For more INFO just Google 94.23.4.164 malware |
|
| 4824. |
Solve : computer acting up? |
|
Answer» Quote Is this it?That's the one. Thanks ===================================== Code: [Select]C:\Program Files\1bomb.ini Do you know what this program is for? ==================================== Please read here for more information about WildTangent. Your choice if you want to remove it or not. If you choose to follow my advice, please follow these instructions. Go to Start > Control Panel > Add/Remove Programs and remove the FOLLOWING programs. •WildTangent Web Driver (or anything else with the name WildTangent.) I suspect that WildGames is one of these programs since they come from the same site. =================================================== Please go to Jotti's malware scan (If more than one file needs scanned they MUST be done separately and logs posted for each one) * Copy the file path in the below Code box: Code: [Select]C:\WINDOWS\system32\drivers\rewac.sys C:\WINDOWS\system32\mfc45.dll * At the upload site, click once inside the window next to Browse. * Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window. * Next click Submit file * Your file will possibly be entered into a queue which normally takes less than a minute to clear. * This will perform a scan across multiple different virus scanning engines. * Important: Wait for all of the scanning engines to complete. * Once the scan is finished, Copy and then Paste the link in the address bar into your next reply. ================================== Re-running ComboFix to remove infections:
Download Security Check by screen317 from one of the following links and save it to your desktop. Link 1 Link 2 * Unzip SecurityCheck.zip and a folder named Security Check should appear. * Open the Security Check folder and double-click Security Check.bat * Follow the on-screen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt * Post the contents of that document in your next reply. Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so. Here is the info on 1bomb file. It's a configuration.Video_Width: 640 Video_Height: 480 BPP: 16 VSync: 1 FullScreen: 0 InputType: 0 Sound: 1 Volume: -512 Stats: 0 *Note : Must have a space between item and value! I'll send more in a little bit. My kids play the Wild Tangent games. I'd like to keep them.I'm not to concerned with the info they create about the games. They do more learning about your shopping habit with your credit card than Wild Tangent and games. I understand its a privacy issue and agree with you , but I don't think it has any harm in it. My 2 cents. I'll get the other logs soon.http://virusscan.jotti.org/en/scanresult/8c048105ef576585bf710909ad9b2fa7e6f632f4/ad94ec62df70c322fa3ccaf0efdd5d5d1b88edf3I've moved the file over and it auto starts and then ask me if I wanted CFSript.txt to run.It say it is misspelled and the program shuts down when I click OK.Results of screen317's Security Check version 0.99.4 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! avast! Free Antivirus Webroot AntiVirus with Spy Sweeper Online Armor 4.0 ``````````````````````````````` Anti-malware/Other Utilities Check: Scholastic's I SPY Fantasy Webroot AntiVirus with Spy Sweeper Spy Sweeper Core SUPERAntiSpyware Free Edition HijackThis 2.0.2 Java(TM) 6 Update 17 Out of date Java installed! Adobe Flash Player 10.0.45.2 Adobe Reader 8.1.3 Out of date Adobe Reader installed! MOZILLA Firefox (3.6.3) ```````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe iolo common lib ioloServiceManager.exe ```````````````````````````````` DNS Vulnerability Check: Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?) ``````````End of Log```````````` The Jotti's link is for the wrong file. It's for imfivpf. I wanted two files scanned: C:\WINDOWS\system32\drivers\rewac.sys and C:\WINDOWS\system32\mfc45.dll Could you please try to scan them again and give me the links. ========================================= Quote It say it is misspelled and the program shuts down when I click OK.Please try it again. ======================================== Update Your Java (JRE) Old versions of Java have vulnerabilities that malware can use to infect your system. First Verify your Java Version If there are any other version(s) installed then update now. Get the new version (if needed) If your version is out of date install the newest version of the Sun Java Runtime Environment. Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update. Be sure to close ALL open web browsers before starting the installation. Remove any old versions 1. Download JavaRa and unzip the file to your Desktop. 2. Open JavaRA.exe and choose Remove Older Versions 3. Once complete exit JavaRA. 4. Run CCleaner. Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the INITIAL startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer. =============================== Please download the newest version of Adobe Acrobat Reader from Adobe.com Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable. Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7). Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them. Once old versions are gone, please install the newest version. ============================================= I'm unable to remove old java.The new version will not download. I tried to update adobe and it fails too. Adobe error info ID-6702.402.502.20041 send report to adobe http://Http://www.adobe.com/misc/bugreport.html Installation is corrupt!(16263.201.355-42072312.80040154FFFFFFFF.80040154 I tried to do this when my computer started acting up without success. Most programs have issues downloading. OK. Got them removed. Now I'll update again.still get error messages.How did you do with the ComboFix script and the two files to be scanned?I will try that in a bit . Busy day.http://virusscan.jotti.org/en/scanresult/2e6031ed88b70d1cbfa7798771041464f553d1e8http://virusscan.jotti.org/en/scanresult/85a8e39972371a64284a8fd215c32b940c2173aeThat looks good. Can you now please run the ComboFix script from Reply # 30?I've tried 4 other times with no luck. It keeps repeating that it is miss spelt. It spells it that way too. rather a surprise to have an errors grammar incorrect. |
|
| 4825. |
Solve : Seriously Attacked !!!!? |
|
Answer» HI Dudes I Dont Know How TO Explain Such Problem But.... After Every 5-6 Hrs When My Pc Is Still (I Dont Touch It While Donwloading A File ) An Message And Page Pops Up Of Adult *censored* And Something Like That Is There A Way 2 Find Out WHich Software Is Causing This Or What Is Causing This I Nvr Went To Such Sites (No Time) Pls Help Me I Am Been AttackedDon't you already have a thread on this?Post logs?Please go to this link and FOLLOW the DIRECTIONS and post the required logs.Quote Don't you already have a thread on this?Every2 SAID Me To Open A New Topic In This Section |
|
| 4826. |
Solve : Full form of computer VIRUS? |
|
Answer» Dear FRIENDS, what is the full FORM of computer 'VIRUS' ? If you give me the information I shall be highly obliged. VIRUS : Vital Information Resources Under Seize And this somehow applies to disease viruses, like the flu or the COMMON cold? Of course not. Virus is not an acronym. |
|
| 4827. |
Solve : Windows Security Alert Help? |
| Answer» OK, THANK you so MUCH for your HELP! You've been a GREAT help. | |
| 4828. |
Solve : ipconfig.exe box just appears a fraction of a second? |
|
Answer» http://www.majorgeeks.com/ This is about the only place I would trust for freeware. Sometimes, freeware comes with a hidden cost in the form of malware.thanks, will sweep the place...lol do I NEED to uninstall all the supportive software you showed me to use?If you already ran OTC, it's probably all gone now. You can download SAS and MBAM. Update them and run them on a regular basis. That should be all you need. nope, I didnt....lol...my defences are as said: SAS, Malwarebyte, Spybot, AVG and now i will use the ESET once in a while when I see TRANGE things happen here...hahahahaha . WELL, we hope that your actions will help the 916 veiwers too...lol ...and agian: thanks a lot for all your efforts Quote thanks a lot for all your effortsYou're welcome. ESET picked out a kind of disguised spyware called "crack. UB" which I cant find ANYTHING about, but it STATED it was a "presumably dangererous..."..strange thing that neither AVG nor Superantispyware nor Malwarebytes GOT it right!!!! |
|
| 4829. |
Solve : Virus wont let windows update run. Help!? |
|
Answer» So Close! i ran that last PROGRAM you said to and it rebooted and everything looked normal and started up great. So since it was late i thought what the heck ill try the windows update site. It worked! i was thrilled and since i had done the windows xp repair before i got on here i needed to do some major windows updates. I went ahead and did the service pack 3 update. I know i should have waited to see what you said about the results of that last scan though. After it installed service pack 3 and rebooted i have a completley new issue. I tried to open the windows update website and an error message pops up. "This file does not have a program associated with it for performing this action. Create an association in the folder OPTIONS control program"
|
|
| 4830. |
Solve : Laptop sound not wokring? |
|
Answer» So I was just on my laptop as usual, everythings fine then BLAM, the sound stops working. I didn't download anything, the laptop isn't overheatting, nothing. any ideas?Why are you posting this in the malware section? this might be the ovious answer has you made sure the volume is up ?Already been covered.right so ive changed the sound like, i had multiple sound options to pick from, and i just changed it to another sound system as default, and it works fine but i cant play songs from itunes :/On the Start menu, click Computer. In My Computer, open the C:\ drive (or WHICHEVER disk your Windows is installed on). Open the Program Files folder or "Program Files (x86)" if you are using a 64-bit version of Windows Vista or Windows 7). Open the iTunes folder. Right-click on the iTunes application (iTunes or iTunes.exe) and from the shortcut menu, click Properties. Click the Compatibility tab. Deselect the checkbox under Compatibility mode if it's selected. Click OK. Open iTunes and play a song. Quote from: kristain on June 01, 2010, 10:46:10 PM On the Start menu, click Computer. iTunes has nothing to do with the issue. |
|
| 4831. |
Solve : How good is 'Cloud Antivirus' for a 'Mostly Offline' system?? |
|
Answer» Hello There! So...'No Protection' for offline users since there'll be NO definitions update procedure?No protection because it has to be connected to the internet to know what the files running are and if they include malicious code.Kpac, Then, would you like to rely on a 'Cloud based' Antivirus? Is it really LIGHT on system resources, even lighter than Avast? **My, year 2002 bought machine has now gone old(as per Moore's law-Processing power should double every 6 months to keep it up with newer applications). Iam finding different ways to give a little twist to my most essential applications.Should I proceed ahead to replace Avast with Cloud based Panda; purely in the lure of it being a lesser resource hog? Quote Then, would you like to rely on a 'Cloud based' Antivirus?No because I don't have a persistant internet connection and not a lot of bandwidth to spare.Who on this earth have a 'Persistent' Internet connection? I mean the "Always Online" system! There must be some aspect of cloud based antivirus to offer minimal offline protection as well. Atleast, it must be encompassing list of malwares & their's subsequent DETECTION & removal as prevalent within 'Windows Malicious Software Removal' tool!? |
|
| 4832. |
Solve : double posting locked? |
|
Answer» what does the above term mean i asked a question with no REPLY so rearranged the question &wording still no answer the only reply was double POSTING LISTED ?bit CONFUSING for a newby could someone please explain |
|
