Jump to content

Change Mode


  • Content Count

  • Joined

  • Last visited

About RayG

  • Rank

Contact Methods

  • Website URL
  • ICQ

Profile Information

  • Location
    Great White North

Previous Fields

  • System Specifications:
    Dell OptiPlex GX110, 40gig HD, 1ghz CPU, 256RAM
  • Teams:
    Linux Users Club
  1. I tried renaming it to analyze.exe and that still didn't work. Will try as you suggest and see if I can sneak it in. RayG
  2. Both options require installation, which the system will not allow me to do, even in safe mode in the administrative account. That's why this is particularly frustrating. RayG
  3. He doesn't have Ccleaner on the system, and it won't let me install or even copy any software to it. Even when I successfully copied over the utility software from my USB stick, the system wouldn't let me install or run any of them in either safe mode or regular windows. I also noticed that he has no internet options showing up in his control panel. Yet when I boot up with the Ubuntu CD I'm able to surf the net no problem. &%$#*@! Windows... RayG
  4. Was given yet another computer by a co-worker to tinker with, a Windows XP SP3 system with 2 GB of RAM. He complained that his task bar had disappeared and he was unable to connect to the net even though he could use other programs on his computer. Here's what I did last night: Logged in as administrator. System notifies me that ie4unit.exe ordinal not found, followed by 'ordinal 654 could not be located in the dynamic link library iertutil.dll. Then, an ordinal 672 error, followed by 'error loading C:\windows\system32\iedkcs32.dll'. It repeats the ordinal 672 error (RunDLL
  5. Thanks, I'll get that posted later today if I can find time. (I'm trying to troubleshoot a second system that's higher priority at present). I appreciate the help. RayG
  6. Latest HJT log looks better too: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:45:51 PM, on 20/11/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.
  7. Panda scan results: ;*********************************************************************************************************************************************************************************** ANALYSIS: 2009-11-19 23:36:42 PROTECTIONS: 2 MALWARE: 30 SUSPECTS: 1 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;======================
  8. Oh yeah, it would copy 'n paste, but the instructions said to 'attach' it, and I couldn't find any method for doing so. The file is copied/pasted below in the next post. File not found where indicated, nor anywhere else on the system. I've removed the McAfee program as her subscription had expired and she said it was ok to delete. Seems better, and it certainly has more space on the C: drive. RayG
  9. OTM log: All processes killed ========== FILES ========== File/Folder c:\windows\system32\dorizala.dll not found. File/Folder c:\windows\system32\muhodogu.dll not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\loyedukog deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{62164db5-0cfc-407c-9f45-6f530257a8f6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62164db5-0cfc-407c-9
  10. Cannot get Panda Log to attach... RayG
  11. Attach.txt UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-10-26.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 17/05/2004 8:17:58 AM System Uptime: 19/11/2009 7:19:41 PM (0 hours ago) Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-6734 Processor: AMD Athlon XP 2500+ | Socket A | 1831/166mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (FAT32) - 15 GiB total, 2.159 GiB free. D: is FIXED (FAT32) - 4 GiB total, 0.
  12. DDS.txt DDS (Ver_09-10-26.01) - FAT32x86 Run by Sandy at 19:55:51.57 on 19/11/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.447.142 [GMT -5:00] AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} ============== Running Processes ==============
  13. Brought home a co-worker's computer because she was complaining it was running kinda slow and I offered to have a look at it. She was nearly out of hard drive space on her C: drive (less than 80 megs free) so I moved some files over to a larger G: drive that had significantly more free space. After scanning her computer with McAfee, Malwarebytes, and VundoFix, I ran hjt and ended up with the following log file. I'm thinking everything looks fine except lines 20, 21, and 22. Am I correct in thinking these are nasties, and what's the best way to remove them? Any Help appreciated.
  14. Are you getting an error message? Sometimes, not often, but sometimes Firefox seems to not shut down completely. In that instance I open the task manager and shut it down manually, but I usually get an error saying that Firefox is already running. If that's not what's happening to you, I'd suggest uninstalling and then reinstalling Firefox to see if that helps. RayG
  • Create New...