Jump to content


Advanced Member
  • Content Count

  • Joined

  • Last visited

About coggley

  • Rank
    Advanced Member
  1. Hi again, I`m sure the usb stick is OK.I`m pretty sure I got the infection by clicking on a link on a website.Cant remember what the site was though.As soon as the pop ups started appearing I disconected the pc from the router and re booted it in safe mode.I then turned the laptop on and I`m sure it is clean.I then downloaded the tools I needed(MalwareBytes etc) to the laptops desktop,then transfered them to the usb drive.All the while my AVG software on the laptop didn`t give any alerts.I then researched how to get rid of AntiMalware Doctor.Then proceeded as above.After the cleaning was done the usb drive has been formatted.So I`m pretty sure everything is safe now Thanks again Coggley
  2. OK an update of what I did.As I got rid of the AntiMalware Doctor infection by basically disconnecting the machine from the internet(luckily I had a laptop to search for the relevant tools as the infection would not let me download any tools to help)So downloaded HJT and antimalwarebytes etc to a USB stick then ran them on the infected machine. I followed online instructions and got rid of the infection. Now to the problem in my first post.The PC was running well apart from the annoying error message during boot up.So I switched off System Restore then did a system restore to a date when I knew the machine was ok.Re booted and switched System restore back on and now all seems well. As the machine is running ok I did not want to post my HighJackThis log, as I know the volunteers are busy enough,even though theres probably a few things I should get rid of.But as the PC is ok I dont want to mess with it any more. Thanks again
  3. Hi I have just got rid of an infection called AntimalwareDoctor, by following instructions I found online.AntimalwareBytes scan is now coming up clear, but when I start the PC a box pops up after the log-in screen With RunDLL in the top left hand corner and the message- There was a problem starting E1890.dll The specified module could not be found. Is there any way to get rid of this annoying pop up at start up?The pc now appears to be running fine apart from that.Any advice will be appreciated. TIA Coggley
  4. Sorry Andrew S. only just seen your reply.The pc came with a soundcard. 5.1 There are 6 3.5 mm jacks on it 5 for the speakers and 1 for a microphone or other recording device to plug into. Still ok so I`m leaving it alone now.Waiting for my Windows 7 upgrade disk for the fun to start again Cheers Coggley
  5. Hi again, I have now solved this problem.Well at least the speakers are now working with no problems.After searching for a solution,it appears that there is some problem with the Realtek HD audio managerand Vista.Whether there is a solution to this I haven`t been able to work out yet. Anyway the simple fix in the end was to go to msconfig and just disable Realtek from starting.I`m now using the onboard sound and everything seems to be OK now.The Realtek just did not work properly and even though it was all up to date with software and drivers it just wouldn`t work.If there is a solution for this I would like to see it.But the speakers are working fine so I`ll leave it be. Thanks again Coggley
  6. Hi again, this is extremely frustrating, I can get the Bose system working,then when I click the okay button on the Realtek HD audio Manager it cuts the sound off,then it takes me half an hour to go through all the settings again to get the sound working again.Then I have the same problem, the Realtek box has appeared on the desktop and the only button I can press to do anything is the okay button but when I click it, it cuts the sound to the speakers again. How can I get it to save the settings?I`ve been googling for a solution but haven`t found one yet.Any suggestions will be gratefully recieved Thanks again Coggley
  7. Hi sorry for not replying sooner,I got sidetracked by other things.Anyway as Realtek had disappeared ,I`ve ended up doing a system restore.The Realtek HD audio manager is now back, but I haven`t got around to trying to get the speakers working.I will post back when I get time to try again.All the drivers are up to date and loaded so I will try again when its not too late at night(I dont want to upset the neighbours by playing loud music ) Thanks again Coggley
  8. Hi again, I don`t know what I`ve done but the Realtek HD audio manager has now disappeared from the pc.I`ve now got no sound and don`t know how to detect or restore the sound card.Any suggestions? Thanks again Coggley
  9. Hi again, I finally got the speakers working,but now they are not again.I unplugged everything set a tune playing plugged in headphones in front port, all working fine.Unplugged the phones then plugged the Bose into the port for centrespeaker/subwoofer and hey presto all 3 speakers working fine.Volume control via the Bose controller was fine.I plugged the headphones into the Bose all worked fine.Unplugged headphones, speakers still working OK.I then stopped the music did some other stuff, then tried music again NO SOUND coming from the speakers. From this I take it that Vista is not keeping the settings or going back to default when other programmes are opened.How can I stop this happening.this is a new pc with Vista but I`ve applied for the free upgrade to 7 so I will be changing again as soon as my upgrade disk arrives. The sound card manager is Realtek HD audio manager and device manager reports that all is working ok and all drivers are up to date.It`s really bugging me as to why it works one moment and not the next.I`m off to google how to get it to save settings as I`m now sure this is the problem.The card ahd speakers all work ok it`s just a matter of getting it to save. Thanks for the replies and looking Regards Coggley
  10. Hi again thanks for the reply.The Bose only has one connector that goes from the back of the Bose main speaker to the audio output of the PC.So the bose unit is the amplifier if you like,with the other 2 speakers and the controller wired from the back of the Bose main speaker. The soundcard on my new pc has 6 sockets at the back.5 for the audio outputs and 1 for a microphone or other recording device.So I`ve tried plugging into all 5 audio outlets but still cant get it working.Ive done all the obvious things like disabling the digital trying as many set up configurations, and making sure all the drivers and devices are working.Perhaps I need a special lead or something? Thanks again Coggley
  11. Hi, let me explain my problem.I have the Bose companion 3 speakers which is basically a large centre or Subwoofer speaker and 2 smaller speakers that sit eithe side of your desktop or laptop.Until 2 days ago I had an old PC that the sound card was playing up on so I had my Bose system plugged into the headphone socket and it worked fine.I could still use headphones as the Bose system come with a volume controll "puck" with a socket for plugging in a set of headphones and an external device like an iPod. As i said all working fine.Now I`ve just treated myself to a new PC that has a 7.1 and I cannot get the sound to work.I`ve tried reloading drivers etc all the configurations of plugging in the speakers still no joy.The headphone socket on the front panel of the pc is working fine.Any suggestions,I`m sure it`s something simple right in front of my eyes but I just cant see it yet. Thanks for looking
  12. Hi again,as I`ve said before my pc is a good few years old now and I`ve been thinking about a new one for a while.My mind is now made up and a new one will be on it`s way soon. As we seem to be going round in circles with no malware or apparent virus showing up,i`ve come to the conclusion that it must be a combined problem of old hardware playing up causing the "slowness" while surfing and perhaps corrupted system files/drivers or some other deep rooted problem. Once again I can`t thank you enough for your time, patience and help,I`m sure the pc would have been dead and buried a while ago without your help. Lets leave it for now, if it gets really bad I will post again Thanks again,regards Coggley
  13. Ok here`s the logs, incidently just before I got on the computer my son was on it and it crashed with the dreaded blue screen with the error ati2dvag, which I believe has something to do with the graphic card driver. Anyway it re-booted OK and here are the latest logs- SystemLook v1.0 by jpshortstuff (29.08.09) Log created at 20:40 on 17/11/2009 by Dave (Administrator - Elevation successful) ========== filefind ========== Searching for "aicse.com" No files found. -=End Of File=- Results of screen317's Security Check version 0.99.0 Windows XP Service Pack 2 Out of date service pack!! `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Disabled! AVG Free 9.0 ZoneAlarm Antivirus up to date! (On Access scanning disabled!) `````````````````````````````` Anti-malware/Other Utilities Check: Ad-Aware SpywareBlaster 4.2 HijackThis 2.0.2 CCleaner (remove only) Java 6 Update 17 Java 6 Update 3 Out of date Java installed! Adobe Flash Player 10 Adobe Reader 9.2 `````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe Ad-Aware AAWTray.exe is disabled! `````````````````````````````` DNS Vulnerability Check: GOOD! (Not vulnerable to DNS cache poisoning) `````````End of Log``````````` Hope these are helpful, thanks again, regards coggley
  14. Hi again,here`s what happened.I downloaded JavaRa to my desktop, and followed the instructions but when I got to Select Update Using Sun Java's Website then click Search and click on the Open Webpage button, it just hung there with nothing happening.I deleted JavaRa and tried again but the same thing happened. Here is the Malwarebytes log:- Malwarebytes' Anti-Malware 1.41 Database version: 3178 Windows 5.1.2600 Service Pack 2 16/11/2009 15:28:59 mbam-log-2009-11-16 (15-28-59).txt Scan type: Quick Scan Objects scanned: 110337 Time elapsed: 5 minute(s), 39 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Then I downloaded Dr.Web Cureit and it scanned through without finding anything,but when Iclicked File at the end the Save Report list option was greyed out so I couldn`t do anything with that! And here`s the HJT log:- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:15:00, on 16/11/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Common Files\AOL\1182798101\ee\AOLSoftware.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1182798101\ee\AOLSoftware.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing) O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} - http://img.funtigo.com/images/uploader/ssi...ureUploader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://flashpoker.ladbrokes.com/ladbrokes/FlashAX.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 7945 bytes Hope this is helpful!
  15. Sorry should have put in my last reply that I flushed the DNS settings.I have installed IE7 and disabled the add ons I had in Firefox,but am still experiencing psges very slow to load and google searches being re directed. This site is where a random search kept sending me to aicse.com I searched for BBC and thats where clicking on several of the google results sent me.I`ve tried to get Kaspersky and Panda to scan since and had the same results as before.Kaspersky would not run and Panda ActiveScan runs for hours and gets to 14% and showing 5 infected files but the computer just crashed and the screen goes black and I have to turn off pc physically by switching power off. Sorry I cant be any more helpful Regards
  • Create New...