question about this program

I downloaded Avast, but haven’t registered yet. I need to download Internet Explorer 7 (for some reason it won’t download version eight ) My question is : I need to obviously temporarily disable or uninstall Avast so I can continue my download for Internet Explorer. I disabled the shield for 10 minutes, but still couldn’t download Internet Explorer 7. I don’t know what to do and I don’t know why I can’t download the 8 version. I did have some Trojans and malware that Avast took care of temporary (moved to chest) any suggestions ?

There may well be some remnants that need removing

http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Please download Malwarebytes’ Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

[*]Make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
[*]If an update is found, it will download and install the latest version.
[*]Once the program has loaded, select “Perform Quick Scan”, then click Scan.
[*]The scan may take some time to finish,so please be patient.
[*]When the scan is complete, click OK, then Show Results to view the results.
[*]Make sure that everything is checked, and click Remove Selected.
[]When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
[
]The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
[*]Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

I think you can’t download IE8 because MS detects that your PC is infected. It’s their policy now to deny any update (so that should include IE8) on infected machines. Something happened a few months ago I think, they realized that allowing infected PCs to update made things worse, like blocking some system completely. So yeah, like Essexboy suggested, clean your system first, and then you’ll probably be able to download IE8.

Thanks Guys, I’ll give it a shot.

O.K. here’s the report. (below) I couldn’t fit the whole report, so here’s just a brief report… It said that it didn’t get everything. So as far as downloading IE I still have to get rid of what’s left to download IE. (According to what Logos said)… We’ll I’m stopped for now until I get home from work to figure out what my next move is…Thanks again for the help, I’m glad it got some of it.

Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org

Database version: 4117

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

5/19/2010 10:15:18 AM
mbam-log-2010-05-19 (10-15-18).txt

Scan type: Quick scan
Objects scanned: 229711
Time elapsed: 2 hour(s), 46 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 774
Registry Values Infected: 20
Registry Data Items Infected: 11
Folders Infected: 1
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brastk.exe (Security.Hijack) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\F5JMWNZTHI (Trojan.FakeAlert) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe (Trojan.Agent) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe (Trojan.Agent) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT.pox (Rogue.FixTool) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pofile (Rogue.FixTool) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init32.exe (Security.Hijack) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exe (Security.Hijack) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsAuxs.exe (Security.Hijack) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsGui.exe (Security.Hijack) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsSvc.exe (Security.Hijack) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsTray.exe (Security.Hijack) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdfndr.exe (Security.Hijack) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg (Security.Hijack) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg.exe (Security.Hijack) → Quarantined and deleted successfully.
Folder:
C:\Documents and Settings\stephen.STEPHENADMIN\Application Data\My Security Engine (Rogue.MySecurityEngine) → Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\stephen.STEPHENADMIN\My Documents\downloads\PerfectOptimizer(2).exe (PUP.PerfectOptimizer) → Quarantined and deleted successfully.
C:\Documents and Settings\stephen.STEPHENADMIN\My Documents\downloads\PerfectOptimizer(3).exe (PUP.PerfectOptimizer) → Quarantined and deleted successfully.
C:\Documents and Settings\stephen.STEPHENADMIN\My Documents\downloads\PerfectOptimizer(4).exe (PUP.PerfectOptimizer) → Quarantined and deleted successfully.
C:\Documents and Settings\stephen.STEPHENADMIN\My Documents\downloads\PerfectOptimizer.exe (PUP.PerfectOptimizer) → Quarantined and deleted successfully.
C:\Documents and Settings\stephen.STEPHENADMIN\Application Data\My Security Engine\cookies.sqlite (Rogue.MySecurityEngine) → Quarantined and deleted successfully.
C:\Documents and Settings\stephen.STEPHENADMIN\Application Data\Microsoft\Internet Explorer\Quick Launch\My Security Engine.lnk (Rogue.MySecurityEngine) → Quarantined and deleted successfully.
C:\WINDOWS\system32\winset.ini (Malware.Trace) → Quarantined and deleted successfully.
C:\WINDOWS\herjek.config (Malware.Trace) → Quarantined and deleted successfully.
C:\WINDOWS\system32\ojpy.exe (Trojan.Agent) → Delete on reboot.

Windows XP Service Pack 3 has been available for almost 2 years that provides many Critical Updates and performance improvements.

Go to Control Panel then Automatic Updates then select Automatic (recommended) or at least Notify me but don’t automatically download or install them.

IE8 is more secure than IE7 and has a lot better performance:
http://www.microsoft.com/windows/Internet-explorer/default.aspx

MBAM Quickscan lasting 2 hour(s), 46 minute(s), 7 second(s)

Indicates an old system.

What is the CPU type and Speed and how much RAM does the system have?

Go to Secunia Online Software Inspector then run it to see what other applications are vulnerable:
http://secunia.com/vulnerability_scanning/online

There are probably some hangers on in your system

Download OTL to your Desktop

[]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
[
]Under the Custom Scan box paste this in


netsvcs
%SYSTEMDRIVE%*.*
%systemroot%*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32*.dll /lockedfiles
%systemroot%\Tasks*.job /lockedfiles
%systemroot%\System32\config*.sav
%systemroot%\system32\drivers*.sys /90

[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs

O.k. Essex boy I’ll give it a try. Also, how do I get rid of RUNDLL error I keep getting this after start up. Thanks man

Essex Boy, here is 1 of the texts I can’t locate the other.

OTL logfile created on: 5/20/2010 7:55:51 PM - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\stephen.STEPHENADMIN\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.00 Mb Total Physical Memory | 244.00 Mb Available Physical Memory | 51.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.15 Gb Total Space | 57.06 Gb Free Space | 61.25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STEPHENADMIN
Current User Name: stephen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

Could you attach the logs please - when posting select additional options. Browse to the OTL log and then post

Screenshots on how to attach

Part two

You know what Essex boy ? Everything’s running great now. Thanks to you and knowledgeable in site on troubleshooting… Which I appreciate. I do have one small error code and that I get on start up. RUNDLL error. I’ve tried everything and can’t get rid of it. Any suggestions ?

Do NOT post twice the same… just double the help effort.
http://forum.avast.com/index.php?topic=60135

If you attach the OTL log I should be able to fix that ;D