[Resolved] Unable to update virus or any other software on Acer

  • 28 Replies
  • 6977 Views
*

Offline Acer Daddy

  • Bronze Member
  • 43
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #15 on: November 28, 2010, 12:12:34 AM »
I could not find a Norton log file per se but here is the location of the trojan.  c:\program files\crushcale\jsi.dll  Initially I thought I saw two get flagged but this was the only one in the log for 11/27.  If you know how to get to a better log file in Norton let me know.  The area I went to was in the Monthly Report and it seemed pretty cheesy. 

I think we may have a bigger problem though.  I have two accounts on the computer.  Dad & Mom and Samantha.  I applied all of your changes logged in under Dad & Mom.  When we launched as Samantha the system seemed corrupt again.  For example I could not launch Internet Explorer and get to google.   Logged in as Dad & Mom this machine is screaming.  Logged in as Samantha it seems to be sub-optimal.

*

Offline Acer Daddy

  • Bronze Member
  • 43
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #16 on: November 28, 2010, 12:34:04 AM »
Yep we are pretty fried when I log on as Samantha.  IE is toast and I do not have another browser installed on her side.  I tried to launch and load a copy of MSN but it uses IE to launch and it is broken.  I can't seem to copy and paste the google chrome .exe from Dad & Mom to Samantha.  Once I switch users it does not work.

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #17 on: November 28, 2010, 06:32:51 AM »
Hiya AD,

Open your daughters account, start IE > select tools > Internet options > select Advanced tab > select Reset at bottom > Press reset again > wait until IE has reset > Press close to close internet options window > Close and reopen Internet Explorer to refresh it.
Does IE now work?

Regarding the Norton Alert, what is this c:\program files\crushcale did you install that program?

Kevin

*

Offline Acer Daddy

  • Bronze Member
  • 43
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #18 on: November 28, 2010, 09:50:49 AM »
Nope IE is still jacked would not launch.  If we need to I have no problem deleting her user account.  My only questions are:  Are there malware and virus issues hidden under her account that we should deal with before I delete her?  Since I cannot get access to the Internet from her account how will I download the tools we need?  Can I use a thumb drive to copy google chrome.exe and install that way?

AD

*

Offline Acer Daddy

  • Bronze Member
  • 43
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #19 on: November 28, 2010, 09:53:56 AM »
As far a crushcale is concerned I did not install but I did see a copy of it when I logged in under Samantha

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #20 on: November 28, 2010, 10:11:07 AM »
Uninstall crushcale from add/remove programs, re-boot. Remove the suspect account, re-boot. Run the  following scan and post the two logs :-

We need to see some additional information about what is happening in your machine. 
Please perform the following scan:
  • Download DDS by sUBs from one of the following links.  Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool.   
  • When done, DDS will open two (2) logs

         1. DDS.txt
         2. Attach.txt
  • Save both reports to your desktop.
  • The instructions here ask you to attach the Attach.txt.

 
  • Instead of attaching, please copy/past both logs into your next reply.
  • Close the program window, and delete the program from your desktop.
Please note:  You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
 
Information on A/V control HERE

Post both logs in reply, also any specific issues.

Kevin

*

Offline Acer Daddy

  • Bronze Member
  • 43
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #21 on: November 28, 2010, 02:17:05 PM »
DDS.txt & Attach.txt Below.  I also logged in under Admin in Safe Mode and deleted Samantha's account.



DDS (Ver_10-11-27.01) - NTFSx86 
Run by Dad & Mom at 13:13:09.60 on Sun 11/28/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1014.511 [GMT -7:00]

AV: Norton Security Suite *On-access scanning disabled* (Updated)   {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *disabled*   {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
FW: AVG Firewall *disabled*   {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\Documents and Settings\Dad & Mom\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dad & Mom\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dad & Mom\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Dad & Mom\My Documents\dds (3).com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=1209&m=aspire_one
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=1209&m=aspire_one
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\4.3.0.5\IPSBHO.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\4.3.0.5\coIEPlg.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\documents and settings\dad & mom\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-11-21 218592]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0403000.005\symds.sys [2010-11-21 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0403000.005\symefa.sys [2010-11-21 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20101104.001\BHDrvx86.sys [2010-11-4 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys [2010-11-21 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0403000.005\ironx86.sys [2010-11-21 116784]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\4.3.0.5\ccsvchst.exe [2010-11-21 126392]
R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2009-3-11 237568]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-11-20 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20101124.002\IDSXpx86.sys [2010-10-19 341880]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-3-3 38912]
R3 M3000Srv;USB2.0 UVC WebCam Driver;c:\windows\system32\drivers\M3000KNT.sys [2009-7-13 145152]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20101128.002\NAVENG.SYS [2010-11-28 86064]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20101128.002\NAVEX15.SYS [2010-11-28 1371184]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-8 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-3-11 1684736]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-3-11 30192]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\rts5121.sys --> c:\windows\system32\drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]

=============== Created Last 30 ================

2010-11-25 02:49:36   --------   d-----w-   c:\docume~1\dad&mo~1\applic~1\Malwarebytes
2010-11-25 02:49:25   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-25 02:49:24   --------   d-----w-   c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-11-25 02:49:23   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-11-25 02:49:23   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-11-24 17:14:25   --------   d-----w-   C:\_OTM
2010-11-23 22:54:30   --------   d-sha-r-   C:\cmdcons
2010-11-22 05:57:52   233136   ----a-w-   c:\windows\system32\drivers\pctgntdi.sys
2010-11-22 05:57:49   88040   ----a-w-   c:\windows\system32\drivers\PCTAppEvent.sys
2010-11-22 05:57:49   218592   ----a-w-   c:\windows\system32\drivers\PCTCore.sys
2010-11-22 05:57:43   63360   ----a-w-   c:\windows\system32\drivers\pctplsg.sys
2010-11-22 05:57:03   --------   d-----w-   c:\program files\Spyware Doctor
2010-11-22 05:57:03   --------   d-----w-   c:\program files\common files\PC Tools
2010-11-22 05:57:03   --------   d-----w-   c:\docume~1\dad&mo~1\applic~1\PC Tools
2010-11-22 05:57:03   --------   d-----w-   c:\docume~1\alluse~1\applic~1\PC Tools
2010-11-22 04:24:19   361904   ----a-w-   c:\windows\system32\drivers\n360\0403000.005\symtdi.sys
2010-11-22 04:24:19   339504   ----a-w-   c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys
2010-11-22 04:24:19   328752   ----a-r-   c:\windows\system32\drivers\n360\0403000.005\symds.sys
2010-11-22 04:24:19   173104   ----a-w-   c:\windows\system32\drivers\n360\0403000.005\symefa.sys
2010-11-22 04:24:18   501888   ----a-w-   c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys
2010-11-22 04:24:18   43696   ----a-w-   c:\windows\system32\drivers\n360\0403000.005\srtspx.sys
2010-11-22 04:24:18   325680   ----a-w-   c:\windows\system32\drivers\n360\0403000.005\srtsp.sys
2010-11-22 04:24:18   116784   ----a-w-   c:\windows\system32\drivers\n360\0403000.005\ironx86.sys
2010-11-22 04:23:54   --------   d-----w-   c:\windows\system32\drivers\n360\0403000.005
2010-11-21 06:20:11   --------   d-----w-   c:\docume~1\dad&mo~1\locals~1\applic~1\Temp
2010-11-20 15:53:50   26600   ----a-r-   c:\windows\system32\drivers\GEARAspiWDM.sys
2010-11-20 15:53:50   107368   ----a-r-   c:\windows\system32\GEARAspi.dll
2010-11-20 15:53:38   60808   ----a-w-   c:\windows\system32\S32EVNT1.DLL
2010-11-20 15:53:38   124976   ----a-w-   c:\windows\system32\drivers\SYMEVENT.SYS
2010-11-20 15:53:37   --------   d-----w-   c:\program files\Symantec
2010-11-20 15:53:37   --------   d-----w-   c:\program files\common files\Symantec Shared
2010-11-20 15:52:27   --------   d-----w-   c:\windows\system32\drivers\N360
2010-11-20 15:52:24   --------   d-----w-   c:\program files\Norton Security Suite
2010-11-20 15:51:58   --------   d-----w-   c:\program files\NortonInstaller
2010-11-20 15:51:58   --------   d-----w-   c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-11-20 15:49:58   --------   d-----w-   c:\docume~1\alluse~1\applic~1\Norton
2010-11-10 15:13:50   --------   d-----w-   c:\docume~1\dad&mo~1\locals~1\applic~1\Ahead
2010-11-10 05:38:10   --------   d--h--w-   c:\docume~1\alluse~1\applic~1\Common Files
2010-11-10 05:11:44   --------   d-----w-   c:\docume~1\alluse~1\applic~1\MFAData
2010-11-10 04:25:15   --------   d-----w-   c:\program files\Nero
2010-11-10 04:25:15   --------   d-----w-   c:\docume~1\alluse~1\applic~1\Nero
2010-11-10 04:23:57   819200   ----a-w-   c:\program files\windows media player\wmsetsdk.exe
2010-11-10 04:23:57   47616   ----a-w-   c:\program files\windows media player\msoobci.dll
2010-11-10 04:23:37   --------   d-----w-   c:\windows\RegisteredPackages

==================== Find3M  ====================

2010-09-18 18:23:26   974848   ----a-w-   c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25   974848   ----a-w-   c:\windows\system32\mfc42.dll
2010-09-18 06:53:25   954368   ----a-w-   c:\windows\system32\mfc40.dll
2010-09-18 06:53:25   953856   ----a-w-   c:\windows\system32\mfc40u.dll
2010-09-15 11:50:37   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2010-09-15 09:29:49   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2010-09-09 13:38:01   832512   ----a-w-   c:\windows\system32\wininet.dll
2010-09-09 13:38:01   1830912   ----a-w-   c:\windows\system32\inetcpl.cpl
2010-09-09 13:38:00   78336   ----a-w-   c:\windows\system32\ieencode.dll
2010-09-09 13:38:00   17408   ----a-w-   c:\windows\system32\corpol.dll
2010-09-08 15:57:57   389120   ----a-w-   c:\windows\system32\html.iec
2010-09-01 11:51:14   285824   ----a-w-   c:\windows\system32\atmfd.dll
2010-08-31 13:42:52   1852800   ----a-w-   c:\windows\system32\win32k.sys

============= FINISH: 13:13:44.21 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-27.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 12/25/2009 11:27:10 PM
System Uptime: 11/28/2010 1:02:32 PM (0 hours ago)

Motherboard: Acer |  | Aspire one     
Processor:          Intel(R) Atom(TM) CPU N270   @ 1.60GHz | CPU | 1596/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 142 GiB total, 129.976 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================


32 Bit HP CIO Components Installer
Acer Crystal Eye Webcam
Acer eRecovery Management
Acer ScreenSaver
Acer VCM
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9
C:\Program Files\Acer GameZone\GameConsole
Carbonite Online Backup Setup
CCleaner
Choice Guard
Cisco Connect
Compatibility Pack for the 2007 Office system
eSobi v2
GamesBar 2.0.1.12
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
HP Smart Web Printing
HP Update
HPSSupply
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
InterVideo Register Manager
InterVideo WinDVD
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
Launch Manager
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders  (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MSN
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Essentials
neroxml
Norton Security Suite
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Segoe UI
Shop for HP Supplies
SmartWebPrinting
Spyware Doctor 7.0
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Windows Internet Explorer 7 (KB980182)
USB2.0 Card Reader Software
VCRedistSetup
WebCam
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format Runtime

==== Event Viewer Messages From Past Week ========

11/27/2010 11:23:51 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the crd service to connect.
11/27/2010 11:23:51 PM, error: Service Control Manager [7000]  - The crd service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/25/2010 6:20:12 AM, error: Service Control Manager [7034]  - The Windows User Mode Driver Framework service terminated unexpectedly.  It has done this 1 time(s).
11/25/2010 6:20:12 AM, error: Service Control Manager [7034]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).
11/25/2010 6:20:12 AM, error: Service Control Manager [7034]  - The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).
11/24/2010 8:04:15 PM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'.  It has stopped monitoring the volume.
11/24/2010 8:04:01 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  amdagp
11/24/2010 7:31:10 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD BHDrvx86 ccHP eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SRTSPX SymIRON SYMTDI Tcpip
11/24/2010 10:14:25 AM, error: Service Control Manager [7034]  - The Raw Socket Service service terminated unexpectedly.  It has done this 1 time(s).
11/24/2010 10:14:25 AM, error: Service Control Manager [7034]  - The IviRegMgr service terminated unexpectedly.  It has done this 1 time(s).
11/24/2010 10:14:25 AM, error: Service Control Manager [7034]  - The Intel(R) Matrix Storage Event Monitor service terminated unexpectedly.  It has done this 1 time(s).
11/24/2010 10:14:25 AM, error: Service Control Manager [7031]  - The Bluetooth Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/23/2010 3:36:20 PM, error: Service Control Manager [7000]  - The cpuz132 service failed to start due to the following error:  The system cannot find the path specified.
11/21/2010 9:38:34 PM, error: Service Control Manager [7003]  - The AVGIDSAgent service depends on the following nonexistent service: AVGIDSDriver
11/21/2010 9:38:34 PM, error: Service Control Manager [7000]  - The McAfee SiteAdvisor Service service failed to start due to the following error:  The system cannot find the path specified.
11/21/2010 9:38:34 PM, error: Service Control Manager [7000]  - The McAfee Real-time Scanner service failed to start due to the following error:  The system cannot find the path specified.
11/21/2010 9:38:34 PM, error: Service Control Manager [7000]  - The McAfee Personal Firewall Service service failed to start due to the following error:  The system cannot find the path specified.
11/21/2010 9:38:34 PM, error: Service Control Manager [7000]  - The McAfee Network Agent service failed to start due to the following error:  The system cannot find the path specified.
11/21/2010 9:37:43 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/21/2010 9:36:38 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/21/2010 9:36:28 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
11/21/2010 9:36:20 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD BHDrvx86 ccHP eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SRTSPX SymIRON Tcpip
11/21/2010 9:36:20 PM, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
11/21/2010 9:36:20 PM, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
11/21/2010 9:36:20 PM, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
11/21/2010 9:36:20 PM, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
11/21/2010 9:35:17 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11/21/2010 9:22:37 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the AVG WatchDog service to connect.
11/21/2010 9:22:37 PM, error: Service Control Manager [7000]  - The AVG WatchDog service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/21/2010 10:07:06 PM, error: Service Control Manager [7023]  - The Application Management service terminated with the following error:  The specified module could not be found.

==== End Of File ===========================

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #22 on: November 28, 2010, 03:47:58 PM »
Hiya AD,

Logs are clean, only issue I see is System Restore appears to be off. No restore points are set, is that correct? How is your system responding.

Kevin

*

Offline Acer Daddy

  • Bronze Member
  • 43
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #23 on: November 29, 2010, 08:24:17 AM »
Seems ok now than her user account was nuked.  I'll try a few things and let you know.  Thanks AD

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #24 on: November 29, 2010, 02:10:05 PM »
Hiya AD,

Yep, surf about freely; post back when you`re ready...

Kevin

*

Offline Acer Daddy

  • Bronze Member
  • 43
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #25 on: November 29, 2010, 09:27:50 PM »
The patient lives!  I think you nailed it.  It seems to work fine since I deleted her old account and created a new.

Since this was such a great experience with a fantastic outcome I would love for you to help me with my computer. 

I have a Panasonic CF-W2 the greatest box I have ever owned.  The problem is that it has become corrupt due to age.  I probably have a few nasties but mainly I think it just needs a tune up.  Could you help restore my vintage box?  It has to last me a few more months until I can afford the new Panasonic S-Series.

Do I need to open another ticket??  Will you help??   

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #26 on: November 30, 2010, 02:53:42 AM »
Hiya AD,

Your latest logs are clean and you say that your system is running well, it would be an excellent idea to keep it that way. The following advice will go along way to keeping you secure so that you can enjoy safe and happy surfing.

Here are some tips to reduce the potential for malware infection in the future:

Make proper use of your antivirus and firewall

Antivirus and Firewall programs are integral to your computer security. However, just having them installed isn't enough. The definitions of these programs are frequently updated to detect the latest malware, if you don't keep up with these updates then you'll be vulnerable to infection. Many antivirus and firewall programs have automatic update features, make use of those if you can. If your program doesn't, then get in the habit of routinely performing manual updates, because it's important.

You should keep your antivirus and firewall guard enabled at all times, NEVER turn them off unless there's a specific reason to do so. Also, regularly performing a full system scan with your antivirus program is a good idea to make sure you're system remains clean. Once a week should be adequate. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Install and use WinPatrol  This will inform you of any attempted unauthorized changes to your system.

WinPatrol features explained Here

You will have several programs installed, these maybe outdated and vulnerable to exploits also. To be certain, please run the free online scan by Secunia, available Here   Before clicking the Start scan  button, please check the box for the option Enable thorough system inspection. Just below the "Scan Options:" section, you'll see the status of what's currently processing....
...when the scan completes, the message "Detection completed successfully" will appear in the Programs/Result section. For each problem detected, Secunia will offer a "Solution" option. Please follow those instructions to download updated versions of the programs as recommended by Secunia.


Use a safer web browser

Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a few good free alternatives:
 
Firefox,

Opera, and

Chrome.
 
All of these are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer, it would be a good idea to follow the tutorial HERE which will help you to make IE MUCH safer.

These browser add-ons will help to make your browser safer:

Web of Trust warns you about risky websites that try to scam visitors, deliver malware or send spam. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous ones:

Available for Firefox and Internet Explorer.

Green to go,
Yellow for caution, and
Red to stop.


Available for Firefox only. NoScript helps to block malicious scripts and in general gives you much better control over what types of things webpages can do to your computer while you're browsing.

These are just a couple of the most popular add-ons, if you're interested in more, take a look at THIS article.

Here a couple of links by two security experts that will give some excellent tips and advice.
So how did I get infected in the first place by Tony Klein

How to prevent Malware by Miekiemoes

Finally this link HERE will give a comprehensive upto date list of free Security programs. To include - Antivirus, Antispyware, Firewall, Antimalware, Online scanners and rescue CD`s.

Let me know if you have any remaining issues or questions. Don`t forget, the best form of defense is common sense. If you don`t recognize it, don`t open it. If something looks to good to be true, then it aint.

If you have no other issues post back and i`ll close this one out!

Regarding your other system, yep post a new thread with a HJT log and we`ll take it from there. I`m going into Hospital on Thursday for an op to my left knee, i`ll be out Friday morning.

Kevin

*

Offline Acer Daddy

  • Bronze Member
  • 43
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #27 on: November 30, 2010, 08:37:00 AM »
Thanks I will post a new thread sometime today.  I will call it Problems o' Panasonic.

Hope you have a great surgery and all is well.....  AD

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved] Unable to update virus or any other software on Acer
« Reply #28 on: November 30, 2010, 08:49:06 AM »
Since this issue appears to be resolved  the topic has been closed. Glad we could help.  :t

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

The fixes and advice in this thread are for this System only. Do not apply the instructions from this thread to your own System. Please start a new thread describing your issue and someone will be along to assist you.