Jump to content

Logs Attached


Recommended Posts

Ran defogger with no error message but was not asked to reboot. When I did reboot Windows update installed new updates. From there got the BSOD. Rebooted and ran in safe mode. Logs follow and are attached. Thx for your help.

DDS Log follows:

DDS (Ver_10-03-17.01) - NTFSx86 NETWORK

Run by H B at 18:44:18.42 on Mon 08/02/2010

Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.5.0_12

Microsoft

mbam_log_2010_08_02__18_29_09_.txt

Attch.zip

Link to post
Share on other sites

Hello ,

And :rolleyes: My name is Elise and I'll be glad to help you with your computer problems.

I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications.

-----------------------------------------------------------

COMBOFIX

---------------

Please download ComboFix from one of these locations:

Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Link to post
Share on other sites

Hello ,

And :rolleyes: My name is Elise and I'll be glad to help you with your computer problems.

I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications.

-----------------------------------------------------------

COMBOFIX

---------------

Please download ComboFix from one of these locations:

Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

ComboFix log attached for review. Thx.

combofix.txt

Link to post
Share on other sites

What happens now when you attempt to start in Normal Mode?

Can you please let me know what BSOD you have and when it occurs?

The computer started in Normal Mode. No BSOD. I get a NVDIA not installed warning and my external hard drive is not recognized but I assume that is caused by the actions I have recently taken. In general everything seems to be working.

Link to post
Share on other sites

That sure is good news. B)

Next step would be to get your NVidia drivers installed and your external HD working.

Please let me know if you have driver CD's for these and/or if you are able to install the drivers using Device Management.

If not, I can provide you with additional steps, but for that I need to know what exactly you need help with. ;)

From your logs it seems you have no Antivirus application installed.

INSTALL ANTIVIRUS

---------------------------

I don't see an Anti Virus Program running on your machine

Download and install an antivirus program, and make sure that you keep it updated

New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.

Three good antivirus programs free for non-commercial home use are Avast!, Antivir and Microsoft Security Essentials

Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

UPDATE JAVA

------------------

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:

  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 21 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.

Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.

  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u21-windows-i586.exe to install the newest version.
  • If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.

-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.

-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

Please run a scan with the AV program you just installed and let me know if anything was found.

Link to post
Share on other sites

That sure is good news. :)

Next step would be to get your NVidia drivers installed and your external HD working.

Please let me know if you have driver CD's for these and/or if you are able to install the drivers using Device Management.

If not, I can provide you with additional steps, but for that I need to know what exactly you need help with. ;)

From your logs it seems you have no Antivirus application installed.

INSTALL ANTIVIRUS

---------------------------

I don't see an Anti Virus Program running on your machine

Download and install an antivirus program, and make sure that you keep it updated

New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.

Three good antivirus programs free for non-commercial home use are Avast!, Antivir and Microsoft Security Essentials

Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

UPDATE JAVA

------------------

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:

  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 21 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.

Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.

  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u21-windows-i586.exe to install the newest version.
  • If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.

-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.

-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

Please run a scan with the AV program you just installed and let me know if anything was found.

Updated JAVA. Yes you are correct I am currently operating without AV. I was previously using ESET Smart Security 4 but received a "communicating with Kernal error". Tried to reload with no luck. Am preparing to try again tonight. While trying to download ESET after the JAVA update today I got the "screen going to sleep" message followed by a blank black screen and a non-responsive computer again. Computer would not reboot in normal mode. Went to safe mode and setup chkdsk again. Ran chkdsk on start up and the computer is back up and running but every time I make the slightest change the computer hangs up. Works fine if everything is left alone....so far anyways. I will try to run an AV program tonight and give you the results. Do I need to rerun defogger or any of the other SW programs to re-enable items that were disabled? Thx for the help any further advice is greatly appreciated.

Link to post
Share on other sites

Yes, you can re-enable any disabled drivers with DeFogger.

The fact that your computer is unstable after making changes and the fact that CheckDisk fixes this, unfortunately points to a Harddisk problem. Did you run the Chkdsk /r command from Safe Mode?

Link to post
Share on other sites

Yes, you can re-enable any disabled drivers with DeFogger.

The fact that your computer is unstable after making changes and the fact that CheckDisk fixes this, unfortunately points to a Harddisk problem. Did you run the Chkdsk /r command from Safe Mode?

Ok I will re-enable. I have also suspected a HDD, power supply, and/or outdated BIOS issue. I have downloaded all my pertinent files to an external HDD. It may simply be time to replace the HDD and power supply to be safe. Probably would also be good to check for a BIOS update as the computer is 4 years old.

I have been running chkdsk at start up. I have been setting the chkdsk parameters via vista not the command prompt. I have been selecting the "Automatically fix file sys errors" and "Scan for and attempt recovery of bad sectors". I then restart my computer and chkdsk runs and the computer boots in normal mode. Do you recommend I run chkdsk from the safe mode with the /r selection? If so how would I do that...do I run it after entering a safe mode or do I select a safe mode with command prompt?

Would you agree it appears that my computer is not infected?

Thx for you assistance.

Link to post
Share on other sites

Hi, the way you ran checkdisk is okay.

I am not a big fan of BIOS updates; if it isn't broken, don't fix it. :) Since the boot up is fine, I don't think its a BIOS or power supply issue, but more HD.

At this point I'm fairly sure there is no more malware on your system; in the worst case some leftovers.

Its indeed good to keep important data on an external HDD, just in case....

Did you attempt to install/run an antivirus application?

Link to post
Share on other sites

Hi, the way you ran checkdisk is okay.

I am not a big fan of BIOS updates; if it isn't broken, don't fix it. :) Since the boot up is fine, I don't think its a BIOS or power supply issue, but more HD.

At this point I'm fairly sure there is no more malware on your system; in the worst case some leftovers.

Its indeed good to keep important data on an external HDD, just in case....

Did you attempt to install/run an antivirus application?

That is great input. It helps me focus.

I did finally get ESET Smart Security to install last night. It was scanning but looked like it hung up about half way through the scan so I stopped the scan and will rerun today. While scanning it was driving CPU usage between 90% and 100%.....something probably isn't working right. I try to complete the scan today and provide you the results.

Link to post
Share on other sites

Usually an antivirus scan will use some resources. Depending a bit on your RAM and CPU speed, its not uncommon that a scan seriously slows down things.

Please let me know if you were able to finish the scan and if anything was found.

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.