Friday, January 29, 2010

Malware Update---January 28, 2010

I thought I had fixed my problems on Wednesday, January 27th, but it turns it I didn't.

My PC refused to shutdown gracefully, and each time I fired up Windows, I received error messages indicating that I had a problem with

AXWin Frame

and this one...

To help protect your computer, Windows has closed this...

Generic Host Process for Win32 Services

Just about as soon as this occurred, all other windows had problems---and Task Manager failed to load.

A graceful shutdown was impossible.

Furthermore, booting into Safemode was also impossible. I would freeze on MUP.SYS

I used another computer to search the Internet for help, and it suggested that I download and run a program called

COMBOFIX

which I did. It took about an hour to download, install and run, and after several planned shutdowns and reboots (the first shutdown failed, so I had to power off), it told me that my ATAPI.SYS device driver was corrupted, and that it had fixed it.

1 hour later, I was able to fire up Windows (without any error messages) and I've been running continuously for the last day.

I'm just about finished performing a massive backup, and at some point today, I'm going to shutdown and restart in Safemode--after which I'll run Malwarebytes and my Symantec Anitvirus scan.

A former student of mine, David Turner, has also emailed me with some very detailed instructions to ensure that I'm finally free of this malware.

The name sounds like a nuisance, but it's far from that---it's a real pain in the ***

Wednesday, January 27, 2010

Antivirus XP 2010 Malware--what a pain

Thanks to everyone for the suggestions, and mainly for the support.

My wife's PC had been infected with the Antivirus Malware twice, and Malwarebytes (free download from CNET.COM) fixed it both times. However, it seemed to have gained some strength by the time it morphed into Antivirus XP 2010.

One interesting thing it did was to disable the other user accounts on my PC so that I could only execute programs via the "Run as' with the infected account I had--so I was really stuck using my infected account to try to solve the problem.

I also found I was unable to boot the PC into Safe Mode--not sure if that's related to the Malware--I hope not.

Also, when I tried to run my copy of Malwarebytes, it had erased mbam.exe--the executable. Then, when I tried to reinstall from the setup I had on my PC, it tried to stop the execution. Using Task Manager, I managed to kill av.exe long enough for the setup to run, but guess what---after the install worked, it once again deleted mbam.exe, leaving me with a folder containing all but the executable.

An Internet site I found suggested renaming the setup executable and installing it in a folder other than Malwarebytes. I did that, and again, using Task Manager to kill av.exe long enough to get started, managed to run Malwarbytes through an entire scan yesterday morning. It identified about 14 infections, rebooted to delete the bad guys, and I was hoping when it came back up all would be fine. It wasn't.

Again, I ran Malwarebytes, but this time it came back clean--as did Symantec and Spyware Doctor. Like you guys, and some advice on the Internet, I came to the conclusion that running a 1 month old version of Malwarebytes didn't cut it.

I fired up Malwarebytes again, selected Update, and it told me it was getting the latest signatures-version, and that it would shut down and reinstall. It didn't--av.exe seemed to be loading whenever anything tried to fire up.

Finally this morning I went out to CNET.com and downloaded the latest setup executable they had--it must have had something in there for this virus-malware, because after once again renaming the setup and installing it into a decoy folder and renaming mbam.exe to something else, I was able to run a 3 hour scan.

I must confess I had some doubt, but it found 5 infections, and after a reboot (shutdown failed, I had to pull the plug on the PC), when it rebooted the malware seemed to have been destroyed.
At least that's the way it appear.

I had some residual error messages that the Internet says indicates I need to clean my registry---I just did that using CCleaner (another free download from CNET.COM), so knock on wood, I seem to be OK now.

Thanks again for your concern and advice.

Wednesday, January 13, 2010

My Blog's Keyword Analysis---2010-01-13

Here are the last 500 hundred search terms that got people to my blog...My most popular topics are Father Michael Figler, Five Guys, and Washing Instructions for Columbia Sportwear Jackets.

Some of these questions are pretty interesting---I'll need to devote some time to them in the future.

14 4.78% Father Michael Figler in North Jersey
12 4.10% father michael figler
9 3.07% how to wash columbia jacket
8 2.73% five guys cinnaminson nj
8 2.73% columbia sportswear washing instructions
6 2.05% washing columbia jackets
6 2.05% projects in cinnaminson
6 2.05% retro fitness sucks
6 2.05% "Drexel University" "John Smiley"
5 1.71% father mike figler
5 1.71% running hand warmers
5 1.71% john smiley blog
4 1.37% running with hand warmers
4 1.37% columbia washing instructions
4 1.37% retro fitness complaints
4 1.37% columbia clothes washing jackets
4 1.37% columbia titanium coat washing instructions
3 1.02% fr. michael figler
3 1.02% starbuck casey obituary
3 1.02% robert schick delanco
3 1.02% cancelling retro fitness membership
3 1.02% johnny hand warmers
3 1.02% running cold weather hands
3 1.02% columbia sportswear jacket washing instructions
3 1.02% wash columbia jacket
3 1.02% smiley washing
3 1.02% how to wash columbia jackets
2 0.68% fr mike figler
2 0.68% rob ashley cinnaminson
2 0.68% helicopter john smiley
2 0.68% is shoprite in cinnaminson nj open on christmas day 2009
2 0.68% nj ignition lock
2 0.68% five guys route 130
2 0.68% schick cinnaminson fatality jan.
2 0.68% columbia jackets washing
2 0.68% setfocus complaints
2 0.68% retro fitness reviews
2 0.68% washing a columbia jacket
2 0.68% "father mike figler"
2 0.68% john smiley facebook
2 0.68% columbia coats washing instructions
2 0.68% columbia jacket washing instructions
2 0.68% columbia jackets washing instructions
2 0.68% hand warmers for runners
2 0.68% cinnaminson nj burglaries
2 0.68% five guys cinnaminson
2 0.68% complaints about retro fitness
2 0.68% carpet dimensions willingboro
2 0.68% did anybody go to northeat cathelic high school in phila in year 1973
2 0.68% retro fitness facebook moorestown
2 0.68% accident route 130 cinnaminson
2 0.68% father mike figler address 103 center ave. atlantic highlands n.j. 07716 isthis the coerect address
1 0.34% john smiley arrested
1 0.34% should i wash columbia jacket
1 0.34% five guys cinnaminson hours
1 0.34% retro fitness and 10 bucks a month
1 0.34% lakeview cemetery cinnaminson nj
1 0.34% columbia vertex washing instructions
1 0.34% cinnaminson 130 accident
1 0.34% setfocus sucks
1 0.34% when is cinnaminson nj five guys open?
1 0.34% Lisa Layne
1 0.34% did anybody go to northeat cathelic high school in phila in year 1973 on facebook
1 0.34% care instructions outback trail by firefox
1 0.34% retro fitness moorestown nj
1 0.34% rev michael figler
1 0.34% columbia titanium washing techniques
1 0.34% mylife.com
1 0.34% five guys cinnaminson, nj
1 0.34% columbia jackets wash instructions
1 0.34% cinnaminson shoprite
1 0.34% david brown of willingboro robbery
1 0.34% remove the ORA-29729
1 0.34% burlington county times cinnaminson accident
1 0.34% burlary cinnaminson nj
1 0.34% "You may desupport a subset of licenses in a license set only if you agree to terminate that subset
1 0.34% Cinnaminson, NJ crime
1 0.34% john smiley
1 0.34% washing instructions for columbia sportswear jacket
1 0.34% saladworks closings
1 0.34% retro fitness illegal
1 0.34% columbia jackets care instructions
1 0.34% sacred heart riverton@comcast.net
1 0.34% retro fitness eft personal training
1 0.34% http://go.microsoft.com/fwlink/?Linkid=96552 Narrator access
1 0.34% saladworks robbed
1 0.34% arrest in cinnaminson nj
1 0.34% new jersey friendly's cinnaminson restaurant robbery
1 0.34% columbia sportswear care and washing instructions
1 0.34% washing columbia jacket
1 0.34% how to wash columbia winter coat
1 0.34% "robert schick" delanco, obituary
1 0.34% smiley gloves
1 0.34% cinnaminson post office
1 0.34% FIVE GUYS CINNIMINSON, NJ
1 0.34% columbia sportswear jacket washing
1 0.34% columbia coat washing instructions
1 0.34% robert schick delanco nj death notice
1 0.34% lawsuits against SetFocus
1 0.34% best hand warmers for running
1 0.34% How to wash columbia sportswear jackets
1 0.34% running gloves hand warmers
1 0.34% retro fitness or wow
1 0.34% columbia sportswear problems after washing
1 0.34% robert schick cinnaminson
1 0.34% how to wash my columbia jacket
1 0.34% how to properly wash columbia jacket
1 0.34% The best jobs in america 2010 by CNN
1 0.34% nj route 130 accidents
1 0.34% how do I clean my Columbia jacket?
1 0.34% reviews for retro fitness in moorestown NJ
1 0.34% SetFocus Training Reviews
1 0.34% classes available with retro fitness
1 0.34% columbia jacket" and "washing instructions"
1 0.34% cinnaminson recycle jobs
1 0.34% hand warmers for running
1 0.34% robert schick, delanco, nj
1 0.34% 856-314-8615
1 0.34% Rev. Michael Figler"
1 0.34% Fr. Mike Figler NJ
1 0.34% Cinnaminson burglaries
1 0.34% cold handed running
1 0.34% Father Michael Waites
1 0.34% biggest complaints about retro fitness
1 0.34% Cinnaminson five guys
1 0.34% saladworks patrick pantano
1 0.34% columbia kids winter jacket washing instructions
1 0.34% columbia wash instructions
1 0.34% "guitar hero drum" "serial number"
1 0.34% setfocus forum compaints
1 0.34% tips on washing a columbia coat
1 0.34% five guys in cinnaminson, nj
1 0.34% how to wash a jacket columbia
1 0.34% wash a columbia jacket
1 0.34% retro fitness cnn
1 0.34% Robbery of Friendly's Ice cream
1 0.34% five guys of cinnaminson nj
1 0.34% deangelos cinnaminson
1 0.34% columbia wash jacket
1 0.34% how wash columbia winter coat
1 0.34% noni bookbinder bell
1 0.34% friendly's being robbed
1 0.34% washing instructions for columbia winter jacket
1 0.34% * All the software included in the Visual Studio Team System Team Suite (VSTS) with MSDN Premiu
1 0.34% january 5 2010 route 130 accident cinnaminson nj
1 0.34% columbia coat wash instructions
1 0.34% lifescan romulus
1 0.34% saladworks sold
1 0.34% when does five guys open in cinnaminson
1 0.34% EFT books on scribd
1 0.34% johnny warmers
1 0.34% jacket washing instructions
1 0.34% judge john smiley
1 0.34% mike figler Jewish
1 0.34% robert schick car accident cinnaminson nj