Jump to content
Sign in to follow this  
#FNK-346811

HJT Log Per Potential Virus Issue

Recommended Posts

Hello Jeff,

 

Microsoft generated an 'error' report for the Google crash. The report was lenghty but I could not log the file.

 

MS stated it would address the issue and a file labeled:

 

C:\DOCUME~1\user\LOCALS~1\Temp\1cd2.appcompat.txt

 

In a search for the above, the Search window froze. Pasting the same into IE for a search, also froze IE, but Itunes continued to run, however, resulting in a hard shutdown of the computer.

 

I have not been able to locate any file named above.

 

Kind regards

Share this post


Link to post
Share on other sites

Hello Jeff,

 

Upon shutting down, Microsoft sent some patches and updates last night. The computer is running smooth and fast -- for the moment. It does not appear to 'struggle' anymore with the fan running constantly.

 

You are doing excellent work! Thanks very much.

 

However, there are about three issues I would like addressed; 1) Adobe now crashes; 2) the Dell wireless card and potential replacement with a Microsoft one; and, 3) The Palm freezing issue.

 

Should I begin new thread(s) for the above?

 

Kind regards

Share this post


Link to post
Share on other sites

Hi,

 

Apologies for the delayed response.

----------

 

The computer is running smooth and fast --

:)

----------

 

the Dell wireless card and ... Palm freezing issue

I think that these are hardware and software issues.

----------

 

What part of Adobe is crashing? Is it Reader, Flash....

Share this post


Link to post
Share on other sites

Hi,

 

It sounds as if there might be a problem with Adobe Reader. Lets uninstall and put a clean copy on and see how that goes.

 

Go to Start > Control Panel > Add/Remove Programs > Adobe Reader <------ uninstall this.

 

You can download the current version HERE

 

 

Once you get that downloaded and installed see if you are still having the same problems and let me know the results.

Share this post


Link to post
Share on other sites

Hello Jeff,

 

Thank you. Will do so.

 

In the meantime, the computer shut down with an error message. Please see below:

 

BC Code f4 BCP1 : 00000003 BCP2 : 88596950 BCP3 : 88596AC4

 

BCP4 : 805D 29B4 OS ver 5_1_2600 SP : 3_0 Product 768_1

 

-----------------------------------------------------------------------------------------------------------

 

Error report submitted to MS:

 

C:DOCUME~1\user~1\Temp\WER0173.dir00\mini112111-01.dmp

 

C:DOCUME~1\user~1\Temp\WER0173.dir00\sysdata.xm

 

The sense is that you have done a great job with the computer. There is the appearance that there may be a kink or two remaining. Does the above relate to an issue or was the crash related to fans or...?

 

Kind regards

Share this post


Link to post
Share on other sites

...ahhhh! Something to do with Nvidia and our old friend 'Nero', as I hear...also, something about 'Bios' and its cache...and/or potentially something to do with the ESET program...also, I have run a disk check on C without the repair boxes checked...the check was completed twice without a report...Please advise

 

Kind regards

Share this post


Link to post
Share on other sites

Hi,

 

 

Download TFC to your desktop

  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't, manually reboot to ensure a complete clean
Once you get this finished please let me know if the problems continue.

Share this post


Link to post
Share on other sites

Hello Jeff,

 

The computer crashed and froze again.

 

However, upon reboot, the disk provided a scan. From the blue screen report, I wrote:

 

Deleting Files

 

Local State $I30 File 17757 (and)

 

Locals~1 $130 File 17757

 

Recovered ~DF935a.tmp5 File 24065 int 2438

 

I was unable to write down all of the info from the scan report.

 

Are you familiar with the above? It appears that due to your effective chase of the virus either MS or the computer is now able to provide updates and repairs.

 

Also came across some info regarding hal.dll files. It is reasonable to believe I could have tampered inadvertently with such a file(s) early in the virus chase.

 

Given the above: Do you still wish for me to run 'TFC'?

 

Kind regards

Share this post


Link to post
Share on other sites

Hello Jeff,

 

Ran TFC anyway. No report was generated. The speed of the program prohibited me from copying the report.

 

However, I could see within the window that a number of files were emptied.

 

Thanks.

 

Best regards

Share this post


Link to post
Share on other sites

Oh there is no report generated from TFC. :) It just clears all temp files and cache.

 

How is your system running?

Share this post


Link to post
Share on other sites

IT APPEARS THAT YOUR LOGS ARE NOW CLEAN :D SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!! :D

 

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.

--------------

 

 

The following will implement some cleanup procedures as well as reset System Restore points:

 

Click Start > Run and copy/paste the following text into the Run box as shown and click OK.

Combofix /Uninstall

(Note: There is a space between the ..X and the /U that needs to be there.)

 

Posted Image

----------

 

 

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.
----------

 

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

 

Here are some tips to reduce the potential for spyware infection in the future:

 

1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.
2. Enable Protected Mode in Internet Explorer. This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:
  • Open Internet Explorer
  • Click on Tools > Internet Options
  • Press Security tab
  • Select Internet zone then place check next to Enable Protected Mode if not already done
  • Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply
  • Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

 

4. Firewall

Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here. **There are firewalls listed in this tutorial that could be downloaded and used but I would personally only recommend using one of the following two below:

Online Armor Free

Agnitum Outpost Firewall Free

 

5. Make sure you keep your Windows OS current. Windows XP users can visit Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

 

6. Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002

Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

 

7. WOT (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

 

8.Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place?

 

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

Share this post


Link to post
Share on other sites

Hello Jeff,

 

Executed the above instructions. Thank you.

 

Still having minor freeze-ups. Don't know if it is Google, Skype, Itunes, which, runs during the day while utilizing Word and Excel.

 

Will give the pursuit a rest until Thursday as other work is pressing. Hopefully, MS will continue to provide updates, etc. Will check-in with you Thursday or so.

 

Kind regards

Share this post


Link to post
Share on other sites

Ok...that sounds good. I will leave this open for a few days so you can reply if needed. :)

Share this post


Link to post
Share on other sites

Hello Jeff,

 

Do have a couple of freezes. However, and overall, the computer is running terrific!

 

Thanks. You did a great job.

 

Kind regards

Share this post


Link to post
Share on other sites

Sounds good. :)

 

 

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

 

If you are the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...