Registry infected & fragmented

[pcemkr]

Here is the info from checkup.txt:

Results of screen317's Security Check version 0.99.24

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 19

Java 2 Runtime Environment, SE v1.4.2

Out of date Java installed!

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

[pcemkr]

Add'l note:

Wanted to be sure to let you know IT WORKED!!

The crash logs are now gone!! WOOHOOO!!!!

System went from 6% available space to 84% available...so happy!

[screen317]

Hi,

Great!

Delete SecurityCheck.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program(s) (if present):

ESET Online Scanner v3

Java™ 6 Update 19

Java 2 Runtime Environment, SE v1.4.2

Adobe Reader 9.0

Restart your computer.

Get the latest version of Java, Adobe Reader.

Now try a defrag.

Let me know what issues remain.

-screen317

[pcemkr]

Was able to uninstall Java 6 Update 19 & Adobe Reader 9.0...

ESET Online Scanner was not present...

Unable to uninstall Java2 Runtime Environment...get message: "The feature you are trying to use is on a network resource that is unavailable."

Also, when trying to install/update Adobe Reader X, get message: "ABORT: Certificate authentication failed, please re-install to correct the problem."

Defrag went GREAT!!

Noticing that I still am unable to connect to Yahoo! or aol for email. Continues to get an unable to connect, diagnose the issue message.

Looking to install realtime antispyware program....what suggestions do you have?

Thanks!

[screen317]

Hi,

Before addressing the other issues:

Please download Farbar Service Scanner and run it on the computer with the issue.

• Check "Include All Files" option.
  
• Press "Scan".
  
• It will create a log (FSS.txt) in the same directory the tool is run.
  
• Please copy and paste the log to your reply.
  

[pcemkr]

Here it is:

Farbar Service Scanner

Ran by Owner (administrator) on 06-12-2011 at 09:32:26

Microsoft Windows XP Service Pack 3 (X86)

********************************************************

Service Check:

==============

File Check:

===========

C:\WINDOWS\system32\svchost.exe => MD5 is legit

C:\WINDOWS\system32\rpcss.dll => MD5 is legit

C:\WINDOWS\system32\services.exe => MD5 is legit

C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit

C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit

Connection Status:

==================

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

**** End of log ****

^^Also hoping to find what's causing the computer to boot up on it's own when no one is around.

Thank you!

[screen317]

Yahoo IP is accessible.

Reboot and try accessing now. The tool was able to ping Yahoo fine.

Try in multiple browsers.

Computers don't turn on, on their own... You're probably setting it to sleep then the mouse is getting moved to wake it up.

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[pcemkr]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

Hi, sorry for the delay...holiday's stepped in...

Rebooting did not resolve the Yahoo connection issue. I was able to open Yahoo & other sites thru Google Chrome, so decided to reinstall IE and see what that would do. It took a bit of work, but was able to get IE back up & running and am able to access Yahoo, AOL, and much more again.

The only unusual thing I'm noticing is the computer still boots up when no one is around. My guess is there's either a setting that needs changed or something is hiding somewhere & making this happen.

Other than that, is there anything else I should do before saying "Excellent work!! Mission Accomplished"??

[screen317]

Hi,

It's likely that when you are turning off your computer, you are making it hibernate or sleep instead of actually turning all of the way off. How are you turning it off?

[pcemkr]

I select TURN OFF option when the Standby, Turn off, Restart box appears.

Unless it's a setting I am unaware of, I have no clue why it's doing this.

The only thing I have found that keeps it from turning on is to unplug the power source.

It's all very odd.

[screen317]

Take a screenshot of the box you are clicking when you are shutting down and post it here.

[pcemkr]

Attched is a screenshot of the box that appears when I go to Start, Turn off computer...I select Turn Off to shut it down.

I noticed last night it seems to turn itself back on at midnight (12:00 am). I tried checking the settings to see if I could see anything and what I was able to check/find was limited, but didn't show anything unusual.

Thank you for helping!

Logoff.bmp

[screen317]

Hi,

I apologize for the delay.

What an odd issue. I'm not sure what to tell you at this point. I suggest posting in our PC Help forum since this most likely isn't malware.

[pcemkr]

Thank you so much for all of your help with this!!!

I appreciate your patience, dedication & tenacity in getting to the root of the problem.

You are wonderful!!!

Have a fabulous day!!!

[screen317]

You're very welcome!

I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place.

Now that your computer seems to be in proper working order, please take the following steps to help prevent reinfection:

1) Download and install Javacool's SpywareBlaster, which will prevent malware from being installed on your computer. A tutorial on it can be found here.

2) Go to Windows Update frequently to get all of the latest updates (security or otherwise) for Windows.

3) Make sure your programs are up to date! Older versions may contain security risks. To find out what programs need to be updated, please run Secunia's Software Inspector.

4) WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

• Green to go
  
• Yellow for caution
  
• Red to stop
  

WOT has an addon available for both Firefox and IE.

5) Be sure to update your Antivirus and Antispyware programs often!

Finally, please also take the time to read Tony Klein's excellent article on: So How Did I Get Infected in the First Place?

Safe surfing,

-screen317

[screen317]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!