Posted by: polonus Make sure you keep your Windows OS current by visiting Windows update regularly to download and install any critical updates and service packs. With out these you are leaving the backdoor open.

I’m having a problem with Windows Updates. The download and instalation goes just fine, then I reboot and things don’t work. My COMODO Firewall won’t work, my Avast! scanner won’t work, and when I try to go to a website it doesn’t do anything. Also, a few folders and items off of the start menu don’t work either. I will click things and they just don’t ever open. I end up doing a system restore because I don’t know what else to do. I re-tried a few times and the same thing happens.

Now here is the thing, I had like 50+ updates because the Automatic Updates was turned off. So my Windows hasn’t been updated in almost a year.

Isolate the problems…

What do you mean with don’t work? Freeze, do not load, what?

Any of them?

Can you try full computer on-line scanning?
Kaspersky (very good detection rates)
BitDefender (free removal of the malware)

Why did you turn off the updates?

When I say “don’t work” I mean I get an error message saying that Avast can’t run properly and the same for COMODO. The folders, well, just what I said; I will click things and they just don’t ever open.

As far as automatic updates being turned off I didn’t turn them off and I’m not sure why they were off. Every time I started my computer I would get the security warning that they were turned off, I would then go turn them on, then when I would restart they would be off again. I guess after awhile I just got so used to the security warning and so sick of turning them on every time I just gave up. Honestly I didn’t relize how important they were for my computer. :-X

I will go do the scans right now.

When you updated did you get just the critical updates, or did you install optional updates like drivers and programs too?

Can you post a screenshot? See how: http://forum.avast.com/index.php?topic=8982.0
You can use Gadwin PrintScreen to get a screenshot (http://www.gadwin.com/printscreen/) or the free version of WinSnap 1.1.10 (http://www.filehippo.com/download_winsnap/?2173).

[quote author=tryan21 link=topic=30982.msg259288#msg259288 date=1193790416]

The folders, well, just what I said; I will click things and they just don’t ever open.

Viruses can do that. A full scanning will be advisable.

I just let Automatic Updates do it’s thing and then when it told me they were ready to install I installed all of them. I don’t really know how to tell the difference between the critical and optional. I’m not experianced with any of this.

Oh and by the way, Automatic Updates are not being turned off every time I start my computer now (since turning on after this last virus cleaning). It stays on and lets me know when they are ready to be installed.

Posted by: Tech Can you post a screenshot? See how: http://forum.avast.com/index.php?topic=8982.0 You can use Gadwin PrintScreen to get a screenshot (http://www.gadwin.com/printscreen/) or the free version of WinSnap 1.1.10 (http://www.filehippo.com/download_winsnap/?2173).

I’m not sure how to go about doing this. Because when I install the updates I have no access to the internet. So I’m not sure how I would get the screen shot to you. I end up doing a system restore in order to get online and get things working again. Am I just overlooking the obvoius here? Probably, LOL!

Still haven’t scanned but I will do that now I promise.
**I have a one year old so getting all this computer stuff done is hard.

BitDefender Online Scanner

Scan report generated at: Wed, Oct 31, 2007 - 14:35:00

Scan path: A:;C:;D:;E:;

Statistics

Time
01:42:28

Files
127651

Folders
3705

Boot Sectors
2

Archives
1892

Packed Files
6425

Results

Identified Viruses
1

Infected Files
2

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
2

Engines Info

Virus Definitions
859582

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Program Files\HijackThis\backups\backup-20071020-200212-540.dll
Infected with: Generic.Virtumod.29FFB2FE

C:\Program Files\HijackThis\backups\backup-20071020-200212-540.dll
Disinfection failed

C:\Program Files\HijackThis\backups\backup-20071020-200212-540.dll
Deleted

C:\System Volume Information_restore{079945FA-0F86-4538-9B5B-94B9C89AC71A}\RP24\A0013118.dll
Infected with: Generic.Virtumod.29FFB2FE

C:\System Volume Information_restore{079945FA-0F86-4538-9B5B-94B9C89AC71A}\RP24\A0013118.dll
Disinfection failed

C:\System Volume Information_restore{079945FA-0F86-4538-9B5B-94B9C89AC71A}\RP24\A0013118.dll
Deleted

Very good. Can you do the same with Kaspersky on-line scanning?
Are you clean now?

Well the HJT backups can’t be causing any problems. When we finished the earlier cleaing did you reset the restore points as I asked?

But still, there’s no active infection in that log…

Tech is going to be better at this update problem than me - I do the cleaning thing. But if it was my computer I would try manually downloading/installing 5 updates at a time until you find a group that causes a problem. Back those out, then install each of those updates from the problem group individually until you identify the one (hopefully just one) that’s the culpret. There might be an error code that could help diagnose this. If not, at least we’ll know which it is.

When we finished the earlier cleaing did you reset the restore points as I asked?

Yes, I did. I did everything you told me to do. I also installed all the programs that were recommended to me. I am doing everything within my power to keep this darn computer clean and safe from viruses. I just don’t get why this keeps happening. I will try doing the updates in groups of 5 like you recomended.

Tech below is my Kaspersky scan resaults:

KASPERSKY ONLINE SCANNER REPORT
Wednesday, October 31, 2007 5:50:41 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2, v.2096 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 1/11/2007
Kaspersky Anti-Virus database records: 421850

Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:
C:
D:
E:\

Scan Statistics
Total number of scanned objects 43783
Number of viruses found 5
Number of infected objects 7
Number of suspicious objects 0
Duration of the scan process 02:56:00

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Tara & Paul\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped

C:\Documents and Settings\Tara & Paul\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Tara & Paul\Incomplete\T-872159-Microsoft Internet Explorer 7.0.zip/Setup.exe Infected: Worm.Win32.VB.an skipped

C:\Documents and Settings\Tara & Paul\Incomplete\T-872159-Microsoft Internet Explorer 7.0.zip ZIP: infected - 1 skipped

C:\Documents and Settings\Tara & Paul\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped

C:\Documents and Settings\Tara & Paul\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped

C:\Documents and Settings\Tara & Paul\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Tara & Paul\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Tara & Paul\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Tara & Paul\Local Settings\History\History.IE5\MSHist012007103120071101\index.dat Object is locked skipped

C:\Documents and Settings\Tara & Paul\Local Settings\Temp~DF6E4C.tmp Object is locked skipped

C:\Documents and Settings\Tara & Paul\Local Settings\Temp~DFA497.tmp Object is locked skipped

C:\Documents and Settings\Tara & Paul\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Tara & Paul\ntuser.dat Object is locked skipped

C:\Documents and Settings\Tara & Paul\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped

C:\Program Files\HijackThis\backups\backup-20071020-200213-403.dll Infected: Trojan-PSW.Win32.Magania.aqw skipped

C:\Program Files\HijackThis\backups\backup-20071022-135718-301.dll Infected: Trojan-PSW.Win32.Magania.aqw skipped

C:\System Volume Information_restore{079945FA-0F86-4538-9B5B-94B9C89AC71A}\RP24\change.log Object is locked skipped

C:\System Volume Information_restore{079945FA-0F86-4538-9B5B-94B9C89AC71A}\RP9\A0006454.exe Infected: Trojan-Downloader.Win32.Small.gdu skipped

C:\System Volume Information_restore{079945FA-0F86-4538-9B5B-94B9C89AC71A}\RP9\A0006458.exe Infected: Trojan-Downloader.Win32.BHO.al skipped

C:\System Volume Information_restore{079945FA-0F86-4538-9B5B-94B9C89AC71A}\RP9\A0006459.exe Infected: Trojan-Dropper.Win32.Agent.cgq skipped

C:\WINDOWS\CSC\00000001 Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache{19BA9DFB-BFE0-4416-91CA-47E87F976FCF}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\TEMP\Perflib_Perfdata_628.dat Object is locked skipped

C:\WINDOWS\TEMP_avast4_\Webshlock.txt Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

From which P2P program does the incomplete file belongs?

Disable System Restore on Windows ME or Windows XP. System Restore cannot be disabled on Windows 9x and it’s not available in Windows 2k. After boot you can enable it again.

C:\Documents and Settings\Tara & Paul\Incomplete\T-872159-Microsoft Internet Explorer 7.0.zip/[u]Setup.exe [/u] Infected: Worm.Win32.VB.an skipped

Did you (or your brother) run this setup file? :

From which P2P program does the incomplete file belongs?

We spoke about a possibly P2P-related worm on pages 1-2 of this thread and now we're back to the same ...

Please post another HJT log.

I had Limewire about a year ago and tried to download something that ended up being something entirely different. It was infected and I thought I had got rid of it and resolved this whole issue. Like I said this was about a year ago. After that incident I un-installed Limewire and decided I was through with P2P applications all together. That’s why when I was asked about a P2P, I said I don’t use them. I had mistakenly thought this infected file was taken care of and gone a long time ago.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:08:12 PM, on 11/1/2007
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\atievxx.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://mirs.peoplepc.com/?offername=PeoplePC Security Plus&userName=wettgremlin_91&firstName=Paul&qs=FHJBFDPGOIDNEHCKGLPAMFEOHAHECKGJLJLGBLNIBMDACKJIIDMFELKDOIDHHMMFCIBGIPPPFFKGBGKMOHJIIFIGHFPJEGAGPNMHLFBKINPKMLBBAEEEJJKDJALCPBCP|MMCNNMBFDGNMCNOPADEEAAGOBAFDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O4 - HKLM..\Run: [EPSON Stylus CX5800F Series] C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATIALA.EXE /P27 “EPSON Stylus CX5800F Series” /O6 “USB001” /M “Stylus CX5800F”
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM..\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe”
O4 - HKLM..\Run: [COMODO Firewall Pro] “C:\Program Files\Comodo\Firewall\CPF.exe” /background
O4 - HKLM..\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
O4 - HKCU..\Run: [P2kAutostart] C:\Documents and Settings\Tara & Paul\My Documents\P2kCommanderV330\P2kAutostart.exe
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User ‘SYSTEM’)
O4 - HKUS.DEFAULT..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User ‘Default user’)
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://mirs.peoplepc.com/?offername=PeoplePC Security Plus&userName=wettgremlin_91&firstName=Paul&qs=FHJBFDPGOIDNEHCKGLPAMFEOHAHECKGJLJLGBLNIBMDACKJIIDMFELKDOIDHHMMFCIBGIPPPFFKGBGKMOHJIIFIGHFPJEGAGPNMHLFBKINPKMLBBAEEEJJKDJALCPBCP|MMCNNMBFDGNMCNOPADEEAAGOBAFDF
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1193180590097
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1187926666522
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab?
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

–
End of file - 7849 bytes

No probs. Limewire and Kazaa are 2 of the worst.

If you still have the file see what the date is. It sounds like it will be old …

Is there any indication of outgoing email? The avast! email provider should warn you if there is, and you might see a general system slowdown.

Are any of the Windows Updates installing successfully?

**I have a one year old so getting all this computer stuff done is hard.

What? You let your real life get on the way of our computer work??? :P

If you still have the file see what the date is. It sounds like it will be old ...

Ok, this is weird because the date it was created was Monday, August 13, 2007, 10:32:03 AM. But I could have sworn this was the file that was downloaded with Limewire. And I haven't had Limewire in a very long time. Not sure what's going on there. ??? How would I remove this file? Would I just delete it like a normal file?

Is there any indication of outgoing email?

No, not that I'm aware of

haven’t tried the updates, but I will right now

Try… clean your Recycle bin after that…

HELP!!! My computer is a black screen. :o
I tried to install my first group of 5 updates. When I restarted I got a Microsoft error message saying Windows Explorer has encountered a problem. Nothing comes up after that, no desktop, no files or folders, nothing! The only way I’m able to get online is by sending the error report. It then brings me to the Microsoft error reporting website, then after that I can go anywhere online.
I tried last known good configuration and safe mode, but nothing works. These are the updates I tried to install; KB886185, KB896727, KB929123, KB873374, KB931906, KB913580 (this last one I didn’t select, but it got installed anyway).

This may be your problem. Read it and maybe someone here can guide you through it. Sorry, I’m win98se.

http://support.microsoft.com/kb/314503

Does the computer boot now, or is it not functioning at all?

Ok my computer is back up. I somehow, I’m not even sure how, I found a way to get into my folders and run system restore. I didn’t know what else to do. So here I am back where I started. And now I’m scared to install any updates. :-\ I did delete the file though (C:\Documents and Settings\Tara & Paul\Incomplete\T-872159-Microsoft Internet Explorer 7.0.zip/Setup.exe).