Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop icons not responds


  • Please log in to reply
14 replies to this topic

#1 Flyingsushi

Flyingsushi

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 24 September 2012 - 02:11 PM

Hello. This computer seems to be having a few issues. One problem is it is old, 12+ years. Recently I noticed some unusual pops ups when using Firefox. I don't think it was exactly the same one, I only use this computer once a week. I know this is a lack of info for you but about 2 weeks ago the icons on the desktop stopped responding and we could no longer use this computer. When I tried to reboot it, it seemed as if Windows may not have booted properly, the blue bar at the bottom was a pale white color.

I turned the computer off today for several hours and when I hooked it back up and started it up everything booted normal and now my desktop icons appear to be working normal as of now. I know this is an old computer, I hope to keep it running for about 6 more months. If someone could offer any advice to see if anything is wrong that can be fixed and it isn't the hardware dying I would greatly appreciate your time.

The operating system is Windows XP.

Thanks in advance,
Sushi

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:18 AM

Posted 24 September 2012 - 07:46 PM

Hello Sushi

We should run a file checker gst some info and then scan it,

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.




Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.






Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Flyingsushi

Flyingsushi
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 25 September 2012 - 12:33 PM

Boopme, I had a few problems. I don't have my installation Windows XP CD anymore. I tried to follow the directions on what to do if I didn't have it. The real problem I had is I was unable to finish System File Checker. As I expected, it asked my insert the CD, I would click cancel, the next pop up is Windows File Protection asking me to if I want to keep these unrecognized file versions, YES/NO, and I click yes because afterwards I planned on going to windows update. After repeating this process several times a new Windows File Protection pop up appeared saying "Files that are required to run properly must be copied to the DLL Cache". Then it asks me the same request which is to insert my CD. The problem is repeated itself so many times my scan was going nowhere, I was maybe 15% into the scan and this was asking me to do this immediately after the last one. This was taking so long I stopped the scan. I probably spent close to 30 minutes repeating this process, that is why I gave up.

Here are the results of MiniToolBox and Malwarebytes. With Malwarebytes, I didn't rename it because I already had it installed. I hope this was ok? I updated it before the scan.



Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.25.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Brian Willoughby :: THEWIZARD [administrator]

12-09-25 1:04:56 PM
mbam-log-2012-09-25 (13-04-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 274430
Time elapsed: 24 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Documents and Settings\Brian Willoughby.THEWIZARD\Local Settings\temp\1192.tmp (Trojan.Agent.BRVGen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Brian Willoughby.THEWIZARD\Local Settings\temp\702.tmp (Trojan.Agent.BRVGen) -> Quarantined and deleted successfully.

(end)





MiniToolBox by Farbar Version: 23-07-2012
Ran by Brian Willoughby (administrator) on 25-09-2012 at 12:45:20
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.autoconfig_url", "http://localhost:9100/proxy.pac"
"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 2

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================


WARNING: Could not obtain host information from machine: [THEWIZARD]. Some commands may not be available.
The stub received bad data.



# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : TheWizard

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-07-E9-F5-2F-31

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.64

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : 12-09-25 12:15:53 PM

Lease Expires . . . . . . . . . . : 12-09-26 12:15:53 PM

Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.225.35, 74.125.225.36, 74.125.225.37, 74.125.225.38
74.125.225.39, 74.125.225.40, 74.125.225.41, 74.125.225.46, 74.125.225.32
74.125.225.33, 74.125.225.34



Pinging google.com [74.125.225.103] with 32 bytes of data:



Reply from 74.125.225.103: bytes=32 time=18ms TTL=55

Reply from 74.125.225.103: bytes=32 time=19ms TTL=55



Ping statistics for 74.125.225.103:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 18ms, Maximum = 19ms, Average = 18ms

Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=159ms TTL=48

Reply from 98.138.253.109: bytes=32 time=87ms TTL=48



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 87ms, Maximum = 159ms, Average = 123ms

Server: home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 07 e9 f5 2f 31 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.64 192.168.1.64 20
192.168.1.0 255.255.255.0 192.168.1.64 192.168.1.64 20
192.168.1.64 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.64 192.168.1.64 20
224.0.0.0 240.0.0.0 192.168.1.64 192.168.1.64 20
255.255.255.255 255.255.255.255 192.168.1.64 192.168.1.64 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/25/2012 00:34:32 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (09/24/2012 01:07:08 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

Error: (09/24/2012 01:07:08 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

Error: (09/24/2012 01:05:57 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

Error: (09/24/2012 01:05:55 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

Error: (09/24/2012 01:05:54 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

Error: (09/24/2012 01:05:48 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

Error: (09/24/2012 01:05:38 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

Error: (09/24/2012 01:05:35 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

Error: (09/24/2012 01:05:34 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.


System errors:
=============
Error: (09/21/2012 05:23:57 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056

Error: (09/21/2012 05:23:57 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error:
%%1056

Error: (09/18/2012 09:15:41 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.

Error: (09/16/2012 08:49:50 PM) (Source: Print) (User: NT AUTHORITY)
Description: Document C:\Documents and Settings\Brian Willoughby.THEWIZARD\My Documents\Document1.wpd was corrupted and has been deleted. The associated driver is: KODAK ESP C310 AiO.

Error: (08/18/2012 02:31:32 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service terminated unexpectedly. It has done this 1 time(s).

Error: (08/18/2012 02:31:32 PM) (Source: Service Control Manager) (User: )
Description: The CryptSvc service terminated unexpectedly. It has done this 1 time(s).

Error: (08/18/2012 02:31:32 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated unexpectedly. It has done this 1 time(s).

Error: (08/18/2012 02:31:32 PM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/14/2012 01:46:22 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

Error: (05/07/2012 05:10:51 PM) (Source: Service Control Manager) (User: )
Description: The Updater Service for StartNow Toolbar service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (09/25/2012 00:34:32 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (09/24/2012 01:07:08 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (09/24/2012 01:07:08 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (09/24/2012 01:05:57 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (09/24/2012 01:05:55 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (09/24/2012 01:05:54 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (09/24/2012 01:05:48 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (09/24/2012 01:05:38 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (09/24/2012 01:05:35 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (09/24/2012 01:05:34 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.


=========================== Installed Programs ============================

3DVIA player 5.0 (Version: 5.0.0.12)
Acoustica CD Label Maker
Ad-Aware (Version: 9.0.6)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 10 ActiveX (Version: 10.2.153.1)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Shockwave Player (Version: 10.1.3.18)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 6.2.3.10)
aioscnnr (Version: 7.3.4.0)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ArcadeCandy (Version: ac 1.16.335)
ArcSoft VideoImpression 2
AT&T Self Support Tool
AT&T WorldNet Setup
AT&T Yahoo! Applications
AT&T Yahoo! Browser Configuration
Babylon toolbar on IE
Banctec Service Agreement (Version: 1.00.0004)
Blue's 123 Time Activities
Bonjour (Version: 3.0.0.10)
Britannica Ready Reference
BufferChm (Version: 90.0.146.000)
C4USelfUpdater (Version: 1.00.0000)
CCleaner (remove only)
CDDRV_Installer (Version: 4.60)
center (Version: 6.2.5.0)
CheckIt Diagnostics (Version: 7.1)
Classic PhoneTools (Version: 4.18)
Colors, Shapes & More
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant SmartHSFi V92 56K Speakerphone PCI Modem
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder (Version: 1.00.0000)
Dealio Toolbar v4.4 (Version: 4.4)
Dell Picture Studio - Dell Image Expert (Version: 3.4.1)
Dell Solution Center (Version: 1.00.0000)
Dell Support (Version: 2.00.0000)
DeviceDiscovery (Version: 90.0.205.000)
DeviceManagementQFolder (Version: 1.00.0000)
Dictionary.com Toolbar (Version: 1.15.2.0)
Dictionary.com Toolbar Updater (Version: 1.2.0.20007)
Digital Line Detect (Version: 1.06.2)
DiMAGE Viewer
Disney's Stanley Tiger Tales
Disney's Winnie the Pooh Kindergarten
DivX Setup (Version: 1.0.1.4)
DivX Web Player (Version: 1.5.0)
dj_sf_software (Version: 90.0.235.000)
Dogpile Bundle Toolbar (Version: 1.514)
Earthlink Installer - uninstall 'Earthlink 5.0' entry first if present (Version: 1.00.0000)
ELNKInst (Version: 1.00.0000)
ESET Online Scanner v3
essentials (Version: 6.0.14.0)
eSupportQFolder (Version: 1.00.0000)
EXEtender Player
FLV Player 1.3.3
FoxTab FLV Player
Free Mp3 Wma Converter V 1.81
GameSpy Arcade
Google Update Helper (Version: 1.3.21.123)
Google Video Player
Google Web Accelerator (Version: 1.0.93)
Help and Support Customization (Version: 1.00.0000)
HP Customer Participation Program 9.0 (Version: 9.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Smart Web Printing (Version: 2.15.7.0)
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 4.000.006.003)
HPProductAssistant (Version: 90.0.146.000)
HPSSupply (Version: 2.2.0.0000)
ieSpell (Version: 2.5.1 (build 106))
iLivid (Version: 1.92)
iLivid (Version: 1.92.0.118480)
ImageMixer for Sony
Intel® PRO Ethernet Adapter and Software
Intel® PROSet II (Version: 2.00.0020)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 32 (Version: 6.0.320)
JS World Kindergarten
JSWorldKGMain (Version: 1.00.0000)
JSWPFCom (Version: 1.04.1000)
JSWPFGradeK (Version: 1.07.0000)
JumpStart Artist
JumpStart Parent Resource Center v1.0
KhalInstallWrapper (Version: 4.60.122)
Kodak AIO Printer (Version: 7.5.0.0)
KODAK AiO Software (Version: 7.5.9.60)
KODAK Picture CD
KONICA_MINOLTA DiMAGE remote camera driver (Version: 1.0.0)
Lexmark Supplies Monitor
Lexmark Z65
LightScribe 1.4.42.1 (Version: 1.4.42.1)
Little Bear Toddler
Logitech Gaming Software (Version: 4.40)
Logitech SetPoint (Version: 4.60)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 90.0.146.000)
Microsoft .NET Framework (English) (Version: 1.0.3705)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Windows Journal Viewer (Version: 1.5.2315.3)
Modem Helper
Monsters Jr
MotoHelper 2.1.32 Driver 5.4.0 (Version: 2.1.32)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0)
Move Media Player
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSN Messenger 6.0 (Version: 6.0.0268)
MSN Messenger 6.0 (Version: 6.0.0602)
MSN Messenger 6.1 (Version: 6.1.0155)
MSN Messenger 6.1 (Version: 6.1.0207)
MSN Music Assistant
MSN Toolbar
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
MSXML4 Parser (Version: 1.0.0)
Nero Suite
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
ocr (Version: 6.2.3.50)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
Opera 11.50 (Version: 11.50.1074)
Pacman
Paint Shop Pro 7 (Version: 7.05.0000)
PanoStandAlone (Version: 90.0.146.000)
Picasa 3 (Version: 3.8)
Play Pickle
PlayStation®Network Downloader (Version: 2.02.00076)
PlayStation®Store (Version: 3.1.8.07881)
Pop-Up Stopper Free Edition (Version: 3.0)
PowerDVD
PreReq (Version: 6.2.4.0)
PSSWCORE (Version: 2.01.0000)
Puppy Luv (Version: 1.07.0000)
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Rhapsody
Rhapsody Player Engine (Version: 1.0.604)
Rhapsody Player Engine (Version: 1.1.0)
SBC Yahoo! DSL Activation
Search Results Toolbar (Version: 1.0.0.12)
Searchqu Toolbar (Version: 4.1.0.3114)
SolutionCenter (Version: 90.0.146.000)
Sony DVD Handycam USB Driver
SopCore 1.1.1 (Version: 1.1.1)
Sound Blaster Live!
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.0)
SpywareBlaster 4.1 (Version: 4.1.0)
SpywareGuard v2.2 (Version: 2.2)
StartNow Toolbar (Version: 2.4.0)
Status (Version: 90.0.146.000)
Sunbelt Personal Firewall (Version: 4.6.1861.0)
SUPERAntiSpyware (Version: 4.55.1000)
Time to Play Pet Shop
Tom Clancy's Rainbow Six 3: Athena Sword 1.00.000 (Version: 1.00.000)
TrayApp (Version: 90.0.146.000)
UnloadSupport (Version: 9.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 7 Beta 3 (KB922880) (Version: 20060714.120000)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USB Card Reader
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VideoLAN 0.8.4a (Version: 0.8.4a)
VideoToolkit01 (Version: 90.0.146.000)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VTech® Photo Editor
Web Savings from Ebates
WebFldrs XP (Version: 9.50.6513)
WinDirStat 1.1.2
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows iLivid Toolbar (Version: 3.0.0.118320)
Windows Internet Explorer 7 (Version: 20061017.133151)
Windows Media Format 11 runtime
Windows Movie Maker 2.0 (Version: 2.0.0000)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WordPerfect Office 2002
WordPerfect Office 2002 (Version: 10)
Yahoo! Browser Services
Yahoo! BrowserPlus 2.9.8
Yahoo! Search Protection
Yahoo! Software Update

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 767 MB
Available physical RAM: 473.67 MB
Total Pagefile: 1876.31 MB
Available Pagefile: 1539.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1977.92 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:55.86 GB) (Free:27.62 GB) NTFS
3 Drive d: (KODAKAioPrinter) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\THEWIZARD

Administrator ASPNET Brian Willoughby
Guest HelpAssistant lxal_THEWIZARD
Rachel Willoughby SUPPORT_388945a0 SUPPORT_3f151ab9

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:18 AM

Posted 25 September 2012 - 01:14 PM

OK, let's see if we can clear more out...

Run TFC by OT (Temp File Cleaner)
Please download TFC by Old Timer and save it to your desktop.
alternate download link

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.


Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Flyingsushi

Flyingsushi
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 25 September 2012 - 08:16 PM

Boopme, I ran tdsskiller, but for some reason I couldn't copy the log it generated. I was unable to highlight anything to copy it so I don't have it to show you. I can tell you the tool did have me reboot the computer.

Here is the ESET Online Scan.


C:\Documents and Settings\Brian Willoughby.THEWIZARD\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@plpickle.com\components\pptlf.dll a variant of Win32/Adware.Gamevance.BH application cleaned by deleting - quarantined
C:\Documents and Settings\Brian Willoughby.THEWIZARD\Local Settings\Application Data\Opera\Opera\cache\g_001B\opr04AGS.tmp JS/Kryptik.BB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Brian Willoughby.THEWIZARD\Local Settings\Application Data\Opera\Opera\cache\g_001B\opr04AGV.tmp JS/Kryptik.BB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Brian Willoughby.THEWIZARD\Local Settings\Application Data\Opera\Opera\cache\g_001C\opr04AGX.tmp JS/Kryptik.BB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Brian Willoughby.THEWIZARD\My Documents\100MLT29\Desktop\SDFix.exe Win32/PrcView application deleted - quarantined
C:\Documents and Settings\Brian Willoughby.THEWIZARD\My Documents\Downloads\iLividSetupV1(1).exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Documents and Settings\Brian Willoughby.THEWIZARD\My Documents\Downloads\iLividSetupV1(2).exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\FoxTabFLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Program Files\GameSpy Arcade\Custom\classes.dex Android/DroidRooter.A application cleaned by deleting - quarantined
C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite.A application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\ReactivateIE.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\Windows iLivid Toolbar\Datamngr\DnsBHO.dll a variant of Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\TDSSKiller_Quarantine\25.09.2012_17.14.09\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.09.2012_17.14.09\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.09.2012_17.14.09\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.09.2012_17.14.09\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.09.2012_17.14.09\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.LA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.09.2012_17.14.09\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.09.2012_17.14.09\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.09.2012_17.14.09\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.09.2012_17.14.09\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:18 AM

Posted 25 September 2012 - 08:31 PM

Hi,looks like ESET found and cleaned what TDSS fiund anyway ,so that's good.

Are the icons still fouled up?

I want to see if there are more rootkits.



Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Flyingsushi

Flyingsushi
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 29 September 2012 - 05:09 PM

Sorry for the delay.

Yes, everything seems to be working normally now.


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-29 18:06:04
-----------------------------
18:06:04.015 OS Version: Windows 5.1.2600 Service Pack 3
18:06:04.015 Number of processors: 1 586 0x207
18:06:04.015 ComputerName: THEWIZARD UserName:
18:06:15.671 Initialize success
18:06:43.625 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:06:43.625 Disk 0 Vendor: ST360015A 3.33 Size: 57241MB BusType: 3
18:06:43.656 Disk 0 MBR read successfully
18:06:43.656 Disk 0 MBR scan
18:06:43.656 Disk 0 Windows XP default MBR code
18:06:43.656 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 39 MB offset 63
18:06:43.656 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 57200 MB offset 80325
18:06:43.656 Disk 0 scanning sectors +117226305
18:06:43.718 Disk 0 scanning C:\WINDOWS\system32\drivers
18:06:56.140 Service scanning
18:07:28.921 Modules scanning
18:07:49.687 Disk 0 trace - called modules:
18:07:49.718 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
18:07:49.718 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83b58ab8]
18:07:50.078 3 CLASSPNP.SYS[f756ffd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x83b7ad98]
18:07:50.078 Scan finished successfully
18:08:02.546 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Brian Willoughby.THEWIZARD\My Documents\olivia pictures\100MLT29\Desktop\MBR.dat"
18:08:02.546 The log file has been saved successfully to "C:\Documents and Settings\Brian Willoughby.THEWIZARD\My Documents\olivia pictures\100MLT29\Desktop\aswMBR.txt"

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:18 AM

Posted 30 September 2012 - 08:37 PM

Looks good here.... If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Flyingsushi

Flyingsushi
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 06 October 2012 - 05:26 PM

Thank you Boopme, I appreciate your time and effort cleaning up this old computer. I almost bought another one. Thanks for getting this one cleaned up because it might be old, but it works just fine for what I need it to do. Thank you!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:18 AM

Posted 06 October 2012 - 09:44 PM

You're welcome! I still like my old XP one also.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Flyingsushi

Flyingsushi
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 07 October 2012 - 07:55 PM

Boopme, I don't think we are finished yet, lol. I think I messed something up on the restore point. I have no sound and I don't think the computer even sees the hardware? Under sounds and audio device properties, it says, "no audio device". I can't seem to find the hardware on the computer. My current speakers were installed earlier this year and I do not have the disk.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:18 AM

Posted 07 October 2012 - 08:04 PM

Do you still have a older Restore Point to use?

if not run
SFC

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Flyingsushi

Flyingsushi
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 07 October 2012 - 10:25 PM

I restored it back to my last restore date which was Saturday evening and now my sound is working.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:18 AM

Posted 08 October 2012 - 11:13 AM

Let's give it a day and be sure it all OK.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Flyingsushi

Flyingsushi
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 10 October 2012 - 03:11 PM

As far as I can tell, everything is good. This old thing works great.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users