Jump to content

HELP! Video dissolving and I am at my wits end


Recommended Posts

Help! :pullhair::pullhair::pullhair:

 

My system has started acting up over the last week or so. I have NEVER had any problems with it whatsoever until now. It is about a year and a half old.

 

Here is the only thing that changed in the last few months:

 

I uninstalled Norton Antivirus

 

I installed the CA Security package which our internet provider has given us for free for the year- EZ armour, Pest PAtrol, Antivirus and the Antispam.

 

The suite had been in there since the very end of March.

 

The last few weeks I have noticed bogging down of the Outlook Express. It seemed like the Anti Spam program was bogging it down.

 

Then I began to have problems with some websites so I began to suspect the EZArmour, since these particular sites were business sites which have NEVER given me problems in all of the years that I have accessed them.

 

The last straw was an error that was jamming up my computer. Every time I would open Outlook Express, it would hang while the Anti Spam program would scan the mail and then suddenly it would hang and the error would come up something about

 

ADMINISTRATOR WOULD NOT ALLOW ME TO ACCESS THE PAGE or soemthing like that- I lost the paper I wrote it down on.

 

Now, I am the only one on the computer and it is passworded so NO ONE ever comes on here- that began to alert me that something had broken into my system.

 

Now, I have run Spybot, CWShredder, and Adaware every single week since I have owned the system WITHOUT FAIL.

 

So, I ran an antivirus scan with CA Antivirus and it claimed that nothing was wrong. I ran every single anti spyware program I have and even tested it here at the PC PITSTOP.

 

At last I began to see my screen dissolve. It goes to about half visual integrity and then I am not able to see very well. Then it would come back.

 

This messed up video would continue through a reboot and it even scrambled up through the loading process of windows.

 

I tried de-installing the video drivers which seemed to help for a moment, and then once re-installed, over the course of a few hours, it was corrupted again.

 

I de-installed the CA suite, which helped a lot- the system was no longer bogged down. However, eventually the video problem came back.

 

I did a system restore to before I had the CA suite installed and it all seemed fine for almost a whole day. Suddenly it was back again.

 

I scanned once again deeply with the re-installed CA Antivirus (I did not install the rest of the suite) and I did 4 different anti spyware scans with

Spybot

Adaware

CWshredder

and your online scanner

 

Nothing is showing up at all.

 

I did one more restore for the last time I restored and it all was fine, but then went again.

 

Now, I have noticed one pattern here. When I open the Outlook Express, it seems to launch the video problem off more often than anything else. However, it is an intermitent problem. It is not exclusive to the Outlook Express.

 

As I have been trying to get help here typing this now- my screen dissolved to half integrity again but then snapped back on working fine. Lots of bright green dots and colors are off when this happens. Colors get all scrambled. Now it is back to normal working completely fine.

 

I do not know what else to do and I am at my wits end.

 

Can anyone help me? :help: :unsure:

Link to post
Share on other sites

:sparkle:When you uninstalled Norton it's possible that there are some remnant files...

This also maybe the reason it tries to bog down the computer....

Use the removal tool to completely remove all Norton files...

Using the Norton uninstall tool

 

Next run a Pit test.....to allow an inside look of your machine and is completely safe.

 

How to post a PIT test

 

Also have you checked with your computer manufacturer for updates for your video or graphics drivers?

Link to post
Share on other sites

:sparkle:When you uninstalled Norton it's possible that there are some remnant files...

This also maybe the reason it tries to bog down the computer....

Use the removal tool to completely remove all Norton files...

Using the Norton uninstall tool

 

Next run a Pit test.....to allow an inside look of your machine and is completely safe.

 

How to post a PIT test

 

Also have you checked with your computer manufacturer for updates for your video or graphics drivers?

 

I will go to the norton removal program next.

 

Doesn't the TechExpress icon to the left of my inquiry link directly to all of my Pit tests? I just checked it and it took me there- just making sure that you can see it from that link too.

 

As for the updated drivers, I have looked and looked for more, but nothing is showing up, however, I just did a scan with the DriverAgent and it says that they are out there somewhere, but I am not sure I am in thep osition to pay $30 just to find out a maybe.

 

Thanks- it helps to have others involved- takes the pressure off a little bit anyway. :)

Link to post
Share on other sites

I tried to use the norton removal tool and it keeps saying that there is malicious code in my Internet Explorer and then it completely shuts down.

 

Now, WHY didn't the CA antivirus catch this? I did not run my system without a virus scan EVER.

 

I can not run the removal tool because it keeps shutting off on me when it hits the malicious code.

 

NOW what do I do?

 

NOTHING IS CATCHING THIS!!!! EXCEPT THE NORTON REMOVAL TOOL???

 

What! Did Norton install this malicious code when I removed NAV?

 

This is ridiculous.

 

:pullhair::pullhair:

Link to post
Share on other sites

Your SpyBot is so far out of date that it is unlikely to be of any use to you at all, same for Ad-Aware.

Use Add/Remove to uninstall both.

Then download/install/update/run both with their newest version.

Spybot S&D version 1.4

Ad-Aware SE Personal... at least verion 1.06

 

Spybot - Search & Destroy 1.3 Safer Networking Limited Dec 26, 2004

Ad-Aware SE Personal Lavasoft Jun 28, 2005

While you have several toolbar, media, and game items that are probably "calling home" all the time, checking for updates, and sending information about your browsing habits, this has got to be the most "unnecessary" item for keeping your machine up-to-date. UNINStall it. (highly recommended)

NotifyPlus

http://www.freedownloadscenter.com/Best/notifyplus.html

 

We're talking "way" more than Remnants, here:

User Add/Remove to uninstall these items, and the Norton Removal Tool per Juliet's recommendation if necessary.

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe Symantec products

C:\Program Files\Norton AntiVirus\navapsvc.exe Norton Antivirus

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe Symantec Common

 

 

LiveUpdate 3.0 (Symantec Corporation) Symantec Corporation Mar 07, 2006

 

LiveReg (Symantec Corporation) Symantec Corporation Dec 25, 2004

 

Norton AntiVirus 2004 (Symantec Corporation) Symantec Corporation Oct 28, 2004

 

Norton WMI Update Symantec Corporation Oct 01, 2004

With all the Norton you still have on your machine, conflicts with your newly installed EZ stuff is highly likely.

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \CAVRID.exe EZ Antivirus

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \CAVTray.exe eTrust EZ Antivirus

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \ISafe.exe eTrust/ZoneLabs

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \VetMsg.exe eTrust Antivirus

 

 

I can think of no good reason to allow these below items to run and contribute to a "9%" CPU upload.

Disable them in System Configuration Utility

Start - Run - (type) msconfig - Enter

From the StartUp Tab, remove the check-mark from in front of each item of the list below that you decide to disable. This will not uninstall or harm the item in any way, and you can open and run the process or application manually by clicking on the program icon as needed.

 

File Name ...............................Description

C:\Program Files\Common Files\Microsoft Share ... \WkUFind.exe MS Works Update

C:\Program Files\iTunes\iTunesHelper.exe Apple iTunes

C:\QuickTime\qttask.exe QuickTime Icon

C:\WINDOWS\system32\CTsvcCDA.exe Creative CD-ROM

C:\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE Creative DVD detector

C:\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe Creative Volume Control

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe ATI taskbar icon

C:\Program Files\Ahead\InCD\InCDsrv.exe Ahead CD support

C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe Ati Remote Wonder

C:\Program Files\Ahead\InCD\InCD.exe Ahead CD-RW support

C:\Program Files\BigFix\BigFix.exe BigFix

C:\Program Files\CA\eTrust Antivirus\caissdt.exe Dashboard Tray

C:\Program Files\Common Files\InstallShield\U ... \issch.exe ISUSScheduler

C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS Prism Deploy package

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PowerDVD

C:\Program Files\Digital Media Reader\shwiconem.exe Card Reader

C:\Program Files\Messenger\msmsgs.exe MSN Messenger

C:\Program Files\iPod\bin\iPodService.exe iPod Service

C:\WINDOWS\SOUNDMAN.EXE Realtek Sound Manager

C:\WINDOWS\system32\Ati2evxx.exe ATI Hotkey Utility

C:\WINDOWS\system32\CTHELPER.EXE Creative Plugins

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe HP tray utility

C:\WINDOWS\zHotkey.exe Multimedia Keyboard Driver

C:\My Corkboard\CORK.EXE

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Nova Development\Greeting Ca ... \ReminderApp.exe

C:\WINDOWS\system32\fxssvc.exe

C:\WINDOWS\system32\rundll32.exe (Various)

 

Best Regards

Link to post
Share on other sites

While you have several toolbar, media, and game items that are probably "calling home" all the time, checking for updates, and sending information about your browsing habits, this has got to be the most "unnecessary" item for keeping your machine up-to-date. UNINStall it. (highly recommended)

http://www.freedownloadscenter.com/Best/notifyplus.html

 

We're talking "way" more than Remnants, here:

User Add/Remove to uninstall these items, and the Norton Removal Tool per Juliet's recommendation if necessary.

With all the Norton you still have on your machine, conflicts with your newly installed EZ stuff is highly likely.

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \CAVRID.exe EZ Antivirus

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \CAVTray.exe eTrust EZ Antivirus

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \ISafe.exe eTrust/ZoneLabs

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \VetMsg.exe eTrust Antivirus

I can think of no good reason to allow these below items to run and contribute to a "9%" CPU upload.

Disable them in System Configuration Utility

Start - Run - (type) msconfig - Enter

From the StartUp Tab, remove the check-mark from in front of each item of the list below that you decide to disable. This will not uninstall or harm the item in any way, and you can open and run the process or application manually by clicking on the program icon as needed.

 

 

 

Best Regards

 

At first glance I was all set to follow through and take care of this one step at a time, but suddenly it occured to me- I can not use the Norton removal tool, because it claims that there is malicious code found in my IExplorer.exe and says I should not run the removal tool.

 

So, back to square one- if this is true, then

#1- why didn't any of my removal programs detect it?

#2 - how do I fix it now?

 

 

As for the spybot and adaware being out of date, -I am not sure where you are getting this from. I just double checked and I am running Adaware v 1.06r

 

I am not sure how spybot got reversed to 1.3, unless the restore hit it before I did the upgrade to 1.4. Up until Friday I had the newest version of both spyware programs running at all times- completely updated and kept up to date weekly. The funny part is that the restore took it only back to the very end of March 2006, and I am reasonably sure that I had upgraded Spybot to version 1.4 way before that if my memory serves me right.

 

Well, once I figure out how to deal with this malicious code that Norton is warning me about (from the online removal tool that Juliet told me to use) then I can move on to your other suggestions.

 

Thanks!

Link to post
Share on other sites

:sparkle:I don't know if the removal tool would run in safe mode but that would be my next step.

Start the computer in Safe Mode:

-Restart your computer.

-When the machine first starts again, tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.

-Select the option for Safe Mode using the arrow keys...Or SafeMode with Networking.

-Press Enter to boot into Safe Mode.

 

 

For additional help in booting into Safe Mode, see the following site:

http://www.pchell.com/support/safemode.shtml

 

Did Norton install this malicious code when I removed NAV

NO

 

One thing you can also do is a few online scans to see if a virus or trojan can be identified....

 

Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

 

First:

Please download ewido security suite it is a free version of the program.

  • Install ewido security suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Launch ewido, there should be an icon on your desktop, double-click it.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.

  • You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.

    (the status bar at the bottom will display "Update successful")

If you are having problems with the updater, you can use this link to manually update ewido.

ewido manual updates

 

 

Once the updates are installed do the following:

  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • NOTE: During some scans with ewido it is finding cases of false positives.
    • If ewido detects a file you KNOW to be legitimate, select none as the action.
    • Select "Clean" and "Perform action on all infections" and press OK.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop.
Now close ewido security suite.

 

Another good scan is ..... Trend Micro Free online scan

Link to post
Share on other sites

:sparkle:I don't know if the removal tool would run in safe mode but that would be my next step.

Start the computer in Safe Mode:

-Restart your computer.

-When the machine first starts again, tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.

-Select the option for Safe Mode using the arrow keys...Or SafeMode with Networking.

-Press Enter to boot into Safe Mode.

For additional help in booting into Safe Mode, see the following site:

http://www.pchell.com/support/safemode.shtml

NO

 

One thing you can also do is a few online scans to see if a virus or trojan can be identified....

 

Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

 

First:

Please download ewido security suite it is a free version of the program.

  • Install ewido security suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Launch ewido, there should be an icon on your desktop, double-click it.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.

  • You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.

    (the status bar at the bottom will display "Update successful")

If you are having problems with the updater, you can use this link to manually update ewido.

ewido manual updates

Once the updates are installed do the following:

  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • NOTE: During some scans with ewido it is finding cases of false positives.
    • If ewido detects a file you KNOW to be legitimate, select none as the action.
    • Select "Clean" and "Perform action on all infections" and press OK.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop.
Now close ewido security suite.

 

Another good scan is ..... Trend Micro Free online scan

 

 

 

Okay Juliet- I will go right to work on it. Thank you!!!

 

BTW, I was just asking about the Norton putting a virus in there when I deleted NAV to be facetious- just wanted to make sure you knew that. :P

 

After three days of doing this, I find wry humor to be a good outlet.

 

;)

Link to post
Share on other sites

While you have several toolbar, media, and game items that are probably "calling home" all the time, checking for updates, and sending information about your browsing habits, this has got to be the most "unnecessary" item for keeping your machine up-to-date. UNINStall it. (highly recommended)

Okay, I am not sure what you mean to uninstall- is it notifyplus that you are telling me to uninstall?

 

 

 

 

 

 

 

 

 

http://www.freedownloadscenter.com/Best/notifyplus.html

 

 

 

 

 

 

We're talking "way" more than Remnants, here:

User Add/Remove to uninstall these items, and the Norton Removal Tool per Juliet's recommendation if necessary.

With all the Norton you still have on your machine, conflicts with your newly installed EZ stuff is highly likely.

 

 

When I first read this, I was completely puzzled about this norton stuff that was in my computer- but then when I went to uninstall them, I realized that the test you looked at had the restore values in it. So Norton was appearing to be installed still on the computer. I had to go back to a time before the CA Suite wasi n there, so the only one available was the one before Norton was removed.

 

I have deinstalled it all AGAIN.

 

 

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \CAVRID.exe EZ Antivirus

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \CAVTray.exe eTrust EZ Antivirus

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \ISafe.exe eTrust/ZoneLabs

C:\Program Files\CA\eTrust Antivirus\eTrust E ... \VetMsg.exe eTrust Antivirus

 

I can think of no good reason to allow these below items to run and contribute to a "9%" CPU upload.

Disable them in System Configuration Utility- Why would i remove these since the antivirus that I am using currently is EZ Antivirus? I do not understand.

 

 

Start - Run - (type) msconfig - Enter

From the StartUp Tab, remove the check-mark from in front of each item of the list below that you decide to disable. This will not uninstall or harm the item in any way, and you can open and run the process or application manually by clicking on the program icon as needed.

 

 

 

Best Regards

 

Link to post
Share on other sites

:sparkle:I went through your startup programs list and found several that are safe and should be removed from the startup folder.

When using MSCONFIG remember to select Selective StartUp to keep only remaining ones needed.

How to use MSCONFIG

 

StartupList [email protected]

 

 

C:\Program Files\Common Files\Microsoft Share ... \WkUFind.exe MS Works Update

C:\Program Files\iTunes\iTunesHelper.exe Apple iTunes

C:\QuickTime\qttask.exe QuickTime Icon

C:\WINDOWS\system32\CTsvcCDA.exe Creative CD-ROM

C:\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE Creative DVD detector

C:\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe Creative Volume Control

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe ATI taskbar icon

C:\Program Files\Ahead\InCD\InCDsrv.exe Ahead CD support

C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe Ati Remote Wonder

C:\Program Files\Ahead\InCD\InCD.exe Ahead CD-RW support

C:\Program Files\BigFix\BigFix.exe BigFix

C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS Prism Deploy package

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PowerDVD

C:\Program Files\Digital Media Reader\shwiconem.exe Card Reader

C:\Program Files\Messenger\msmsgs.exe MSN Messenger

C:\Program Files\iPod\bin\iPodService.exe iPod Service

C:\WINDOWS\SOUNDMAN.EXE Realtek Sound Manager

C:\WINDOWS\system32\Ati2evxx.exe ATI Hotkey Utility

C:\WINDOWS\system32\CTHELPER.EXE Creative Plugins

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe HP tray utility

C:\WINDOWS\zHotkey.exe Multimedia Keyboard Driver

C:\My Corkboard\CORK.EXE

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Nova Development\Greeting Ca ... \ReminderApp.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe Symantec products

C:\Program Files\Norton AntiVirus\navapsvc.exe Norton Antivirus

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe Live Update

 

Your test results show a high amount of junk files.....Junk files 1164 MB (1%)

 

Close all windows and programs, then:

 

Clean out all the temporary files and cookies on your system. Go to Start > Run and enter: cleanmgr. Let it scan your system for files to remove. Check these three boxes and then press ok to remove: Temporary Files, Temporary Internet Files, Recycle Bin.

 

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete

Then use "Start > Run" and type in "%temp%" (without the quotes). Delete the entire contents of that "temp" folder (use "Edit > Select All", press "Delete", click "Yes").

 

Then, Empty your Temporary Internet Cache completely. Close all instances of Outlook and and Internet Explorer, then use "Control Panel > Internet Options > General tab" and click the "Delete File" button. When prompted place a check in: "Delete all offline content", then click OK.

 

I suggest another free program that many Pit members use that helps to remove more temp files and is a good program.

How to use CleanUp!

by Steven R. Gould

 

Set options to standard.

Link to post
Share on other sites

:sparkle:I went through your startup programs list and found several that are safe and should be removed from the startup folder.

When using MSCONFIG remember to select Selective StartUp to keep only remaining ones needed.

How to use MSCONFIG

 

StartupList [email protected]

 

 

C:\Program Files\Common Files\Microsoft Share ... \WkUFind.exe MS Works Update

C:\Program Files\iTunes\iTunesHelper.exe Apple iTunes

C:\QuickTime\qttask.exe QuickTime Icon

C:\WINDOWS\system32\CTsvcCDA.exe Creative CD-ROM

C:\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE Creative DVD detector

C:\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe Creative Volume Control

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe ATI taskbar icon

C:\Program Files\Ahead\InCD\InCDsrv.exe Ahead CD support

C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe Ati Remote Wonder

C:\Program Files\Ahead\InCD\InCD.exe Ahead CD-RW support

C:\Program Files\BigFix\BigFix.exe BigFix

C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS Prism Deploy package

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PowerDVD

C:\Program Files\Digital Media Reader\shwiconem.exe Card Reader

C:\Program Files\Messenger\msmsgs.exe MSN Messenger

C:\Program Files\iPod\bin\iPodService.exe iPod Service

C:\WINDOWS\SOUNDMAN.EXE Realtek Sound Manager

C:\WINDOWS\system32\Ati2evxx.exe ATI Hotkey Utility

C:\WINDOWS\system32\CTHELPER.EXE Creative Plugins

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe HP tray utility

C:\WINDOWS\zHotkey.exe Multimedia Keyboard Driver

C:\My Corkboard\CORK.EXE

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Nova Development\Greeting Ca ... \ReminderApp.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe Symantec products

C:\Program Files\Norton AntiVirus\navapsvc.exe Norton Antivirus

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe Live Update

 

Your test results show a high amount of junk files.....Junk files 1164 MB (1%)

 

Close all windows and programs, then:

 

Clean out all the temporary files and cookies on your system. Go to Start > Run and enter: cleanmgr. Let it scan your system for files to remove. Check these three boxes and then press ok to remove: Temporary Files, Temporary Internet Files, Recycle Bin.

 

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete

Then use "Start > Run" and type in "%temp%" (without the quotes). Delete the entire contents of that "temp" folder (use "Edit > Select All", press "Delete", click "Yes").

 

Then, Empty your Temporary Internet Cache completely. Close all instances of Outlook and and Internet Explorer, then use "Control Panel > Internet Options > General tab" and click the "Delete File" button. When prompted place a check in: "Delete all offline content", then click OK.

 

I suggest another free program that many Pit members use that helps to remove more temp files and is a good program.

How to use CleanUp!

by Steven R. Gould

 

Set options to standard.

 

 

Hi AGain!

 

I am in the process of doing as you suggested, but I am very puzzled.

 

I have done all of this TWICE in the last several days and want to know how these things are coming back so quickly! I have done disk cleanup (this will be the third time this weekend), I have done deletion of all tmp files, and cleaned out my temp internet cache too. This is really confusing me.

 

When I told you all that I have done everything I can to deal with this, I meant it. I have done all of this stuff already, yet these files are popping back up.

 

For instance, I deleted Norton Antivirus twice and have not restored, but it showed up again yesterday.

 

:pullhair::pullhair::pullhair:

 

Well, once I am done cleaning up files AGAIN I will post another pit test here, OK?

 

Thanks!

 

PROBLEM #1

There is a file in the %temp% process that will not delete. It insists that another program is using it, yet there are 0kb in the file. Could that be something being used by malware or something else?

 

The file is called Jet715A

 

 

IMPORTANT POINT #2

I have posted a new pit test since cleaning up a bit more.

 

PROBLEM #3

Video still dissolving at startup from a cold boot, but then it comes back after a while. When I first started here on this forum today I could barely read it, now it is clear again.

Edited by caprig
Link to post
Share on other sites

I checked out that Jet715A with google, as far as I can see, it shows RHTools in connection with it, leads to some nasty sites too. Try some on line scans and if that doesn't help, then you should post a HJT log.

RHTools is a hacker software used to gain access into your pc thru IIS

http://www.bitdefender.com/

http://housecall.trendmicro.com/

I've sen links here for a file delete software, but before you rip anything out, tyr to clean it up first

 

 

ya might want to look into running this program too

http://www.sysinternals.com/Utilities/RootkitRevealer.html

There is a file in the %temp% process that will not delete. It insists that another program is using it, yet there are 0kb in the file. Could that be something being used by malware or something else?

 

The file is called Jet715A

 

 

 

That doesn't look good cuz the contents of that file may be hidden in the windows API, if you do have a rootkit, you have limited options Edited by Joe C
Link to post
Share on other sites

I checked out that Jet715A with google, as far as I can see, it shows RHTools in connection with it, leads to some nasty sites too. Try some on line scans and if that doesn't help, then you should post a HJT log.

RHTools is a hacker software used to gain access into your pc thru IIS

http://www.bitdefender.com/

http://housecall.trendmicro.com/

I've sen links here for a file delete software, but before you rip anything out, tyr to clean it up first

ya might want to look into running this program too

http://www.sysinternals.com/Utilities/RootkitRevealer.html

 

That doesn't look good cuz the contents of that file may be hidden in the windows API, if you do have a rootkit, you have limited options

 

Okay, this is the first time I have been able to run housecall yet since beginning this whole process. It used to sit there and give me blank screen. However, this time it ran with no problems until.......

 

At the end it found 4 cookies, and then said that there was an error in gathering some information about the infections. It asked if I wanted to remove these infections anyway, so I said yes.

 

Here is what Housecall said exactly after a long scan

MS06-020

AN ERROR OCCURED WHILE TRYING TO RETRIEVE INFORMATION ABOUT THIS VUNERABILITY- THERE IS CURRENTLY NO MORE INFORMATION AVAILABLE :blink:

 

Down in the gray bar at the bottom where it lists what it was doing as it was cleaning my computer out, so many worms and trojan names popped up that I was beginning to wonder what was going on-

 

Now I am not sure if it was simply listing everything it was checking for or if it was listing everything it was eliminating as it was doing it. :huh:

 

Question-

I have run CA Antivirus

Spybot

Adaware

Ewido

PcPitstop

and a few other online scans

 

Why didn't any of these catch ANY of this before? I do not understand this. :pullhair:

Edited by caprig
Link to post
Share on other sites

Some trojans/viruses will hide in system restore, and when you reboot the pc, it'll reinstall itself right back again, you might want to run the rootkit program (I would) and if that comes up ok, then run a HJT log and post it there, read this first...

http://pcpitstop.invisionzone.com/index.php?showtopic=36065

Link to post
Share on other sites

Some trojans/viruses will hide in system restore, and when you reboot the pc, it'll reinstall itself right back again, you might want to run the rootkit program (I would) and if that comes up ok, then run a HJT log and post it there, read this first...

http://pcpitstop.invisionzone.com/index.php?showtopic=36065

 

Okay. I am kind of stuck in a repeat scan of my system with housecall, so I suppose I should wait until it is finished again.

 

I do not want to have more problems if I simply close the window in the middle of the scan.

 

I posted a HJT log up on the HJT section just before you responded to my problem though. I will re-run HJH once I have run the rootkit program and then post the new log.

 

Now, my question is this-

I had completely updated Norton Antivirus running up until March 28th 2006 (from the first day I owned the computer). As soon as I had removed the NAV, I put in the CA security package with firewall, antivirus, pest patrol, and anti spam program.

 

 

I ran anti spyware constantly

Spybot

CWshredder

Adaware

 

HOW DID THIS GET INTO MY SYSTEM?

 

How can I protect myself any better than this?????

Link to post
Share on other sites

I posted a HJT log up on the HJT section just before you responded to my problem though. I will re-run HJH once I have run the rootkit program and then post the new log.

I didn't know that ya had a HJT log going too, just wait till an advisor is done first
Link to post
Share on other sites

:hammer:

I didn't know that ya had a HJT log going too, just wait till an advisor is done first

 

 

How long does it take for them to respond typically? I have had this up for a day(since yesterday, in other words) now. Today is my last day to devote the time to work on this all day. My schedule is packed the rest of the week.

 

 

This is so frustrating. Days and days of this miserable problem- I just want it to be over. :angry:

 

I hate computers. :hammer::hammer:

Edited by caprig
Link to post
Share on other sites

I just replied to the HJT topic.

 

I have a question for you caprig....I noticed that you have CorkBoard. Does anyone else that you know have that screensaver program too? There are 'tricks' that one owner can play on another, so this has me a bit curious... especially when you say your video (screen?) is dissolving.

Link to post
Share on other sites

I just replied to the HJT topic.

 

I have a question for you caprig....I noticed that you have CorkBoard. Does anyone else that you know have that screensaver program too? There are 'tricks' that one owner can play on another, so this has me a bit curious... especially when you say your video (screen?) is dissolving.

 

 

Hi Jacee- I put in corkboard a long time ago and it has always worked fine (as has the rest of my computer which I have maintained constantly). The only change that I made before everything got acting up was to remove NAV and put in the CA security suite.

 

I did that change at the end of March, and the computer started acting up about a week ago.

 

Corkboard has been in my computer for at least a year, if I remember correctly.

 

If it is causing trouble now, then it is the first time- but if it is better removed, then I can remove it. I just liked having the reminders on my screen. Is it loaded with spyware or something?

 

I am not sure I know what you mean about other people knowing that I have it on there and users playing tricks on each other. No one uses my system but me, if that is what you mean. It is passworded so that no one else can use it, even though no one here would really want to......

Edited by caprig
Link to post
Share on other sites

There is a file in the %temp% process that will not delete. It insists that another program is using it, yet there are 0kb in the file. Could that be something being used by malware or something else?

 

Hi you could try this program for this prob:

 

http://ccollomb.free.fr/unlocker/

 

Hope this helps.....

Edited by pacman123
Link to post
Share on other sites

Now, my question is this-

I had completely updated Norton Antivirus running up until March 28th 2006 (from the first day I owned the computer). As soon as I had removed the NAV, I put in the CA security package with firewall, antivirus, pest patrol, and anti spam program.

I ran anti spyware constantly

Spybot

CWshredder

Adaware

 

HOW DID THIS GET INTO MY SYSTEM?

 

How can I protect myself any better than this?????

 

Make sure that your active protection is enabled with the AV and PestPatrol. I know that with PP this has to be enabled with the advanced settings. The default setting is off.

 

I wouldn't accept the 9% CPU usage (when the machine is idle) and this might be caused by automatic updates being enabled. I only use this with their AV and have it turned off in PP. I check for updates before each scan but the way you set it up has to be the best way it works for you.

 

I would look at the FAQ section here and CA Technical Support includes a free chat feature. You are a paying customer.

 

http://www.my-etrust.com/Support/TechSupport.aspx

Link to post
Share on other sites

Make sure that your active protection is enabled with the AV and PestPatrol. I know that with PP this has to be enabled with the advanced settings. The default setting is off.

 

I wouldn't accept the 9% CPU usage (when the machine is idle) and this might be caused by automatic updates being enabled. I only use this with their AV and have it turned off in PP. I check for updates before each scan but the way you set it up has to be the best way it works for you.

 

I would look at the FAQ section here and CA Technical Support includes a free chat feature. You are a paying customer.

 

http://www.my-etrust.com/Support/TechSupport.aspx

 

 

I have run another techexpress pit test since Sunday so the results are better than before.

 

My main concern right now is why the video seems to garble up after a cold boot and can last for up to 6 minutes and then go back to normal. It seems to be set off as soon as I visit outlook express.

 

The first problem that I had which told me that the administrator would not let me use that program (when no one else is on here but me) also was trippped by the Outlook Express.

 

I thought that the CA firewall or anti spam program was causing it so I took them out.

 

Now it has stablized itself to a pattern whereas before it was erratic and more random.

 

It is behaving like malware instead of just a video problem (I reinstalled the video drivers several times)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...