F
Frog
Windows XP SP3
Here is a long story that I hope I can keep short. On April 29, there
suddenly appeared on screen a window that indicated that some form of a
virus or malware was present on my system and wanted to know whether it
was okay to scan for this critter(s). Since I did not recognize the
window and had learned from earlier newsgroup exchanges that such could
be dangerous, I attempted to click this window of the system...it would
not let me take that action. I then from the start button turned the
system off. That seemed to make everything work as normal. The next
morning, I received a message from my CA Anti Virus software that it had
two trojan items deleted from my system. The two items were:
4/30/2009 0:08:11 AM File Infection: C:\Documents and
Settings\Frog\Local Settings\Application
Data\Mozilla\Profiles\Frog-SeaM\Cache\4160AC69d01 is Win32/FakeAlert.AHW
trojan. Deleted
4/30/2009 0:08:11 AM File Infection:
C:\Docume~1\Frog~1\Locals~1\Temp\omfa4cOp.exe is Win32/FakeAlert.AHW
trojan. Deleted
Well, as soon as this happened, I did a complete virus scan of my
system---nothing found. I next did a complete Malwarebytes' scan of my
system---nothing was found. I then did a complete Windows Defender scan
of my system---nothing was found. I next did a dis clean-up, deleting
all temp files and removed everything from the recycle bin. I also did
a sfc /scannow, CHKDSK C: /F /R, and a defrag. My system continues at
this point to be acting normal.
Today, I decided to see what if anything is being reflected in the Event
Viewer. New things are appearing in this log as follows:
Application (The same entry has appeared three times since April 30)
Type...Date...Time...Source...Category...Event...User...Computer
Error...5/1/2009...2:00:02
PM...MPSampleSubmission...None...5000...n/A...Frog-ADF6F864
Discription: Event Type mptelemetry, P1 8024400e, P2 endsearch, P3
search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows
defender, P8 NIL, P9 NIL, P10 NIL.
System (The same entry has appeared 31 times since April 30)
Type...Date...Time...Source...Category...Event...User...Computer
Warning...5/2/2009...9:34:47
AM...WinDefend...None...3004...N/A...Frog-ADF6F864
Description:Windows Defender Real-Time Protection agent has detectede
changes. Microsoft recommends you analyze the software that made these
changes for potential risks. You can use information about how these
programs operate to choose whether to allow them to run or remove them
from your computer. Allow changes only if you trust the program or the
software publisher. Windows Defender can't undo changes that you allow.
The bottom line---the only software change that was made to my system in
recent times involved updates...upgrading to Internet Explorer 8, CA
Anti Virus updates, Malwarebytes' software updates, and Windows Defender
updates. Thus, I don't have a clue as to what software changes were
made that caused problems with Windows Defender.
Well, there is my situation (please let me know if I need to provide any
additional information). Do I need to take any action regarding the
above? If so, in easy to understand guidance, what action should I
take? Is there something in the firewall that needs to be checked in
order to prevent unwanted things like the Trojan items from getting on
my system?
Thanks in advance for anything sent my way.
Frog
Here is a long story that I hope I can keep short. On April 29, there
suddenly appeared on screen a window that indicated that some form of a
virus or malware was present on my system and wanted to know whether it
was okay to scan for this critter(s). Since I did not recognize the
window and had learned from earlier newsgroup exchanges that such could
be dangerous, I attempted to click this window of the system...it would
not let me take that action. I then from the start button turned the
system off. That seemed to make everything work as normal. The next
morning, I received a message from my CA Anti Virus software that it had
two trojan items deleted from my system. The two items were:
4/30/2009 0:08:11 AM File Infection: C:\Documents and
Settings\Frog\Local Settings\Application
Data\Mozilla\Profiles\Frog-SeaM\Cache\4160AC69d01 is Win32/FakeAlert.AHW
trojan. Deleted
4/30/2009 0:08:11 AM File Infection:
C:\Docume~1\Frog~1\Locals~1\Temp\omfa4cOp.exe is Win32/FakeAlert.AHW
trojan. Deleted
Well, as soon as this happened, I did a complete virus scan of my
system---nothing found. I next did a complete Malwarebytes' scan of my
system---nothing was found. I then did a complete Windows Defender scan
of my system---nothing was found. I next did a dis clean-up, deleting
all temp files and removed everything from the recycle bin. I also did
a sfc /scannow, CHKDSK C: /F /R, and a defrag. My system continues at
this point to be acting normal.
Today, I decided to see what if anything is being reflected in the Event
Viewer. New things are appearing in this log as follows:
Application (The same entry has appeared three times since April 30)
Type...Date...Time...Source...Category...Event...User...Computer
Error...5/1/2009...2:00:02
PM...MPSampleSubmission...None...5000...n/A...Frog-ADF6F864
Discription: Event Type mptelemetry, P1 8024400e, P2 endsearch, P3
search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows
defender, P8 NIL, P9 NIL, P10 NIL.
System (The same entry has appeared 31 times since April 30)
Type...Date...Time...Source...Category...Event...User...Computer
Warning...5/2/2009...9:34:47
AM...WinDefend...None...3004...N/A...Frog-ADF6F864
Description:Windows Defender Real-Time Protection agent has detectede
changes. Microsoft recommends you analyze the software that made these
changes for potential risks. You can use information about how these
programs operate to choose whether to allow them to run or remove them
from your computer. Allow changes only if you trust the program or the
software publisher. Windows Defender can't undo changes that you allow.
The bottom line---the only software change that was made to my system in
recent times involved updates...upgrading to Internet Explorer 8, CA
Anti Virus updates, Malwarebytes' software updates, and Windows Defender
updates. Thus, I don't have a clue as to what software changes were
made that caused problems with Windows Defender.
Well, there is my situation (please let me know if I need to provide any
additional information). Do I need to take any action regarding the
above? If so, in easy to understand guidance, what action should I
take? Is there something in the firewall that needs to be checked in
order to prevent unwanted things like the Trojan items from getting on
my system?
Thanks in advance for anything sent my way.
Frog