Before posting my question I want to say you have a wonderful website and so much helpful information. I have always been the person who "fixes" computer issues for friends, family, and coworkers. I usually can help, but know when I am out of my league and when to ask for help...you only stop a running process one time when it crashes your computer!
My niece just gave me her computer to "fix" after being at college for 2 1/2 years. She knew it had problems, but even the paid "professionals" never truly got rid of her underlying issues. They just removed some of the symptoms for awhile. So, I thought "no problem". But after 30 hours of running multiple scanning softwares for multiple malware & virus issues I still wasn't getting to the root of the problems. In the meantime I found your website!!!
Today I was researching your site to figure out how to present my niece's computer issues to you. I was ready to give up. But then I read your articles and multiple user posts along with your "fixes" that had many of the same issues I was having. After several hours of research I attacked my niece's computer one more time.
I did the following four things: 1) found .dat files, renamed them to .txt, am currently changing passwords; 2) ran SDfix.exe; 3) ran vundofix.exe; and 4) removed Viewpoint Media Player. And "knock on wood" my issues appear to be resolved!!!!
Only one thing remains that I was not brave enough to do on my own. Every time I restart the computer an error message appears saying there was an error loading C:\windows\system32\lufbgwek.dll ... the specified module could not be found. This started happening after the first time I ran a Norton scan, where several thousand infected files were found and removed.
There is an entry in the registry at:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run - displaying the following info -
Date: "rundll32.exe" "C:\windows\system32\lufbgwek.dll",b
Apparently something is trying to run, but there is nothing there to actually run.
SO - is it safe to entirely delete this line/entry from the registry? It seems logical to me that if the entry is gone, the startup will no longer try to run it....but logic is not always correct (and I don't mess with the registry unless I know exactly what to do).
This is my last issue (for now) with my niece's computer - except for the extensive education she is going to get from me about keeping her computer as safe and clean as possible in the future!!!
Let me know if you need any further information or if it is safe to delete the registry entry. (When you delete an entry, you just delete it, then close the regedit window - correct? You don't need to somehow "save" it before closing do you? - Just curious.)
Thanks so much for all the wonderful information you provide for everyone and for the upcoming answer to my question!
Have a great day,
Edited by kerryv, 20 December 2007 - 09:00 PM.