Author Topic: [Resolved K] got something going on, what do you think?  (Read 7097 times)

0 Members and 1 Guest are viewing this topic.

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #90 on: March 22, 2012, 10:56:43 am »
Is there a way to just update or replace the windows files that are damaged or missing? and leave the  rest the same?

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #91 on: March 22, 2012, 12:56:09 pm »
How do I get the computer to use the OWNER user account? 

right now the desktop and everything are still the TEMP user.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7249
Re: [Resolved K] got something going on, what do you think?
« Reply #92 on: March 22, 2012, 02:18:19 pm »
I still am of the opinion that a factory reset is your best option. Regarding accounts, I thought you mentioned that there was only two accounts "Owner" and "Guest"

There should be no damaged system files, they would have been replaced when SP3 was installed...

OK do this :-

Select Start > Control Panel > System > In the System Properties window select the "Advance" tab.

Next, select the Settings button under the "User Profiles" section. Click the profile you want to copy from, which should be "Temp" (if it is still active)

Next, Click Copy to and type in or browse for the profile you want to overwrite.

Next, Click the "Permitted to use button" and add all user accounts that you want to give
full control of that profile to.

Click Ok.

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #93 on: March 23, 2012, 08:25:50 pm »
ok, so I did the factory reset. Got a few issues. During the installation it froze at 34/72 while installing applications. I haven't noticed much, but there are a few issues I'm having.

1: it says there are no audio devices
2: every time I reset the computer I have to go into wireless settings and check the box to have windows configure my wireless settings. Every time I reboot the computer, I have to go in and recheck it.

ideas?

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #94 on: March 23, 2012, 08:27:21 pm »
Also, there are a ton of programs going that I don't want going. Can you check the list and tell me how to stop them from coming on? The programs I downloaded for that is gone.

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #95 on: March 23, 2012, 10:58:43 pm »
I ran a program called driver update and it said I need to update or have corrupted drivers for:

-Modem Divice on High Speed Audio Bus
-ATI Radeon Express 200M Series
-Marvel Yukon 88E2032 PCI-E Fast Ethernet Control
-ATI SMBus
-Mass Storage Control
-Standard Dual Channel PCI IDE Controller

and the one I think is causing my audio device not to show up..

-IDT High Definition Audio Codec

My computer said it had an (error code 10)


I searched for drivers online, but the ones I found all had some related virus with files within. (I searched the weird file names before running them or installing them) extra careful now :)


So on the progress:

-No sound
-I have to check that box for windows to configure my wireless network every time I start the computer

Weird thing is, I had this (network box checking thing) happen to another computer a long time ago and the geek squad guy went in and fixed it really quickly, so I know it's something stupid and little.

The audio thing...I guess I just need to find the right driver. 

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #96 on: March 23, 2012, 11:33:14 pm »
Fixed the audio .... :t

still don't understand the box checking for windows configuring the wireless network every time I start the computer....

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7249
Re: [Resolved K] got something going on, what do you think?
« Reply #97 on: March 24, 2012, 03:01:00 am »
The factory reset was the best option, we could have chased our tails forever. OK as you`ve done the reset you will need to update to SP3 and IE8 at your earliest convenience. I gave you links/instructions previously, if you need them again let me know.

Regarding your connection do this:

Select start > run > in the box type services.msc > in the new window scroll to "Wireless Zero Configuration" that service Status should be "Started" and Start up type should be "Automatic"
If that is not true right click on the entry, select "properties" in the new window make the changes, apply and ok it.....

Did that help?

Secunia is the best tool to check for outdated apps etc.... Personal Software Inspector option (PSI) or Online Software Inspector (OSI) can be d/l from here http://secunia.com/vulnerability_scanning/personal/ choose the option that best suites your needs..

What about security, are you ok on that front or do you need any help. I can give links for a freebie set up if required....

Kevin

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #98 on: March 24, 2012, 05:15:38 am »
I did what you said and those settings were already on. Then I realized there's another wireless utility running. "Realtek RTL8187 wireless lan utility" I checked a box on that program that said "windows zero configuration".  Never would have known that was what it was called unless I read your last post.  :)1

I had Nortons 2012 reinstalled for an antivirus. Figured I paid the $45, might as well get it back on here. Then just the basic windows security center stuff all turned on.

I am using the newest version of Opera for my web browser.

Can I erase the BIG FIX program??


Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7249
Re: [Resolved K] got something going on, what do you think?
« Reply #99 on: March 24, 2012, 02:10:33 pm »
Yes I agree keep Norton, especially as you`ve paid for it. What is the BIG FIX program, not sure what you mean.... ???

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #100 on: March 24, 2012, 05:40:56 pm »
Yes I agree keep Norton, especially as you`ve paid for it. What is the BIG FIX program, not sure what you mean.... ???

It was a program that came with some gateway pc's. I read up on it and some people said it was helpful, some said it was harmless, and some said it erased files that it said had viruses and messed up their computers. Everyone pretty much said it could be removed, so I removed it :)

can I run a program so you can see what is running now and what needs replacing, or can just be turned off on start up?

CCleaner??

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7249
Re: [Resolved K] got something going on, what do you think?
« Reply #101 on: March 24, 2012, 05:59:06 pm »
Do you mean startup entries, if so CCleaner is the easiest way to make changes, If you go to Page 4 reply #58 of this thread the instructions are there, post that log and i`ll have a look for you...

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #102 on: March 24, 2012, 11:26:11 pm »
Yes   HKCU:Run   PhotoShow Deluxe Media Manager   C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
Yes   HKCU:Run   Power2GoExpress   NA
Yes   HKLM:Run   Adobe ARM   "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes   HKLM:Run   ATICCC   "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
Yes   HKLM:Run   ehTray   C:\WINDOWS\ehome\ehtray.exe
Yes   HKLM:Run   NeroFilterCheck   C:\WINDOWS\system32\NeroCheck.exe
Yes   HKLM:Run   Recguard   %WINDIR%\SMINST\RECGUARD.EXE
Yes   HKLM:Run   Reminder   %WINDIR%\Creator\Remind_XP.exe
Yes   HKLM:Run   SigmatelSysTrayApp   stsystra.exe
Yes   HKLM:Run   SynTPEnh   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Yes   HKLM:Run   SynTPLpr   C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Yes   Startup Common   REALTEK RTL8187 Wireless LAN Utility.lnk   C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe



Yes   Extension   Diagnose Connection Problems...   %windir%\Network Diagnostic\xpnetdiag.exe
Yes   Extension   Messenger   C:\Program Files\Messenger\msmsgs.exe
Yes   Extension   Real.com   C:\WINDOWS\system32\Shdocvw.dll
Yes   Extension   Research   C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
Yes   Helper   Adobe PDF Link Helper   C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Yes   Helper   CBrowserHelperObject Object   c:\windows\system32\BAE.dll
Yes   Helper   Java(tm) Plug-In 2 SSV Helper   C:\Program Files\Java\jre6\bin\jp2ssv.dll
Yes   Helper   Java(tm) Plug-In SSV Helper   C:\Program Files\Java\jre6\bin\ssv.dll
Yes   Helper   JQSIEStartDetectorImpl Class   C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Yes   Helper   Norton Vulnerability Protection   C:\Program Files\Norton AntiVirus\Engine\19.6.2.10\IPS\IPSBHO.DLL


Yes   Task   GoogleUpdateTaskMachineCore   C:\Program Files\Google\Update\GoogleUpdate.exe /c
Yes   Task   GoogleUpdateTaskMachineUA   C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler





thanks!!




Also, there are a lot of things happening that I'm not sure how to turn off. When I plug in an SD card, my external HD, or a flash drive, it's on auto something where it just starts reading everything on the drive. Can I stop that? And there are a lot of pop ups for windows telling me about files, I don't mind that, but the beep that it makes is load and happens even if I have the laptop on mute. Can I stop that? Little stuff like this that wasn't happening before the reset and I don't know how to turn them back off.



Otherwise, THANK YOU SO MUCH FOR ALL OF YOUR HELP!!!  I REALLY APPRECIATE IT!!! Computer is running fast and smooth!

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7249
Re: [Resolved K] got something going on, what do you think?
« Reply #103 on: March 25, 2012, 04:23:07 am »
Run CCleaner, select > Tools > start up tab.

As before Red means "Disable" for definite. Green means "Leave alone" and Blue means "Your choice"

Under Windows Tab

Yes   HKCU:Run   PhotoShow Deluxe Media Manager   C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
Yes   HKCU:Run   Power2GoExpress   NA
Yes   HKLM:Run   Adobe ARM   "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Yes   HKLM:Run   ATICCC   "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
Yes   HKLM:Run   ehTray   C:\WINDOWS\ehome\ehtray.exe
Yes   HKLM:Run   NeroFilterCheck   C:\WINDOWS\system32\NeroCheck.exe
Yes   HKLM:Run   Recguard   %WINDIR%\SMINST\RECGUARD.EXE
Yes   HKLM:Run   Reminder   %WINDIR%\Creator\Remind_XP.exe
Yes   HKLM:Run   SigmatelSysTrayApp   stsystra.exe
Yes   HKLM:Run   SynTPEnh   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Yes   HKLM:Run   SynTPLpr   C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Yes   Startup Common   REALTEK RTL8187 Wireless LAN Utility.lnk   C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe


Under Internet Explorer tab

Yes   Extension   Diagnose Connection Problems...   %windir%\Network Diagnostic\xpnetdiag.exe
Yes   Extension   Messenger   C:\Program Files\Messenger\msmsgs.exe
Yes   Extension   Real.com   C:\WINDOWS\system32\Shdocvw.dll
Yes   Extension   Research   C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

Yes   Helper   Adobe PDF Link Helper   C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Yes   Helper   CBrowserHelperObject Object   c:\windows\system32\BAE.dll
Yes   Helper   Java(tm) Plug-In 2 SSV Helper   C:\Program Files\Java\jre6\bin\jp2ssv.dll
Yes   Helper   Java(tm) Plug-In SSV Helper   C:\Program Files\Java\jre6\bin\ssv.dll
Yes   Helper   JQSIEStartDetectorImpl Class   C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Yes   Helper   Norton Vulnerability Protection   C:\Program Files\Norton AntiVirus\Engine\19.6.2.10\IPS\IPSBHO.DLL


Under Scheduled Tasks tab

Yes   Task   GoogleUpdateTaskMachineCore   C:\Program Files\Google\Update\GoogleUpdate.exe /c
Yes   Task   GoogleUpdateTaskMachineUA   C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler


Regarding the Auto Start feature, I agree it is the best option to turn off that feature, malware can use it to its advantage. Go to this link http://support.microsoft.com/kb/967715 Scroll down until you see Fixit icons, there will be two side by side. One to turn the feature OFF and one to turn it ON.
Obviously you`ll be using the OFF setting. I would make a note of that URL incase you ever need to turn the feature back on for any reason....

Let me know if the above completes OK, also any remaining issues, concerns or general questions....

Kevin  :t

Offline ngt

  • Bronze Member
  • Posts: 104
Re: [Resolved K] got something going on, what do you think?
« Reply #104 on: March 27, 2012, 07:20:05 am »
Cool. did all of that stuff. Everything seems to be running well. If this thread gets moved to the finished section and I have a question about something down the road, is it ok to PM you?

either way, THANK YOU SO MUCH!!! I really appreciate all of your time! Computer is running like a champ!


Just out of curiosity, what's the reason for "wiping empty space" with CCleaner?