Posted 03 July 2005 - 12:12 AM
Working on a Dell Desktop, XP, that had the hard drive replaced a couple of months ago. My friend, the owner thinks it was about that time the trouble started, but that's not a hard fact. He uses Earthlink, and almost all time is spent in email.
When I first arrived he had been trying to download 105 email messages and it would get a few and lock up. He'd turn the computer off and back on and try again, same result 4 or 5 times. I deleted temp. internet files, offline content and all cookies. At some point, all emails were downloaded and he was happy for that, but it still is not good.
When Earthlink starts, it evidently starts a browser window. This is probably an option, I'm not very familiar with Earthlink. Anyway, when it starts, before the home page can be loaded, seven to twelve new windows open and each puts up a pop up that says a problem has been detected and user should go to a site for help. Some, but not all of the sites are: www.fixed-pc.com
www.winregfix.com, and others.
The pop up windows appear to be from Microsoft, but the fact that every one is different made me suspicious, and I told him to steer clear of all of them, that I knew a place to get reputable, good help. Since we could not get onto the internet long enough to do even a minor download, (I was going to start with Ad-Aware and Spybot and failed) I came home, and put these onto CD's as well as HJT and Fxistbar.exe. Next session I ran Ad-aware and found and removed 665 critical objects. Ad-aware said it was very out of date, so obviously the current fixes I downloaded just before I put it on CD did not get integrated? I re-ran it and found 118 critical objects I'm not sure it's kosher to run it twice?
Next I ran Spybot (Yes, I'm working toward a log file for you!) and it hung. I re-ran it and it found 11 problems. Concerned about the validity of sending a log after running Ad-aware with down-level update files, I got on line and downloaded the current files. A rerun found 727 critical objects and one negligible MRU or something. I removed all 728 objects, but got a message that said all could not be removed, and did I want the rest removed on the next reboot. I said yes, and tried to restart from Windows, but all windows went blank, the task bar went away, and we were left with a blank screeen except for the desktop icons. None of them were operational, so I powered off and back on.
Now I re-ran Ad-aware to see if it would do the same thing. Found and removed 61 critical objects, no mention of anything needing a reboot. Finally I think I'm ready to get an HJT log, and the thing won't open or run on his system from the CD. I ran out of time and could not try to download it directly onto his system. Is this an intentional restriction of HJT, that it cannot be run from CD on another system? Or did I do something wrong in the copy, etc. I did it the same as the other 2 programs that ran fine.
What I'd really like to know if anyone finishes this tome, is a recommended path for all the above symptoms. Does this sound like a known worm or trojan? (s)
Should HJT be the next step? I'm very persistant, and even though the failing computer is 50 miles away, if that's the next thing to do, I'll get it done somehow. Thanks for your time and any help you can give us.