Jump to content
Sign in to follow this  
fergy1999

can no one help

Recommended Posts

epson 265 printer has gone awol status monitor has dissapeared tryed uninstall reinstall wont let me reinstall things have gone off desktop maybe trojan but used spybot superantispyware scans are clear some programs also crash all have encountered a problem and need to close ran chkdsk does not help any help would be much obliged

Share this post


Link to post
Share on other sites

Hello,

So SuperAntiSpyware found nothing? I see from test your pc needs some cleaning up, so try this> Download: CCleaner (freeware)

http://www.majorgeeks.com/download4191.html

Run the installer, and uncheck the option to install Yahoo toolbar (unless you want Yahoo toolbar).

Once installed, run CCleaner click the Windows [tab]

The following should be selected by default, if not, please select:

Posted Image

Next: click Options click the Settings tab

Uncheck: "Only delete files older than 48 hrs.", click Ok

Then click Run Cleaner (bottom right) then Exit

 

Then Defragment the hard drive, use windows defragmenter or this free one> http://www.auslogics.com/disk-defrag/ Your hard drive is 19% Fragmented, that is a lot. So defragment the drive after using Ccleaner.

 

I hope you do use a good av for you pc. If so what do you use, and is it updated regularly? When was last time you used it to do a full scan?

 

Let try this> Please use the Internet Explorer browser, and do an online scan with Kaspersky Online Scanner

 

Note: If you have used this particular scanner before, you MAY HAVE YO UNINSTALL the program through Add/Remove Programs before downloading the new ActiveX component

 

Click Yes, when prompted to install its ActiveX component.

(Note.. for Internet Explorer 7 users: If at any time you have trouble with the "Accept" button of the license, click on the "Zoom" tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)

The program launches and downloads the latest definition files.

  • Once the files are downloaded click on Next
  • Click on Scan Settings and configure as follows:
    • Scan using the following Anti-Virus database:
      • Extended
    • Scan Options:Scan Archives

      Scan Mail Bases

  • Click OK and, under select a target to scan, select My Computer
When the scan is done, in the Scan is completed window (below), any infection is displayed.

There is no option to clean/disinfect, however, we need to analyze the information on the report.

Posted Image

Posted Image

To obtain the report:

Click on: Save Report As (above - red blinking arrow)

Next, in the Save as prompt, Save in area, select: Desktop

In the File name area, use KScan, or something similar

In Save as type, click the drop arrow and select: Text file [*.txt]

Then, click: Save

Please post the Kaspersky Online Scanner Report in your reply.

 

So try to use Ccleaner, then defragment the hard drive an run The Kaspersky online scanner as advised above an post what it finds. ;)

 

Wademan

Share this post


Link to post
Share on other sites

Hello,

All you did was Quote me. I assume you had problems posting? I also hope I did not overwhelm you. Running Ccleaner, defragmenting the hard drive is easy. Using the Kaspersky online scanner is fairly easy, even though it will take some time to run.

 

The above steps will help get your pc running better and to determine if a virus is causing some of your problems.

Wademan

Share this post


Link to post
Share on other sites

started kapersky scan had a bit of chew getting it to download il post soon as its finished thanks

 

Oh you mean the active x and all that to start the scanner? well glad its going. I do hope you used Ccleaner first because it will greatly speed up the Kaspersky scan as it will remove things like tracking cookies,etc. So, let it scan..may take even 30 minutes or longer.

 

Wademan

Share this post


Link to post
Share on other sites

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Monday, July 30, 2007 10:50:10 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.83.0

Kaspersky Anti-Virus database last update: 31/07/2007

Kaspersky Anti-Virus database records: 369836

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - My Computer:

A:\

C:\

D:\

E:\

 

Scan Statistics:

Total number of scanned objects: 61635

Number of viruses found: 1

Number of infected objects: 2 / 0

Number of suspicious objects: 0

Duration of the scan process: 00:33:37

 

Infected Object Name / Virus Name / Last Action

C:\Documents and Settings\All Users\Application Data\Virgin Broadband\PCguard\logs\FirewallService07-30-2007--21-34-54.log Object is locked skipped

C:\Documents and Settings\fergy\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\cert8.db Object is locked skipped

C:\Documents and Settings\fergy\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\formhistory.dat Object is locked skipped

C:\Documents and Settings\fergy\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\history.dat Object is locked skipped

C:\Documents and Settings\fergy\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\key3.db Object is locked skipped

C:\Documents and Settings\fergy\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\parent.lock Object is locked skipped

C:\Documents and Settings\fergy\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\search.sqlite Object is locked skipped

C:\Documents and Settings\fergy\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\urlclassifier2.sqlite Object is locked skipped

C:\Documents and Settings\fergy\Application Data\Virgin Broadband\advisor\client_gateway.log Object is locked skipped

C:\Documents and Settings\fergy\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\Cache\_CACHE_001_ Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\Cache\_CACHE_002_ Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\Cache\_CACHE_003_ Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Application Data\Mozilla\Firefox\Profiles\rqouj9ff.default\Cache\_CACHE_MAP_ Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\History\History.IE5\MSHist012007073020070731\index.dat Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Temp\~DF6EFF.tmp Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Temp\~DF6F0B.tmp Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\fergy\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\fergy\My Documents\program files\Nero 7.7.5.1 Ultra\Nero 7.7.5.1 Ultra.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\Documents and Settings\fergy\My Documents\program files\Nero 7.7.5.1 Ultra\Nero 7.7.5.1 Ultra.exe RAR: infected - 1 skipped

C:\Documents and Settings\fergy\ntuser.dat Object is locked skipped

C:\Documents and Settings\fergy\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{F1D07958-827A-473B-908A-BEF79EC804F2}\RP282\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{221D63DB-9FFF-445A-B393-4321C6BB402B}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

 

Scan process completed.

im glad you no what your looking for hope this solves it thanks

Share this post


Link to post
Share on other sites

Hello again,

Well Kaspersky found: C:\Documents and Settings\fergy\My Documents\program files\Nero 7.7.5.1 Ultra\Nero 7.7.5.1 Ultra.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped. You can read about MyWebSearch here> http://www.pchell.com/support/mywebsearch.shtml ( it's best to use HJT to remove this with help from our TrustedAdvisors in the HJT forum )

 

Did the defragment go ok? I only had you run the Kaspersky since you said you have items that disapeared from your desktop,etc

 

 

I suspect other malware is on your pc causing your problems. To fully check we will need you to run HJT.

Please do the following to download and install the latest version of HijackThis v2.0.2:

 

CLICK HERE to download the HijackThis Installer:

Save HJTInstall.exe to your desktop.

Double-click on HJTInstall.exe to run the program.

By default it will install to C:\Program Files\Trend Micro\HijackThis.

Accept the license agreement by clicking the "I Accept" button.

Click on the "Do a system scan and save a log file button. It will scan and then ask you to save the log.

Click "Save log" to save the log file and then the log will open in Notepad.

Click on Edit-> Select All then click on "Edit -> Copy" to copy the entire contents of the log.

NEXT:

Please go to this forum Here and start a new thread for a Trusted Advisor to help you ( post the HJT log there )

Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

 

Please be patient in the HJT forums as they are at times very busy. They will get to you ASAP. This well help rule out malware issues from your pc.

 

Wademan

Edited by Wademan

Share this post


Link to post
Share on other sites

I see you posted 2 HJT logs, one using the old version then the other the newer, correct version. Since you posted to your own HJT log there you may get delayed help. The reason is, the "TrustedAdvisors" look for HJT logs that have ( 0 ) in the reply columns. So, your's looks like you getting help already when in fact you are not.

 

I would delete the first HJT post there. That should reset the reply count back to ( 0 ). Or you could delete them both and post a fresh HJT log using the version I advised you to use within this thread. ( if you decide to delete them both and post a fresh HJT log please include a link to this thread so they can see steps we already have taken ) If for some reason a TrustedAdvisor has already respounded to you, do not delete anything and follow their advice. As of yet though, your HJT logs there have gone overlooked.

 

I also see you posted in User to user forum about this. You should tell them you might have a spyware problem as well, and are getting help with it in Spyware section and HJT.

 

Wademan

Edited by Wademan

Share this post


Link to post
Share on other sites

thanx a lot

 

You welcome. I see you still have the first HJT post there > http://forums.pcpitstop.com/index.php?showtopic=144885 I would delete it since you correctly re-posted a new one.( delete button is lower right in your posts )

 

I see Essexboy is helping you with your HJT log, He can determine if malware is on your pc. If not, then you have some very odd problems. At that point the user to user thread you started should get you some help. We shall have to wait and see if Essexboy gives you the "all clear" for malware.

Wademan

Edited by Wademan

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×