Page 1 of 8 12345 ... LastLast
Results 1 to 10 of 76

Thread: S&D cannot be deleted. S&D and IE exe cannot be launched

  1. 2010-12-30, 03:22 #1
    psbsubs4
    psbsubs4 is offline
    Member
    Join Date
    Dec 2010
    Posts
    41

    Default S&D cannot be deleted. S&D and IE exe cannot be launched

    Hello,

    My Net Nanny software started acting funny by not letting any browser window I opened to be able to connect to the internet. I tried to run my Avast AV software but it would hang on a scan. I tied to run S&D but it would not launch. I worked with Net Nanny to uninstall and reinstall and I was able to connect to the internet. (BTW, I do not think Net Nanny is doing what it should be doing though because it is not asking me to log into it to get to an internet page.) Perhaps I should just unstall NN for now...?

    Anyway, once I was able to get back to the internet, I downloaded a new version of Avast AV but it still hangs up on a scan. I have uninstalled it.

    Now my recollection gets fuzzy. I think I tried to uninstall S&D (& Tea Timer). I think S&D was in Add/Remove programs but TT was not. I downloaded a new S&D file and tried to install. It had a lot of warnings about write protection and I selected the option to remove the write protection each time. That worked for most files but not for the S&D nor TT .exe files.

    I found the post that talked about manual deletion from the "all users" folder and the programs folder and tried that and was able to delete all except the S&D & TT .exe files.

    I then tried another install. I did not get the warning about the write protect for the other files (since there were deleted) but I still got it for the S&D & TT files. I told it to ignore so that it would fininsh the install.

    I launched S&D after the install but frankly, I cannot recall for sure just what it did. I think it hung and I cannot recall how I closed out from it (whether it let me cancel or I had to do something more forceful).

    Now when I try to launch S&D, It tells me
    QUOTE
    Windows cannot access the specified device, path, or file. You may not have appropriate permissions to access the item.
    END QUOTE

    Note: I am running XP (SP3) and I am logged in as the admin so I know it is not a true auth/permissions problem.

    Note: As I said before, I was able to launch IE and get to the web but now when I launch IE (IE7) it is giving me the same error message as when I launch S&D.

    I had found the posts that talks about sending in attach.txt and DDS.txt. I will include the dds text down below and attach the "attach" file.

    I also found a post talking about running Root Analyzer. I ran the quick scan and it came up ok. I ran the deep scan and it flagged some stuff. I scanned what it flagged and nothing jumped out at me but I have not yet compared the entries like it advises.

    I followed the steps in this post
    http://forums.spybot.info/showthread.php?t=50194
    which is why I am now making my own post.

    I also read
    http://forums.spybot.info/showthread.php?t=288
    and have created the ERUNT registry dump.

    Here below are the DDS.txt contents.
    Note: I am probably being too cautious but I changed some text since this is a public forum. Namely:
    maskedname is a corporate website that I saw no need to post.
    myxpid~ is masking my xp admin account ID
    [my admin id] is also macking my xp admin ID


    Thanks for your help.

    DDS (Ver_10-12-12.02) - NTFSx86
    Run by [my admin id] at 18:46:11.03 on 12/28/2010
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.544 [GMT -6:00]


    ============== Running Processes ===============

    "\\.\globalroot\Device\svchost.exe\svchost.exe"
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\bgsvcgen.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
    C:\WINDOWS\system32\svchost.exe -k HPService
    C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\BCMSMMSG.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ClearPlay\ClearPlay Easy Updates\ClearPlayEasyUpdates.exe
    C:\Program Files\FinePixViewer\QuickDCF2.exe
    C:\Program Files\FastStone Capture\FSCapture.exe
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Documents and Settings\[my admin id]\My Documents\RCA Detective\RCADetective.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\WINDOWS\System32\imapi.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\[my admin id]\Local Settings\Temporary Internet Files\Content.IE5\KX5LHTQ3\dds[1].scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    uSearch Bar =
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Gamevance: {0ed403e8-470a-4a8a-85a4-d7688cfe39a3} - c:\program files\gamevance\gamevancelib32.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: CPrintEnhancer Object: {ae84a6aa-a333-4b92-b276-c11e2212e4fe} - c:\program files\hp\smart web printing\SmartWebPrinting.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - No File
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [nwiz] nwiz.exe /install
    mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
    mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
    mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
    mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
    mRun: [cwcptray] c:\program files\contentwatch\internet protection\cwtray.exe
    mRun: [BCMSMMSG] BCMSMMSG.exe
    StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\clearp~1.lnk - c:\program files\clearplay\clearplay easy updates\ClearPlayEasyUpdates.exe
    StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\exifla~1.lnk - c:\program files\finepixviewer\QuickDCF2.exe
    StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\fastst~1.lnk - c:\program files\faststone capture\FSCapture.exe
    StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\forget~1.lnk - c:\program files\mindscape\agspirit\PMREMIND.EXE
    StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\FINDFAST.EXE
    StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE
    StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\rcadet~1.lnk - c:\documents and settings\[my admin id]\my documents\rca detective\RCADetective.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventr~1.lnk - c:\program files\broderbund\printmaster\PMremind.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{6dc47739-3bb0-4494-a43d-193bf54070ae}\Icon3E5562ED7.ico
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    Trusted Zone: ameren.com
    Trusted Zone: maskedname.com
    Trusted Zone: clearplay.com
    Trusted Zone: hp.com
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: VPNJava - hxxps://remote.maskedname.com/CACHE/stc/1/binaries/VPNJava.cab
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
    DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - hxxps://myportfolio.maskedname.com/vdesk/terminal/f5tunsrv.cab#version=6030,2009,626,1841
    DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - c:\docume~1\myxpid~1\locals~1\temp\ixp000.tmp\InstallerControl.cab
    DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://remote.maskedname.com/CACHE/stc/1/binaries/vpnweb.cab
    DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202682592866
    DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC}
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - hxxps://myportfolio.maskedname.com/vdesk/terminal/vdeskctrl.cab#version=6030,2009,0622,1849
    DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D}
    DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - hxxps://myportfolio.maskedname.com/vdesk/terminal/urxshost.cab#version=6030,2009,622,1847
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - hxxps://myportfolio.maskedname.com/vdesk/terminal/urxhost.cab#version=6030,2009,622,1843
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ============= SERVICES / DRIVERS ===============

    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-5-25 88176]
    S1 ceaf;ceaf; [x]
    S2 CwAltaService20;ContentWatch;c:\program files\contentwatch\internet protection\cwsvc.exe [2010-12-28 2109440]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-20 136176]
    S3 pohci13F;pohci13F;\??\c:\docume~1\myxpid~1\locals~1\temp\pohci13f.sys --> c:\docume~1\myxpid~1\locals~1\temp\pohci13F.sys [?]
    S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2008-2-13 11520]
    S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2003-8-28 189792]

    =============== Created Last 30 ================

    2010-12-28 23:43:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
    2010-12-28 22:31:40 -------- d-----w- c:\program files\ContentWatch
    2010-12-28 22:31:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\ContentWatch
    2010-12-28 00:31:06 75264 ----a-w- c:\windows\system32\dcaf.sys
    2010-12-28 00:28:43 75264 ----a-w- c:\windows\system32\ceaf.sys
    2010-12-25 20:17:57 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2010-12-25 20:17:57 107368 ----a-w- c:\windows\system32\GEARAspi.dll
    2010-12-25 20:16:42 -------- d-----w- c:\program files\iPod
    2010-12-25 20:16:22 -------- d-----w- c:\program files\iTunes
    2010-12-25 20:16:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
    2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
    2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
    2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
    2010-12-25 20:14:06 -------- d-----w- c:\docume~1\myxpid~1\locals~1\applic~1\Apple
    2010-12-25 20:13:07 -------- d-----w- c:\program files\Bonjour
    2010-12-25 20:10:09 -------- d-----w- c:\docume~1\myxpid~1\locals~1\applic~1\Apple Computer
    2010-11-29 23:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2010-11-29 23:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

    ==================== Find3M ====================

    2010-12-15 20:37:04 81920 ----a-w- c:\windows\system32\wxcode_msw28u_wxjson_CW.dll
    2010-12-15 20:36:56 1073152 ----a-w- c:\windows\system32\wxcode_msw28u_wxcurl_CW.dll
    2010-12-15 20:34:40 975872 ----a-w- c:\windows\system32\libxml2_CW.dll
    2010-12-15 20:30:44 151552 ----a-w- c:\windows\system32\libexpat.dll
    2010-12-15 04:09:50 720384 ----a-w- c:\windows\system32\cwalsp.dll
    2010-12-15 04:09:50 1884160 ----a-w- c:\windows\system32\AltaRecovery.exe
    2010-11-28 01:52:51 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
    2010-10-07 18:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll
    2010-10-07 18:23:02 75040 ----a-w- c:\windows\system32\jdns_sd.dll
    2010-10-07 18:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll
    2010-10-07 18:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe

    ============= FINISH: 18:47:20.00 ===============
  2. 2011-01-03, 21:59 #2
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default




    Please read Before You Post
    While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

    Sorry you had to wait, we get very busy most times.

    If you read this you can see we just fix home computers, we do not work on corporate ones.

    http://forums.spybot.info/showthread.php?t=27710

    The intention of this forum is not to replace a company's IT department, nor can we anticipate alterations or configurations that may have been made to a business machine, or how it will interact with the tools commonly used in the removal of malware.

    The majority of the tools used in this forum are only free for Home Users and only tested on Home machines, they may well change settings that are required for a Company network. Another consideration is that company information may show in the logs.

    More than one machine could be at stake, possibly even the server. If sensitive material has been compromised by an infection, the company could be held liable.

    To prevent any possible loss or corruption of company information, please inform your IT department or Supervisor when a workplace computer has been infected, immediately.

    It's not that we don't want to help, but there are too many issues that could arise from a networked company machine that malware forum volunteers are not experienced in dealing with.
    Thank you for your understanding.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  3. 2011-01-04, 00:58 #3
    psbsubs4
    psbsubs4 is offline
    Member
    Join Date
    Dec 2010
    Posts
    41

    Default But this IS a home computer so please look into the problem

    Hi,

    Sorry if I confused you on my original post. This IS a home computer that is having the problem.

    From time to time, when something blows up at work, I VPN into my work computer to fix the problem but this virus issue is on my home computer, not my work computer.

    Since I do not know what all is included in the DSS and Attrach files, I thought it best to mask my work name so that someone could not take info form the Attach or DDS files and cause some mischief.

    Please take a look into this virus problem that I am having.

    Thanks
  4. 2011-01-04, 01:23 #4
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    I need to see the entire log , nothing masked so I can determine whats going on with your system

    OTLby OldTimer
    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
        Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  5. 2011-01-04, 13:10 #5
    psbsubs4
    psbsubs4 is offline
    Member
    Join Date
    Dec 2010
    Posts
    41

    Default OLT got hit by the virus too

    Hi,

    I followed your instructions for downloading and running OLT. When I clicked the Run Scan button, the screen just closed. I assumed it was just running "behind the scenes" and waited 5 minutes. When nothing happened, I looked for c:\otl and it did not exist. I looked in task manager and did not see an otl entry. I tried launching the application again but nothing happened. I rebooted and tried launching and now I get the same error message for otl that I get for SpyBotSD. That is,

    Windows cannot access the specified device, path, or file. You may not have appropriate permissions to access the item.

    I therefore regenerated the DDS and Attach files (with no masking this time) hoping that they can be of help. The DDS text follows and the Attached file is Attached.

    Thanks & Regards

    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Paul Brown at 6:03:03.81 on 01/03/2011
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.505 [GMT -6:00]


    ============== Running Processes ===============

    "\\.\globalroot\Device\svchost.exe\svchost.exe"
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\bgsvcgen.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
    C:\WINDOWS\system32\svchost.exe -k HPService
    C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\WINDOWS\BCMSMMSG.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ClearPlay\ClearPlay Easy Updates\ClearPlayEasyUpdates.exe
    C:\Program Files\FinePixViewer\QuickDCF2.exe
    C:\Program Files\FastStone Capture\FSCapture.exe
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Documents and Settings\Paul Brown\My Documents\RCA Detective\RCADetective.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\WINDOWS\System32\imapi.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Z-SOFT~1\WINZIP\wzqkpick.exe
    C:\Documents and Settings\Paul Brown\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    uSearch Bar =
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Gamevance: {0ed403e8-470a-4a8a-85a4-d7688cfe39a3} - c:\program files\gamevance\gamevancelib32.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: CPrintEnhancer Object: {ae84a6aa-a333-4b92-b276-c11e2212e4fe} - c:\program files\hp\smart web printing\SmartWebPrinting.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - No File
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [nwiz] nwiz.exe /install
    mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
    mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
    mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
    mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
    mRun: [cwcptray] c:\program files\contentwatch\internet protection\cwtray.exe
    mRun: [BCMSMMSG] BCMSMMSG.exe
    StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\clearp~1.lnk - c:\program files\clearplay\clearplay easy updates\ClearPlayEasyUpdates.exe
    StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\exifla~1.lnk - c:\program files\finepixviewer\QuickDCF2.exe
    StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\fastst~1.lnk - c:\program files\faststone capture\FSCapture.exe
    StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\forget~1.lnk - c:\program files\mindscape\agspirit\PMREMIND.EXE
    StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\FINDFAST.EXE
    StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE
    StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\rcadet~1.lnk - c:\documents and settings\paul brown\my documents\rca detective\RCADetective.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventr~1.lnk - c:\program files\broderbund\printmaster\PMremind.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{6dc47739-3bb0-4494-a43d-193bf54070ae}\Icon3E5562ED7.ico
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\z-software-for-installs\winzip\WZQKPICK.EXE
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    Trusted Zone: ameren.com
    Trusted Zone: brownshoe.com
    Trusted Zone: clearplay.com
    Trusted Zone: hp.com
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: VPNJava - hxxps://remote.brownshoe.com/CACHE/stc/1/binaries/VPNJava.cab
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
    DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - hxxps://myportfolio.brownshoe.com/vdesk/terminal/f5tunsrv.cab#version=6030,2009,626,1841
    DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - c:\docume~1\paulbr~1\locals~1\temp\ixp000.tmp\InstallerControl.cab
    DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://remote.brownshoe.com/CACHE/stc/1/binaries/vpnweb.cab
    DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202682592866
    DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC}
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - hxxps://myportfolio.brownshoe.com/vdesk/terminal/vdeskctrl.cab#version=6030,2009,0622,1849
    DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D}
    DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - hxxps://myportfolio.brownshoe.com/vdesk/terminal/urxshost.cab#version=6030,2009,622,1847
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - hxxps://myportfolio.brownshoe.com/vdesk/terminal/urxhost.cab#version=6030,2009,622,1843
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ============= SERVICES / DRIVERS ===============

    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-5-25 88176]
    S1 ceaf;ceaf; [x]
    S2 CwAltaService20;ContentWatch;c:\program files\contentwatch\internet protection\cwsvc.exe [2010-12-28 2109440]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-20 136176]
    S3 pohci13F;pohci13F;\??\c:\docume~1\paulbr~1\locals~1\temp\pohci13f.sys --> c:\docume~1\paulbr~1\locals~1\temp\pohci13F.sys [?]
    S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2008-2-13 11520]
    S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2003-8-28 189792]

    =============== Created Last 30 ================

    2010-12-28 23:43:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
    2010-12-28 22:31:40 -------- d-----w- c:\program files\ContentWatch
    2010-12-28 22:31:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\ContentWatch
    2010-12-28 00:31:06 75264 ----a-w- c:\windows\system32\dcaf.sys
    2010-12-28 00:28:43 75264 ----a-w- c:\windows\system32\ceaf.sys
    2010-12-25 20:17:57 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2010-12-25 20:17:57 107368 ----a-w- c:\windows\system32\GEARAspi.dll
    2010-12-25 20:16:42 -------- d-----w- c:\program files\iPod
    2010-12-25 20:16:22 -------- d-----w- c:\program files\iTunes
    2010-12-25 20:16:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
    2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
    2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
    2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
    2010-12-25 20:14:06 -------- d-----w- c:\docume~1\paulbr~1\locals~1\applic~1\Apple
    2010-12-25 20:13:07 -------- d-----w- c:\program files\Bonjour
    2010-12-25 20:10:09 -------- d-----w- c:\docume~1\paulbr~1\locals~1\applic~1\Apple Computer

    ==================== Find3M ====================

    2010-12-15 20:37:04 81920 ----a-w- c:\windows\system32\wxcode_msw28u_wxjson_CW.dll
    2010-12-15 20:36:56 1073152 ----a-w- c:\windows\system32\wxcode_msw28u_wxcurl_CW.dll
    2010-12-15 20:34:40 975872 ----a-w- c:\windows\system32\libxml2_CW.dll
    2010-12-15 20:30:44 151552 ----a-w- c:\windows\system32\libexpat.dll
    2010-12-15 04:09:50 720384 ----a-w- c:\windows\system32\cwalsp.dll
    2010-12-15 04:09:50 1884160 ----a-w- c:\windows\system32\AltaRecovery.exe
    2010-11-29 23:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2010-11-29 23:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2010-11-28 01:52:51 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
    2010-10-07 18:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll
    2010-10-07 18:23:02 75040 ----a-w- c:\windows\system32\jdns_sd.dll
    2010-10-07 18:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll
    2010-10-07 18:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe

    ============= FINISH: 6:04:11.96 ===============
  6. 2011-01-04, 13:16 #6
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    First go to Add Remove Programs in the control panel and uninstall Spybot and thenSee if you can run this program

    Please download Malwarebytes from Here or Here

    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected .
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
    Post the report please
    Last edited by ken545; 2011-01-04 at 13:17.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  7. 2011-01-05, 00:59 #7
    psbsubs4
    psbsubs4 is offline
    Member
    Join Date
    Dec 2010
    Posts
    41

    Default Still having trouble

    The Virus whacked this scanner program also. That is, I uninstalled SB S&D per your instructions, then downloaded, installed and ran the new scanner that you pointed me to. It started to run and then the screen closed. I tried to launch the program again and got this

    Windows cannot access the specified device, path, or file. You may not have appropriate permissions to access the item.
  8. 2011-01-05, 01:08 #8
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Run this quick program , do not reboot when its done and then give Malwarebytes another run

    Please download exeHelper to your desktop.

    Double-click on exeHelper.com to run the fix.
    A black window should pop up, press any key to close once the fix is completed.
    Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
    Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  9. 2011-01-05, 04:04 #9
    psbsubs4
    psbsubs4 is offline
    Member
    Join Date
    Dec 2010
    Posts
    41

    Default Still a problem after exehelper

    Hi,

    I tried exehelper. Here is the log

    exeHelper by Raktor
    Build 20100414
    Run at 20:59:11 on 01/03/11
    Now searching...
    Checking for numerical processes...
    Checking for sysguard processes...
    Checking for bad processes...
    Checking for bad files...
    Checking for bad registry entries...
    Resetting filetype association for .exe
    Resetting filetype association for .com
    Resetting userinit and shell values...
    Resetting policies...
    --Finished--

    I did not reboot.

    I tried to run the Malwarebytes program but got

    Windows cannot access the specified device, path, or file. You may not have appropriate permissions to access the item.

    I relaunched the install (mbam-setup-1.50.1.1100.exe) to do an over-the-top install, executed the program but got the same results. That is, It started to run and then the screen closed.
  10. 2011-01-05, 10:16 #10
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Lets try this one instead

    Please download SuperAntiSpyware Free
    Install the program
    • Run SuperAntiSpyware and click: Check for updates
    • Once the update is finished, on the main screen, click: Scan your computer
    • Check: Perform Complete Scan
    • Click Next to start the scan.

    Superantispyware scans the computer, and when finished, lists all the infections found.
    Make sure everything found has a check next to it, and press: Next <-- Important
    Then, click Finish

    It is possible that the program asks to reboot in order to delete some files.

    Obtain the SuperAntiSpyware log as follows:
    • Click: Preferences
    • Click the Statistics/Logs tab
    • Under Scanner Logs, double-click SuperAntiSpyware Scan Log
    It opens in your default text editor (such as Notepad)

    Please provide the SuperAntiSpyware log in your next reply
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules