Task Scheduler

Oh, wow! This whole topic got past me for some reason :confused:
I just now got a notification. I'm sooo sorry!

See this article Event ID 17

Update Malwarebytes, run a full scan
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. Copy and Paste that log into your next reply.

Hopefully, I'll get the notification of you next post ;)
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
Hi Jacee....glad we got connected here again and before I delete the malware items listed in my most recent scan I am attaching the log for your approval.I am doing this as extra precaution as they are "registry items".
 

Attachments

My Computer

System One

  • Manufacturer/Model
    Acer 380
    CPU
    AMD Athon 64 x 2 4000+
    Memory
    2GB DDR2
    Graphics card(s)
    NVIDIA GeForce 6150SE nForce 430
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    TTX 17"
    Screen Resolution
    800 x 600
    Hard Drives
    SCSI NTFS 320GB
    Internet Speed
    DSL
Looks like you have a back up folder for HJT ... did you use this application by yourself, or did someone at another forum give you instructions?

Definitely have MBam get rid of this item
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A26F07F-0D60-4835-91CF-1E1766A0EC56} (Trojan.Agent) -> No action taken.
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
I hope I'm not confusing you but I have only followed directions from this site and my previous attachments resulted from a download I ran as directed.I will delete the item that you confirmed.It is understandable that one would lose track with this being such a long thread.
 

My Computer

System One

  • Manufacturer/Model
    Acer 380
    CPU
    AMD Athon 64 x 2 4000+
    Memory
    2GB DDR2
    Graphics card(s)
    NVIDIA GeForce 6150SE nForce 430
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    TTX 17"
    Screen Resolution
    800 x 600
    Hard Drives
    SCSI NTFS 320GB
    Internet Speed
    DSL
After looking again, have MBam delete all items.
Let me know what's going on after doing that.
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
I deleted all 3 malware items that showed up, but have not noticed any difference in the operation of my pc.However, I have stumbled across something that has eliminated all the "corrupt warnings" with my task scheduler.A windows update KB2305420 was the culprit,and since uninstalling it I can now do manual "restore points".I can't imagine that it did not affect many other systems, and why Microsoft would not have issued a fix for this problem.I now think the final part of the solution to my problem lies within the snap-ins, and I am wondering when I go into MMC which ones I should be adding.Trusting you can direct me on this.
 

My Computer

System One

  • Manufacturer/Model
    Acer 380
    CPU
    AMD Athon 64 x 2 4000+
    Memory
    2GB DDR2
    Graphics card(s)
    NVIDIA GeForce 6150SE nForce 430
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    TTX 17"
    Screen Resolution
    800 x 600
    Hard Drives
    SCSI NTFS 320GB
    Internet Speed
    DSL
I'd like you to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the
    esetOnline.png
    button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on
      esetSmartInstall.png
      to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the
      esetSmartInstallDesktopIcon.png
      icon on your desktop.
  4. Check
    esetAcceptTerms.png
  5. Click the
    esetStart.png
    button.
  6. Accept any security warnings from your browser.
  7. Check
    esetScanArchives.png
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
    esetListThreats.png
  11. Push
    esetExport.png
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the
    esetBack.png
    button.
  13. Push
    esetFinish.png
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
I carried out the ESET scan as you directed and 3 items found and quarantined.Attached is the report.I assume I can uninstall ESET now,and that will remove the quarantined items at the time.
 

Attachments

My Computer

System One

  • Manufacturer/Model
    Acer 380
    CPU
    AMD Athon 64 x 2 4000+
    Memory
    2GB DDR2
    Graphics card(s)
    NVIDIA GeForce 6150SE nForce 430
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    TTX 17"
    Screen Resolution
    800 x 600
    Hard Drives
    SCSI NTFS 320GB
    Internet Speed
    DSL
Yes, you can do that.

If you haven't updated Java, please do so!

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6u24 allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u24-windows-i586-p.exe to install the newest version.
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
Download HijackThis!
HijackThis - Trend Micro USA

Right click on HJT to run as Administrator, then > click 'Do a System Scan and Save logfile'.
The HJT log will open in notepad.
Copy and paste the HJT log from notepad in your next reply.
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
Jacee I certainly haven't expected you to be providing me with all these hand helded instructions but they are greatly appreciated.I uninstalled everything as you listed, and just one question on the java install.It came as a "custom install" JDK-6u24-windows-i586.exe listing 6 items to select which is different then any of my previous java updates.They are ..developement tools..demos & samples...source code..public jre...java db...reading the descriptions I think all I would reguire is the last two items.PLease confirm that.I have attached the hjt log.
 

Attachments

My Computer

System One

  • Manufacturer/Model
    Acer 380
    CPU
    AMD Athon 64 x 2 4000+
    Memory
    2GB DDR2
    Graphics card(s)
    NVIDIA GeForce 6150SE nForce 430
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    TTX 17"
    Screen Resolution
    800 x 600
    Hard Drives
    SCSI NTFS 320GB
    Internet Speed
    DSL
This is what you want to download
 

Attachments

  • JRE.jpg
    JRE.jpg
    40.1 KB · Views: 14

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
Installed as shown.Now for the added "snap-ins" should I add the ones I will use even though some already exist i.e. task scheduler.I'm asking because even though i'm not getting the "corrupt file notice" my reliability monitor is still not updating nor is the "restore points" being generated.
 

My Computer

System One

  • Manufacturer/Model
    Acer 380
    CPU
    AMD Athon 64 x 2 4000+
    Memory
    2GB DDR2
    Graphics card(s)
    NVIDIA GeForce 6150SE nForce 430
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    TTX 17"
    Screen Resolution
    800 x 600
    Hard Drives
    SCSI NTFS 320GB
    Internet Speed
    DSL
I can't answer that question. I don't think I've installed any snap-ins on my Vista ....
Q&A about system restore: System Restore: frequently asked questions

Right click on Computer in start menu, choose properties, Advanced, then System Protection.
Does it show protection "on" for local disk "C"?
Now click on 'configure restore settings'. What is checked and percentage (current usage) is set?
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
Yes it is checked for "disk c", for some reason I can't spot the tab "configure restore settings", but if it is the virtual memory(page file) it is set at 2GB.I can also confirm that I have never used the snap-ins feature,and my system worked just fine until this problem surfaced.
 

My Computer

System One

  • Manufacturer/Model
    Acer 380
    CPU
    AMD Athon 64 x 2 4000+
    Memory
    2GB DDR2
    Graphics card(s)
    NVIDIA GeForce 6150SE nForce 430
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    TTX 17"
    Screen Resolution
    800 x 600
    Hard Drives
    SCSI NTFS 320GB
    Internet Speed
    DSL
I'm thinking that possibly AVG is corrupted .... Uninstall it, using the uninstall tool AVG - Download tools

Next, download MSE https://www.microsoft.com/downloads...FamilyID=e1605e70-9649-4a87-8532-33d813687a7f

Now, I want you take a look in the registry and see if this applies to you

Click "Start." type regedit into the search bar, press "Enter" and click "OK."

2) Navigate to the "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT" registry key. If you see DisableSR = 0x00000001
3) Click "Edit," "New," "Key" and then type "SystemRestore" as the key name.
4) Click "Edit," "New," "DWORD Value" and then type "DisableConfig" as the key name.
5) Double-click on the "DisableConfig" value and set the value to "0" to ensure that the System Restore application is not disabled. Click "OK" to save your settings.
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
I uninstalled my AVG and d/l and installed "msft security essentials".I used regedit to check the key you listed and the .windows nt key only showed the following ..name\default....type\reg_sz....data\value not set.I will monitor this for a couple of days,but I miss the feature to be able to scan individual files with MSE the way I could with AVG.
 

My Computer

System One

  • Manufacturer/Model
    Acer 380
    CPU
    AMD Athon 64 x 2 4000+
    Memory
    2GB DDR2
    Graphics card(s)
    NVIDIA GeForce 6150SE nForce 430
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    TTX 17"
    Screen Resolution
    800 x 600
    Hard Drives
    SCSI NTFS 320GB
    Internet Speed
    DSL
I don't have MSE at the moment on any of my computers ... can you right click on a file and see if "scan selected files with Microsoft Security Essentials" is in the drop down menu?
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
Yes it does have everything as you described,but when I click to open msc from the drop down menu,and then click on "scan" it begins the "quick" system scan,and not the specific file which was selected.This is minor so don't take any more of your time on this.I will monitor to see if there is any changes with my TS,as a result of these last changes we made.
 

My Computer

System One

  • Manufacturer/Model
    Acer 380
    CPU
    AMD Athon 64 x 2 4000+
    Memory
    2GB DDR2
    Graphics card(s)
    NVIDIA GeForce 6150SE nForce 430
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    TTX 17"
    Screen Resolution
    800 x 600
    Hard Drives
    SCSI NTFS 320GB
    Internet Speed
    DSL
Okay.

Looking at my regedit post above, you can always create the new "key" starting with 3) ..
3) Click "Edit," "New," "Key" and then type "SystemRestore" as the key name.
4) Click "Edit," "New," "DWORD Value" and then type "DisableConfig" as the key name.
5) Double-click on the "DisableConfig" value and set the value to "0" to ensure that the System Restore application is not disabled. Click "OK" to save your settings
 

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
Back
Top