Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browsers Hijacked


  • Please log in to reply
25 replies to this topic

#1 jesst940

jesst940

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 18 January 2015 - 05:14 PM

Hello, 
I had hoped I wouldn't need the help of  you good people again, but here I am. :-)
 
Dell 2400 Dimension, Intel Celeron, cpu 2.40GHz,  2.39GHz, 2.0GB ram. Windows XP, SP3. Version 2002 Home.
 
 Yes, I am infected. 
  Been going on for 2 months. Browsers hijacked, freeze ups, at least one blue screen. Using free versions of Malwarebytes then & now, with addition of Kaspersky trial, now. Also used the 
Kaspersky uninstall page to delete all known previous anti-virus utilities. Uninstalled Panda Cloud free as it seemed to be the cause of some freezes. (Though Panda did indicate finding a trojan early in the 2 month ordeal.
  First 'attack' seemed to originate with Andromenda with strange but identical browsers subbing for 3 browsers. 
 
Personal Searching 2 months ago produced this info:
Speed Browser Publisher: Eager Wire Apps,LLC. 
 
 
Eset found this 2 months ago:
C:\Documents and Settings\All Users\Application Data\InstaShare\uninstall.exe a variant of 
MSIL/Adware.PullUpdate.F application cleaned by deleting - quarantined
 
C:\Documents and Settings\All Users\Application Data\PXYWCQKfujS\PxcPtHoULaB.exe
variant of MSIL/Adware.PullUpdate.F application cleaned by deleting - quarantined
 
C:\Documents and Settings\All Users\Application Data\PXYWCQKfujS\dat\EzwEdqeVJ.dll
variant of MSIL/Adware.PullUpdate.C application cleaned by deleting - quarantined
 
C:\Documents and Settings\All Users\Application Data\PXYWCQKfujS\dat\jLHDcSsLHsu.exe
variant of MSIL/Adware.PullUpdate.F application cleaned by deleting - quarantined
 
Malwarebytes (same time frame ) produced this info:
Registry Keys: 1
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B2
75-4683-907B-372FAE22BC7C}, , [34d09e7798e4fc3afdadccd6a2607789], 
 
 
Only Opera was spared the substitute browser, but still has Andromenda firmly planted as search provider. At time of original infection, I did many virus scans with MWB and Panda plus some 
program deletes. Aside from not being able to get rid of the Opera Andromenda tab, computer seemed to be back to normal. Normal for this older version is not that fast anyway, however some games and sites were extra laggy, still.
 
  AT PRESENT: Avira is monitoring some browsers, though a 'cannot display page' error came up on every browser on which I tried to download Avira. Could not download Avast, SuperAntiSpyware, Trend Micro and others. Get the "cannot display" 
 
I have ran the Kaspersky uninstall tools on every virus utility I remotely suspected might have been 
previously installed.
 
  Just finished a full MWB scan last night (started with Chameleon)- nothing found.
A full Kaspersky scan including rootkit finished around midnight - nothing found.
Ran Eset a couple days ago. Same result.
  Still getting unwanted browser popups, tabs, search engines etc.
Twice today, I have attempted to download a couple of your reccomended pre-post utilities
(Revo & CCleaner) Get the 'cannot display page' msg.
 
Though have been able to download a calendar template recently and a game, two days ago, which is since deleted-gave me a yahoo search and I use google - just my preference. I always look for add on programs when downloading. Yahoo slipped in somehow. 
 
 Still getting random freezes, odd exe(s) in task manager,(plugin-nm-server....)&(avpui.exe)
Command Prompt shows to be running at present?
CPU running 100% most of the time.
I am sure "IT" is still in there. I can smell it ...ugh !
 
Will attempt to post a 'Paint' utility copy of Opera history of browsing activity (not mine) when problems began on 9-12-14. This person clicked on a "your computer is at risk" popup :-)
 
Would appreciate any help & suggestions. Thanks
 
PS. Cannot see how to upload the pic of browser history which I believe started this.
I there is need to see that, please advise on how to do this on reply.    Thank You

jesst940 :flowers: 


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:25 PM

Posted 18 January 2015 - 05:16 PM

Hi Jess, what browser are you using.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jesst940

jesst940
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 18 January 2015 - 05:18 PM

Thank you for quick response. Will get started on the tasks. I mostly use Google Chrome

Also have Internet Explorer 8, Opera and Firefox. Of these utilities won't load/run on

one I will try another. Post back whether have success or not.


Edited by jesst940, 18 January 2015 - 05:26 PM.

jesst940 :flowers: 


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:25 PM

Posted 18 January 2015 - 05:25 PM

OK, I have to run to the airport soon but
I'll be back.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 jesst940

jesst940
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 18 January 2015 - 05:45 PM

 This is the results of trying to download MiniToolBox. Should I continue to the next utility?

 

MiniToolBox:

 

Opera/Bing - "Connection closed by remote server"

 

Chrome - "This webpage is not available"

 

IE8   -   Internet Explorer cannot display the webpage 

 

Firefox - The connection was reset

The connection to the server was reset while the page was 

 

loading.


jesst940 :flowers: 


#6 jesst940

jesst940
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 18 January 2015 - 05:50 PM

ok. thank you


Edited by jesst940, 18 January 2015 - 10:02 PM.

jesst940 :flowers: 


#7 jesst940

jesst940
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 18 January 2015 - 07:04 PM

From Safe Mode: I have mixed emotions. I am very angry that I cannot download and use any of these utilities

except possibly Eset,-- not sure but seemed to be ready to download--which is supposed to be last used.

I am also saddened that while on Opera a pop-up about certificates, led me to history which clearly shows who

is hijacking  me and I can do nothing about it.

 BlueKai.com ... tied with facebook somehow & apparently shared with some other entities.

                 --------------------------------------------------------------------------------

Pop-up:   The server's certificate did not match its hostname. Accept?
Server name:
static.ak.facebook.com
a248.e.akamai.net
Cybertrust Public SureServer SV CA
Akamai Technologies
Baltimore Cyber Trust Root


Edited by jesst940, 18 January 2015 - 10:01 PM.

jesst940 :flowers: 


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:25 PM

Posted 19 January 2015 - 11:05 AM

Sorry that trip was a night mare.. Can you run RKILl?

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 jesst940

jesst940
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 19 January 2015 - 08:39 PM

  No Problem, Global, about the timing of posts. It gave me time to try and run Mini Tool Box, TDDS Killer, Adw Cleaner & Junk Ware Removal Tool from Safe mode. Still got the error messages from Internet Explorer, Chrome, Opera & Firefox when loading the Download page.

   I will try your latest suggestion of Rkill, link 1 & link 2. I do not have good expectations of it downloading.

I am thinking that my only recourse is purchasing a CD and running that in attempt to disinfect.  Do you reccomend a good one? 

  Of course there is the option of wiping and rebooting the OS. That might not be worth the trouble due to the fact that this system is so old and memory & ram are limited.  I did plug in a RAM when I frist got it about 2 years ago. It has already been rebooted once by the previous owner. Enough chatter... time to try Rkill.  Thank you very much for the followup, Global.

Kind Regards

jesst940


jesst940 :flowers: 


#10 jesst940

jesst940
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 19 January 2015 - 09:16 PM

  Here are results of 2 runs of Rkill. Didn't show finding anything that I can tell. At end of report,

It reccomended running my virus utility.

  I will run Malwarebytes first. Lately, have been running it daily, its on manual.

Then, intend to run Kaspersky, which is currently set to "pause protection" but I see by a mouse-over

that a rootkit scan is at 36%. (?) Could I have a conflict here?

  Running the two utilities, one at a time, shoud take the remainder of the night. Report back tomorrow.

  *Just an aside: I had an online chat with Kaspersky people last night. Jest of conversation is that I don't have real

protection until I activate the free utility. My question to them was how do I know if I want to purchase if I cannot

see what ithe utility does. No slam on Kaspersky. Guess you could call it a misunderstanding.

  On that subject, Malwarebytes hasn't found any malware in a while either. Have been starting Malwarebytes

through Chameleon since problems resurfaced. 

  Can you suggest a good Malware CD that I can plug in and disinfect that way ? 

 

--------------------------------------------------------------------------------------------------------

!st Run 

 

 Rkill 2.7.0 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2015 BleepingComputer.com

More Information about Rkill can be found at this link:

 http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 01/19/2015 07:41:55 PM in x86 mode.

Windows Version: Microsoft Windows XP Service Pack 3

 

Checking for Windows services to stop:

 

 * No malware services found to stop.

 

Checking for processes to terminate:

 

 * No malware processes found to kill.

 

Checking Registry for malware related settings:

 

 * No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

 * Reparse Point/Junctions Found (Most likely legitimate)!

 

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

 

Checking Windows Service Integrity: 

 

 * No issues found.

 

Searching for Missing Digital Signatures: 

 

 * No issues found.

 

Checking HOSTS File: 

 

 * HOSTS file entries found: 

 

  127.0.0.1       localhost

 

Program finished at: 01/19/2015 07:43:53 PM

Execution time: 0 hours(s), 1 minute(s), and 58 seconds(s)

 

--------------------------------------------------------------------------

2nd Run:

Rkill 2.7.0 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2015 BleepingComputer.com

More Information about Rkill can be found at this link:

 http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 01/19/2015 07:46:33 PM in x86 mode.

Windows Version: Microsoft Windows XP Service Pack 3

 

Checking for Windows services to stop:

 

 * No malware services found to stop.

 

Checking for processes to terminate:

 

 * No malware processes found to kill.

 

Checking Registry for malware related settings:

 

 * No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

 * Reparse Point/Junctions Found (Most likely legitimate)!

 

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

 

Checking Windows Service Integrity: 

 

 * No issues found.

 

Searching for Missing Digital Signatures: 

 

 * No issues found.

 

Checking HOSTS File: 

 

 * HOSTS file entries found: 

 

  127.0.0.1       localhost

 

Program finished at: 01/19/2015 07:47:31 PM

Execution time: 0 hours(s), 0 minute(s), and 58 seconds(s)

----------------------------------------------------------------------

Thanks Again    :bubbles:


jesst940 :flowers: 


#11 jesst940

jesst940
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 20 January 2015 - 03:28 PM

  Malwarebytes Free and Kaspersky Trial were run on this Dell 2400 last night, one at a time. Neither utility found anything. 

Still cannot download if it is related to System or Security. Actually haven't tried any other type of download.

Looking for ways to Backup Windows registry without downloading.

. Also, investigating registry identity of Malware/Browser Hijacker. I wouldn't make a good detective

Made only one small change, that being alerted of reason for system shutdown.

It worked! I had to click a reason from a drop down menu on a restart.

I am making progress.  :warrior:  

Regards, jesst940

 

PS My apologies,boopme,  for addressing you as "Global".  Obviously that is your position, not your name.


jesst940 :flowers: 


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:25 PM

Posted 20 January 2015 - 04:58 PM

OK one more thing and then maybe the reload.

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk, then restart your computer.

1406373241-3-o.png


Once the above is done, go to Step 4 and allow it to run System File Check by clicking on the Do It button.

1406373250-4-o.png


Go to Step 5 and under"System Restore" click on Create button.

1406373259-5-o.png


Go to Start Repairs tab and click the Start button.

1406373267-start1-o.png


Leave the check marks as they are.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start Repairs button.

1406373275-start2-o.png


After the repair finished, you may be prompted to restart the computer. Please allow it to do so.

Please post the Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 jesst940

jesst940
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 21 January 2015 - 09:40 AM

  Below is log of test run of chkdsk. Set full version of chkdsk to run at 11:00pm. At 6:00am it had finished and computer had

restarted.  Didn't find log of that run on desktop nor in Documents. Might it be somewhere else?

  On hold with step 4 while I locate the Boot CD. Searching for a backup copy on this system. If there is one, would it be

possible to use that instead of a CD, and how to implement that?

        ----------------------------------------------------------------------------------

 

Microsoft Windows XP [Version 5.1.2600]

© Copyright 1985-2001 Microsoft Corp.

 

C:\Documents and Settings\Owner\My Documents\Downloads>CD /D C:\

 

C:\>chkdsk C:

The type of the file system is NTFS.

 

WARNING!  F parameter not specified.

Running CHKDSK in read-only mode.

 

CHKDSK is verifying files (stage 1 of 3)...

100 percent completed.               

File verification completed.

CHKDSK is verifying indexes (stage 2 of 3)...

100 percent completed.               

Index verification completed.

CHKDSK is verifying security descriptors (stage 3 of 3)...

100 percent completed.               

Security descriptor verification completed.

CHKDSK is verifying Usn Journal...

Usn Journal verification completed.

CHKDSK discovered free space marked as allocated in the volume bitmap.

Windows found problems with the file system.

Run CHKDSK with the /F (fix) option to correct these.

 

  78116030 KB total disk space.

  45804152 KB in 93857 files.

     42948 KB in 10175 indexes.

         0 KB in bad sectors.

    340634 KB in use by the system.

     65536 KB occupied by the log file.

  31928296 KB available on disk.

 

      4096 bytes in each allocation unit.

  19529007 total allocation units on disk.

7982074 allocation units available on disk.

 

C:\>

   ----------------------------------------------------------
Thanks again

jesst940 :flowers: 


#14 jesst940

jesst940
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:07:25 PM

Posted 21 January 2015 - 11:48 AM

Hello again,     

   In case anyone else has the problem of inability to download:  After trying to download Windows Repair, without success, with each download link on every browser that I have installed ( IE 8, Chrome, Opera, & Firefox) , I finally found  'New Private Window'  in Firefox tools menu (upper right) and that allowed the download.

 

Submitting results of running Windows Repair as well as the full CHKDSK. 

 

New Question:-) Do you reccomend using the 'Tweaks' on the last tab of the Tweaking com Utility? Looks like I am being optomistic, don't know yet if latest operations have fixed the problem.  Will update on that.

 

      --------------------------------------------------------------------------

 

CHKDSK full scan:

Microsoft Windows XP [Version 5.1.2600]

© Copyright 1985-2001 Microsoft Corp.

 

C:\Documents and Settings\Owner\My Documents\Downloads>CD /D C:\

 

C:\>chkdsk C:

The type of the file system is NTFS.

 

WARNING!  F parameter not specified.

Running CHKDSK in read-only mode.

 

CHKDSK is verifying files (stage 1 of 3)...

0 percent completed.               

1 percent completed.               

2 percent completed.               

3 percent completed.               

4 percent completed.               

5 percent completed.               

6 percent completed.               

7 percent completed.               

8 percent completed.               

9 percent completed.               

10 percent completed.               

11 percent completed.               

12 percent completed.               

13 percent completed.               

14 percent completed.               

15 percent completed.               

16 percent completed.               

17 percent completed.               

18 percent completed.               

19 percent completed.               

20 percent completed.               

21 percent completed.               

22 percent completed.               

23 percent completed.               

24 percent completed.               

25 percent completed.               

26 percent completed.               

27 percent completed.               

28 percent completed.               

29 percent completed.               

30 percent completed.               

31 percent completed.               

32 percent completed.               

33 percent completed.               

34 percent completed.               

35 percent completed.               

36 percent completed.               

37 percent completed.               

38 percent completed.               

39 percent completed.               

40 percent completed.               

41 percent completed.               

42 percent completed.               

43 percent completed.               

44 percent completed.               

45 percent completed.               

46 percent completed.               

47 percent completed.               

48 percent completed.               

49 percent completed.               

50 percent completed.               

51 percent completed.               

52 percent completed.               

53 percent completed.               

54 percent completed.               

55 percent completed.               

56 percent completed.               

57 percent completed.               

58 percent completed.               

59 percent completed.               

60 percent completed.               

61 percent completed.               

62 percent completed.               

63 percent completed.               

64 percent completed.               

65 percent completed.               

66 percent completed.               

67 percent completed.               

68 percent completed.               

69 percent completed.               

70 percent completed.               

71 percent completed.               

72 percent completed.               

73 percent completed.               

74 percent completed.               

75 percent completed.               

76 percent completed.               

77 percent completed.               

78 percent completed.               

79 percent completed.               

80 percent completed.               

81 percent completed.               

82 percent completed.               

83 percent completed.               

84 percent completed.               

85 percent completed.               

86 percent completed.               

87 percent completed.               

88 percent completed.               

89 percent completed.               

90 percent completed.               

91 percent completed.               

92 percent completed.               

93 percent completed.               

94 percent completed.               

95 percent completed.               

96 percent completed.               

97 percent completed.               

98 percent completed.               

99 percent completed.               

100 percent completed.               

File verification completed.

CHKDSK is verifying indexes (stage 2 of 3)...

0 percent completed.               

1 percent completed.               

2 percent completed.               

3 percent completed.               

4 percent completed.               

5 percent completed.               

6 percent completed.               

7 percent completed.               

8 percent completed.               

9 percent completed.               

10 percent completed.               

11 percent completed.               

12 percent completed.               

13 percent completed.               

14 percent completed.               

15 percent completed.               

16 percent completed.               

17 percent completed.               

18 percent completed.               

19 percent completed.               

20 percent completed.               

21 percent completed.               

22 percent completed.               

23 percent completed.               

24 percent completed.               

25 percent completed.               

26 percent completed.               

27 percent completed.               

28 percent completed.               

29 percent completed.               

30 percent completed.               

31 percent completed.               

32 percent completed.               

33 percent completed.               

34 percent completed.               

35 percent completed.               

36 percent completed.               

37 percent completed.               

38 percent completed.               

39 percent completed.               

40 percent completed.               

41 percent completed.               

42 percent completed.               

43 percent completed.               

44 percent completed.               

45 percent completed.               

46 percent completed.               

47 percent completed.               

48 percent completed.               

49 percent completed.               

50 percent completed.               

51 percent completed.               

52 percent completed.               

53 percent completed.               

54 percent completed.               

55 percent completed.               

56 percent completed.               

57 percent completed.               

58 percent completed.               

59 percent completed.               

60 percent completed.               

61 percent completed.               

62 percent completed.               

63 percent completed.               

64 percent completed.               

65 percent completed.               

66 percent completed.               

67 percent completed.               

68 percent completed.               

69 percent completed.               

70 percent completed.               

71 percent completed.               

72 percent completed.               

73 percent completed.               

74 percent completed.               

75 percent completed.               

76 percent completed.               

77 percent completed.               

78 percent completed.               

79 percent completed.               

80 percent completed.               

81 percent completed.               

82 percent completed.               

83 percent completed.               

84 percent completed.               

85 percent completed.               

86 percent completed.               

87 percent completed.               

88 percent completed.               

89 percent completed.               

90 percent completed.               

91 percent completed.               

92 percent completed.               

93 percent completed.               

94 percent completed.               

95 percent completed.               

96 percent completed.               

97 percent completed.               

98 percent completed.               

99 percent completed.               

100 percent completed.               

Index verification completed.

CHKDSK is verifying security descriptors (stage 3 of 3)...

0 percent completed.               

1 percent completed.               

2 percent completed.               

3 percent completed.               

4 percent completed.               

5 percent completed.               

6 percent completed.               

7 percent completed.               

8 percent completed.               

9 percent completed.               

10 percent completed.               

11 percent completed.               

12 percent completed.               

13 percent completed.               

14 percent completed.               

15 percent completed.               

16 percent completed.               

17 percent completed.               

18 percent completed.               

19 percent completed.               

20 percent completed.               

21 percent completed.               

22 percent completed.               

23 percent completed.               

24 percent completed.               

25 percent completed.               

26 percent completed.               

27 percent completed.               

28 percent completed.               

29 percent completed.               

30 percent completed.               

31 percent completed.               

32 percent completed.               

33 percent completed.               

34 percent completed.               

35 percent completed.               

36 percent completed.               

37 percent completed.               

38 percent completed.               

39 percent completed.               

40 percent completed.               

41 percent completed.               

42 percent completed.               

43 percent completed.               

44 percent completed.               

45 percent completed.               

46 percent completed.               

47 percent completed.               

48 percent completed.               

49 percent completed.               

50 percent completed.               

51 percent completed.               

52 percent completed.               

53 percent completed.               

54 percent completed.               

55 percent completed.               

56 percent completed.               

57 percent completed.               

58 percent completed.               

59 percent completed.               

60 percent completed.               

61 percent completed.               

62 percent completed.               

63 percent completed.               

64 percent completed.               

65 percent completed.               

66 percent completed.               

67 percent completed.               

68 percent completed.               

69 percent completed.               

70 percent completed.               

71 percent completed.               

72 percent completed.               

73 percent completed.               

74 percent completed.               

75 percent completed.               

76 percent completed.               

77 percent completed.               

78 percent completed.               

79 percent completed.               

80 percent completed.               

81 percent completed.               

82 percent completed.               

83 percent completed.               

84 percent completed.               

85 percent completed.               

86 percent completed.               

87 percent completed.               

88 percent completed.               

89 percent completed.               

90 percent completed.               

91 percent completed.               

92 percent completed.               

93 percent completed.               

94 percent completed.               

95 percent completed.               

96 percent completed.               

97 percent completed.               

98 percent completed.               

99 percent completed.               

100 percent completed.               

Security descriptor verification completed.

CHKDSK is verifying Usn Journal...

Usn Journal verification completed.

CHKDSK discovered free space marked as allocated in the volume bitmap.

Windows found problems with the file system.

Run CHKDSK with the /F (fix) option to correct these.

 

  78116030 KB total disk space.

  45804152 KB in 93857 files.

     42948 KB in 10175 indexes.

         0 KB in bad sectors.

    340634 KB in use by the system.

     65536 KB occupied by the log file.

  31928296 KB available on disk.

 

      4096 bytes in each allocation unit.

  19529007 total allocation units on disk.

   7982074 allocation units available on disk.

 

C:\>

    -----------------------------------------------------
 
Windows Repair Log
 
Tweaking.com - Windows Repair v2.10.3
--------------------------------------------------------------------------------
 
System Variables
--------------------------------------------------------------------------------
OS: Microsoft Windows XP
OS Architecture: 32-bit
OS Version: 5.1.2600
OS Service Pack: Service Pack 3
Computer Name: WINDOWS-WV34G89
Windows Drive: C:\
Windows Path: C:\WINDOWS
Program Files: C:\Program Files
Current Profile: C:\Documents and Settings\Owner
Current Profile SID: S-1-5-21-2025429265-1965331169-839522115-1003
Current Profile Classes: S-1-5-21-2025429265-1965331169-839522115-1003_Classes
Profiles Location: C:\Documents and Settings
Profiles Location 2: C:\WINDOWS\ServiceProfiles
Local Settings AppData: C:\Documents and Settings\Owner\Local Settings\Application Data
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 10:10:09
 
Process Count: 26
Commit Total: 514.21 MB
Commit Limit: 4.78 GB
Commit Peak: 1.07 GB
Handle Count: 9949
Kernel Total: 89.17 MB
Kernel Paged: 61.27 MB
Kernel Non Paged: 27.90 MB
System Cache: 1.51 GB
Thread Count: 432
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.00 GB
Memory Used: 494.33 MB(24.1607%)
Memory Avail.: 1.52 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.00 GB
Memory Used: 367.39 MB(17.9565%)
Memory Avail.: 1.64 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Started at (1/21/2015 9:36:23 AM)
 
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 56
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (1/21/2015 9:36:31 AM)
   Running Repair Under Current User Account
   Done (1/21/2015 9:37:23 AM)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (1/21/2015 9:37:23 AM)
   Running Repair Under System Account
   Done (1/21/2015 9:44:22 AM)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (1/21/2015 9:44:22 AM)
   Running Repair Under System Account
   Done (1/21/2015 9:47:49 AM)
 
03 - Reset Service Permissions
   Start (1/21/2015 9:47:49 AM)
   Running Repair Under System Account
   Done (1/21/2015 9:48:33 AM)
 
04 - Register System Files
   Start (1/21/2015 9:48:33 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 9:52:12 AM)
 
05 - Repair WMI
   Start (1/21/2015 9:52:12 AM)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   Bitdefender Antivirus Free Edition Exported.
   AVG AntiVirus 2014 Exported.
   Kaspersky Internet Security Exported.
 
   Exporting 3rd Party Firewall Info...
   Kaspersky Internet Security Exported.
 
   Running Repair Under Current User Account
   Done (1/21/2015 9:55:59 AM)
 
06 - Repair Windows Firewall
   Start (1/21/2015 9:55:59 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 9:56:23 AM)
 
07 - Repair Internet Explorer
   Start (1/21/2015 9:56:23 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:01:02 AM)
 
08 - Repair MDAC/MS Jet
   Start (1/21/2015 10:01:02 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:01:29 AM)
 
09 - Repair Hosts File
   Start (1/21/2015 10:01:29 AM)
   Running Repair Under System Account
   Done (1/21/2015 10:01:31 AM)
 
10 - Remove Policies Set By Infections
   Start (1/21/2015 10:01:31 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:01:37 AM)
 
11 - Repair Start Menu Icons Removed By Infections
   Start (1/21/2015 10:01:37 AM)
   Running Repair Under System Account
   Done (1/21/2015 10:01:40 AM)
 
12 - Repair Icons
   Start (1/21/2015 10:01:40 AM)
   Running Repair Under Current User Account
   Done (1/21/2015 10:01:41 AM)
 
13 - Repair Winsock & DNS Cache
   Start (1/21/2015 10:01:41 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:02:00 AM)
 
15 - Repair Proxy Settings
   Start (1/21/2015 10:02:00 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:02:03 AM)
 
17 - Repair Windows Updates
   Start (1/21/2015 10:02:03 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (1/21/2015 10:03:18 AM)
 
18 - Repair CD/DVD Missing/Not Working
   Start (1/21/2015 10:03:18 AM)
   iTunes was found, adding UpperFilters for iTunes Reg Key
   UpperFilters added?: True
   Done (1/21/2015 10:03:18 AM)
 
19 - Repair Volume Shadow Copy Service
   Start (1/21/2015 10:03:18 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:04:22 AM)
 
21 - Repair MSI (Windows Installer)
   Start (1/21/2015 10:04:22 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:04:41 AM)
 
23.01 - Repair bat Association
   Start (1/21/2015 10:04:41 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:04:45 AM)
 
23.02 - Repair cmd Association
   Start (1/21/2015 10:04:45 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:04:48 AM)
 
23.03 - Repair com Association
   Start (1/21/2015 10:04:48 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:04:51 AM)
 
23.04 - Repair Directory Association
   Start (1/21/2015 10:04:51 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:04:55 AM)
 
23.05 - Repair Drive Association
   Start (1/21/2015 10:04:55 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:04:58 AM)
 
23.06 - Repair exe Association
   Start (1/21/2015 10:04:58 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:05:01 AM)
 
23.07 - Repair Folder Association
   Start (1/21/2015 10:05:01 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:05:05 AM)
 
23.08 - Repair inf Association
   Start (1/21/2015 10:05:05 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:05:08 AM)
 
23.09 - Repair lnk (Shortcuts) Association
   Start (1/21/2015 10:05:08 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:05:12 AM)
 
23.10 - Repair msc Association
   Start (1/21/2015 10:05:12 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:05:15 AM)
 
23.11 - Repair reg Association
   Start (1/21/2015 10:05:15 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:05:18 AM)
 
23.12 - Repair scr Association
   Start (1/21/2015 10:05:18 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:05:22 AM)
 
24 - Repair Windows Safe Mode
   Start (1/21/2015 10:05:23 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:05:27 AM)
 
25 - Repair Print Spooler
   Start (1/21/2015 10:05:27 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:05:51 AM)
 
26 - Restore Important Windows Services
   Start (1/21/2015 10:05:51 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:06:15 AM)
 
27 - Set Windows Services To Default Startup
   Start (1/21/2015 10:06:15 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:06:45 AM)
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 5.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 5.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 5.1
 
31 - Repair Windows 'New' Submenu
   Start (1/21/2015 10:06:45 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (1/21/2015 10:06:48 AM)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done at (1/21/2015 10:06:49 AM)
   Total Repair Time: 00:30:28
 
 
...YOU MUST RESTART YOUR SYSTEM...
      --------------------------------------------------
 
Thank You

jesst940 :flowers: 


#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:25 PM

Posted 21 January 2015 - 11:55 AM

This looks good.. How is it doing? I am not sure what other tweaks you meant.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users