Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think my 'puter has either swamp fever or swine flu !


  • Please log in to reply
18 replies to this topic

#1 dai

dai

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cwm Cynon
  • Local time:07:14 PM

Posted 06 July 2009 - 07:42 AM

Hello there, my pc keeps crashing, , different com messages on boot up - "active x controll,+ d/l com component" Also it won't d/l progs, messg," reg integrity," also a strange one called "Bummer error 0x1",(Honestly!) I've run spybot,super anti spyware ,a2 squared ,advanced system care, c cleaner and finaly, easy cleaner. :thumbsup: and it's still f""@\##$%&***!!!. O yes, at the last but one entry in the running processes list, there's an entry:- System SYSTEM 28K ,which is runing my cpu at 100% very, very, frequently. Any thoughts please , ATB, dai saster

Edited by dai, 06 July 2009 - 07:43 AM.


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:14 AM

Posted 11 July 2009 - 06:35 AM

Hello Dai, lets see if we can see whats wrong with your computer!

ATF-CLEANER
------------------
Please download ATF Cleaner by Atribune. (This program is for XP and Windows 2000 only)Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.


DR. WEB CUREIT
----------------------
Please download Dr.Web CureIt and save it to your desktop. DO NOT perform a scan yet.
alternate download link
Note: The file will be randomly named (i.e. 5mkuvc4z.exe).

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in Safe Mode.

Scan with Dr.Web CureIt as follows:
  • Double-click on the randomly named file to open the program and click Start. (There is no need to update if you just downloaded the most current version
  • Read the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.
  • The Express scan will automatically begin.
    (This is a short scan of files currently running in memory, boot sectors, and targeted folders).
  • If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.
  • If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All. (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)
  • After the Express Scan is finished, put a check next to Complete scan to scan all local disks and removable media.
  • In the top menu, click Settings > Change settings, and uncheck "Heuristic analysis" under the "Scanning" tab, then click Apply, Ok.
  • Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.
  • Please be patient as this scan could take a long time to complete.
  • When the scan has finished, a message will be displayed at the bottom indicating if any viruses were found.
  • Click Select All, then choose Cure > Move incurable.
  • In the top menu, click file and choose save report list.
  • Save the DrWeb.csv report to your desktop.
  • Exit Dr.Web Cureit when done.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 dai

dai
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cwm Cynon
  • Local time:07:14 PM

Posted 12 July 2009 - 01:16 PM

hello. thanks for your time,i ran Dr, web cureit and at the end of the complete scan it reported nothing found, so the save report ws greyed out, Regards dai

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:14 AM

Posted 12 July 2009 - 01:23 PM

Hello dai,

I am not convinced this problem is malware related. To be sure lets run a rootkit scanner.

Please install RootRepeal
Note: Vista users ,, right click on desktop icon and select "Run as Administrator."

Go HERE, and download RootRepeal.zip to your Desktop.
Tutorial with images ,if needed >> L@@K.
Unzip that,(7-zip tool if needed) and then click RootRepeal.exe to open the scanner.
Next click on the Report tab, now click on Scan. A Window will open asking what to include in the scan. Check all of the below and then click OK.

Drivers
Files
Processes
SSDT
Stealth Objects
Hidden Services


Now you'll be asked which drive to scan. Check C: and click OK again and the scan will start. Please be patient as the scan runs. When the scan has finished, click on Save Report.
Name the log RootRepeal.txt and save it to your Documents folder (it should automatically save it there).
Please copy and paste that into your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 dai

dai
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cwm Cynon
  • Local time:07:14 PM

Posted 12 July 2009 - 01:44 PM

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Time: 2009/07/12 19:36
Program Version: Version 1.3.0.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB84F0000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\Downloads\Slow Dance, Love Songs & Rock Ballads - Best Ever Collection\Compilation - The Best Slow Dance, Love Songs & Rock Ballads Collection Ever (190 Songs)\Celine Dion, Gloria Estefan, Shania Twain & Carole King - You'Ve Got A Friend.mp3:Roxio EMC Stream
Status: Locked to the Windows API!

==EOF==

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:14 AM

Posted 12 July 2009 - 01:54 PM

Okay, lets check hardware as a next step.

Click Start > Run and in the box that opens type devmgmt.msc and press enter.

Please tell me if you see any devices that have a ? or a ! in front of the device description/name.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#7 dai

dai
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cwm Cynon
  • Local time:07:14 PM

Posted 12 July 2009 - 02:28 PM

there are two! cm audio devce.amd the second one is !unknown

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:14 AM

Posted 12 July 2009 - 02:58 PM

Okay, right click on either of them and select update driver. Allow your computer to connect to the internet and install what it finds.

If you have a driver CD from your computer, insert it in your CD drive and let the wizard search your CD.

If this doesnt work for one or both of the devices, please include your computer specs/brand/make/model in your next post.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 dai

dai
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cwm Cynon
  • Local time:07:14 PM

Posted 12 July 2009 - 05:32 PM

Hello Elise,it didn't work on the C - Media AC97 Audio Device. this sound card blew a few years ago, the soundcard was changed,and is still working,but i can't cancel the old one, it returns wth the next boot up.Regards, dai

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:14 AM

Posted 13 July 2009 - 01:49 AM

Okay, lets straighten things out here.

You had a C-Media AC97 soundcard, it fried and you installed another one?
Can you please give me the following information.
1. What other soundcard do you have? Also C-Media?
2. Did you uninstall the C-Media AC97 software (using add/remove programs)?
3. Did you take out the old C-Media card?

I think your problems are caused by a driver/hardware conflict so lets concentrate on that.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 dai

dai
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cwm Cynon
  • Local time:07:14 PM

Posted 13 July 2009 - 03:57 AM

hello elise. the first audio card fried,took it back to the shop, they installed a new one CM18738/C3DX PCI AUDIO DEVICE, regards dai

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:14 AM

Posted 13 July 2009 - 04:19 AM

Please look in add/remove programs if the following entry is there C-Media AC97, if it is there, uninstall it.

Did you get driver software (CD) for your other soundcard?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 dai

dai
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cwm Cynon
  • Local time:07:14 PM

Posted 13 July 2009 - 05:48 AM

it ws there, uninstalled it, and i did get driver soft cd with it, regards dai

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:14 AM

Posted 13 July 2009 - 05:56 AM

Good! Now see if C-Media AC97 is still in the device manager. If so right click on it and click disable. After the device is disabled right click again on it and click uninstall driver. You may have to reboot after that.

After rebooting, check if C-Media is still disabled (it might not longer be recognized as C-Media) and re-install the drivers for your other soundcard. First check in add/remove programs if there is an entry, and uninstall it, or right click on the device and click uninstall driver. After succesfully uninstalling it, reinstall the driver using the CD you got.

Besides this, what other problems are shown in the device manager? If there is an unknown device, try properties to see if you can get any more information about it.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#15 dai

dai
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cwm Cynon
  • Local time:07:14 PM

Posted 14 July 2009 - 08:04 PM

device man ok no prob. the only problem i have now is that i can' d/l any prog but can't install it. eg;flash player , java, etc;

Edited by dai, 14 July 2009 - 08:09 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users