Jump to content

kahdah

Experts
  • Posts

    4,024
  • Joined

  • Last visited

Everything posted by kahdah

  1. Hi windows xp x64 is kind of rare not much will support it or run on it. To look it over please do the following: Download OTL to your desktop. Double click on OTL to run it. When the window appears, underneath Output at the top change it to Minimal Output. Under the Standard Registry box change it to All. Check the boxes beside LOP Check and Purity Check. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
  2. =======Cleanup======= Click START then RUN Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the Uninstall, it needs to be there. ======Next====== Double click on OTL to run it. Click on the Cleanup button at the top. You will be asked to reboot the machine to finish the Cleanup process. Choose Yes. This will remove itself and other tools we may have used. ===============Update Java=============== Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update: Download the latest version of Java SE Runtime Environment (JRE) and save it to your desktop. Scroll down to where it says "(JRE) then click on it Click the "Download" button to the right. Select your Platform: "Windows". Select your Language: "Multi-language". Read the License Agreement, and then check the box that says: "Accept License Agreement". Click Continue and the page will refresh. Click on the link to download Windows Offline Installation and save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6u26-windows-i586.exe to install the newest version. Delete\uninstall anything else that we have used that is leftover. After that your all set. ===The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance=== Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there. Prevention article Some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes. How did I get infected in the first place? Also this one by Tony Klein. If your computer is slow Things you can do if your computer is slow. PC Safety and Security - What Do I Need? Security suggestions and general hints and tips for PC security. File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent etc... ===Free antimalware tools used for on demand scanning and cleaning no real time unless purchased=== Malwarebytes Antimalware superantispyware ===Free antivirus links=== This is antivirus and antispyware. Microsoft Security Essentials This is free antispyware protection and Antivirus protection. AVG free This is just antivirus protection. Antivir This is antivirus and antispyware protection. Avast
  3. No we will remove what we used now some of those are needed by the operating system. The qoobox folder is from Combofix,the rest leave. =======Update Adobe reader======= Please update to the newest version of Adobe reader you can find it here > http://get.adobe.com/reader/ =======Cleanup======= Click START then RUN Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the Uninstall, it needs to be there. ======Next====== Double click on OTL to run it. Click on the Cleanup button at the top. You will be asked to reboot the machine to finish the Cleanup process. Choose Yes. This will remove itself and other tools we may have used. ===============Update Java=============== Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update: Download the latest version of Java SE Runtime Environment (JRE) and save it to your desktop. Scroll down to where it says "(JRE) then click on it Click the "Download" button to the right. Select your Platform: "Windows". Select your Language: "Multi-language". Read the License Agreement, and then check the box that says: "Accept License Agreement". Click Continue and the page will refresh. Click on the link to download Windows Offline Installation and save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6u26-windows-i586.exe to install the newest version. ================= Delete\uninstall anything else that we have used that is leftover. After that your all set. ===The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance=== Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there. Prevention article Some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes. How did I get infected in the first place? Also this one by Tony Klein. If your computer is slow Things you can do if your computer is slow. PC Safety and Security - What Do I Need? Security suggestions and general hints and tips for PC security. File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent etc... ===Free antimalware tools used for on demand scanning and cleaning no real time unless purchased=== Malwarebytes Antimalware superantispyware ===Free antivirus links=== This is antivirus and antispyware. Microsoft Security Essentials This is free antispyware protection and Antivirus protection. AVG free This is just antivirus protection. Antivir This is antivirus and antispyware protection. Avast
  4. Ok so if you prefer to use Windows live mail then that will work and Outlook express can be left alone. If you want to further troubleshoot Outlook express then we will let me know what you want to do,
  5. Whatever icons are missing will have to be recreated. You can do this by going to the Vista start button doluble click on my computer then double click on Program Files Find the named program there and open it's folder. You can then find the file that is the program and right click on it and choose send to and point it to the desktop. The other programs above the all programs will reappear after you use programs a few times. You say your taskbar is missing? Meaning the black bar across the bottom you are referring to correct?
  6. Please first go to Start run then copy\paste in this into the run box > C:\Documents and Settings\All Users\Application Data then hit ok. Please then delete the following 2 files if present: ~18407204r ~18407204 After that what do you mean by restore Outlook express what does it do when you open it?
  7. Ok please download the following program to your c:\ drive or documents http://download.bleepingcomputer.com/grinler/unhide.exe then double click on it to run it. After that your items should be present again after that let me know if any problems remain.
  8. Looks good how are things running?
  9. Looks good please open OTL and click Run scan at the top please, Post the new OTL.txt file that opens. Also let me know of any remaining issues.
  10. Great open OTL and click the run scan button and posy the new OTL.txt that opens please. Let me know how it is running as well.
  11. Great now please do the following: ESET OnlineScan Click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan Click the button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on to download the ESET Smart Installer. Save it to your desktop. Double click on the icon on your desktop. Check Click the button. Accept any security warnings from your browser. Under scan settings, check and check Remove found threats Click Advanced settings and select the following:Scan potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth technology [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. [*]When the scan completes, push [*]Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. [*]Push the button. [*]Push
  12. Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following :OTL PRC - C:\ProgramData\35905272.exe (Microsoft Corporation) PRC - C:\ProgramData\SwPGvtLdJxoV.exe (Microsoft Corporation) O4 - HKCU..\Run: [SwPGvtLdJxoV] C:\ProgramData\SwPGvtLdJxoV.exe (Microsoft Corporation) O33 - MountPoints2\{aa165b2e-4d11-11de-80b9-00301a007166}\Shell\Open\command - "" = Boot.exe O33 - MountPoints2\{cf8cd1ce-e21b-11de-b108-00301a007166}\Shell\Open\command - "" = Boot.exe [2011/06/13 00:23:45 | 000,000,000 | -H-D | C] -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Restore [2011/06/13 00:23:17 | 000,386,048 | -H-- | C] (Microsoft Corporation) -- C:\ProgramData\35905272.exe [2011/06/13 00:14:03 | 000,492,544 | -H-- | C] (Microsoft Corporation) -- C:\ProgramData\SwPGvtLdJxoV.exe [2011/06/12 04:04:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\lB08200NoDkD08200 [2011/06/13 00:49:45 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~35905272r [2011/06/13 00:49:45 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~35905272 [2011/06/13 00:23:46 | 000,000,595 | -H-- | M] () -- C:\Users\Aaron\Desktop\Windows Vista Restore.lnk [2011/06/13 00:23:32 | 000,000,336 | -H-- | C] () -- C:\ProgramData\35905272 :Commands [reboot] Then click the Run Fix button at the top Let the program run unhindered, reboot when it is done It will produce a log for you on reboot, please post that log in your next reply. ================= Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your C:\Drive if you cannot save it there then choose Documents instead. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  13. Did you do the eset scan? I need to see the log instructions are in my previous post. For now though just open OTL and click the run scan button. Post the new OTL.txt that opens.
  14. Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  15. Looks great. I see only a few leftover orphaned services that can go but everything looks good Please go to Start>Run type in Notepad. Copy what is in the code box below into the open Notepad window. Change the "Save As Type" to "All Files". Save it as fix.bat on your Desktop. @Echo off sc stop "2BBE230" sc delete "2BBE230" sc stop "551E64DA" sc delete "551E64DA" sc stop "95B406E0" sc delete "95B406E0" del %0 Then please double click on fix.bat a window will open and close quickly.This is normal. ========================== =======Cleanup======= Click START then RUN Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the Uninstall, it needs to be there. ===============Update Adobe reader=============== Please update your version of Adobe reader it contains vulnerabilities. To update it visit this webpage > http://get.adobe.com/reader/ and make sure to un-check the optional toolbar or security scan either at the top or to the side of the page. Then download and install the newest version of Adobe reader it will uninstall the older version in the process. ===============Update Java=============== Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:Download the latest version of Java SE Runtime Environment (JRE) and save it to your desktop. Scroll down to where it says "(JRE) then click on it Click the "Download" button to the right. Select your Platform: "Windows". Select your Language: "Multi-language". Read the License Agreement, and then check the box that says: "Accept License Agreement". Click Continue and the page will refresh. Click on the link to download Windows Offline Installation and save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6u26-windows-i586.exe to install the newest version. Delete\uninstall anything else that we have used that is leftover. After that your all set. ===The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance=== Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there. Prevention article Some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes. How did I get infected in the first place? Also this one by Tony Klein. If your computer is slow Things you can do if your computer is slow. PC Safety and Security - What Do I Need? Security suggestions and general hints and tips for PC security. File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent etc... ===Free antimalware tools used for on demand scanning and cleaning no real time unless purchased=== Malwarebytes Antimalware superantispyware ===Free antivirus links=== This is antivirus and antispyware. Microsoft Security Essentials This is free antispyware protection and Antivirus protection. AVG free This is just antivirus protection. Antivir This is antivirus and antispyware protection. Avast
  16. Ok looks better: Update Run Malwarebytes Please update\run Malwarebytes' Anti-Malware. Double Click the Malwarebytes Anti-Malware icon to run the application. Click on the update tab then click on Check for updates. If an update is found, it will download and install the latest version. Once the update has loaded, go to the Scanner tab and select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley. ===== ESET OnlineScan Click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan Click the button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on to download the ESET Smart Installer. Save it to your desktop. Double click on the icon on your desktop. Check Click the button. Accept any security warnings from your browser. Under scan settings, check and check Remove found threats Click Advanced settings and select the following:Scan potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth technology [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. [*]When the scan completes, push [*]Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. [*]Push the button. [*]Push
  17. Ok you have a few infections present. Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following :OTL O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - File not found O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4 - HKLM..\Run: [SymNRT] File not found O4 - HKLM..\Run: [Ttucoqu] File not found O4 - HKCU..\Run: [Iyumu] File not found O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0 [2011/05/14 17:29:40 | 000,020,104 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\8ovx0wkt11gr8lvac32b080q [2011/05/14 17:29:39 | 000,020,104 | RHS- | M] () -- C:\Documents and Settings\Frances\Local Settings\Application Data\8ovx0wkt11gr8lvac32b080q [2011/05/14 17:03:53 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\18407204 :Commands [emptytemp] Then click the Run Fix button at the top Let the program run unhindered, reboot when it is done It will produce a log for you on reboot, please post that log in your next reply. ============== Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  18. Go ahead and remove the items then reboot. Let me know thew audio situation then please.
  19. Ok please run mbam again per my last instructions. Post it's log and we will continue from there.
  20. Ok does the audio devices say no audio device installed still? Also some infections are present still please update and run mbam let it remove everything. After that reboot and check the audio. Post the log as well please from mbam. Let me know if you hear anything or if nothing or the status.
  21. Were you able to apply any fix yet? If not please boot into safe mode to do the steps. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter. Then do the OTL step then reboot into normal mode again and do the other steps.
  22. Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following :OTL O33 - MountPoints2\{2e8239f3-d1c8-11de-ad69-00301a007166}\Shell\Open\command - "" = Boot.exe [2011/06/11 18:59:40 | 000,011,148 | -HS- | M] () -- C:\Users\Aaron\AppData\Local\417ya3snt1 [2011/06/11 18:59:40 | 000,011,148 | -HS- | M] () -- C:\ProgramData\417ya3snt1 [2011/06/10 04:04:09 | 000,000,392 | ---- | M] () -- C:\ProgramData\34332408 [2011/06/10 04:01:43 | 000,000,112 | ---- | M] () -- C:\ProgramData\~34332408 [2011/06/10 03:53:57 | 000,000,136 | ---- | M] () -- C:\ProgramData\~34332408r [2011/06/11 04:58:19 | 000,000,128 | ---- | C] () -- C:\ProgramData\~33021688r [2011/06/11 04:58:18 | 000,000,112 | ---- | C] () -- C:\ProgramData\~33021688 [2011/06/11 04:57:57 | 000,000,392 | ---- | C] () -- C:\ProgramData\33021688 :Commands [emptytemp] Then click the Run Fix button at the top Let the program run unhindered, reboot when it is done It will produce a log for you on reboot, please post that log in your next reply. ================================Malwarebytes' Anti-Malware================================= Please download Malwarebytes' Anti-Malware from Here. Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley. ================================Online scan================================= * Go here to run an online scannner from ESET. Note: You will need to use Internet explorer for this scan Tick the box next to YES, I accept the Terms of Use. Click Start When asked, allow the activex control to install Click Start Check next options: Remove found threats and Scan unwanted applications. Click Scan Wait for the scan to finish Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt Copy and paste that log as a reply to this topic
  23. Ok when you get back please do the following: Download OTL to your desktop. Double click on OTL to run it. When the window appears, underneath Output at the top change it to Minimal Output. Under the Standard Registry box change it to All. Check the boxes beside LOP Check and Purity Check. under the Custom scans and fixes area please paste in the following: drivers32 [*]Then click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
  24. OK please do the following please. Still from within the device manager right click on this device > Soundblaster Live! 24-bit and choose uninstall and hit yes to the prompt. Reboot once more and the device will reinstall itself again. After that see if you have sound again. Let me know the result.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.