Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google analytics problems


  • This topic is locked This topic is locked
15 replies to this topic

#1 hacman

hacman

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 05 November 2010 - 09:52 AM

Hi, Thanks for looking.

I had problems before with a ramnit virus and after talking to a few people dicided to reinstall. As i wanted a larger drive anyway i bought a brand new drive.
I installed my windows 7 on the new drive and thought everything would be ok. When going onto web sites i now still get the google-analytics web browser popping up nearly everytime i click on a link or more annoyingly when i am playing a game online. The pop up opens a new web browser and takes me to "junk" sites.
I did have 2 drives before and one of my my old ones is still attached but was only ever used to store data. When i reinstalled it does only show 128gb on the old drive although it is 500gb but the disk management page shows the whole drive at 465gb and as a primary pactive partition. Pasted below is the DDS.txt and i will attach the attach.txt but GMR came back saying "GMR hasn't found any system modification" and when i ran GMR the only boxes ticked were, services, registry, files, "c", ads and not all the ones shown in the guide.

Any help on how to get rid of this google problem would be greatly apreciated.

Thanks again


DDS (Ver_10-11-03.01) - NTFS_AMD64
Run by Hacman at 14:35:03.67 on 05/11/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3326.2285 [GMT 0:00]


============== Running Processes ===============

C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Hacman\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [Conime] %windir%\system32\conime.exe
mRun: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-9-7 381008]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-10-11 6104656]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-9-10 265400]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;C:\Windows\System32\drivers\RTL85n64.sys [2010-3-23 2061856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

=============== Created Last 30 ================

2010-11-04 07:55:26 232960 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\EKIJ5000PPR.dll
2010-11-04 07:45:09 -------- d-----w- C:\Windows\SysWow64\kodak
2010-11-04 07:44:47 -------- d-----w- C:\Windows\SysWow64\spool
2010-11-04 07:44:47 -------- d-----w- C:\Program Files (x86)\Kodak
2010-11-04 07:43:54 -------- d-----w- C:\Program Files\Bonjour
2010-11-04 07:43:54 -------- d-----w- C:\Program Files (x86)\Bonjour
2010-11-04 07:42:56 -------- d-----w- C:\Users\Hacman\AppData\Roaming\Temp
2010-11-04 07:42:55 -------- d-----w- C:\Users\Hacman\AppData\Local\Eastman Kodak Company
2010-11-04 07:31:13 -------- d-----w- C:\Windows\SysWow64\Adobe
2010-11-04 07:27:54 -------- d-----w- C:\Users\Hacman\AppData\Local\Adobe
2010-11-04 03:39:56 -------- d-----w- C:\Windows\Panther
2010-11-03 21:13:28 -------- d-----w- C:\PROGRA~3\Kodak
2010-11-03 21:05:38 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2010-11-03 21:04:26 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-11-03 21:04:26 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-11-03 21:04:26 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2010-11-03 21:04:26 444752 ----a-w- C:\Windows\System32\mscoree.dll
2010-11-03 21:04:26 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2010-11-03 21:04:26 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-11-03 21:04:26 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-11-03 21:04:26 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2010-11-03 21:04:26 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-11-03 21:04:26 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2010-11-03 21:02:00 -------- d-----w- C:\Windows\System32\kodak
2010-11-03 21:01:03 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
2010-11-03 21:01:00 -------- d-----w- C:\Program Files\NVIDIA Corporation
2010-11-03 20:58:07 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2010-11-03 20:49:52 -------- d--h--w- C:\$AVG
2010-11-03 20:48:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-11-03 20:48:10 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-11-03 20:46:57 84992 ----a-w- C:\Windows\System32\asycfilt.dll
2010-11-03 20:45:40 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2010-11-03 20:45:40 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2010-11-03 20:45:40 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-11-03 20:45:39 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-11-03 20:42:19 -------- d-----w- C:\Users\Hacman\AppData\Local\Microsoft Games
2010-11-03 20:41:25 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-11-03 20:33:43 -------- d-----w- C:\Users\Hacman\AppData\Roaming\AVG10
2010-11-03 20:32:48 -------- d--h--w- C:\PROGRA~3\Common Files
2010-11-03 20:32:42 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2010-11-03 20:32:26 -------- d-----w- C:\Windows\System32\drivers\AVG
2010-11-03 20:32:26 -------- d-----w- C:\PROGRA~3\AVG10
2010-11-03 20:32:03 -------- d-----w- C:\Program Files (x86)\AVG
2010-11-03 20:15:10 -------- d-sh--w- C:\Windows\Installer
2010-11-03 20:14:02 -------- d-----w- C:\PROGRA~3\MFAData
2010-11-03 20:08:23 8006480 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{6F96F48A-AD78-46A1-B473-DDB1ED454026}\mpengine.dll
2010-11-03 20:08:22 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-11-03 19:52:34 -------- d-----w- C:\Users\Hacman\AppData\Local\Diagnostics
2010-11-03 19:47:34 -------- d-sh--w- C:\Recovery
2010-10-22 11:43:18 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2010-10-22 11:43:18 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

==================== Find3M ====================

2010-09-13 16:28:00 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-07 03:48:58 381008 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2010-09-07 03:48:56 41040 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2010-09-07 03:48:52 305232 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2010-09-07 03:48:50 30288 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2010-09-02 15:36:04 141312 ----a-w- C:\Windows\System32\EKIJCOINST09.dll
2010-09-02 08:31:08 612352 ----a-w- C:\Windows\System32\EKIJ5000MON.dll
2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll
2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll
2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll
2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe
2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll
2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2010-08-19 21:42:38 35920 ----a-w- C:\Windows\System32\drivers\AVGIDSFilter.sys
2010-08-19 21:42:38 157264 ----a-w- C:\Windows\System32\drivers\AVGIDSDriver.sys

============= FINISH: 14:35:30.98 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 13 November 2010 - 09:00 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.

Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.

We need to create an OTL report,
  • Please download OTL from this link.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Under the Custom Scan box paste this in:

    netsvcs
    msconfig
    drivers32 /all
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.sys /90
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    CREATERESTOREPOINT

  • Click the Quick Scan button.
  • The scan should take a few minutes.
  • Please copy and paste both logs in your reply.

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new OTL log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


In your reply, please post both OTL logs and the GMER log.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#3 hacman

hacman
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 13 November 2010 - 10:06 AM

Thanks for getting back but i think that i have solved the problem last night after looking around for a while. Other people had this trouble and it was sorted by resetting the router. I did this last night and so far everything is fine. So hopefully i do not need any more help. And please also bear this in mind for anyone else who has this problem ..... Reset your router.

Thanks

#4 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 13 November 2010 - 11:34 AM

Make sure you change the password on your router. The router is generally only infected if you keep the password at it's default. Let me know how it's running. If you want me to check your computer let me know, that's the likely root cause of the router infection.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#5 hacman

hacman
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 13 November 2010 - 11:42 AM

I had a ramnit virus and was told the best thing to do was do a fresh install, i bought a new drive as i wanted more space anyway. so it is a fresh windows install when i still got the problem and now it seems to have gone. AVG and Malwarebytes all say no infection and i am still in the process of putting everything back on my new drive. So i think it will be ok but i will get back if i have any further troubles.

Do you have any idea why when i reinstalled windows my slave drive only shows up as 127GB when it is 500gb. I think the bit missing is the amount of data that was on it before the fresh install. Is there any way to get it back. Disk management shows the drive as 465gb (active primary partition) but at the top section shows the drive as 127gb and my computer shows 127gb ????????

#6 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 13 November 2010 - 11:58 AM

Yeah, with Ramnit we can disinfect, but your computer is likely going to be very unstable afterwards. That's a good approach for reformatting.

You likely have come up against a BIOS issue as you need 48-bit Logical Block Addressing to go beyond 127GB. But, I would have expected that disk management shows you 127GB partition; and unallocated space that all summed up to ~500GB. Can you please confirm that in Disk Management the active partition is indeed 465GB? Is there any unallocated space?

What computer is this? How old is it? Older motherboards BIOSes won't support it unless we update.

What version of Windows are you using? Older versions of XP won't support it either.

It could also be another partition, although reporting 127GB really leads me to the lack of 48-bit LBA. Did you have that drive as a dual boot system before?

There's lots of ways to fix this, we just need to identify the root cause first.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#7 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 18 November 2010 - 06:55 PM

still with me?


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#8 hacman

hacman
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 19 November 2010 - 02:41 AM

Hi

Sorry i did not get back earlier, i did not get the usual email saying i had a reply.

Anyway, to answer your questions. My computer is fairly new, it is a philips freevents (not sure of the model number) quad core pentium. The hard drive in question came with the computer when bought and all the data was put on it and working fine before the reinstall. I am running Windows 7 Ultimate 64bit. And yes disk management shows 465gb Healthy (active, primary partition) in the bottom window with no unallocated sections but the list at the top just shows the drive letter and 128gb. But My Computer shows it as 127gb. The computer allways had 2 drives, not 2 partitions but 2 actualk drives which is one of the reasons i bought it as i thought it would be safer for storing data.

Anything you can suggest ??? or do you need more info.

Thanks

#9 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 19 November 2010 - 07:29 PM

OK, in disk management is it NTFS or FAT32 for file system?


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#10 hacman

hacman
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 20 November 2010 - 03:07 AM

It is all NTFS

#11 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 20 November 2010 - 08:45 AM

OK, How much data do you have on that drive? Did you format it from your Windows 7 installation first? If it's blank, or < 128 GB you can move to your primary partition temporarily, I have some ideas to try.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#12 hacman

hacman
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 20 November 2010 - 11:38 AM

It is not blank and that is the trouble. Before i reinstalled i had about 300gb of data on the drive. Mostly games and downloaded programmes and .exe files ect.
I would like if possible to save the data, but if not i can allways download the software and games again. It is just a pain trying to contact people to get your password ect again ....The drive is a 500gb drive and i did nothing to it when i reinstalled, i assumed that as the same version of Windows was on before that this new install would just still see it as a data drive. Obviously i was wrong.

#13 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 20 November 2010 - 05:19 PM

Since you're malware free, I'm going to refer you to our Windows 7 forum. We have Advisors there that are better suited to help you. My personal expertise is malware removal, but theirs is general system maintenance such as partitions. Don't give up hope yet, there will be a way to get your data.

Please let me know when you've posted and reference this thread.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#14 hacman

hacman
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 22 November 2010 - 03:19 PM

Hi

I have posted here http://www.bleepingcomputer.com/forums/topic362349.html and hopefully someone can help.

Thanks for your time..... :thumbup2:

#15 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 22 November 2010 - 07:08 PM

I didn't catch that it was connected when you re-installed windows. There is a possibility that it reformatted that drive depending how it was set up.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users